diff --git a/CVE-2016-9962.patch b/CVE-2016-9962.patch index 02e2d5d..9de9e12 100644 --- a/CVE-2016-9962.patch +++ b/CVE-2016-9962.patch @@ -31,10 +31,10 @@ Signed-off-by: Aleksa Sarai <asarai@suse.de> 5 files changed, 42 insertions(+), 37 deletions(-) diff --git a/libcontainer/container_linux.go b/libcontainer/container_linux.go -index 29c8b3437be3..4110af6fd89d 100644 +index 82c6d8e..369b5d5 100644 --- a/libcontainer/container_linux.go +++ b/libcontainer/container_linux.go -@@ -294,21 +294,29 @@ func (c *linuxContainer) newParentProcess(p *Process, doInit bool) (parentProces +@@ -297,21 +297,29 @@ func (c *linuxContainer) newParentProcess(p *Process, doInit bool) (parentProces if err != nil { return nil, newSystemErrorWithCause(err, "creating new init pipe") } @@ -71,7 +71,7 @@ index 29c8b3437be3..4110af6fd89d 100644 cmd := exec.Command(c.initArgs[0], c.initArgs[1:]...) cmd.Stdin = p.Stdin cmd.Stdout = p.Stdout -@@ -317,10 +325,9 @@ func (c *linuxContainer) commandTemplate(p *Process, childPipe, rootDir *os.File +@@ -320,10 +328,9 @@ func (c *linuxContainer) commandTemplate(p *Process, childPipe, rootDir *os.File if cmd.SysProcAttr == nil { cmd.SysProcAttr = &syscall.SysProcAttr{} } @@ -84,7 +84,7 @@ index 29c8b3437be3..4110af6fd89d 100644 // NOTE: when running a container with no PID namespace and the parent process spawning the container is // PID1 the pdeathsig is being delivered to the container's init process by the kernel for some reason // even with the parent still running. -@@ -357,7 +364,7 @@ func (c *linuxContainer) newInitProcess(p *Process, cmd *exec.Cmd, parentPipe, c +@@ -360,7 +367,7 @@ func (c *linuxContainer) newInitProcess(p *Process, cmd *exec.Cmd, parentPipe, c }, nil } @@ -93,7 +93,7 @@ index 29c8b3437be3..4110af6fd89d 100644 cmd.Env = append(cmd.Env, "_LIBCONTAINER_INITTYPE="+string(initSetns)) state, err := c.currentState() if err != nil { -@@ -378,7 +385,6 @@ func (c *linuxContainer) newSetnsProcess(p *Process, cmd *exec.Cmd, parentPipe, +@@ -381,7 +388,6 @@ func (c *linuxContainer) newSetnsProcess(p *Process, cmd *exec.Cmd, parentPipe, config: c.newInitConfig(p), process: p, bootstrapData: data, diff --git a/_service b/_service index a835680..c3613ec 100644 --- a/_service +++ b/_service @@ -8,7 +8,7 @@ <param name="scm">git</param> <param name="filename">runc</param> <param name="versionformat">git.%h</param> - <param name="revision">50a19c6ff828</param> + <param name="revision">2f7393a47307a16f8cee44a37b262e8b81021e3e</param> <param name="exclude">.git</param> </service> <service name="recompress" mode="disabled"> diff --git a/runc-git.2f7393a.tar.xz b/runc-git.2f7393a.tar.xz new file mode 100644 index 0000000..afc05f1 --- /dev/null +++ b/runc-git.2f7393a.tar.xz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:ada7533b8a684ffde5a7b45517573bdae3a501cc3460107a0deb1e290f040bb0 +size 413492 diff --git a/runc-git.50a19c6.tar.xz b/runc-git.50a19c6.tar.xz deleted file mode 100644 index 903c79c..0000000 --- a/runc-git.50a19c6.tar.xz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:971d6eaeb495b0d3368004521dc73fba670d4e0e3fd51408d450cd5bdc393dcf -size 406228 diff --git a/runc.changes b/runc.changes index c723aeb..191af06 100644 --- a/runc.changes +++ b/runc.changes @@ -1,3 +1,8 @@ +------------------------------------------------------------------- +Fri Feb 24 18:08:10 UTC 2017 - jmassaguerpla@suse.com + +- update to docker-1.13.0 requirement + ------------------------------------------------------------------- Fri Jan 13 13:58:33 UTC 2017 - jmassaguerpla@suse.com diff --git a/runc.spec b/runc.spec index 5b13ebc..bbc552c 100644 --- a/runc.spec +++ b/runc.spec @@ -40,13 +40,13 @@ # FIX-OPENSUSE: This will be removed as soon as we move Docker's runC fork into # a separate package. This whole versioning mess is caused by # Docker vendoring non-releases of runC. -%define git_version 50a19c6 +%define git_version 2f7393a # How to get the git_revision # git clone ${url}.git runc-upstream # cd runc-upstream # git checkout $git_version # git_revision=r$(git rev-list HEAD | wc -l) -%define git_revision r2819 +%define git_revision r2942 %define version_unconverted %{git_version} Name: runc