Bump github.com/vbatts/tar-split

Fixes CVE That could allow a container image to cause a DOS
2017-11-08 17:53:00 +00:00 · 2017-11-08 17:53:00 +00:00 · 404eab2b13
commit 404eab2b13
parent 33387dce24
3 changed files with 9 additions and 4 deletions
--- a/.gitignore
+++ b/.gitignore
@ -5,3 +5,4 @@
 /buildah-b9b2a8a.tar.gz
 /buildah-9cbccf8.tar.gz
 /buildah-35afa1c.tar.gz
+/buildah-f7dc659.tar.gz
--- a/buildah.spec
+++ b/buildah.spec
@ -21,12 +21,12 @@
 # https://github.com/projectatomic/buildah
 %global provider_prefix %{provider}.%{provider_tld}/%{project}/%{repo}
 %global import_path     %{provider_prefix}
-%global commit         35afa1c1f4143130668eff755187bac1866a8704
+%global commit         f7dc659e52ba861f12f13c7f98030773a785cbb9
 %global shortcommit    %(c=%{commit}; echo ${c:0:7})

 Name:           buildah
 Version:        0.5
-Release:        1.git%{shortcommit}%{?dist}
+Release:        2.git%{shortcommit}%{?dist}
 Summary:        A command line tool used for creating OCI Images
 License:        ASL 2.0
 URL:            https://%{provider_prefix}
@ -70,7 +70,7 @@ popd
 mv vendor src

 export GOPATH=$(pwd)/_build:$(pwd):%{gopath}
-make all
+make all GIT_COMMIT=%{shortcommit}


 %install
@ -90,6 +90,10 @@ make DESTDIR=%{buildroot} PREFIX=%{_prefix} install install.completions
 %{_datadir}/bash-completion/completions/buildah

 %changelog
+* Wed Nov 08 2017 Dan Walsh <dwalsh@redhat.com> 0.5-2
+-  Bump github.com/vbatts/tar-split
+-  Fixes CVE That could allow a container image to cause a DOS
+
 * Tue Nov 07 2017 Dan Walsh <dwalsh@redhat.com> 0.5-1
 -  Add secrets patch to buildah
 -  Add proper SELinux labeling to buildah run
--- a/2
+++ b/2
@ -1 +1 @@
-SHA512 (buildah-35afa1c.tar.gz) = df23f69a566c52dc45fb2f4c1014066a063abe70b42c006f08cd59860fe8fa7906137510591875c0d3664155fe688363af8ea335908a9580ea0753493a045972
+SHA512 (buildah-f7dc659.tar.gz) = 0685d651166a75e6e41f727f790b9b849f469cd3181b3b62d69771767e7b5e44c53e4354cf3a9f6c1662cecd71141b0ad2c54da01955731211f9e3b783089b95