90db8e15d16621df5a1595d98c65f81d1.1.1cooloFix ExclusiveArch statement241204d5efc088af0ede6a1a65c6355891d3351.1.2cooloAutomatic submission by obs-autosubmit2433367649204ef37c916e4315fbc8ad2575751.1.2lnusselAutomatic submission by obs-autosubmit2448647649204ef37c916e4315fbc8ad2575751.1.2adrianSuSESplit 13.2 from Factory00e3398a1e5c999f01706b9a10ba0b381.2.0cooloAutomatic submission by obs-autosubmit2470569ff2d09095f8cc29b86eb62287aea6fd1.2.0cooloAutomatic submission by obs-autosubmit248639cb75339e6916a51b8153be0f8ca7b3dd1.2.0coolo124898128b98661ebc753ed1cf1988d728e44d41.3.0cooloAutomatic submission by obs-autosubmit2584840d61ee49b9404b8c4787eaa96c86f7611.3.1dimstar_suseAutomatic submission by obs-autosubmit260217d8344e72dc114e749969e86b2f3e67cb1.3.2dimstar_suseAutomatic submission by obs-autosubmit26386318393c49d836260570eba11794f9fcff1.4.0coolo- Updated to 1.4.0 (2014-12-11):
* Notable Features since 1.3.0:
- Set key=value labels to the daemon (displayed in `docker info`), applied with
new `-label` daemon flag
- Add support for `ENV` in Dockerfile of the form:
`ENV name=value name2=value2...`
- New Overlayfs Storage Driver
- `docker info` now returns an `ID` and `Name` field
- Filter events by event name, container, or image
- `docker cp` now supports copying from container volumes
- Fixed `docker tag`, so it honors `--force` when overriding a tag for existing
image.
- Changes introduced by 1.3.3 (2014-12-11):
* Security:
- Fix path traversal vulnerability in processing of absolute symbolic links (CVE-2014-9356) - (bnc#909709)
- Fix decompression of xz image archives, preventing privilege escalation (CVE-2014-9357) - (bnc#909710)
- Validate image IDs (CVE-2014-9358) - (bnc#909712)
* Runtime:
- Fix an issue when image archives are being read slowly
* Client:
- Fix a regression related to stdin redirection
- Fix a regression with `docker cp` when destination is the current directory26592032133c565c7ffb2e78c931551f8e9b631.4.1dimstar_suseAutomatic submission by obs-autosubmit282380bca8e70958e34e295c8a4965184250e21.5.0dimstar_suseAutomatic submission by obs-autosubmit286657333e4d042bfbc40074415bb430b7cd8f1.5.0dimstar_suse129471677f243e4fad2574a0c1e1e6e9a1c45f41.6.1coolo1307100cf34a509fd183ed76a7c20901a3f2d5c1.6.2dimstar_suseAutomatic submission by obs-autosubmit308633486e78ea57b319389270975f240a6a1f1.6.2dimstar_suse1308888baaac57f821bf6db235cf40acd976fb11.7.0coolo- Exclude init scripts other than systemd from the test-package
- Exclude intel 32 bits arch. Docker does not built on that. Let's
make it explicit.
- rediff ignore-dockerinit-checksum.patch, gcc-go-build-static-libgo.patch
to make them apply again.
- introduce go_arches for architectures that use the go compiler
instead of gcc-go
- add docker-netns-aarch64.patch: Add support for AArch64
- enable build for aarch64
- Build man pages only on platforms where gc compiler is available.
- Updated to 1.7.0 (2015-06-16) - bnc#935570
* Runtime
- Experimental feature: support for out-of-process volume plugins
- The userland proxy can be disabled in favor of hairpin NAT using the daemon’s `--userland-proxy=false` flag
- The `exec` command supports the `-u|--user` flag to specify the new process owner
- Default gateway for containers can be specified daemon-wide using the `--default-gateway` and `--default-gateway-v6` flags
- The CPU CFS (Completely Fair Scheduler) quota can be set in `docker run` using `--cpu-quota`
- Container block IO can be controlled in `docker run` using`--blkio-weight`
- ZFS support
- The `docker logs` command supports a `--since` argument
- UTS namespace can be shared with the host with `docker run --uts=host`
* Quality
- Networking stack was entirely rewritten as part of the libnetwork effort
- Engine internals refactoring
- Volumes code was entirely rewritten to support the plugins effort
- Sending SIGUSR1 to a daemon will dump all goroutines stacks without exiting315847f51d8f35c285e631c4841eacb57377d71.7.1coolofix build fail with debuginfo enabled by running fdupes
and...
