mirrors/flatcar-scripts
1
0
Fork 0
mirror of https://github.com/flatcar/scripts.git synced 2025-08-19 21:41:05 +02:00
Code Issues Packages Projects Releases Wiki Activity

app-emulation/docker-runc: Fix CVE-2019-5736 for Docker 18.06

Browse Source
This commit is contained in:
David Michael 2019-02-08 21:59:27 +00:00
parent fad562fd17
commit c8edcf4287
10 changed files with 15 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
sdk_container/src/third_party/coreos-overlay/app-emulation/containerd/containerd-9999.ebuild vendored
View File

@ -29,7 +29,7 @@ SLOT="0"
IUSE="+btrfs hardened" IUSE="+btrfs hardened"
DEPEND="btrfs? ( sys-fs/btrfs-progs )" DEPEND="btrfs? ( sys-fs/btrfs-progs )"
RDEPEND="=app-emulation/docker-runc-1.0.0_rc5_p19 RDEPEND="=app-emulation/docker-runc-1.0.0_rc5_p19-r1
sys-libs/libseccomp" sys-libs/libseccomp"
S=${WORKDIR}/${P}/src/${COREOS_GO_PACKAGE} S=${WORKDIR}/${P}/src/${COREOS_GO_PACKAGE}

1
sdk_container/src/third_party/coreos-overlay/app-emulation/docker-runc/docker-runc-1.0.0_rc5_p19.ebuild → sdk_container/src/third_party/coreos-overlay/app-emulation/docker-runc/docker-runc-1.0.0_rc5_p19-r1.ebuild vendored
View File

@ -43,6 +43,7 @@ src_unpack() {
PATCHES=( PATCHES=(
"${FILESDIR}/0001-Delay-unshare-of-clone-newipc-for-selinux.patch" "${FILESDIR}/0001-Delay-unshare-of-clone-newipc-for-selinux.patch"
"${FILESDIR}/0001-nsenter-clone-proc-self-exe-to-avoid-exposing-host-b.patch"
) )
src_compile() { src_compile() {

2
sdk_container/src/third_party/coreos-overlay/app-emulation/docker/docker-9999.ebuild vendored
View File

@ -67,7 +67,7 @@ RDEPEND="
>=app-arch/xz-utils-4.9 >=app-arch/xz-utils-4.9
dev-libs/libltdl dev-libs/libltdl
=app-emulation/containerd-1.1.2-r1 =app-emulation/containerd-1.1.2-r1
=app-emulation/docker-runc-1.0.0_rc5_p19[apparmor?,seccomp?] =app-emulation/docker-runc-1.0.0_rc5_p19-r1[apparmor?,seccomp?]
=app-emulation/docker-proxy-0.8.0_p20180709 =app-emulation/docker-proxy-0.8.0_p20180709
container-init? ( >=sys-process/tini-0.13.1 ) container-init? ( >=sys-process/tini-0.13.1 )
" "

2
sdk_container/src/third_party/coreos-overlay/app-torcx/docker/docker-18.06.ebuild vendored
View File

@ -14,7 +14,7 @@ RDEPEND="
=app-emulation/docker-18.06.1-r2 =app-emulation/docker-18.06.1-r2
=app-emulation/containerd-1.1.2-r1 =app-emulation/containerd-1.1.2-r1
=app-emulation/docker-proxy-0.8.0_p20180709 =app-emulation/docker-proxy-0.8.0_p20180709
=app-emulation/docker-runc-1.0.0_rc5_p19 =app-emulation/docker-runc-1.0.0_rc5_p19-r1
=dev-libs/libltdl-2.4.6 =dev-libs/libltdl-2.4.6
=sys-process/tini-0.13.2 =sys-process/tini-0.13.2
" "

4
sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/app-emulation/containerd-1.1.2-r1 vendored
View File

