Hello community, here is the log from the commit of package bubblewrap for openSUSE:Leap:15.2 checked in at 2020-01-30 14:50:30 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Leap:15.2/bubblewrap (Old) and /work/SRC/openSUSE:Leap:15.2/.bubblewrap.new.26092 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "bubblewrap" Thu Jan 30 14:50:30 2020 rev:15 rq:766110 version:0.4.0 Changes: -------- --- /work/SRC/openSUSE:Leap:15.2/bubblewrap/bubblewrap.changes 2020-01-15 14:49:03.721365534 +0100 +++ /work/SRC/openSUSE:Leap:15.2/.bubblewrap.new.26092/bubblewrap.changes 2020-01-30 14:51:40.350943058 +0100 @@ -1,0 +2,37 @@ +Fri Dec 20 22:59:52 UTC 2019 - Bjørn Lie <bjorn.lie@gmail.com> + +- Update to version 0.4.0: + + The biggest feature in this release is the support for joining + existing user and pid namespaces. This doesn't work in the + setuid mode (at the moment). + + Other changes: + - Stores namespace info in status json. + - In setuid mode pid 1 is now marked dumpable. + - Now builds with musl libc. + +------------------------------------------------------------------- +Fri Jun 7 14:38:21 UTC 2019 - Antonio Larrosa <alarrosa@suse.com> + +- Use /bin/bash instead of /usr/bin/bash in SLE12 + +------------------------------------------------------------------- +Sat Jun 1 15:08:49 UTC 2019 - Sebastian Wagner <sebix+novell.com@sebix.at> + +- Update to version 0.3.3: + - This release is the same as 0.3.2 but the version number in configure.ac + was accidentally still set to 0.3.1 +- Update to version 0.3.2: + - fixes boo#1136958 / CVE-2019-12439 + This release fixes a mostly theoretical security issue in unusual/broken + setups where `$XDG_RUNTIME_DIR` is unset. + There are some other smaller fixes, as well as an addition to the JSON + API that allows reading the inner process exit code, separately from + the `bwrap` exit code. + - Print "Out of memory" on stderr, not stdout + - bwrap: add option json-status-fd to show child exit code + - bwrap: Report COMMAND exit code in json-status-fd + - man page: Describe --chdir, not nonexistent --cwd + - Don't create our own temporary mount point for pivot_root + - Make lockdata long enough on 32-bit with 64-bit file pointers. + +------------------------------------------------------------------- Old: ---- v0.3.1.tar.gz New: ---- bubblewrap-0.4.0.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ bubblewrap.spec ++++++ --- /var/tmp/diff_new_pack.TGLQE3/_old 2020-01-30 14:51:40.590943186 +0100 +++ /var/tmp/diff_new_pack.TGLQE3/_new 2020-01-30 14:51:40.594943187 +0100 @@ -1,7 +1,7 @@ # # spec file for package bubblewrap # -# Copyright (c) 2018 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2019 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -17,16 +17,13 @@ Name: bubblewrap -Version: 0.3.1 +Version: 0.4.0 Release: 0 Summary: Core execution tool for unprivileged containers License: LGPL-2.0-or-later Group: Productivity/Security -Url: https://github.com/projectatomic/bubblewrap -Source: https://github.com/projectatomic/bubblewrap/archive/v%{version}.tar.gz -# Does not have README.md and autogen.sh included -> unusable -# Source0: https://github.com/projectatomic/bubblewrap/releases/download/v%%{version}/%%{name}-%%{version}.tar.xz -# We always run autogen.sh +URL: https://github.com/projectatomic/bubblewrap +Source0: %{url}/releases/download/v%{version}/%{name}-%{version}.tar.xz BuildRequires: autoconf BuildRequires: automake BuildRequires: docbook-xsl-stylesheets @@ -44,9 +41,14 @@ user namespaces. %prep -%autosetup -n %{name}-%{version} +%autosetup -p1 -n %{name}-%{version} sed -i '1d' completions/bash/bwrap +%if 0%{?suse_version} < 1500 +sed -i '1s,/usr/bin/env bash,/bin/bash,' demos/bubblewrap-shell.sh +sed -i '1s/env //' demos/userns-block-fd.py +%else sed -i '1s/env //' demos/bubblewrap-shell.sh demos/userns-block-fd.py +%endif %build env NOCONFIGURE=1 ./autogen.sh