Hello community,
here is the log from the commit of package umoci for openSUSE:Factory checked
in at 2017-10-09 19:43:14
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/umoci (Old)
and /work/SRC/openSUSE:Factory/.umoci.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "umoci"
Mon Oct 9 19:43:14 2017 rev:6 rq:531414 version:0.3.1
Changes:
--------
--- /work/SRC/openSUSE:Factory/umoci/umoci.changes 2017-08-08
11:58:16.948112053 +0200
+++ /work/SRC/openSUSE:Factory/.umoci.new/umoci.changes 2017-10-09
19:47:09.382391782 +0200
@@ -1,0 +2,45 @@
+Wed Oct 4 02:52:51 UTC 2017 - asa...@suse.com
+
+- Update to umoci v0.3.1. Upstream changelog:
+ - Fix several minor bugs in `hack/release.sh` that caused the release
artefacts
+ to not match the intended style, as well as making it more generic so
other
+ projects can use it. openSUSE/umoci#155 openSUSE/umoci#163
+ - A recent configuration issue caused `go vet` and `go lint` to not run
as part
+ of our CI jobs. This means that some of the information submitted as
part of
+ [CII best practices badging][cii] was not accurate. This has been
corrected,
+ and after review we concluded that only stylistic issues were
discovered by
+ static analysis. openSUSE/umoci#158
+ - 32-bit unit test builds were broken in a refactor in [0.3.0]. This
has been
+ fixed, and we've added tests to our CI to ensure that something like
this
+ won't go unnoticed in the future. openSUSE/umoci#157
+ - `umoci unpack` would not correctly preserve set{uid,gid} bits. While
this
+ would not cause issues when building an image (as we only create a
manifest
+ of the final extracted rootfs), it would cause issues for other users
of
+ `umoci`. openSUSE/umoci#166 openSUSE/umoci#169
+ - Updated to [v0.4.1 of `go-mtree`][gomtree-v0.4.1], which fixes
several minor
+ bugs with manifest generation. openSUSE/umoci#176
+ - `umoci unpack` would not handle "weird" tar archive layers previously
(it
+ would error out with DiffID errors). While this wouldn't cause issues
for
+ layers generated using Go's `archive/tar` implementation, it would
cause
+ issues for GNU gzip and other such tools.
+ - `umoci unpack`'s mapping options (`--uid-map` and `--gid-map`) have
had an
+ interface change, to better match the
[`user_namespaces(7)`][user_namespaces]
+ interfaces. Note that this is a **breaking change**, but the
workaround is to
+ switch to the trivially different (but now more consistent) format.
+ openSUSE/umoci#167
+ - `umoci unpack` used to create the bundle and rootfs with world
+ read-and-execute permissions by default. This could potentially
result in an
+ unsafe rootfs (containing dangerous setuid binaries for instance)
being
+ accessible by an unprivileged user. This has been fixed by always
setting the
+ mode of the bundle to `0700`, which requires a user to explicitly
work around
+ this basic protection. This scenario was documented in our security
+ documentation previously, but has now been fixed. openSUSE/umoci#181
+ openSUSE/umoci#182
+
+ [cii]: https://bestpractices.coreinfrastructure.org/projects/1084
+ [gomtree-v0.4.1]: https://github.com/vbatts/go-mtree/releases/tag/v0.4.1
+ [user_namespaces]:
http://man7.org/linux/man-pages/man7/user_namespaces.7.html
+- Remove patch that has been applied upstream.
+ - i586-0001-fix-mis-usage-of-time.Unix.patch
+
+-------------------------------------------------------------------
Old:
----
i586-0001-fix-mis-usage-of-time.Unix.patch
umoci-0.3.0.tar.xz
umoci-0.3.0.tar.xz.asc
New:
----
umoci-0.3.1.tar.xz
umoci-0.3.1.tar.xz.asc
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ umoci.spec ++++++
--- /var/tmp/diff_new_pack.iHUXUm/_old 2017-10-09 19:47:10.274352580 +0200
+++ /var/tmp/diff_new_pack.iHUXUm/_new 2017-10-09 19:47:10.278352404 +0200
@@ -24,7 +24,7 @@
%define project github.com/openSUSE/umoci
Name: umoci
-Version: 0.3.0
+Version: 0.3.1
Release: 0
Summary: Open Container Image manipulation tool
License: Apache-2.0
@@ -33,8 +33,6 @@
Source0: %{name}-%{version}.tar.xz
Source1: %{name}-%{version}.tar.xz.asc
Source2: %{name}.keyring
-# PATCH-FIX-UPSTREAM: Backport of https://github.com/openSUSE/umoci/pull/157.
-Patch100: i586-0001-fix-mis-usage-of-time.Unix.patch
BuildRequires: fdupes
BuildRequires: go >= 1.6
BuildRequires: go-go-md2man
@@ -50,8 +48,6 @@
%prep
%setup -q
-# https://github.com/openSUSE/umoci/pull/157
-%patch100 -p1
%build
++++++ _service ++++++
--- /var/tmp/diff_new_pack.iHUXUm/_old 2017-10-09 19:47:10.330350118 +0200
+++ /var/tmp/diff_new_pack.iHUXUm/_new 2017-10-09 19:47:10.330350118 +0200
@@ -2,14 +2,14 @@
<service name="download_url" mode="disabled">
<param name="protocol">https</param>
<param name="host">github.com</param>
- <param
name="path">openSUSE/umoci/releases/download/v0.3.0/umoci.tar.xz</param>
- <param name="filename">umoci-0.3.0.tar.xz</param>
+ <param
name="path">openSUSE/umoci/releases/download/v0.3.1/umoci.tar.xz</param>
+ <param name="filename">umoci-0.3.1.tar.xz</param>
</service>
<service name="download_url" mode="disabled">
<param name="protocol">https</param>
<param name="host">github.com</param>
- <param
name="path">openSUSE/umoci/releases/download/v0.3.0/umoci.tar.xz.asc</param>
- <param name="filename">umoci-0.3.0.tar.xz.asc</param>
+ <param
name="path">openSUSE/umoci/releases/download/v0.3.1/umoci.tar.xz.asc</param>
+ <param name="filename">umoci-0.3.1.tar.xz.asc</param>
</service>
<service name="set_version" mode="disabled">
<param name="basename">umoci</param>
++++++ umoci-0.3.0.tar.xz -> umoci-0.3.1.tar.xz ++++++
++++ 11580 lines of diff (skipped)