@ -6,10 +6,10 @@ HOMEPAGE=https://containerd.tools
IUSE=+btrfs hardened +go_version_go1_10 IUSE=+btrfs hardened +go_version_go1_10
KEYWORDS=amd64 arm64 KEYWORDS=amd64 arm64
LICENSE=Apache-2.0 LICENSE=Apache-2.0
RDEPEND==app-emulation/docker-runc-1.0.0_rc5_p19 sys-libs/libseccomp RDEPEND==app-emulation/docker-runc-1.0.0_rc5_p19-r1 sys-libs/libseccomp
REQUIRED_USE=go_version_go1_10 REQUIRED_USE=go_version_go1_10
RESTRICT=test RESTRICT=test
SLOT=0 SLOT=0
SRC_URI=https://github.com/containerd/containerd/archive/v1.1.2.tar.gz -> containerd-1.1.2.tar.gz SRC_URI=https://github.com/containerd/containerd/archive/v1.1.2.tar.gz -> containerd-1.1.2.tar.gz
_eclasses_=coreos-go e0b9bd13413783cf7a2859afc20534a2 coreos-go-depend cec6567f1c69a9b3e529a49eedaeed55 coreos-go-utils 67004337b6f831adc5f1ff107ee2f157 desktop b1d22ac8bdd4679ab79c71aca235009d epatch a1bf4756dba418a7238f3be0cb010c54 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 6e6c2737b59a4b982de6fb3ecefd87f8 flag-o-matic 55aaa148741116aa54ad0d80e361818e ltprune 08f9e1d9ee0af8f5d9a7854efbcd8c0e multilib b2f01ad412baf81650c23fcf0975fa33 multiprocessing cac3169468f893670dac3e7cb940e045 preserve-libs ef207dc62baddfddfd39a164d9797648 systemd 71fd8d2065d102753fb9e4d20eaf3e9f toolchain-funcs f164325a2cdb5b3ea39311d483988861 vcs-clean 2a0f74a496fa2b1552c4f3398258b7bf vcs-snapshot b77011b62e2053c646ad720defe6d921 _eclasses_=coreos-go e0b9bd13413783cf7a2859afc20534a2 coreos-go-depend cec6567f1c69a9b3e529a49eedaeed55 coreos-go-utils 67004337b6f831adc5f1ff107ee2f157 desktop b1d22ac8bdd4679ab79c71aca235009d epatch a1bf4756dba418a7238f3be0cb010c54 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 6e6c2737b59a4b982de6fb3ecefd87f8 flag-o-matic 55aaa148741116aa54ad0d80e361818e ltprune 08f9e1d9ee0af8f5d9a7854efbcd8c0e multilib b2f01ad412baf81650c23fcf0975fa33 multiprocessing cac3169468f893670dac3e7cb940e045 preserve-libs ef207dc62baddfddfd39a164d9797648 systemd 71fd8d2065d102753fb9e4d20eaf3e9f toolchain-funcs f164325a2cdb5b3ea39311d483988861 vcs-clean 2a0f74a496fa2b1552c4f3398258b7bf vcs-snapshot b77011b62e2053c646ad720defe6d921
_md5_=fa3a61c0d95a8e874331835c436d2da8 _md5_=b8001c89fde86e8168665326dc6b1a87

4
sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/app-emulation/containerd-9999 vendored
View File

