Hello community, here is the log from the commit of package buildah for openSUSE:Leap:15.2 checked in at 2020-02-21 10:48:29 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2/buildah (Old) and /work/SRC/openSUSE:Leap:15.2/.buildah.new.26092 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "buildah" Fri Feb 21 10:48:29 2020 rev:6 rq:774178 version:1.13.1 Changes: -------- --- /work/SRC/openSUSE:Leap:15.2/buildah/buildah.changes 2020-01-15 14:49:06.609367297 +0100 +++ /work/SRC/openSUSE:Leap:15.2/.buildah.new.26092/buildah.changes 2020-02-21 10:48:55.970870375 +0100 @@ -2 +2 @@ -Mon Sep 2 12:02:44 UTC 2019 - Sascha Grunert <[email protected]> +Wed Jan 15 07:44:30 UTC 2020 - Sascha Grunert <[email protected]> @@ -4,2 +4,384 @@ -- Add patch for CVE-2019-10214. bsc#1144065 - + CVE-2019-10214.patch +- Update to v1.13.1 + * copyFileWithTar: close source files at the right time + * copy: don't digest files that we ignore + * Check for .dockerignore specifically + * Don't setup excludes, if their is only one pattern to match + * set HOME env to /root on chroot-isolation by default + * docs: fix references to containers-*.5 + * fix bug Add check .dockerignore COPY file + * buildah bud --volume: run from tmpdir, not source dir + * Fix imageNamePrefix to give consistent names in buildah-from + * cpp: use -traditional and -undef flags + * discard outputs coming from onbuild command on buildah-from --quiet + * make --format columnizing consistent with buildah images + * Fix option handling for volumes in build + * Rework overlay pkg for use with libpod + * Fix buildahimage builds for buildah + * Add support for FIPS-Mode backends + * Set the TMPDIR for pulling/pushing image to $TMPDIR + +------------------------------------------------------------------- +Mon Dec 16 08:54:54 UTC 2019 - Sascha Grunert <[email protected]> + +- Update to v1.12.0 + * Allow ADD to use http src + * imgtype: reset storage opts if driver overridden + * Start using containers/common + * overlay.bats typo: fuse-overlays should be fuse-overlayfs + * chroot: Unmount with MNT_DETACH instead of UnmountMountpoints() + * bind: don't complain about missing mountpoints + * imgtype: check earlier for expected manifest type + * Add history names support + +------------------------------------------------------------------- +Thu Dec 5 08:11:11 UTC 2019 - Sascha Grunert <[email protected]> + +- Update to v1.11.6 + * Handle missing equal sign in --from and --chown flags + for COPY/ADD + * bud COPY does not download URL + * Fix .dockerignore exclude regression + * commit(docker): always set ContainerID and ContainerConfig + * Touch up commit man page image parameter + * Add builder identity annotations. + +------------------------------------------------------------------- +Tue Nov 12 14:57:37 UTC 2019 - Sascha Grunert <[email protected]> + +- Update to v1.11.5 + * buildah: add "manifest" command + * pkg/supplemented: add a package for grouping images together + * pkg/manifests: add a manifest list build/manipulation API + * Update for ErrUnauthorizedForCredentials API change in containers/image + * Update for manifest-lists API changes in containers/image + * version: also note the version of containers/image + * Move to containers/image v5.0.0 + * Enable --device directory as src device + * Add clarification to the Tutorial for new users + * Silence "using cache" to ensure -q is fully quiet + * Move runtime flag to bud from common + * Commit: check for storage.ErrImageUnknown using errors.Cause() + * Fix crash when invalid COPY --from flag is specified. + +------------------------------------------------------------------- +Tue Oct 29 09:08:07 UTC 2019 - Sascha Grunert <[email protected]> + +- Update to v1.11.4 + * buildah: add a "manifest" command + * pkg/manifests: add a manifest list build/manipulation API + * Update for ErrUnauthorizedForCredentials API change in containers/image + * Update for manifest-lists API changes in containers/image + * Move to containers/image v5.0.0 + * Enable --device directory as src device + * Add clarification to the Tutorial for new users + * Silence "using cache" to ensure -q is fully quiet + * Move runtime flag to bud from common + * Commit: check for