containerd/SPECS/containerd.spec

%bcond_without ctr
%bcond_with debug
%define tarball_name containerd 

%if %{with debug}
%global _dwz_low_mem_die_limit 0
%else
%global debug_package %{nil}
%endif

%define SHA256SUM0 08f057ece7e518b14cce2e9737228a5a899a7b58b78248a03e02f4a6c079eeaf
%global import_path github.com/containerd/containerd
%global runc_nokmem %{getenv:RUNC_NOKMEM}

Name: containerd.io
Provides: %{tarball_name}

# Conflicting packages

Version: 1.6.4
Release: 3.1%{?dist}
Summary: An industry-standard container runtime
License: ASL 2.0
URL: https://containerd.io
Source0: %{tarball_name}-%{version}.tar
Source2: containerd.toml
# container-selinux isn't a thing in suse flavors
%if %{undefined suse_version}
# amazonlinux2 doesn't have container-selinux either
%if "%{?dist}" != ".amzn2"
Requires: container-selinux >= 2:2.74
%endif
Requires: libseccomp
%else
# SUSE flavors do not have container-selinux,
# and libseccomp is named libseccomp2
Requires: libseccomp2
Requires: runc
%endif
BuildRequires: make
BuildRequires: gcc
BuildRequires: systemd
BuildRequires: libseccomp-devel
BuildRequires: golang
BuildRequires: go-md2man
BuildRequires: runc

%if %{undefined rhel} || 0%{?rhel} < 8
%if %{defined suse_version}
# SUSE flavors
BuildRequires: libbtrfs-devel
%else
# Fedora / others, and CentOS/RHEL < 8
BuildRequires: btrfs-progs-devel
%endif
%endif

%{?systemd_requires}

%description
containerd is an industry-standard container runtime with an emphasis on
simplicity, robustness and portability. It is available as a daemon for Linux
and Windows, which can manage the complete container lifecycle of its host
system: image transfer and storage, container execution and supervision,
low-level storage and network attachments, etc.


%prep
%setup -q -n %{tarball_name}-%{version}
# symlink the go source path to our build directory
mkdir -p ${RPM_BUILD_DIR}/go/src/github.com/containerd/
ln -s %{_topdir}/BUILD/%{tarball_name}-%{version} ${RPM_BUILD_DIR}/go/src/%{import_path} 

%build
GO111MODULE=auto make man

BUILDTAGS="seccomp selinux"
%if %{defined rhel} && 0%{?rhel} >= 8
# btrfs support was removed in CentOS/RHEL 8
BUILDTAGS="${BUILDTAGS} no_btrfs"
%endif

GO111MODULE=auto make -C ${RPM_BUILD_DIR}/go/src/%{import_path} VERSION=%{version} REVISION=%{release} PACKAGE=%{name} BUILDTAGS="${BUILDTAGS}"

# Remove containerd-stress, as we're not shipping it as part of the packages
rm -f bin/containerd-stress
bin/containerd --version
bin/ctr --version

%install
cd %{_topdir}/BUILD/%{tarball_name}-%{version}
mkdir -p %{buildroot}%{_bindir}
install -D -m 0755 bin/* %{buildroot}%{_bindir}
install -D -m 0644 containerd.service %{buildroot}%{_prefix}/local/bin/containerd.service
install -D -m 0644 %{S:2} %{buildroot}%{_sysconfdir}/containerd/config.toml

# install manpages, taking into account that not all sections may be present
for i in $(seq 1 8); do
    if ls man/*.${i} 1> /dev/null 2>&1; then
        install -d %{buildroot}%{_mandir}/man${i};
        install -p -m 644 man/*.${i} %{buildroot}%{_mandir}/man${i};
    fi
done

%post
%systemd_post containerd.service


%preun
%systemd_preun containerd.service


%postun
%systemd_postun_with_restart containerd.service


%files
%license LICENSE
%doc README.md
%{_bindir}/*
%{_prefix}/local/bin/containerd.service
%{_sysconfdir}/containerd
%{_mandir}/man*/*
%config(noreplace) %{_sysconfdir}/containerd/config.toml


%changelog
* Wed May 04 2022 Sebastiaan van Stijn <thajeztah@docker.com> - 1.6.4-3.1
- Update containerd to v1.6.4