- Update to 1.7.1 (2015-07-14) (bnc#938156)
Runtime
Fix default user spawning exec process with docker exec
Make --bridge=none not to configure the network bridge
Publish networking stats properly
Fix implicit devicemapper selection with static binaries
Fix socket connections that hung intermittently
Fix bridge interface creation on CentOS/RHEL 6.6
Fix local dns lookups added to resolv.conf
Fix copy command mounting volumes
Fix read/write privileges in volumes mounted with --volumes-from
Remote API
Fix unmarshalling of Command and Entrypoint
Set limit for minimum client version supported
Validate port specification
Return proper errors when attach/reattach fail
Distribution
Fix pulling private images
Fix fallback between registry V2 and V13179831c42523028e489be1cb253c9d44a512d1.7.1coolo- Exclude archs where docker does not build. Otherwise it gets into
and infinite loop when building.
We'll fix that later if we want to release for those archs.3184578c4432db922a02a3365b1d0d5426485c1.8.1dimstar_suse- Update to docker 1.8.1(bsc#942369 and bsc#942370):
- Fix a bug where pushing multiple tags would result in invalid images
- Update to docker 1.8.0:
see detailed changelog in
https://github.com/docker/docker/releases/tag/v1.8.0
- remove docker-netns-aarch64.patch: This patch was adding
vendor/src/github.com/vishvananda/netns/netns_linux_arm64.go
which is now included upstream, so we don't need this patch anymore3245257ecd3672c55ccc2295daa2879c521ab01.8.1coolo13247992a669c0273708fb1139cbed335a52a491.8.2dimstar_suse- Update docker to 1.8.2 version
see detailed changelog in
https://github.com/docker/docker/releases/tag/v1.8.2
- devicemapper: fix zero-sized field access
Fix issue #15279: does not build with Go 1.5 tip
Due to golang/go@7904946
the devices field is dropped.
This solution works on go1.4 and go1.5
See more in https://github.com/docker/docker/pull/15404
This fix was not included in v1.8.2. See previous link
on why.
fix_15279.patch: contains the patch for issue#152793309362edb73c99bf336fb3dddc46f489d554b1.8.2cooloAutomatic submission by obs-autosubmit3347786d27b3efd609d34fb5f8e3e90fd485611.8.3dimstar_suseAutomatic submission by obs-autosubmit33996613fbb77da9836db0ebaba65d935e27c41.8.3dimstar_suse134105385ffc58a7ea6a4a547894d489083e5121.9.0cooloAutomatic submission by obs-autosubmit3454811f5047ed5b633479e9b3cf4d47d9c0b91.9.1dimstar_suseAutomatic submission by obs-autosubmit34707352d1817794782446ba3136dbba7cace51.9.1dimstar_suse13477201afefff0f02257d09888871587a06e561.9.1dimstar_suseAutomatic submission by obs-autosubmit35132210bc3e494e64498e7e7bce2d54480d041.10.3dimstar_suseAutomatic submission by obs-autosubmit381303a7aa701279d300b96d35f239e020760b1.10.3dimstar_suse1387351b3a83d14d483e94d95620812f0b928f41.11.1dimstar_suseUpdate to Docker 1.11.1. The changelog changes are due to OBS and IBS being
synced, and were ok'd by maintainence. From this point onwards, all updates to
Docker packages will be sourced from Virtualization:containers. This request
goes together with request 392078 and 393249.
In addition, this includes a patch to fix a vulnerability in Docker <= 1.11.1.
This patch is upstream but was merged after the 1.11.x merge window.