storage.ErrImageUnknown using errors.Cause() + * Fix crash when invalid COPY --from flag is specified. + +------------------------------------------------------------------- +Mon Oct 7 06:54:05 UTC 2019 - Sascha Grunert <[email protected]> + +- Update to v1.11.3 + * Add cgroups2 + * Add support for retrieving context from stdin "-" + * Added tutorial on how to include Buildah as library + * Fix --build-args handling + * Print build 'STEP' line to stdout, not stderr + * Use Containerfile by default + +------------------------------------------------------------------- +Mon Sep 23 15:32:41 UTC 2019 - Richard Brown <[email protected]> + +- Update to v1.11.2 + * Add some cleanup code + * Move devices code to unit specific directory. + +------------------------------------------------------------------- +Fri Sep 13 07:07:28 UTC 2019 - Sascha Grunert <[email protected]> + +- Update to v1.11.1 + * Add --devices flag to bud and from + * Add support for /run/.containerenv + * Allow mounts.conf entries for equal source and destination paths + * Fix label and annotation for 1-line Dockerfiles + * Preserve file and directory mount permissions + * Replace --debug=false with --log-level=error + * Set TMPDIR to /var/tmp by default + * Truncate output of too long image names + * Ignore EmptyLayer if Squash is set + +------------------------------------------------------------------- +Thu Sep 5 15:02:56 UTC 2019 - Sascha Grunert <[email protected]> + +- Update to v1.11.0 + * Add --digestfile and Re-add push statement as debug + * Add --log-level command line option and deprecate --debug + * Add security-related volume options to validator + * Allow buildah bud to be called without arguments + * Allow to override build date with SOURCE_DATE_EPOCH + * Correctly detect ExitError values from Run() + * Disable empty logrus timestamps to reduce logger noise + * Fix directory pull image names + * Fix handling of /dev/null masked devices + * Fix possible runtime panic on bud + * Update bud/from help to contain indicator for --dns=none + * Update documentation about bud + * Update shebangs to take env into consideration + * Use content digests in ADD/COPY history entries + * add support for cgroupsV2 + * add: add a DryRun flag to AddAndCopyOptions + * add: handle hard links when copying with .dockerignore + * add: teach copyFileWithTar() about symlinks and directories + * imagebuilder: fix detection of referenced stage roots + * pull/commit/push: pay attention to $BUILD_REGISTRY_SOURCES + * run_linux: fix mounting /sys in a userns +- Remove hardly set build tags in favor of the Makefile + +------------------------------------------------------------------- +Fri Aug 16 06:32:33 UTC 2019 - Sascha Grunert <[email protected]> + +- Update to v1.10.1 + * Add automatic apparmor tag discovery + * Add overlayfs to fuse-overlayfs tip + * Bug fix for volume minus syntax + * Bump container/storage v1.13.1 and containers/image v3.0.1 + * Bump containers/image to v3.0.2 to fix keyring issue + * Fix bug whereby --get-login has no effect + * Bump github.com/containernetworking/cni to v0.7.1 +- Add appamor-pattern requirement + +------------------------------------------------------------------- +Mon Aug 5 10:41:41 UTC 2019 - Sascha Grunert <[email protected]> + +- Update build process to match the latest repository architecture +- Update to v1.10.0 + * vendor github.com/containers/[email protected] + * Remove GO111MODULE in favor of -mod=vendor + * Vendor in containers/storage v1.12.16 + * Add '-' minus syntax for removal of config values + * tests: enable overlay tests for rootless + * rootless, overlay: use fuse-overlayfs + * vendor github.com/containers/[email protected] + * Added '-' syntax to remove volume config option + * delete successfully pushed message + * Add golint linter and apply fixes + * vendor github.com/containers/[email protected] + * Change wait to sleep in buildahimage readme + * Handle ReadOnly images when deleting images + * Add support for listing read/only images + * from/import: record the base image's digest, if it has one + * Fix CNI version retrieval to not require network connection + * Add misspell linter and apply fixes + * Add goimports linter and apply