* Thu Apr 28 2022 Sebastiaan van Stijn <thajeztah@docker.com> - 1.6.3-3.1
- Update containerd to v1.6.3
- Update runc to v1.1.1
- Update Golang runtime to 1.17.9

* Sun Mar 27 2022 Sebastiaan van Stijn <thajeztah@docker.com> - 1.6.2-3.1
- Update containerd to v1.6.2
- Update runc to v1.1.0

* Wed Mar 23 2022 Sebastiaan van Stijn <thajeztah@docker.com> - 1.5.11-3.1
- Update containerd to v1.5.11 to address CVE-2022-24769

* Fri Mar 04 2022 Sebastiaan van Stijn <thajeztah@docker.com> - 1.5.10-3.1
- Update containerd to v1.5.10
- Update Golang runtime to 1.17.8

* Thu Mar 03 2022 Sebastiaan van Stijn <thajeztah@docker.com> - 1.4.13-3.1
- Update containerd to v1.4.13 to address CVE-2022-23648
- Update runc to v1.0.3
- Update Golang runtime to 1.16.15

* Wed Nov 17 2021 Sebastiaan van Stijn <thajeztah@docker.com> - 1.4.12-3.1
- Update containerd to v1.4.12 to address CVE-2021-41190
- Update Golang runtime to 1.16.10

* Mon Oct 04 2021 Sebastiaan van Stijn <thajeztah@docker.com> - 1.4.11-3.1
- Update to containerd 1.4.11 to address CVE-2021-41103

* Thu Sep 30 2021 Sebastiaan van Stijn <thajeztah@docker.com> - 1.4.10-3.1
- Update to containerd 1.4.10
- Update runc to v1.0.2
- Update Golang runtime to 1.16.8

* Thu Jul 29 2021 Sebastiaan van Stijn <thajeztah@docker.com> - 1.4.9-3.1
- Update to containerd 1.4.9
- Update runc to v1.0.1

* Mon Jul 19 2021 Sebastiaan van Stijn <thajeztah@docker.com> - 1.4.8-3.1
- Update to containerd 1.4.8 to address CVE-2021-32760

* Mon Jul 19 2021 Sebastiaan van Stijn <thajeztah@docker.com> - 1.4.7-3.1
- Update to containerd 1.4.7
- Update runc to v1.0.0
- Update Golang runtime to 1.15.14

* Fri May 21 2021 Sebastiaan van Stijn <thajeztah@docker.com> - 1.4.6-3.1
- Update to containerd 1.4.6
- Update runc to v1.0.0-rc95 to address CVE-2021-30465.

* Wed May 12 2021 Sebastiaan van Stijn <thajeztah@docker.com> - 1.4.5-3.1
- Update to containerd 1.4.5
- Update runc to v1.0.0-rc94

* Mon Mar 08 2021 Wei Fu <fuweid89@gmail.com> - 1.4.4-3.1
- Update to containerd 1.4.4 to address CVE-2021-21334.

* Wed Mar 03 2021 Tibor Vass <tibor@docker.com> - 1.4.3-3.2
- Update runc to v1.0.0-rc93

* Wed Dec 02 2020 Sebastiaan van Stijn <thajeztah@docker.com> - 1.4.3-3.1
- Update to containerd 1.4.3 to address CVE-2020-15257.

* Thu Nov 26 2020 Sebastiaan van Stijn <thajeztah@docker.com> - 1.4.2-3.1
- Update to containerd 1.4.2

* Tue Oct 06 2020 Tibor Vass <tibor@docker.com> - 1.4.1-3.1
- Update to containerd 1.4.1
- Update Golang runtime to 1.13.15

* Wed Sep 09 2020 Sebastiaan van Stijn <github@gone.nl> - 1.3.7-3.1
- Update to containerd 1.3.7
- Update Golang runtime to 1.13.12.