CVE-2016-3697. bsc#976777.39325216bfb6ac84f3472844ea3a2b571f35ba1.11.1dimstar_suse- Fix udev files ownership (forwarded request 396996 from jordimassaguerpla)3969986021839ce51be93e4bfb63ce89c7cfa61.11.2dimstar_suseAutomatic submission by obs-autosubmit40245046c866fe4cf672cff50bd25925bce1951.11.2dimstar_suse14049112acc1baa8532ccc54426a4e0f43c3c6e1.11.2dimstar_suse1406837b89e3e6812fa25c2495f7cc332360da21.11.2dimstar_suse140844620ebead01de59c854b46713fdab277821.11.2dimstar_suse141220064fbf0c3fde63409d4cc75ffefd9ebc31.11.2dimstar_suse1417964173cc74ab549bb7c73139a21275083221.11.2dimstar_suse14195968519bfa407434d67a4ce8ecdd4fcc2cb1.12.1dimstar_suse- fix go_arches definition: use global instead of define, otherwise
it fails to build
- Add dockerd(8) man page.
- add missing patch to changelog
- fix integration test case
- add integration-cli-fix-TestInfoEnsureSucceeds.patch
- update rpmlintrc
- make test timeout configurable
- Remove noarch from docker-test, which was causing lots of fun issues when
trying to run them.
- Fix build for ppc64le: use static libgo for dockerd and docker-proxy
as in docker build.
- Update docker to 1.12.1 (bsc#996015)
see changelog in https://github.com/docker/docker/releases/tag/v1.12.1
- Add asaurin@suse.com's test.sh test script.
- Add integration test binary in docker.spec file. This is work done by
asaurin@suse.com.
- Package docker-proxy (which was split out of the docker binary in 1.12).
boo#995620428793594dcc8e2ba58cbdc7e4e7bb73568d9f1.12.1dimstar_suse1434286861211750458080dd5b3a24a61271ba71.12.2dimstar_suseupdate to docker-1.12.2437085d6467c8891d65f4520732afe9ea4ee591.12.3dimstar_suse- update docker to 1.12.3
- fix bsc#1007249 - CVE-2016-8867: Fix ambient capability usage in containers
- other fixes:
https://github.com/docker/docker/releases/tag/v1.12.3
- Fix go version to 1.5 (bsc#977394)437554645437fd044f00405a1841a0505e34a41.12.3dimstar_susethis should go here
https://build.opensuse.org/project/show/openSUSE:Factory:Staging:adi:117441892bff6d6646198fe7567d2916eb0ce600d1.12.3dimstar_suse1442805360706d58981ccf0f00858db12f99bac1.12.3dimstar_suse14452863a755d72640ca6f6036971c38feb71731.12.5dimstar_suse14473060cd6c16f2e537df0309dad69b5b06f5a1.12.6dimstar_suse** This should go together with https://build.opensuse.org/project/show/openSUSE:Factory:Staging:adi:160" **
- fix CVE-2016-9962 bsc#1012568 . Fix it by updating to 1.12.6
plus an extra commit to fix liverestore:
https://github.com/docker/docker/commit/97cd32a6a9076306baa637a29bba84c3f1f3d218
- add "a wait" when starting docker service to fix
bsc#1019251450492bec67a5e4777d06a29d61dc1d6631f571.12.6dimstar_suse14534007b33e2cf213ba030aabe0e8f80b8acfd1.13.0dimstar_suse148084102f85cdbddf4144dd61abb88310930511.13.0maxlin_factory1487506ce74dd82e4f4087b49a3af748893044c17.04.0_cedimstar_suse14956550cc4659b07cc99ff4f569db4620b545a17.04.0_cedimstar_suse149966745ab63d5444a00c6daa95ffe2d3666d117.04.0_cedimstar_suse- Fix bsc#1029630: docker does not wait for lvm on system startup
I added "lvm2-monitor.service" as an "After dependency" of the docker systemd
unit. (forwarded request 504626 from jordimassaguerpla)504651bf9c76b66541e7f3d1b01e26d8d7eac917.04.0_cedimstar_suse1512811d86c9fd9d53023c531a9bc8a3d96a7ec17.04.0_cedimstar_suseAutomatic submission by obs-autosubmit5161379964caaf0538b03e26fb79bf52936bb017.04.0_cedimstar_suse1521899b973191471676c3b2c64cb583ea5c58717.04.0_cedimstar_suse15269855516bb84ef02720d0aa77443c4333cc717.07.0_cedimstar_suseUpdate Docker to v17.07.0_ce. This SR is in conjunction with:
* request#535047
* request#535048
* request#535049535075c78757823dd2469068d7fb5604c1584217.07.0_cedimstar_suse1536271d353c9528eb370d5ab2d863c3407ac2617.07.0_cedimstar_suse- Add a backport of https://github.com/moby/moby/pull/35424, which fixes a
security issue where a maliciously crafted image could be used to crash a
Docker daemon. bsc#1066210 CVE-2017-14992
+ bsc1066210-0001-vendor-update-to-github.com-vbatts-tar-split-v0.10.2.patch
- Add a backport of https://github.com/moby/moby/pull/35399, which fixes a
security issue where a Docker container (with a disabled AppArmor profile)
could write to /proc/scsi/... and subsequently DoS the host. bsc#1066801
CVE-2017-16539
+ bsc1066801-0001-oci-add-proc-scsi-to-masked-paths.patch
- Fix bsc#1059011
The systemd service helper script used a timeout of 60 seconds to
start the daemon, which is insufficient in cases where the daemon
takes longer to start. Instead, set the service type from 'simple' to
'notify' and remove the now superfluous helper script.
