diff --git a/0001-CVE-2022-32149.patch b/0003-CVE-2022-32149.patch similarity index 100% rename from 0001-CVE-2022-32149.patch rename to 0003-CVE-2022-32149.patch diff --git a/podman.spec b/podman.spec index 886f2f96c9278001edeeae82160676e91d46cc96..2e47ba9e327cba97934f0d2aa77cf5da361fdf1b 100644 --- a/podman.spec +++ b/podman.spec @@ -2,7 +2,7 @@ Name: podman Version: 3.4.4 -Release: 3 +Release: 4 Summary: A daemonless container engine for managing Containers Epoch: 1 License: ASL 2.0 @@ -18,54 +18,12 @@ BuildRequires: gpgme-devel libassuan-devel libgpg-error-devel libseccomp-devel BuildRequires: libselinux-devel ostree-devel pkgconfig make git Requires: crun containers-common containernetworking-plugins >= 0.7.3-2 iptables nftables conmon Requires: (container-selinux if selinux-policy) -Recommends: %{name}-plugins = %{epoch}:%{version}-%{release} +Recommends: %{name}-plugins = %{epoch}:%{version}-%{release} Recommends: slirp4netns catatonit -Provides: bundled(golang(github.com/BurntSushi/toml)) = v0.3.1 -Provides: bundled(golang(github.com/containernetworking/cni)) = v0.8.0 -Provides: bundled(golang(github.com/containernetworking/plugins)) = v0.8.7 -Provides: bundled(golang(github.com/containers/image/v5)) = v5.5.2 -Provides: bundled(golang(github.com/containers/psgo)) = v1.5.1 -Provides: bundled(golang(github.com/containers/storage)) = v1.23.2 -Provides: bundled(golang(github.com/coreos/go-systemd/v22)) = v22.1.0 -Provides: bundled(golang(github.com/cri-o/ocicni)) = v0.2.0 -Provides: bundled(golang(github.com/cyphar/filepath-securejoin)) = v0.2.2 -Provides: bundled(golang(github.com/davecgh/go-spew)) = v1.1.1 -Provides: bundled(golang(github.com/docker/distribution)) = v2.7.1+incompatible -Provides: bundled(golang(github.com/docker/go-connections)) = v0.4.0 -Provides: bundled(golang(github.com/docker/go-units)) = v0.4.0 -Provides: bundled(golang(github.com/fsnotify/fsnotify)) = v1.4.9 -Provides: bundled(golang(github.com/ghodss/yaml)) = v1.0.0 -Provides: bundled(golang(github.com/godbus/dbus/v5)) = v5.0.3 -Provides: bundled(golang(github.com/google/uuid)) = v1.1.2 -Provides: bundled(golang(github.com/gorilla/mux)) = v1.7.4 -Provides: bundled(golang(github.com/gorilla/schema)) = v1.2.0 -Provides: bundled(golang(github.com/hashicorp/go-multierror)) = v1.1.0 -Provides: bundled(golang(github.com/hpcloud/tail)) = v1.0.0 -Provides: bundled(golang(github.com/json-iterator/go)) = v1.1.10 -Provides: bundled(golang(github.com/onsi/ginkgo)) = v1.14.0 -Provides: bundled(golang(github.com/onsi/gomega)) = v1.10.1 -Provides: bundled(golang(github.com/opencontainers/go-digest)) = v1.0.0 -Provides: bundled(golang(github.com/opencontainers/runtime-tools)) = v0.9.0 -Provides: bundled(golang(github.com/opencontainers/selinux)) = v1.6.0 -Provides: bundled(golang(github.com/opentracing/opentracing-go)) = v1.2.0 -Provides: bundled(golang(github.com/pkg/errors)) = v0.9.1 -Provides: bundled(golang(github.com/pmezard/go-difflib)) = v1.0.0 -Provides: bundled(golang(github.com/rootless-containers/rootlesskit)) = v0.10.0 -Provides: bundled(golang(github.com/sirupsen/logrus)) = v1.6.0 -Provides: bundled(golang(github.com/spf13/cobra)) = v0.0.7 -Provides: bundled(golang(github.com/spf13/pflag)) = v1.0.5 -Provides: bundled(golang(github.com/stretchr/testify)) = v1.6.1 -Provides: bundled(golang(github.com/uber/jaeger-client-go)) = v2.25.0+incompatible -Provides: bundled(golang(github.com/uber/jaeger-lib)) = v2.2.0+incompatible -Provides: bundled(golang(github.com/vishvananda/netlink)) = v1.1.0 -Provides: bundled(golang(go.etcd.io/bbolt)) = v1.3.5 -Provides: bundled(golang(k8s.io/api)) = v0.18.8 -Provides: bundled(golang(k8s.io/apimachinery)) = v0.19.0 - Patch1: 0001-Fix-the-invalid-memory-address-reference.patch Patch2: 0002-add-openEuler-hardened-ld.patch -Patch3: 0001-CVE-2022-32149.patch +Patch3: 0003-CVE-2022-32149.patch %description Podman manages the entire container ecosystem which includes pods, @@ -150,7 +108,8 @@ tar zxf %{SOURCE1} tar zxf %{SOURCE2} # untar %%{name}-gvproxy tar zxf %{SOURCE3} -tar -xf %SOURCE4 +tar -xf %{SOURCE4} + %patch1 -p1 %patch2 -p1 %patch3 -p1 @@ -324,6 +283,12 @@ done %{_libexecdir}/%{name}/gvproxy %changelog +* Thu Jan 09 2025 duyiwei - 1:3.4.4-4 +- Type:bugfix +- CVE:CVE-2024-9355、CVE-2019-9514、CVE-2024-24791、CVE-2022-32189、CVE-2022-41715、CVE-2022-2880、CVE-2022-1962、CVE-2023-45290、CVE-2024-24783、CVE-2024-24785 +- SUG:NA +- DESC: Optimize spec files and fix CVE in batches through rebuild + * Tue Aug 20 2024 Xuebing Li - 1:3.4.4-3 - Add 'Buildarch: noarch' to the help subpackage diff --git a/podman.yaml b/podman.yaml index 9f95c1c79ea55ce152981eb9a856c04b0359a95c..33bcc56584bff90ac19102c2f10d838d7772c08a 100644 --- a/podman.yaml +++ b/podman.yaml @@ -1,4 +1,4 @@ version_control: github -src_repo: containers/libpod +src_repo: containers/podman tag_prefix: ^v seperator: .