* Fri May 01 2020 Sebastiaan van Stijn <thajeztah@docker.com> - 1.2.13-3.2
- Build packages for RHEL-7 on s390x, CentOS 8, and Fedora 32
- Add libseccomp as required dependency

* Mon Feb 17 2020 Sebastiaan van Stijn <thajeztah@docker.com> - 1.2.13-3.1
- Update to containerd 1.2.13, which fixes a regression introduced in v1.2.12
  that caused container/shim to hang on single core machines, and fixes an issue
  with blkio.
- Update Golang runtime to 1.12.17.

* Tue Feb 04 2020 Derek McGowan <derek@docker.com> - 1.2.12-3.1
- Update the runc vendor to v1.0.0-rc10 which includes a mitigation for
  CVE-2019-19921.
- Update the opencontainers/selinux which includes a mitigation for
  CVE-2019-16884.
- Update Golang runtime to 1.12.16, mitigating the CVE-2020-0601
  certificate verification bypass on Windows, and CVE-2020-7919,
  which only affects 32-bit architectures.
- A fix to prevent SIGSEGV when starting containerd-shim
- Fix to prevent high system load/CPU utilization with liveness and readiness
  probes
- Fix to prevent docker exec hanging if an earlier docker exec left a zombie
  process
- CRI: Update the gopkg.in/yaml.v2 vendor to v2.2.8 with a mitigation for
  CVE-2019-11253

* Fri Jan 24 2020 Sebastiaan van Stijn <thajeztah@docker.com> - 1.2.11-3.2
- Update Golang runtime to 1.12.15, which includes fixes in the net/http package
  and the runtime on ARM64

* Thu Jan 09 2020 Evan Hazlett <evan@docker.com> - 1.2.11-3.1
- Update the runc vendor to v1.0.0-rc9 which includes an additional
  mitigation for CVE-2019-16884
- Add local-fs.target to service file to fix corrupt image after unexpected
  host reboot
- Update Golang runtime to 1.12.13, which includes security fixes to the
  crypto/dsa package made in Go 1.12.11 (CVE-2019-17596), and fixes to the
  go command, runtime, syscall and net packages (Go 1.12.12)
- CRI: Fix shim delete error code to avoid unnecessary retries in the CRI plugin

* Mon Oct 07 2019 Eli Uriegas <eli.uriegas@docker.com> - 1.2.10-3.2
- build with Go 1.12.10

* Thu Sep 26 2019 Eli Uriegas <eli.uriegas@docker.com> - 1.2.10-3.1
- containerd 1.2.10 release
- Addresses CVE-2019-16884 (AppArmor bypass)
- Bump runc to 3e425f80a8c931f88e6d94a8c831b9d5aa481657 (1.0.0-rc8 + CVE-2019-16884)

* Fri Sep 06 2019 Eli Uriegas <eli.uriegas@docker.com> - 1.2.9-3.1
- containerd 1.2.9 release
- Addresses CVE-2019-9512 (Ping Flood), CVE-2019-9514 (Reset Flood), and CVE-2019-9515 (Settings Flood).

* Tue Aug 27 2019 Sebastiaan van Stijn <thajeztah@docker.com> - 1.2.8-3.1
- containerd 1.2.8 release
- build with Go 1.12.9

* Thu Aug 15 2019 Sebastiaan van Stijn <thajeztah@docker.com> - 1.2.6-3.5
- build with Go 1.11.13 (CVE-2019-9512, CVE-2019-9514)

* Tue Aug 13 2019 Eli Uriegas <eli.uriegas@docker.com> - 1.2.6-3.4
- Do not "Provides: runc" for RHEL 8

* Tue Jun 11 2019 Kir Kolyshkin <kolyshkin@gmail.com> - 1.2.6-3.3
- add requirement for container-selinux
- move runc binary to %_bindir

* Fri Apr 26 2019 Sebastiaan van Stijn <thajeztah@docker.com> - 1.2.6-3.2
- update runc to v1.0.0-rc8

* Tue Apr 09 2019 Sebastiaan van Stijn <thajeztah@docker.com> - 1.2.6-3.1
- containerd 1.2.6 release
- update runc to 029124da7af7360afa781a0234d1b083550f797c
- build with Go 1.11.8

* Thu Mar 14 2019  Sebastiaan van Stijn <thajeztah@docker.com> - 1.2.5-3.1
- containerd 1.2.5 release
- update runc to 2b18fe1d885ee5083ef9f0838fee39b62d653e30
- build with Go 1.11.5