- fix bsc#1057743: Add a Requires: fix_bsc_1057743 which is provided by the
newer version of docker-libnetwork. This is necessary because of a versioning
bug we found in bsc#1057743.5401954b86c62de4a8f12d0ba3ef529118dec017.07.0_cedimstar_suseThis is an update of the Docker package, mostly just including packaging fixes.
It also drops all of the v1.10.x migration logic we added a while ago. The
delete request for docker-image-migrator was submitted in parallel.54529291a69c522e7a80730b904ae60cbe64c317.07.0_cedimstar_suse54669816c159877033f983d1e89dd284a13cb817.07.0_cedimstar_suse548181ebd621c166fb2cc09138acedac98568617.09.1_cedimstar_suseDocker v17.09.1_ce upgrade.558281c7d639dfff4c8e25576a517fada6f8d717.09.1_cedimstar_suseMinor changelog update.56329049db4ca7d274101172dec1ff53ab2b9a17.09.1_cedimstar_suse567740439d9f65d001032babbe851ec2f5400d17.09.1_cedimstar_suse576049e691129bc752784d74ce83e403d5d8de17.09.1_cedimstar_suse593664f3e1b5e75fdb90fbd0efc0c8b196abc517.09.1_cedimstar_suse595995e897898977b8d1584660450e199b353f17.09.1_cedimstar_suse598552edbc50d06e56dd6e4c1b5c182fd819a217.09.1_cedimstar_suse605682d4fff40875c05c5d89336a6a6a2a248817.09.1_cedimstar_suse- Update secrets patch to not log incorrect warnings when attempting to inject
non-existent host files. bsc#1065609
* secrets-0001-daemon-allow-directory-creation-in-run-secrets.patch
* secrets-0002-SUSE-implement-SUSE-container-secrets.patch6129618709089e13a4b12e14a0fb4b05374b1417.09.1_cedimstar_suse6148296a9da89cecf5040028ae5c7d25fd187117.09.1_cemaxlin_factory6165139efe08630c08ce9fcc2b221909afcab117.09.1_cedimstar_suse61975063e03978b4261300b48e7b84f476a11217.09.1_cedimstar_suse6265562cd7de98a56d0121f1243b1854a9636918.06.1_cedimstar_suse632984fd022b93f203992d1c28a636c013ee3d18.06.1_cedimstar_suse640569688174b32a19b21499749d5f098d1cce18.06.1_cedimstar_suse- Update changelogs to mention bsc#1113313.
