rpms/podman
7
0
Fork 0
Code Issues Pull Requests Releases Activity

podman-3:3.3.0-0.23.dev.gitd32e566

Browse Source 
- Resolves: #1969264, #1982881 - Security fix for CVE-2021-3602

Signed-off-by: Lokesh Mandvekar <lsm5@fedoraproject.org>
This commit is contained in:
Lokesh Mandvekar 2021-07-16 15:49:21 -04:00
parent b349475933
commit a8242e5d87
3 changed files with 10 additions and 12 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.gitignore vendored
View File

@ -1774,3 +1774,4 @@
/podman-d3afc6b.tar.gz /podman-d3afc6b.tar.gz
/podman-fc34f35.tar.gz /podman-fc34f35.tar.gz
/podman-599b7d7.tar.gz /podman-599b7d7.tar.gz
/podman-d32e566.tar.gz

19
podman.spec
View File

@ -27,7 +27,7 @@
# To build a random user's fork/commit, comment out above line, # To build a random user's fork/commit, comment out above line,
# uncomment below line and replace the placeholders and commit0 below with the right info # uncomment below line and replace the placeholders and commit0 below with the right info
#%%global git0 https://github.com/$GITHUB_USER/$GITHUB_USER_REPO #%%global git0 https://github.com/$GITHUB_USER/$GITHUB_USER_REPO
%global commit0 599b7d746a6ccad6ebbd70abb72be30bead094a6 %global commit0 d32e56658aec5246c3a5dc4d2156918d4f3031a7
%global shortcommit0 %(c=%{commit0}; echo ${c:0:7}) %global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
# dnsname # dnsname
@ -46,11 +46,8 @@
%global commit_mcni afab2d8047bc0bd963d570686770eeb0c2e5a396 %global commit_mcni afab2d8047bc0bd963d570686770eeb0c2e5a396
%global shortcommit_mcni %(c=%{commit_mcni}; echo ${c:0:7}) %global shortcommit_mcni %(c=%{commit_mcni}; echo ${c:0:7})
# Used for comparing with latest upstream tag %define built_tag v3.2.3
# to decide whether to autobuild and set download url (non-rawhide only)
%define built_tag v3.2.2
%define built_tag_strip %(b=%{built_tag}; echo ${b:1}) %define built_tag_strip %(b=%{built_tag}; echo ${b:1})
%define download_url %{git0}/archive/%{built_tag}.tar.gz
Name: podman Name: podman
%if 0%{?fedora} %if 0%{?fedora}
@ -63,7 +60,7 @@ Version: 3.3.0
# N.foo if released, 0.N.foo if unreleased # N.foo if released, 0.N.foo if unreleased
# Rawhide almost always ships unreleased builds, # Rawhide almost always ships unreleased builds,
# so release tag should be of the form 0.N.foo # so release tag should be of the form 0.N.foo
Release: 0.22.dev.git%{shortcommit0}%{?dist} Release: 0.23.dev.git%{shortcommit0}%{?dist}
Summary: Manage Pods, Containers and Container Images Summary: Manage Pods, Containers and Container Images
License: ASL 2.0 License: ASL 2.0
URL: https://%{name}.io/ URL: https://%{name}.io/
@ -417,13 +414,10 @@ export GO111MODULE=off
export GOPATH=$(pwd)/_build:$(pwd) export GOPATH=$(pwd)/_build:$(pwd)
export CGO_CFLAGS='-O2 -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -ffat-lto-objects -fexceptions -fasynchronous-unwind-tables -fstack-protector-strong -fstack-clash-protection -D_GNU_SOURCE -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64' export CGO_CFLAGS='-O2 -g -grecord-gcc-switches -pipe -Wall -Werror=format-security -Wp,-D_FORTIFY_SOURCE=2 -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -ffat-lto-objects -fexceptions -fasynchronous-unwind-tables -fstack-protector-strong -fstack-clash-protection -D_GNU_SOURCE -D_LARGEFILE_SOURCE -D_LARGEFILE64_SOURCE -D_FILE_OFFSET_BITS=64'
%ifarch x86_64 %ifarch x86_64
export CGO_CFLAGS="$CGO_CFLAGS -m64 -mtune=generic" export CGO_CFLAGS+=" -m64 -mtune=generic -fcf-protection=full"
%if 0%{?fedora} || 0%{?centos} >= 8
export CGO_CFLAGS="$CGO_CFLAGS -fcf-protection"
%endif
%endif %endif
# These extra flags present in %%{optflags} have been skipped for now as they break the build # These extra flags present in %%{optflags} have been skipped for now as they break the build
#export CGO_CFLAGS="$CGO_CFLAGS -flto=auto -Wp,D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1" #export CGO_CFLAGS+=" -flto=auto -Wp,D_GLIBCXX_ASSERTIONS -specs=/usr/lib/rpm/redhat/redhat-annobin-cc1"
mkdir _build mkdir _build
pushd _build pushd _build
@ -648,6 +642,9 @@ exit 0
# rhcontainerbot account currently managed by lsm5 # rhcontainerbot account currently managed by lsm5
%changelog %changelog
* Fri Jul 16 2021 Lokesh Mandvekar <lsm5@fedoraproject.org> - 3:3.3.0-0.23.dev.gitd32e566
- Resolves: #1969264, #1982881 - Security fix for CVE-2021-3602
* Wed Jul 14 2021 Lokesh Mandvekar <lsm5@fedoraproject.org> - 3:3.3.0-0.22.dev.git599b7d7 * Wed Jul 14 2021 Lokesh Mandvekar <lsm5@fedoraproject.org> - 3:3.3.0-0.22.dev.git599b7d7
- rebuild with gating.yaml changes - rebuild with gating.yaml changes

2
sources
View File

@ -1,3 +1,3 @@
SHA512 (dnsname-c654c95.tar.gz) = 34c844ca3ebe24b069077836d27e828ebbfd61c13e0aa943838af9aae475258c3f02e7d1c5e61362cb6904287eee4e3fc85cc2879216e1a8e1142b69731926f0 SHA512 (dnsname-c654c95.tar.gz) = 34c844ca3ebe24b069077836d27e828ebbfd61c13e0aa943838af9aae475258c3f02e7d1c5e61362cb6904287eee4e3fc85cc2879216e1a8e1142b69731926f0
SHA512 (podman-599b7d7.tar.gz) = 51424036a3e31b217c35f3d9ef33f4e7256e25337d3c0a6836c95355088d5b092aee3b0a85e0aad54bc35973c2a7b5706627dbc204bc8d6af4c926729e5b8ba3 SHA512 (podman-d32e566.tar.gz) = fb272da87dc8e7fafaea3ca73ab0aa50e0a676849e4e7f9bca2adf6f79dfb06086298796a45ab28e942dfc338cee2b3a5a2710fc278d61e0a01a9c3a3b8d58cc
SHA512 (podman-machine-cni-afab2d8.tar.gz) = 121f33e212daebd3c2c10d24ef2a5dae28d1df5b758209d5590d600d7cd3cfc6af5955371f03e2cb3b9ef0f6e9a1a345f50925abc8ccc2147bc4c925ac670d91 SHA512 (podman-machine-cni-afab2d8.tar.gz) = 121f33e212daebd3c2c10d24ef2a5dae28d1df5b758209d5590d600d7cd3cfc6af5955371f03e2cb3b9ef0f6e9a1a345f50925abc8ccc2147bc4c925ac670d91