* Fri Feb 15 2019 Sebastiaan van Stijn <thajeztah@docker.com> - 1.2.4-3.1
- containerd 1.2.4 release
- update runc to 6635b4f0c6af3810594d2770f662f34ddc15b40d

* Thu Jan 31 2019 Eli Uriegas <eli.uriegas@docker.com> - 1.2.2-3.3
- [runc -> 09c8266] nsenter: clone /proc/self/exe to avoid exposing
  host binary to container (CVE-2019-5736)

* Fri Jan 18 2019 Eli Uriegas <eli.uriegas@docker.com> - 1.2.2-3.2
- update runc to f7491ef134a6c41f3a99b0b539835d2472d17012

* Tue Jan 08 2019 Andrew Hsu <andrewhsu@docker.com> - 1.2.2-3.1
- containerd 1.2.2 release

* Thu Dec 06 2018 Andrew Hsu <andrewhsu@docker.com> - 1.2.1-3.1
- containerd 1.2.1 release
- update runc to 96ec2177ae841256168fcf76954f7177af9446eb

* Tue Nov 27 2018  Sebastiaan van Stijn <thajeztah@docker.com> - 1.2.1-2.0.rc.0.1
- containerd 1.2.1-rc.0 release
- update runc to 10d38b660a77168360df3522881e2dc2be5056bd

* Mon Nov 05 2018 Eli Uriegas <eli.uriegas@docker.com> - 1.2.0-3.1
- containerd 1.2.0 release

* Tue Oct 16 2018 Eli Uriegas <eli.uriegas@docker.com> - 1.2.0-2.2.rc.2.1
- containerd 1.2.0-rc.2 release

* Fri Oct 05 2018 Eli Uriegas <eli.uriegas@docker.com> - 1.2.0-2.1.rc.1.1
- containerd 1.2.0-rc.1 release
- Set Tasks=infinity in the systemd service file

* Tue Sep 25 2018 Eli Uriegas <eli.uriegas@docker.com> - 1.2.0-2.0.rc.0.1
- containerd 1.2.0-rc.0 release

* Wed Sep 05 2018 Eli Uriegas <eli.uriegas@docker.com> - 1.2.0-1.2.beta.2.2
- Hardcoded paths for libexec and var lib considering the macros are different on SUSE based distributions
- Removed offline installer for runc, package as a binary instead

* Tue Aug 28 2018 Andrew Hsu <andrewhsu@docker.com> - 1.2.0-1.2.beta.2.1
- containerd 1.2.0 beta.2

* Thu Aug 16 2018 Eli Uriegas <eli.uriegas@docker.com> - 1.2.0-1.0.beta.0-1
- Intial release
Initial package 2022-06-01 10:43:29 +00:00			`%bcond_without ctr`
			`%bcond_with debug`
Fix errors with %setup 2022-06-01 13:15:20 +00:00			`%define tarball_name containerd`
Initial package 2022-06-01 10:43:29 +00:00
			`%if %{with debug}`
			`%global _dwz_low_mem_die_limit 0`
			`%else`
			`%global debug_package %{nil}`
			`%endif`

			`%define SHA256SUM0 08f057ece7e518b14cce2e9737228a5a899a7b58b78248a03e02f4a6c079eeaf`
			`%global import_path github.com/containerd/containerd`
			`%global runc_nokmem %{getenv:RUNC_NOKMEM}`

Rename package to containerd.io like in docker 2022-06-01 13:05:48 +00:00			`Name: containerd.io`
Fix errors with %setup 2022-06-01 13:15:20 +00:00			`Provides: %{tarball_name}`
Initial package 2022-06-01 10:43:29 +00:00
			`# Conflicting packages`

