From 588a1df835493b24d827a59c7072cb016af00aa3200f5deadea1a9704447a71e Mon Sep 17 00:00:00 2001
From: Aleksa Sarai <asarai@suse.com>
Date: Thu, 13 Dec 2018 07:54:13 +0000
Subject: [PATCH 1/2] Accepting request 657727 from
 home:dorf:branches:Virtualization:containers

- Require golang = 1.10.

OBS-URL: https://build.opensuse.org/request/show/657727
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=69
---
 runc.changes | 5 +++++
 runc.spec    | 8 +++++---
 2 files changed, 10 insertions(+), 3 deletions(-)

diff --git a/runc.changes b/runc.changes
index b2f7dc9..b38f8d9 100644
--- a/runc.changes
+++ b/runc.changes
@@ -1,3 +1,8 @@
+-------------------------------------------------------------------
+Thu Dec 13 04:34:25 UTC 2018 - dorf@suse.com
+
+- Require golang = 1.10.
+
 -------------------------------------------------------------------
 Thu Nov 29 09:10:09 UTC 2018 - Aleksa Sarai <asarai@suse.com>
 
diff --git a/runc.spec b/runc.spec
index 6f4f099..77b5a74 100644
--- a/runc.spec
+++ b/runc.spec
@@ -12,7 +12,7 @@
 # license that conforms to the Open Source Definition (Version 1.9)
 # published by the Open Source Initiative.
 
-# Please submit bugfixes or comments via https://bugs.opensuse.org/
+# Please submit bugfixes or comments via http://bugs.opensuse.org/
 #
 # nodebuginfo
 
@@ -21,6 +21,8 @@
 # only package released versions (unlike docker-runc).
 %define git_version %{nil}
 
+# Package-wide golang version
+%define go_version 1.10
 %define go_tool go
 %define _version 1.0.0-rc6
 %define project github.com/opencontainers/runc
@@ -50,7 +52,7 @@ Source1:        https://github.com/opencontainers/runc/releases/download/v%{_ver
 Source2:        runc.keyring
 BuildRequires:  fdupes
 BuildRequires:  go-go-md2man
-BuildRequires:  golang(API) = 1.10
+BuildRequires:  golang(API) = %{go_version}
 %if 0%{?with_libseccomp}
 BuildRequires:  libseccomp-devel
 %endif
@@ -68,7 +70,7 @@ and has grown to become a separate project entirely.
 Summary:        Test package for runc
 # Make sure we require go 1.7
 Group:          System/Management
-BuildRequires:  golang(API) = 1.7
+BuildRequires:  golang(API) = %{go_version}
 Requires:       go-go-md2man
 Requires:       libapparmor-devel
 %if 0%{?with_libseccomp}

From 337c2c14ccb00c1cbcb9cf53da8b213696c95e9a87bc51c45d77bde345a137de Mon Sep 17 00:00:00 2001
From: Aleksa Sarai <asarai@suse.com>
Date: Thu, 20 Dec 2018 11:15:05 +0000
Subject: [PATCH 2/2] Accepting request 660132 from
 home:clee:branches:Virtualization:containers

- Update go requirements to >= go1.10 to fix
  * bsc#1118897 CVE-2018-16873
    go#29230 cmd/go: remote command execution during "go get -u"
  * bsc#1118898 CVE-2018-16874
    go#29231 cmd/go: directory traversal in "go get" via curly braces in import paths
  * bsc#1118899 CVE-2018-16875
    go#29233 crypto/x509: CPU denial of service

OBS-URL: https://build.opensuse.org/request/show/660132
OBS-URL: https://build.opensuse.org/package/show/Virtualization:containers/runc?expand=0&rev=70
---
 runc.changes | 10 ++++++++++
 1 file changed, 10 insertions(+)

diff --git a/runc.changes b/runc.changes
index b38f8d9..8311113 100644
--- a/runc.changes
+++ b/runc.changes
@@ -1,4 +1,14 @@
 -------------------------------------------------------------------
+Wed Dec 19 19:55:11 UTC 2018 - clee@suse.com
+
+- Update go requirements to >= go1.10 to fix
+  * bsc#1118897 CVE-2018-16873
+    go#29230 cmd/go: remote command execution during "go get -u"
+  * bsc#1118898 CVE-2018-16874
+    go#29231 cmd/go: directory traversal in "go get" via curly braces in import paths
+  * bsc#1118899 CVE-2018-16875
+    go#29233 crypto/x509: CPU denial of service 
+-------------------------------------------------------------------
 Thu Dec 13 04:34:25 UTC 2018 - dorf@suse.com
 
 - Require golang = 1.10.