- Add backport of https://github.com/containerd/containerd/pull/2764, which is
required for us to build containerd on i586 SLE-12 (where /bin/sh doesn't
like emoji in shell scripts). bsc#1102522 bsc#111331364638021b7db051fc1a5a591364f28b3567c9418.09.0_cedimstar_suseDocker 18.09 upgrade.653739a84077fa8f58a67a57b267f8e54e9b7118.09.0_cedimstar_suse6590737b4812a2bdcd0584c275849e61332e5f18.09.0_cedimstar_suse664600cda58c7d0f8348ee70ccdd8e18ebcde018.09.1_cedimstar_suse- Update to Docker 18.09.1-ce. See upstream changelog in the packaged
/usr/share/doc/packages/docker/CHANGELOG.md. bsc#112430867338482580db5fa7f36c1ea97a427725595f418.09.1_cecoolo6792427f2a3b1c5ffa79a92a862612efdc1fa318.09.3_cedimstar_suse68811906356ad2a5345a3aa88fc343be13533118.09.6_cedimstar_suseUpdate to Docker 18.09.6-ce.701147ef6b215210b4cd8a1988a7374bc374bd18.09.6_cedimstar_suse7089417a6d2448e67cb4ba9e0f1a858bf940dd18.09.7_cedimstar_suseDocker v18.09.7 update.712298b9e219cec6534842737e47c4ce345c7c19.03.0_cedimstar_suseDocker v19.03.0-ce update.7177271811232499f2de3c8675ee890d3a277d19.03.1_cedimstar_suse7197500514c747752f48fa556fec533b800bc719.03.2_cedimstar_suse734439081c3a4a9edb0983e1e2027fd460b64b19.03.3_cedimstar_suse- Drop containerd.service workaround (we've released enough versions without
containerd.service -- there's no need to support package upgrades that old).
- Update to Docker 19.03.3-ce. See upstream changelog in the packaged
/usr/share/doc/packages/docker/CHANGELOG.md. bsc#11533677364091f0d21b9084e2a5cf360bea146a4beb119.03.4_cedimstar_suse- Update to Docker 19.03.4-ce. See upstream changelog in the packaged
/usr/share/doc/packages/docker/CHANGELOG.md.742814d243402496d427af244f9cfd904dbd4a19.03.5_cedimstar_suse749316b77201f842f292badec20337fc9d986f19.03.5_cedimstar_suseAdd bug reference (bsc#1158590).754552232c2d79c33567bc8919cce9a42f9cc119.03.5_cedimstar_suse756079755771d3621ac3430882f1c086679eb919.03.5_cedimstar_suse7586504539c2e8cc63779f35518cb41650173a19.03.11_cedimstar_suse- Update to Docker 19.03.11-ce. See upstream changelog in the packaged
/usr/share/doc/packages/docker/CHANGELOG.md. bsc#1172377 CVE-2020-13401
- Backport https://github.com/gotestyourself/gotest.tools/pull/169 so that we
can build Docker with Go 1.14 (upstream uses Go 1.13).
+ bsc1172377-0001-unexport-testcase.Cleanup-to-fix-Go-1.14.patch811118764675d95c7af0a785f304ede4b000ca19.03.12_cedimstar_suse- Update to Docker 19.03.12-ce. See upstream changelog in the packaged
/usr/share/doc/packages/docker/CHANGELOG.md.
- Use Go 1.13 instead of Go 1.14 because Go 1.14 can cause all sorts of
spurrious errors due to Go returning -EINTR from I/O syscalls much more often
(due to Go 1.14's pre-emptive goroutine support).