			`Version: 1.6.4`
			`Release: 3.1%{?dist}`
			`Summary: An industry-standard container runtime`
			`License: ASL 2.0`
			`URL: https://containerd.io`
Fix containerd.service location 2022-06-01 15:14:11 +00:00			`Source0: %{tarball_name}-%{version}.tar`
Initial package 2022-06-01 10:43:29 +00:00			`Source2: containerd.toml`
			`# container-selinux isn't a thing in suse flavors`
			`%if %{undefined suse_version}`
			`# amazonlinux2 doesn't have container-selinux either`
			`%if "%{?dist}" != ".amzn2"`
			`Requires: container-selinux >= 2:2.74`
			`%endif`
			`Requires: libseccomp`
			`%else`
			`# SUSE flavors do not have container-selinux,`
			`# and libseccomp is named libseccomp2`
			`Requires: libseccomp2`
			`Requires: runc`
			`%endif`
			`BuildRequires: make`
			`BuildRequires: gcc`
			`BuildRequires: systemd`
			`BuildRequires: libseccomp-devel`
			`BuildRequires: golang`
			`BuildRequires: go-md2man`
			`BuildRequires: runc`

			`%if %{undefined rhel} \|\| 0%{?rhel} < 8`
			`%if %{defined suse_version}`
			`# SUSE flavors`
			`BuildRequires: libbtrfs-devel`
			`%else`
			`# Fedora / others, and CentOS/RHEL < 8`
			`BuildRequires: btrfs-progs-devel`
			`%endif`
			`%endif`

			`%{?systemd_requires}`

			`%description`
			`containerd is an industry-standard container runtime with an emphasis on`
			`simplicity, robustness and portability. It is available as a daemon for Linux`
			`and Windows, which can manage the complete container lifecycle of its host`
			`system: image transfer and storage, container execution and supervision,`
			`low-level storage and network attachments, etc.`


			`%prep`
Fix errors with %setup 2022-06-01 13:15:20 +00:00			`%setup -q -n %{tarball_name}-%{version}`
Initial package 2022-06-01 10:43:29 +00:00			`# symlink the go source path to our build directory`
			`mkdir -p ${RPM_BUILD_DIR}/go/src/github.com/containerd/`
Fix errors with %setup 2022-06-01 13:15:20 +00:00			`ln -s %{_topdir}/BUILD/%{tarball_name}-%{version} ${RPM_BUILD_DIR}/go/src/%{import_path}`
Initial package 2022-06-01 10:43:29 +00:00
			`%build`
			`GO111MODULE=auto make man`

			`BUILDTAGS="seccomp selinux"`
			`%if %{defined rhel} && 0%{?rhel} >= 8`
			`# btrfs support was removed in CentOS/RHEL 8`
			`BUILDTAGS="${BUILDTAGS} no_btrfs"`
			`%endif`

			`GO111MODULE=auto make -C ${RPM_BUILD_DIR}/go/src/%{import_path} VERSION=%{version} REVISION=%{release} PACKAGE=%{name} BUILDTAGS="${BUILDTAGS}"`

			`# Remove containerd-stress, as we're not shipping it as part of the packages`
			`rm -f bin/containerd-stress`
			`bin/containerd --version`
			`bin/ctr --version`

			`%install`
Fix errors with %setup 2022-06-01 13:15:20 +00:00			`cd %{_topdir}/BUILD/%{tarball_name}-%{version}`
Initial package 2022-06-01 10:43:29 +00:00			`mkdir -p %{buildroot}%{_bindir}`
			`install -D -m 0755 bin/* %{buildroot}%{_bindir}`
Fix containerd.service location 2022-06-01 15:14:11 +00:00			`install -D -m 0644 containerd.service %{buildroot}%{_prefix}/local/bin/containerd.service`
Initial package 2022-06-01 10:43:29 +00:00			`install -D -m 0644 %{S:2} %{buildroot}%{_sysconfdir}/containerd/config.toml`

			`# install manpages, taking into account that not all sections may be present`
			`for i in $(seq 1 8); do`
			`if ls man/*.${i} 1> /dev/null 2>&1; then`
			`install -d %{buildroot}%{_mandir}/man${i};`
			`install -p -m 644 man/*.${i} %{buildroot}%{_mandir}/man${i};`
			`fi`
			`done`

			`%post`
			`%systemd_post containerd.service`


			`%preun`
			`%systemd_preun containerd.service`


			`%postun`
			`%systemd_postun_with_restart containerd.service`


			`%files`
			`%license LICENSE`
			`%doc README.md`
			`%{_bindir}/*`
Fix containerd.service location 2022-06-01 15:14:11 +00:00			`%{_prefix}/local/bin/containerd.service`
Initial package 2022-06-01 10:43:29 +00:00			`%{_sysconfdir}/containerd`
			`%{_mandir}/man/`
			`%config(noreplace) %{_sysconfdir}/containerd/config.toml`