fixes + * Add stylecheck linter and apply fixes + * Add unconvert linter and apply fixes + * image: make sure we don't try to use zstd compression + * run.bats: skip the "z" flag when testing --mount + * Update to runc v1.0.0-rc8 + * Update to match updated runtime-tools API + * bump github.com/opencontainers/runtime-tools to v0.9.0 + * Build e2e tests using the proper build tags + * Add unparam linter and apply fixes + * Run: correct a typo in the --cap-add help text + * unshare: add a --mount flag + * fix push check image name is not empty + * add: fix slow copy with no excludes + * Add errcheck linter and fix missing error check + * Improve tests/tools/Makefile parallelism and abstraction + * Fix response body not closed resource leak + * Switch to golangci-lint + * Add gomod instructions and mailing list links + * On Masked path, check if /dev/null already mounted before mounting ++++ 192 more lines (skipped) ++++ between /work/SRC/openSUSE:Leap:15.2/buildah/buildah.changes ++++ and /work/SRC/openSUSE:Leap:15.2/.buildah.new.26092/buildah.changes Old: ---- CVE-2019-10214.patch buildah-1.7.1.tar.xz New: ---- buildah-1.13.1.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ buildah.spec ++++++ --- /var/tmp/diff_new_pack.zRAKjw/_old 2020-02-21 10:48:56.334871118 +0100 +++ /var/tmp/diff_new_pack.zRAKjw/_new 2020-02-21 10:48:56.334871118 +0100 @@ -22,7 +22,7 @@ %define with_libostree 1 %endif Name: buildah -Version: 1.7.1 +Version: 1.13.1 Release: 0 Summary: Tool for building OCI containers License: Apache-2.0 @@ -30,14 +30,12 @@ URL: https://github.com/containers/buildah Source0: %{name}-%{version}.tar.xz Source1: %{name}-rpmlintrc -Patch0: CVE-2019-10214.patch BuildRequires: bash-completion BuildRequires: device-mapper-devel BuildRequires: fdupes BuildRequires: git BuildRequires: glib2-devel-static BuildRequires: glibc-devel-static -BuildRequires: go-go-md2man BuildRequires: golang-packaging BuildRequires: libapparmor-devel BuildRequires: libassuan-devel @@ -45,6 +43,7 @@ BuildRequires: libgpgme-devel BuildRequires: libseccomp-devel BuildRequires: golang(API) >= 1.10 +Requires: patterns-base-apparmor Requires: libcontainers-common Requires: libcontainers-image Requires: libcontainers-storage @@ -70,7 +69,6 @@ %prep %setup -q -%patch0 -p0 %build # We can't use symlinks here because go-list gets confused by symlinks, so we @@ -81,24 +79,8 @@ cp -avr * $HOME/go/src/%{project} cd $HOME/go/src/%{project} -%if 0%{?with_libostree} -echo "Compiling with libostree support" -export BUILDTAGS="seccomp apparmor" -%else -echo "Compiling without libostree support" -export BUILDTAGS="seccomp apparmor containers_image_ostree_stub" -%endif - -export CNIVersion=`sed -e '\,github.com/containernetworking/cni, !d' -e 's,.* ,,g' vendor.conf` # Build buildah -go build -tags "$BUILDTAGS" \ - -buildmode=pie \ - -ldflags '-s -w -X main.buildInfo='$SOURCE_DATE_EPOCH' -X main.cniVersion='$CNIVersion'' \ - -o bin/buildah \ - %{project}/cmd/buildah - -# Build manpages -make %{?_smp_mflags} -C docs +make %{?_smp_mflags} GIT_COMMIT=unknown EXTRALDFLAGS=-buildmode=pie %check # Too many tests fail due to the restricted permissions in the build enviroment. @@ -107,7 +89,7 @@ %install cd $HOME/go/src/%{project} -install -D -m 0755 bin/buildah %{buildroot}/%{_bindir}/buildah +install -D -m 0755 buildah %{buildroot}/%{_bindir}/buildah install -d %{buildroot}/%{_mandir}/man1 install -m 0644 docs/buildah*.1 %{buildroot}/%{_mandir}/man1 install -D -m 0644 contrib/completions/bash/buildah %{buildroot}/%{_datadir}/bash-completion/completions/buildah ++++++ _service ++++++ --- /var/tmp/diff_new_pack.zRAKjw/_old 2020-02-21 10:48:56.358871167 +0100 +++ /var/tmp/diff_new_pack.zRAKjw/_new 2020-02-21 10:48:56.358871167 +0100 @@ -4,8 +4,8 @@ <param name="url">https://github.com/containers/buildah.git</param> <param name="scm">git</param> <param name="filename">buildah</param> -<param name="versionformat">1.7.1</param> -<param name="revision">v1.7.1</param> +<param name="versionformat">1.13.1</param> +<param name="revision">v1.13.1</param> </service> <service name="recompress" mode="disabled"> ++++++ buildah-1.7.1.tar.xz -> buildah-1.13.1.tar.xz ++++++ ++++ 1118773 lines of diff (skipped)