@ -5,9 +5,9 @@ EAPI=6
HOMEPAGE=https://containerd.tools HOMEPAGE=https://containerd.tools
IUSE=+btrfs hardened +go_version_go1_10 IUSE=+btrfs hardened +go_version_go1_10
LICENSE=Apache-2.0 LICENSE=Apache-2.0
RDEPEND==app-emulation/docker-runc-1.0.0_rc5_p19 sys-libs/libseccomp RDEPEND==app-emulation/docker-runc-1.0.0_rc5_p19-r1 sys-libs/libseccomp
REQUIRED_USE=go_version_go1_10 REQUIRED_USE=go_version_go1_10
RESTRICT=test RESTRICT=test
SLOT=0 SLOT=0
_eclasses_=coreos-go e0b9bd13413783cf7a2859afc20534a2 coreos-go-depend cec6567f1c69a9b3e529a49eedaeed55 coreos-go-utils 67004337b6f831adc5f1ff107ee2f157 desktop b1d22ac8bdd4679ab79c71aca235009d epatch a1bf4756dba418a7238f3be0cb010c54 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 6e6c2737b59a4b982de6fb3ecefd87f8 flag-o-matic 55aaa148741116aa54ad0d80e361818e git-r3 0d4635eeb5a96cd5315597a47eba25c9 ltprune 08f9e1d9ee0af8f5d9a7854efbcd8c0e multilib b2f01ad412baf81650c23fcf0975fa33 multiprocessing cac3169468f893670dac3e7cb940e045 preserve-libs ef207dc62baddfddfd39a164d9797648 systemd 71fd8d2065d102753fb9e4d20eaf3e9f toolchain-funcs f164325a2cdb5b3ea39311d483988861 vcs-clean 2a0f74a496fa2b1552c4f3398258b7bf _eclasses_=coreos-go e0b9bd13413783cf7a2859afc20534a2 coreos-go-depend cec6567f1c69a9b3e529a49eedaeed55 coreos-go-utils 67004337b6f831adc5f1ff107ee2f157 desktop b1d22ac8bdd4679ab79c71aca235009d epatch a1bf4756dba418a7238f3be0cb010c54 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 6e6c2737b59a4b982de6fb3ecefd87f8 flag-o-matic 55aaa148741116aa54ad0d80e361818e git-r3 0d4635eeb5a96cd5315597a47eba25c9 ltprune 08f9e1d9ee0af8f5d9a7854efbcd8c0e multilib b2f01ad412baf81650c23fcf0975fa33 multiprocessing cac3169468f893670dac3e7cb940e045 preserve-libs ef207dc62baddfddfd39a164d9797648 systemd 71fd8d2065d102753fb9e4d20eaf3e9f toolchain-funcs f164325a2cdb5b3ea39311d483988861 vcs-clean 2a0f74a496fa2b1552c4f3398258b7bf
_md5_=fa3a61c0d95a8e874331835c436d2da8 _md5_=b8001c89fde86e8168665326dc6b1a87

4
sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/app-emulation/docker-18.06.1-r2 vendored
View File