			`%changelog`
			`* Wed May 04 2022 Sebastiaan van Stijn <thajeztah@docker.com> - 1.6.4-3.1`
			`- Update containerd to v1.6.4`

			`* Thu Apr 28 2022 Sebastiaan van Stijn <thajeztah@docker.com> - 1.6.3-3.1`
			`- Update containerd to v1.6.3`
			`- Update runc to v1.1.1`
			`- Update Golang runtime to 1.17.9`

			`* Sun Mar 27 2022 Sebastiaan van Stijn <thajeztah@docker.com> - 1.6.2-3.1`
			`- Update containerd to v1.6.2`
			`- Update runc to v1.1.0`

			`* Wed Mar 23 2022 Sebastiaan van Stijn <thajeztah@docker.com> - 1.5.11-3.1`
			`- Update containerd to v1.5.11 to address CVE-2022-24769`

			`* Fri Mar 04 2022 Sebastiaan van Stijn <thajeztah@docker.com> - 1.5.10-3.1`
			`- Update containerd to v1.5.10`
			`- Update Golang runtime to 1.17.8`

			`* Thu Mar 03 2022 Sebastiaan van Stijn <thajeztah@docker.com> - 1.4.13-3.1`
			`- Update containerd to v1.4.13 to address CVE-2022-23648`
			`- Update runc to v1.0.3`
			`- Update Golang runtime to 1.16.15`

			`* Wed Nov 17 2021 Sebastiaan van Stijn <thajeztah@docker.com> - 1.4.12-3.1`
			`- Update containerd to v1.4.12 to address CVE-2021-41190`
			`- Update Golang runtime to 1.16.10`

			`* Mon Oct 04 2021 Sebastiaan van Stijn <thajeztah@docker.com> - 1.4.11-3.1`
			`- Update to containerd 1.4.11 to address CVE-2021-41103`

			`* Thu Sep 30 2021 Sebastiaan van Stijn <thajeztah@docker.com> - 1.4.10-3.1`
			`- Update to containerd 1.4.10`
			`- Update runc to v1.0.2`
			`- Update Golang runtime to 1.16.8`

			`* Thu Jul 29 2021 Sebastiaan van Stijn <thajeztah@docker.com> - 1.4.9-3.1`
			`- Update to containerd 1.4.9`
			`- Update runc to v1.0.1`

			`* Mon Jul 19 2021 Sebastiaan van Stijn <thajeztah@docker.com> - 1.4.8-3.1`
			`- Update to containerd 1.4.8 to address CVE-2021-32760`

			`* Mon Jul 19 2021 Sebastiaan van Stijn <thajeztah@docker.com> - 1.4.7-3.1`
			`- Update to containerd 1.4.7`
			`- Update runc to v1.0.0`
			`- Update Golang runtime to 1.15.14`

			`* Fri May 21 2021 Sebastiaan van Stijn <thajeztah@docker.com> - 1.4.6-3.1`
			`- Update to containerd 1.4.6`
			`- Update runc to v1.0.0-rc95 to address CVE-2021-30465.`

			`* Wed May 12 2021 Sebastiaan van Stijn <thajeztah@docker.com> - 1.4.5-3.1`
			`- Update to containerd 1.4.5`
			`- Update runc to v1.0.0-rc94`

			`* Mon Mar 08 2021 Wei Fu <fuweid89@gmail.com> - 1.4.4-3.1`
			`- Update to containerd 1.4.4 to address CVE-2021-21334.`

			`* Wed Mar 03 2021 Tibor Vass <tibor@docker.com> - 1.4.3-3.2`
			`- Update runc to v1.0.0-rc93`

			`* Wed Dec 02 2020 Sebastiaan van Stijn <thajeztah@docker.com> - 1.4.3-3.1`
			`- Update to containerd 1.4.3 to address CVE-2020-15257.`

