Hello community, here is the log from the commit of package umoci for openSUSE:Factory checked in at 2017-10-09 19:43:14 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/umoci (Old) and /work/SRC/openSUSE:Factory/.umoci.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "umoci" Mon Oct 9 19:43:14 2017 rev:6 rq:531414 version:0.3.1 Changes: -------- --- /work/SRC/openSUSE:Factory/umoci/umoci.changes 2017-08-08 11:58:16.948112053 +0200 +++ /work/SRC/openSUSE:Factory/.umoci.new/umoci.changes 2017-10-09 19:47:09.382391782 +0200 @@ -1,0 +2,45 @@ +Wed Oct 4 02:52:51 UTC 2017 - asa...@suse.com + +- Update to umoci v0.3.1. Upstream changelog: + - Fix several minor bugs in `hack/release.sh` that caused the release artefacts + to not match the intended style, as well as making it more generic so other + projects can use it. openSUSE/umoci#155 openSUSE/umoci#163 + - A recent configuration issue caused `go vet` and `go lint` to not run as part + of our CI jobs. This means that some of the information submitted as part of + [CII best practices badging][cii] was not accurate. This has been corrected, + and after review we concluded that only stylistic issues were discovered by + static analysis. openSUSE/umoci#158 + - 32-bit unit test builds were broken in a refactor in [0.3.0]. This has been + fixed, and we've added tests to our CI to ensure that something like this + won't go unnoticed in the future. openSUSE/umoci#157 + - `umoci unpack` would not correctly preserve set{uid,gid} bits. While this + would not cause issues when building an image (as we only create a manifest + of the final extracted rootfs), it would cause issues for other users of + `umoci`. openSUSE/umoci#166 openSUSE/umoci#169 + - Updated to [v0.4.1 of `go-mtree`][gomtree-v0.4.1], which fixes several minor + bugs with manifest generation. openSUSE/umoci#176 + - `umoci unpack` would not handle "weird" tar archive layers previously (it + would error out with DiffID errors). While this wouldn't cause issues for + layers generated using Go's `archive/tar` implementation, it would cause + issues for GNU gzip and other such tools. + - `umoci unpack`'s mapping options (`--uid-map` and `--gid-map`) have had an + interface change, to better match the [`user_namespaces(7)`][user_namespaces] + interfaces. Note that this is a **breaking change**, but the workaround is to + switch to the trivially different (but now more consistent) format. + openSUSE/umoci#167 + - `umoci unpack` used to create the bundle and rootfs with world + read-and-execute permissions by default. This could potentially result in an + unsafe rootfs (containing dangerous setuid binaries for instance) being + accessible by an unprivileged user. This has been fixed by always setting the + mode of the bundle to `0700`, which requires a user to explicitly work around + this basic protection. This scenario was documented in our security + documentation previously, but has now been fixed. openSUSE/umoci#181 + openSUSE/umoci#182 + + [cii]: https://bestpractices.coreinfrastructure.org/projects/1084 + [gomtree-v0.4.1]: https://github.com/vbatts/go-mtree/releases/tag/v0.4.1 + [user_namespaces]: http://man7.org/linux/man-pages/man7/user_namespaces.7.html +- Remove patch that has been applied upstream. + - i586-0001-fix-mis-usage-of-time.Unix.patch + +------------------------------------------------------------------- Old: ---- i586-0001-fix-mis-usage-of-time.Unix.patch umoci-0.3.0.tar.xz umoci-0.3.0.tar.xz.asc New: ---- umoci-0.3.1.tar.xz umoci-0.3.1.tar.xz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ umoci.spec ++++++ --- /var/tmp/diff_new_pack.iHUXUm/_old 2017-10-09 19:47:10.274352580 +0200 +++ /var/tmp/diff_new_pack.iHUXUm/_new 2017-10-09 19:47:10.278352404 +0200 @@ -24,7 +24,7 @@ %define project github.com/openSUSE/umoci Name: umoci -Version: 0.3.0 +Version: 0.3.1 Release: 0 Summary: Open Container Image manipulation tool License: Apache-2.0 @@ -33,8 +33,6 @@ Source0: %{name}-%{version}.tar.xz Source1: %{name}-%{version}.tar.xz.asc Source2: %{name}.keyring -# PATCH-FIX-UPSTREAM: Backport of https://github.com/openSUSE/umoci/pull/157. -Patch100: i586-0001-fix-mis-usage-of-time.Unix.patch BuildRequires: fdupes BuildRequires: go >= 1.6 BuildRequires: go-go-md2man @@ -50,8 +48,6 @@ %prep %setup -q -# https://github.com/openSUSE/umoci/pull/157 -%patch100 -p1 %build ++++++ _service ++++++ --- /var/tmp/diff_new_pack.iHUXUm/_old 2017-10-09 19:47:10.330350118 +0200 +++ /var/tmp/diff_new_pack.iHUXUm/_new 2017-10-09 19:47:10.330350118 +0200 @@ -2,14 +2,14 @@ <service name="download_url" mode="disabled"> <param name="protocol">https</param> <param name="host">github.com</param> - <param name="path">openSUSE/umoci/releases/download/v0.3.0/umoci.tar.xz</param> - <param name="filename">umoci-0.3.0.tar.xz</param> + <param name="path">openSUSE/umoci/releases/download/v0.3.1/umoci.tar.xz</param> + <param name="filename">umoci-0.3.1.tar.xz</param> </service> <service name="download_url" mode="disabled"> <param name="protocol">https</param> <param name="host">github.com</param> - <param name="path">openSUSE/umoci/releases/download/v0.3.0/umoci.tar.xz.asc</param> - <param name="filename">umoci-0.3.0.tar.xz.asc</param> + <param name="path">openSUSE/umoci/releases/download/v0.3.1/umoci.tar.xz.asc</param> + <param name="filename">umoci-0.3.1.tar.xz.asc</param> </service> <service name="set_version" mode="disabled"> <param name="basename">umoci</param> ++++++ umoci-0.3.0.tar.xz -> umoci-0.3.1.tar.xz ++++++ ++++ 11580 lines of diff (skipped)