- bsc1172377-0001-unexport-testcase.Cleanup-to-fix-Go-1.14.patch
- Add BuildRequires for all -git dependencies so that we catch missing
dependencies much more quickly.81737474a159003cb88553abeb8749c281f06419.03.12_cedimstar_suse- Emergency fix: %requires_eq does not work with provide symbols,
only effective package names. Convert back to regular Requires.62efcabb941b0658e878f85bcd6a06ab19.03.12_cedimstar_suse8266585a7bd442c46ea08da15b101e6d8daa4719.03.12_cedimstar_suse850092c43095c2f274946138c1c0abf8b1e83c19.03.12_cedimstar_suseosc copypac from project:openSUSE:Factory package:docker revision:104, using expandd44b369bd750ee296d5a432bc313fd6819.03.12_cedimstar_suse- Add a patch which makes Docker compatible with firewalld with
nftables backend. Backport of https://github.com/moby/libnetwork/pull/2548
(boo#1178801, SLE-16460)
* boo1178801-0001-Add-docker-interfaces-to-firewalld-docker-zone.patch851816914be0653f1a6359e228016bcb9857cb19.03.14_cedimstar_suse- Update to Docker 19.03.14-ce. See upstream changelog in the packaged
/usr/share/doc/packages/docker/CHANGELOG.md. CVE-2020-15257 bsc#1180243
https://github.com/docker/docker-ce/releases/tag/v19.03.14
- Enable fish-completion
- Add Conflicts and Provides for kubic flavour of docker-fish-completion.858295ad72749d89d355dc3e3734180083257d20.10.3_cedimstar_suse- Update to Docker 20.10.3-ce. See upstream changelog in the packaged
/usr/share/doc/packages/docker/CHANGELOG.md. CVE-2021-21285 CVE-2021-21284
- Drop docker-runc, docker-test and docker-libnetwork packages. We now just use
the upstream runc package (it's stable enough and Docker no longer pins git
versions). docker-libnetwork is so unstable that it doesn't have any
versioning scheme and so it really doesn't make sense to maintain the project
as a separate package. bsc#1181641 bsc#1181677868782eda37ca5e4f125d1e5d8fd6792639a1d20.10.3_cedimstar_suse872225ed2858adb739f042e89be5eb96c7156e20.10.5_cedimstar_suse876333f9fbc790bf54bcec32e745ff86ac84d120.10.6_cedimstar_suse885817b026f55990e5d69560b26fe86b8d1d7420.10.6_cedimstar_suse920470bd936d71a87a870c5c3c8be962c54df420.10.9_cedimstar_suseNeeds to be staged with sr#923377.
- Update to Docker 20.10.9-ce. See upstream changelog in the packaged
/usr/share/doc/packages/docker/CHANGELOG.md. bsc#1191355
CVE-2021-41092 CVE-2021-41089 CVE-2021-41091 CVE-2021-41103
- Rebase patches:
* 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0003-PRIVATE-REGISTRY-add-private-registry-mirror-support.patch
* 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0005-bsc1183855-btrfs-Do-not-disable-quota-on-cleanup.patch
* 0006-bsc1190670-seccomp-add-support-for-clone3-syscall-in.patch
- Switch to Go 1.16.x compiler, in line with upstream.92337897cbbdce54e2310f0836be52a8de9a8c20.10.9_cedimstar_suseAutomatic submission by obs-autosubmit925301f5dd9af4bb7f1d71641066a0c45b65c020.10.11_cedimstar_suse- Update to Docker 20.10.11-ce. See upstream changelog in the packaged
/usr/share/doc/packages/docker/CHANGELOG.md. bsc#1192814 CVE-2021-41190
- Rebase patches:
* 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch
* 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch
* 0003-PRIVATE-REGISTRY-add-private-registry-mirror-support.patch
* 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch
* 0005-bsc1183855-btrfs-Do-not-disable-quota-on-cleanup.patch
- Remove upstreamed patches:
- 0006-bsc1190670-seccomp-add-support-for-clone3-syscall-in.patch932375587c6b06b4f682ba701bf2b17219795920.10.12_cedimstar_suse9468993af11c8d5b9b5b95605ef41e0bd1287020.10.12_cedimstar_suse947829d47f1e8b8bf26dc5787f4253cae304cd20.10.14_cedimstar_suse97002309bb0b564855828d2cbbf3169333247820.10.14_cedimstar_suse9737982521a280393e159236c2a7c005745d3420.10.17_cedimstar_suse98122325083dec30c595e64fba73498e9ba01220.10.17_cedimstar_suse9858456eb4deecce104a00b79bb448241c32eb20.10.17_ceRBrownFactory100686810275e9435115a4efc27f9ab9566fe0620.10.17_cedimstar_suse10103850a2a987c982cab5806da46d46c2ff0de20.10.17_cedimstar_suse10308669ba469996ab97f018e7034d3a9c1e0df20.10.21_cedimstar_suse1040675b7f29c81450bdacb2a25c863b50ac63220.10.21_cetleroytrigger service run5c29ced55d2f5b320923091d4b36dd4020.10.23_cedimstar_suse- update to 20.10.23-ce
* see upstream changelog at https://docs.docker.com/engine/release-notes/#201023
- drop kubic flavor as kubic is EOL. this removes:
kubelet.env docker-kubic-service.conf 0003-PRIVATE-REGISTRY-add-private-registry-mirror-support.patch1062476