@ -6,10 +6,10 @@ HOMEPAGE=https://dockerproject.org
IUSE=apparmor aufs +btrfs +container-init +device-mapper hardened +overlay pkcs11 seccomp +journald +selinux +go_version_go1_10 kernel_linux IUSE=apparmor aufs +btrfs +container-init +device-mapper hardened +overlay pkcs11 seccomp +journald +selinux +go_version_go1_10 kernel_linux
KEYWORDS=amd64 arm64 KEYWORDS=amd64 arm64
LICENSE=Apache-2.0 LICENSE=Apache-2.0
RDEPEND=>=dev-db/sqlite-3.7.9:3 device-mapper? ( >=sys-fs/lvm2-2.02.89[thin] ) seccomp? ( >=sys-libs/libseccomp-2.2.1[static-libs] ) apparmor? ( sys-libs/libapparmor ) !app-emulation/docker-bin >=net-firewall/iptables-1.4 sys-process/procps >=dev-vcs/git-1.7 >=app-arch/xz-utils-4.9 dev-libs/libltdl =app-emulation/containerd-1.1.2-r1 =app-emulation/docker-runc-1.0.0_rc5_p19[apparmor?,seccomp?] =app-emulation/docker-proxy-0.8.0_p20180709 container-init? ( >=sys-process/tini-0.13.1 ) RDEPEND=>=dev-db/sqlite-3.7.9:3 device-mapper? ( >=sys-fs/lvm2-2.02.89[thin] ) seccomp? ( >=sys-libs/libseccomp-2.2.1[static-libs] ) apparmor? ( sys-libs/libapparmor ) !app-emulation/docker-bin >=net-firewall/iptables-1.4 sys-process/procps >=dev-vcs/git-1.7 >=app-arch/xz-utils-4.9 dev-libs/libltdl =app-emulation/containerd-1.1.2-r1 =app-emulation/docker-runc-1.0.0_rc5_p19-r1[apparmor?,seccomp?] =app-emulation/docker-proxy-0.8.0_p20180709 container-init? ( >=sys-process/tini-0.13.1 )
REQUIRED_USE=go_version_go1_10 REQUIRED_USE=go_version_go1_10
RESTRICT=installsources strip RESTRICT=installsources strip
SLOT=0 SLOT=0
SRC_URI=https://github.com/docker/docker-ce/archive/v18.06.1-ce.tar.gz -> docker-18.06.1.tar.gz SRC_URI=https://github.com/docker/docker-ce/archive/v18.06.1-ce.tar.gz -> docker-18.06.1.tar.gz
_eclasses_=bash-completion-r1 47a7402d95930413ce25ba8d857339bb coreos-go-depend cec6567f1c69a9b3e529a49eedaeed55 coreos-go-utils 67004337b6f831adc5f1ff107ee2f157 desktop b1d22ac8bdd4679ab79c71aca235009d eapi7-ver 756b3f27d8e46131d5cf3c51bd876446 epatch a1bf4756dba418a7238f3be0cb010c54 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 6e6c2737b59a4b982de6fb3ecefd87f8 flag-o-matic 55aaa148741116aa54ad0d80e361818e linux-info 953c3b1c472dcadbf62098a9301327f2 ltprune 08f9e1d9ee0af8f5d9a7854efbcd8c0e multilib b2f01ad412baf81650c23fcf0975fa33 preserve-libs ef207dc62baddfddfd39a164d9797648 systemd 71fd8d2065d102753fb9e4d20eaf3e9f toolchain-funcs f164325a2cdb5b3ea39311d483988861 udev 7752f306eec7b286d00bdb47b763e7ac user 8bc2845510e2109af75e3eeac607ec81 vcs-clean 2a0f74a496fa2b1552c4f3398258b7bf versionator 2352c3fc97241f6a02042773c8287748 _eclasses_=bash-completion-r1 47a7402d95930413ce25ba8d857339bb coreos-go-depend cec6567f1c69a9b3e529a49eedaeed55 coreos-go-utils 67004337b6f831adc5f1ff107ee2f157 desktop b1d22ac8bdd4679ab79c71aca235009d eapi7-ver 756b3f27d8e46131d5cf3c51bd876446 epatch a1bf4756dba418a7238f3be0cb010c54 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 6e6c2737b59a4b982de6fb3ecefd87f8 flag-o-matic 55aaa148741116aa54ad0d80e361818e linux-info 953c3b1c472dcadbf62098a9301327f2 ltprune 08f9e1d9ee0af8f5d9a7854efbcd8c0e multilib b2f01ad412baf81650c23fcf0975fa33 preserve-libs ef207dc62baddfddfd39a164d9797648 systemd 71fd8d2065d102753fb9e4d20eaf3e9f toolchain-funcs f164325a2cdb5b3ea39311d483988861 udev 7752f306eec7b286d00bdb47b763e7ac user 8bc2845510e2109af75e3eeac607ec81 vcs-clean 2a0f74a496fa2b1552c4f3398258b7bf versionator 2352c3fc97241f6a02042773c8287748
_md5_=7d06c505992daf704bf52e0a6793ef47 _md5_=eafded41121f03e12805637b01668eeb

4
sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/app-emulation/docker-9999 vendored
View File