			`* Thu Nov 26 2020 Sebastiaan van Stijn <thajeztah@docker.com> - 1.4.2-3.1`
			`- Update to containerd 1.4.2`

			`* Tue Oct 06 2020 Tibor Vass <tibor@docker.com> - 1.4.1-3.1`
			`- Update to containerd 1.4.1`
			`- Update Golang runtime to 1.13.15`

			`* Wed Sep 09 2020 Sebastiaan van Stijn <github@gone.nl> - 1.3.7-3.1`
			`- Update to containerd 1.3.7`
			`- Update Golang runtime to 1.13.12.`

			`* Fri May 01 2020 Sebastiaan van Stijn <thajeztah@docker.com> - 1.2.13-3.2`
			`- Build packages for RHEL-7 on s390x, CentOS 8, and Fedora 32`
			`- Add libseccomp as required dependency`

			`* Mon Feb 17 2020 Sebastiaan van Stijn <thajeztah@docker.com> - 1.2.13-3.1`
			`- Update to containerd 1.2.13, which fixes a regression introduced in v1.2.12`
			`that caused container/shim to hang on single core machines, and fixes an issue`
			`with blkio.`
			`- Update Golang runtime to 1.12.17.`

			`* Tue Feb 04 2020 Derek McGowan <derek@docker.com> - 1.2.12-3.1`
			`- Update the runc vendor to v1.0.0-rc10 which includes a mitigation for`
			`CVE-2019-19921.`
			`- Update the opencontainers/selinux which includes a mitigation for`
			`CVE-2019-16884.`
			`- Update Golang runtime to 1.12.16, mitigating the CVE-2020-0601`
			`certificate verification bypass on Windows, and CVE-2020-7919,`
			`which only affects 32-bit architectures.`
			`- A fix to prevent SIGSEGV when starting containerd-shim`
			`- Fix to prevent high system load/CPU utilization with liveness and readiness`
			`probes`
			`- Fix to prevent docker exec hanging if an earlier docker exec left a zombie`
			`process`
			`- CRI: Update the gopkg.in/yaml.v2 vendor to v2.2.8 with a mitigation for`
			`CVE-2019-11253`

			`* Fri Jan 24 2020 Sebastiaan van Stijn <thajeztah@docker.com> - 1.2.11-3.2`
			`- Update Golang runtime to 1.12.15, which includes fixes in the net/http package`
			`and the runtime on ARM64`

			`* Thu Jan 09 2020 Evan Hazlett <evan@docker.com> - 1.2.11-3.1`
			`- Update the runc vendor to v1.0.0-rc9 which includes an additional`
			`mitigation for CVE-2019-16884`
			`- Add local-fs.target to service file to fix corrupt image after unexpected`
			`host reboot`
			`- Update Golang runtime to 1.12.13, which includes security fixes to the`
			`crypto/dsa package made in Go 1.12.11 (CVE-2019-17596), and fixes to the`
			`go command, runtime, syscall and net packages (Go 1.12.12)`
			`- CRI: Fix shim delete error code to avoid unnecessary retries in the CRI plugin`

			`* Mon Oct 07 2019 Eli Uriegas <eli.uriegas@docker.com> - 1.2.10-3.2`
			`- build with Go 1.12.10`

			`* Thu Sep 26 2019 Eli Uriegas <eli.uriegas@docker.com> - 1.2.10-3.1`
			`- containerd 1.2.10 release`
			`- Addresses CVE-2019-16884 (AppArmor bypass)`
			`- Bump runc to 3e425f80a8c931f88e6d94a8c831b9d5aa481657 (1.0.0-rc8 + CVE-2019-16884)`

			`* Fri Sep 06 2019 Eli Uriegas <eli.uriegas@docker.com> - 1.2.9-3.1`
			`- containerd 1.2.9 release`
			`- Addresses CVE-2019-9512 (Ping Flood), CVE-2019-9514 (Reset Flood), and CVE-2019-9515 (Settings Flood).`

			`* Tue Aug 27 2019 Sebastiaan van Stijn <thajeztah@docker.com> - 1.2.8-3.1`
			`- containerd 1.2.8 release`
			`- build with Go 1.12.9`

