Hello community, here is the log from the commit of package docker for openSUSE:Factory checked in at 2017-01-23 11:36:23 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/docker (Old) and /work/SRC/openSUSE:Factory/.docker.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "docker" Changes: -------- --- /work/SRC/openSUSE:Factory/docker/docker.changes 2017-01-10 10:43:27.387569657 +0100 +++ /work/SRC/openSUSE:Factory/.docker.new/docker.changes 2017-01-23 11:36:24.874176867 +0100 @@ -1,0 +2,13 @@ +Fri Jan 13 13:56:15 UTC 2017 - jmassaguerpla@suse.com + +- fix CVE-2016-9962 bsc#1012568 . Fix it by updating to 1.12.6 + plus an extra commit to fix liverestore: + https://github.com/docker/docker/commit/97cd32a6a9076306baa637a29bba84c3f1f3... + +------------------------------------------------------------------- +Wed Jan 11 12:47:16 UTC 2017 - jmassaguerpla@suse.com + +- add "a wait" when starting docker service to fix + bsc#1019251 + +------------------------------------------------------------------- Old: ---- docker-1.12.5.tar.xz New: ---- docker-1.12.6.tar.xz docker_service_helper.sh ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ docker.spec ++++++ --- /var/tmp/diff_new_pack.ZK6qxH/_old 2017-01-23 11:36:25.818043012 +0100 +++ /var/tmp/diff_new_pack.ZK6qxH/_new 2017-01-23 11:36:25.822042445 +0100 @@ -1,7 +1,7 @@ # # spec file for package docker # -# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany. +# Copyright (c) 2017 SUSE LINUX GmbH, Nuernberg, Germany. # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -35,8 +35,8 @@ %global docker_migration_testfile %{docker_store}/.suse-image-migration-v1to2-complete %global docker_migration_warnfile %{docker_store}/docker-update-message.txt %define docker_graph %{docker_store}/graph -%define git_version 8eab29e -%define version_unconverted 1.12.5 +%define git_version 78d1802 +%define version_unconverted 1.12.6 %define __arch_install_post export NO_BRP_STRIP_DEBUG=true # When upgrading to a new version requires the service not to be restarted # Due to a long migration process update last_migration_version to the new version @@ -44,7 +44,7 @@ # 1.10.1 %global last_migration_version 1.10.1 Name: docker -Version: 1.12.5 +Version: 1.12.6 Release: 0 Summary: The Linux container runtime License: Apache-2.0 @@ -59,6 +59,7 @@ Source8: docker-audit.rules Source9: docker-update-message.txt Source10: tests.sh +Source11: docker_service_helper.sh # Fixes for architecture-specific issues (gcc-go). Patch100: gcc-go-patches.patch Patch102: netlink_netns_powerpc.patch @@ -87,7 +88,7 @@ # Dockerfile to ensure that we don't use a slightly incompatible version of # runC or containerd (which would be bad). Requires: containerd = 0.2.5+gitr569_2a5e70c -Requires: runc = 0.1.1+gitr2818_f59ba3cdd76f +Requires: runc = 0.1.1+gitr2819_50a19c6 # Provides mkfs.ext4 - used by Docker when devicemapper storage driver is used Requires: e2fsprogs Requires: git-core >= 1.7 @@ -316,6 +317,7 @@ # install -D -m 0644 %{SOURCE1} %{buildroot}%{_unitdir}/%{name}.service ln -sf service %{buildroot}%{_sbindir}/rcdocker +install -D -m 0755 %{SOURCE11} %{buildroot}/%{_libexecdir}/docker/ # # udev rules that prevents dolphin to show all docker devices and slows down ++++++ _service ++++++ --- /var/tmp/diff_new_pack.ZK6qxH/_old 2017-01-23 11:36:25.906030535 +0100 +++ /var/tmp/diff_new_pack.ZK6qxH/_new 2017-01-23 11:36:25.906030535 +0100 @@ -3,8 +3,8 @@ <param name="url">https://github.com/docker/docker.git</param> <param name="scm">git</param> <param name="exclude">.git</param> - <param name="versionformat">1.12.5</param> - <param name="revision">v1.12.5</param> + <param name="versionformat">1.12.6</param> + <param name="revision">v1.12.6</param> </service> <service name="recompress" mode="disabled"> <param name="file">docker-*.tar</param> ++++++ docker-1.12.5.tar.xz -> docker-1.12.6.tar.xz ++++++ /work/SRC/openSUSE:Factory/docker/docker-1.12.5.tar.xz /work/SRC/openSUSE:Factory/.docker.new/docker-1.12.6.tar.xz differ: char 27, line 1 ++++++ docker.service ++++++ --- /var/tmp/diff_new_pack.ZK6qxH/_old 2017-01-23 11:36:26.006016355 +0100 +++ /var/tmp/diff_new_pack.ZK6qxH/_new 2017-01-23 11:36:26.006016355 +0100 @@ -10,7 +10,9 @@ # While Docker has support for socket activation (-H fd://), this is not # enabled by default because enabling socket activation means that on boot your # containers won't start until someone tries to administer the Docker daemon. +Type=simple ExecStart=/usr/bin/dockerd --containerd /run/containerd/containerd.sock $DOCKER_NETWORK_OPTIONS $DOCKER_OPTS +ExecStartPost=/usr/lib/docker/docker_service_helper.sh wait ExecReload=/bin/kill -s HUP $MAINPID # Having non-zero Limit*s causes performance problems due to accounting overhead ++++++ docker_service_helper.sh ++++++ #!/bin/bash if [ "$1" != "wait" ];then echo "Usage $0 option" echo "options can be" echo " wait: wait for the daemon to start" exit -1 fi echo "Waiting for docker daemon to start" for i in {1..60};do docker version > /dev/null 2>&1 && break sleep 1 done if docker version > /dev/null 2>&1;then echo "Docker is alive" exit 0 else echo "Docker is dead" exit 1 fi