@ -6,9 +6,9 @@ HOMEPAGE=https://dockerproject.org
IUSE=apparmor aufs +btrfs +container-init +device-mapper hardened +overlay pkcs11 seccomp +journald +selinux +go_version_go1_10 kernel_linux IUSE=apparmor aufs +btrfs +container-init +device-mapper hardened +overlay pkcs11 seccomp +journald +selinux +go_version_go1_10 kernel_linux
KEYWORDS=~amd64 ~arm64 KEYWORDS=~amd64 ~arm64
LICENSE=Apache-2.0 LICENSE=Apache-2.0
RDEPEND=>=dev-db/sqlite-3.7.9:3 device-mapper? ( >=sys-fs/lvm2-2.02.89[thin] ) seccomp? ( >=sys-libs/libseccomp-2.2.1[static-libs] ) apparmor? ( sys-libs/libapparmor ) !app-emulation/docker-bin >=net-firewall/iptables-1.4 sys-process/procps >=dev-vcs/git-1.7 >=app-arch/xz-utils-4.9 dev-libs/libltdl =app-emulation/containerd-1.1.2-r1 =app-emulation/docker-runc-1.0.0_rc5_p19[apparmor?,seccomp?] =app-emulation/docker-proxy-0.8.0_p20180709 container-init? ( >=sys-process/tini-0.13.1 ) RDEPEND=>=dev-db/sqlite-3.7.9:3 device-mapper? ( >=sys-fs/lvm2-2.02.89[thin] ) seccomp? ( >=sys-libs/libseccomp-2.2.1[static-libs] ) apparmor? ( sys-libs/libapparmor ) !app-emulation/docker-bin >=net-firewall/iptables-1.4 sys-process/procps >=dev-vcs/git-1.7 >=app-arch/xz-utils-4.9 dev-libs/libltdl =app-emulation/containerd-1.1.2-r1 =app-emulation/docker-runc-1.0.0_rc5_p19-r1[apparmor?,seccomp?] =app-emulation/docker-proxy-0.8.0_p20180709 container-init? ( >=sys-process/tini-0.13.1 )
REQUIRED_USE=go_version_go1_10 REQUIRED_USE=go_version_go1_10
RESTRICT=installsources strip RESTRICT=installsources strip
SLOT=0 SLOT=0
_eclasses_=bash-completion-r1 47a7402d95930413ce25ba8d857339bb coreos-go-depend cec6567f1c69a9b3e529a49eedaeed55 coreos-go-utils 67004337b6f831adc5f1ff107ee2f157 desktop b1d22ac8bdd4679ab79c71aca235009d eapi7-ver 756b3f27d8e46131d5cf3c51bd876446 epatch a1bf4756dba418a7238f3be0cb010c54 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 6e6c2737b59a4b982de6fb3ecefd87f8 flag-o-matic 55aaa148741116aa54ad0d80e361818e git-r3 0d4635eeb5a96cd5315597a47eba25c9 linux-info 953c3b1c472dcadbf62098a9301327f2 ltprune 08f9e1d9ee0af8f5d9a7854efbcd8c0e multilib b2f01ad412baf81650c23fcf0975fa33 preserve-libs ef207dc62baddfddfd39a164d9797648 systemd 71fd8d2065d102753fb9e4d20eaf3e9f toolchain-funcs f164325a2cdb5b3ea39311d483988861 udev 7752f306eec7b286d00bdb47b763e7ac user 8bc2845510e2109af75e3eeac607ec81 vcs-clean 2a0f74a496fa2b1552c4f3398258b7bf _eclasses_=bash-completion-r1 47a7402d95930413ce25ba8d857339bb coreos-go-depend cec6567f1c69a9b3e529a49eedaeed55 coreos-go-utils 67004337b6f831adc5f1ff107ee2f157 desktop b1d22ac8bdd4679ab79c71aca235009d eapi7-ver 756b3f27d8e46131d5cf3c51bd876446 epatch a1bf4756dba418a7238f3be0cb010c54 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 6e6c2737b59a4b982de6fb3ecefd87f8 flag-o-matic 55aaa148741116aa54ad0d80e361818e git-r3 0d4635eeb5a96cd5315597a47eba25c9 linux-info 953c3b1c472dcadbf62098a9301327f2 ltprune 08f9e1d9ee0af8f5d9a7854efbcd8c0e multilib b2f01ad412baf81650c23fcf0975fa33 preserve-libs ef207dc62baddfddfd39a164d9797648 systemd 71fd8d2065d102753fb9e4d20eaf3e9f toolchain-funcs f164325a2cdb5b3ea39311d483988861 udev 7752f306eec7b286d00bdb47b763e7ac user 8bc2845510e2109af75e3eeac607ec81 vcs-clean 2a0f74a496fa2b1552c4f3398258b7bf
_md5_=7d06c505992daf704bf52e0a6793ef47 _md5_=eafded41121f03e12805637b01668eeb