			`* Thu Aug 15 2019 Sebastiaan van Stijn <thajeztah@docker.com> - 1.2.6-3.5`
			`- build with Go 1.11.13 (CVE-2019-9512, CVE-2019-9514)`

			`* Tue Aug 13 2019 Eli Uriegas <eli.uriegas@docker.com> - 1.2.6-3.4`
			`- Do not "Provides: runc" for RHEL 8`

			`* Tue Jun 11 2019 Kir Kolyshkin <kolyshkin@gmail.com> - 1.2.6-3.3`
			`- add requirement for container-selinux`
			`- move runc binary to %_bindir`

			`* Fri Apr 26 2019 Sebastiaan van Stijn <thajeztah@docker.com> - 1.2.6-3.2`
			`- update runc to v1.0.0-rc8`

			`* Tue Apr 09 2019 Sebastiaan van Stijn <thajeztah@docker.com> - 1.2.6-3.1`
			`- containerd 1.2.6 release`
			`- update runc to 029124da7af7360afa781a0234d1b083550f797c`
			`- build with Go 1.11.8`

			`* Thu Mar 14 2019 Sebastiaan van Stijn <thajeztah@docker.com> - 1.2.5-3.1`
			`- containerd 1.2.5 release`
			`- update runc to 2b18fe1d885ee5083ef9f0838fee39b62d653e30`
			`- build with Go 1.11.5`

			`* Fri Feb 15 2019 Sebastiaan van Stijn <thajeztah@docker.com> - 1.2.4-3.1`
			`- containerd 1.2.4 release`
			`- update runc to 6635b4f0c6af3810594d2770f662f34ddc15b40d`

			`* Thu Jan 31 2019 Eli Uriegas <eli.uriegas@docker.com> - 1.2.2-3.3`
			`- [runc -> 09c8266] nsenter: clone /proc/self/exe to avoid exposing`
			`host binary to container (CVE-2019-5736)`

			`* Fri Jan 18 2019 Eli Uriegas <eli.uriegas@docker.com> - 1.2.2-3.2`
			`- update runc to f7491ef134a6c41f3a99b0b539835d2472d17012`

			`* Tue Jan 08 2019 Andrew Hsu <andrewhsu@docker.com> - 1.2.2-3.1`
			`- containerd 1.2.2 release`

			`* Thu Dec 06 2018 Andrew Hsu <andrewhsu@docker.com> - 1.2.1-3.1`
			`- containerd 1.2.1 release`
			`- update runc to 96ec2177ae841256168fcf76954f7177af9446eb`

			`* Tue Nov 27 2018 Sebastiaan van Stijn <thajeztah@docker.com> - 1.2.1-2.0.rc.0.1`
			`- containerd 1.2.1-rc.0 release`
			`- update runc to 10d38b660a77168360df3522881e2dc2be5056bd`

			`* Mon Nov 05 2018 Eli Uriegas <eli.uriegas@docker.com> - 1.2.0-3.1`
			`- containerd 1.2.0 release`

			`* Tue Oct 16 2018 Eli Uriegas <eli.uriegas@docker.com> - 1.2.0-2.2.rc.2.1`
			`- containerd 1.2.0-rc.2 release`

			`* Fri Oct 05 2018 Eli Uriegas <eli.uriegas@docker.com> - 1.2.0-2.1.rc.1.1`
			`- containerd 1.2.0-rc.1 release`
			`- Set Tasks=infinity in the systemd service file`

			`* Tue Sep 25 2018 Eli Uriegas <eli.uriegas@docker.com> - 1.2.0-2.0.rc.0.1`
			`- containerd 1.2.0-rc.0 release`

			`* Wed Sep 05 2018 Eli Uriegas <eli.uriegas@docker.com> - 1.2.0-1.2.beta.2.2`
			`- Hardcoded paths for libexec and var lib considering the macros are different on SUSE based distributions`
			`- Removed offline installer for runc, package as a binary instead`

			`* Tue Aug 28 2018 Andrew Hsu <andrewhsu@docker.com> - 1.2.0-1.2.beta.2.1`
			`- containerd 1.2.0 beta.2`

			`* Thu Aug 16 2018 Eli Uriegas <eli.uriegas@docker.com> - 1.2.0-1.0.beta.0-1`
			`- Intial release`