On Fri, Oct 14, 2016, at 02:37 PM, Daniel J Walsh wrote:
> If we block the creation of the devices when exploding a OCI Image
> Bundle, we end up with something that is different then what is
> downloaded and this could potentially cause problems with mtree checking
> of the image on disk versus
On Wed, Oct 12, 2016 at 10:29 AM, Colin Walters wrote:
>
> On Tue, Oct 11, 2016, at 02:45 PM, Jeremy Eder wrote:
>
> Because layered products (not just OpenShift) do not want to be coupled to
> the RHEL release schedule to update their profiles. They want to own their
>
On Fri, Oct 14, 2016 at 7:40 AM, Jeremy Eder wrote:
> On Wed, Oct 12, 2016 at 10:29 AM, Colin Walters
> wrote:
>
>>
>> On Tue, Oct 11, 2016, at 02:45 PM, Jeremy Eder wrote:
>>
>> Because layered products (not just OpenShift) do not want to be coupled
>> to
A new release of bubblewrap is available:
https://github.com/projectatomic/bubblewrap/releases/tag/v0.1.3
Which fixes a local privilege escalation. Specifically relevant to Project
Atomic,
this applies only to CentOS7/RHEL7 systems which have
bubblewrap installed as privileged code.
Notably,
We are seeing the same problem that William Temple had this summer,
where OSTree refuses to store an image with devices on it. We
understand that devices should not be in image, but sadly Ubuntu image
has them and therefore thousands of other images do as well.
If we block the creation of the
On Fri, Oct 14, 2016, at 12:53 PM, Colin Walters wrote:
> A new release of bubblewrap is available:
>
> https://github.com/projectatomic/bubblewrap/releases/tag/v0.1.3
...
> So, expect updates to land in:
>
> - EPEL7
https://bodhi.fedoraproject.org/updates/bubblewrap-0.1.3-2.el7
> -