2
sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/app-emulation/docker-runc-1.0.0_rc5_p19 → sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/app-emulation/docker-runc-1.0.0_rc5_p19-r1 vendored
View File

@ -12,4 +12,4 @@ RESTRICT=test
SLOT=0 SLOT=0
SRC_URI=https://github.com/opencontainers/runc/archive/69663f0bd4b60df09991c08812a60108003fa340.tar.gz -> docker-runc-1.0.0_rc5_p19.tar.gz SRC_URI=https://github.com/opencontainers/runc/archive/69663f0bd4b60df09991c08812a60108003fa340.tar.gz -> docker-runc-1.0.0_rc5_p19.tar.gz
_eclasses_=coreos-go e0b9bd13413783cf7a2859afc20534a2 coreos-go-depend cec6567f1c69a9b3e529a49eedaeed55 coreos-go-utils 67004337b6f831adc5f1ff107ee2f157 desktop b1d22ac8bdd4679ab79c71aca235009d epatch a1bf4756dba418a7238f3be0cb010c54 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 6e6c2737b59a4b982de6fb3ecefd87f8 flag-o-matic 55aaa148741116aa54ad0d80e361818e ltprune 08f9e1d9ee0af8f5d9a7854efbcd8c0e multilib b2f01ad412baf81650c23fcf0975fa33 multiprocessing cac3169468f893670dac3e7cb940e045 preserve-libs ef207dc62baddfddfd39a164d9797648 toolchain-funcs f164325a2cdb5b3ea39311d483988861 vcs-clean 2a0f74a496fa2b1552c4f3398258b7bf vcs-snapshot b77011b62e2053c646ad720defe6d921 _eclasses_=coreos-go e0b9bd13413783cf7a2859afc20534a2 coreos-go-depend cec6567f1c69a9b3e529a49eedaeed55 coreos-go-utils 67004337b6f831adc5f1ff107ee2f157 desktop b1d22ac8bdd4679ab79c71aca235009d epatch a1bf4756dba418a7238f3be0cb010c54 estack 43ddf5aaffa7a8d0482df54d25a66a1f eutils 6e6c2737b59a4b982de6fb3ecefd87f8 flag-o-matic 55aaa148741116aa54ad0d80e361818e ltprune 08f9e1d9ee0af8f5d9a7854efbcd8c0e multilib b2f01ad412baf81650c23fcf0975fa33 multiprocessing cac3169468f893670dac3e7cb940e045 preserve-libs ef207dc62baddfddfd39a164d9797648 toolchain-funcs f164325a2cdb5b3ea39311d483988861 vcs-clean 2a0f74a496fa2b1552c4f3398258b7bf vcs-snapshot b77011b62e2053c646ad720defe6d921
_md5_=85f9379ee51e095f514748d1aa8c1fd4 _md5_=1d7b0d84b00b0380abbf9a5fc4261f1a

4
sdk_container/src/third_party/coreos-overlay/metadata/md5-cache/app-torcx/docker-18.06 vendored
View File

@ -3,6 +3,6 @@ DESCRIPTION=Packages to be installed in a torcx image for Docker
EAPI=2 EAPI=2
KEYWORDS=amd64 arm64 KEYWORDS=amd64 arm64
LICENSE=GPL-2 LICENSE=GPL-2
RDEPEND==app-emulation/docker-18.06.1-r2 =app-emulation/containerd-1.1.2-r1 =app-emulation/docker-proxy-0.8.0_p20180709 =app-emulation/docker-runc-1.0.0_rc5_p19 =dev-libs/libltdl-2.4.6 =sys-process/tini-0.13.2 RDEPEND==app-emulation/docker-18.06.1-r2 =app-emulation/containerd-1.1.2-r1 =app-emulation/docker-proxy-0.8.0_p20180709 =app-emulation/docker-runc-1.0.0_rc5_p19-r1 =dev-libs/libltdl-2.4.6 =sys-process/tini-0.13.2
SLOT=0 SLOT=0
_md5_=10043be46b74f9381f7cb350c0af0d8c _md5_=979436c9e02108fadacf37f9507d1da9