[ubuntu/trusty-updates] docker.io 1.6.2~dfsg1-1ubuntu4~14.04.1 (Accepted)
Chris J Arges
chris.j.arges at canonical.com
Wed Oct 28 18:25:46 UTC 2015
docker.io (1.6.2~dfsg1-1ubuntu4~14.04.1) trusty; urgency=medium
* Backport to Ubuntu 14.04 (LP: #1454719).
* Disabled
- d/p/lxc.autodev-support.patch to minimise regression risk as
it is not relevant for the version of LXC on Trusty (1.0.3-0ubuntu3).
- d/p/update-go.net-golang.org.patch: there has been a url
canonical name change upstream, but keeping this patch on involves
backporting golang to 1.4 which is undesirable for this backport
(golang-go.net-dev needs golang-x-text, which does not build
successfully without a 1.4 backport).
- Wily related fixes:
+ d/p/golang-1.5-wily.patch to fix FTBFS with golang-1.5 build on wily
+ d/p/ppc64el-wily.patch to fix ppc64le FTBFS on wily (LP: #1488668)
+ d/p/libcontainer_arm64_syscall_dup2_to_dup3-c_changes.patch (LP: #1488669)
+ d/p/libcontainer_arm64_syscall_dup2_to_dup3-golang_changes.patch (LP: #1488669)
+ d/rules to build with golang-go on arm64 (LP: #1488669)
+ d/control to build with golang-go on arm64 (LP: #1488669)
* Reverted:
d/rules: http://anonscm.debian.org/cgit/docker/docker.io.git/diff/?id=b1458f5
commit to preserve docker.io symlink.
docker.io (1.6.2~dfsg1-1ubuntu4) wily; urgency=medium
* Add patches from upstream to fix some upgrade path bugs:
- d/p/add-mutex-read-m_path.patch to fix vivid upgrade-path
- d/p/stop-systemd-on-destroy.patch to fix leftover ".scope" fails
* Add patches to fix Wily FTBFS:
- d/p/ppc64el-wily.patch to fix ppc64le FTBFS on wily (LP: #1488668)
- d/p/golang-1.5-wily.patch to fix FTBFS with golang-1.5 build on
wily
* arm64 support fixes for golang-go build (LP: #1488669):
- d/p/libcontainer_arm64_syscall_dup2_to_dup3-c_changes.patch (LP:
#1488669)
- d/p/libcontainer_arm64_syscall_dup2_to_dup3-golang_changes.patch
(LP: #1488669)
* d/rules to build with golang-go on arm64 (LP: #1488669)
* d/control to build with golang-go on arm64 (LP: #1488669)
* Revert device-mapper-cleanup.patch dropped with an new one:
d/p/device-mapper-cleanup2.patch
docker.io (1.6.2~dfsg1-1ubuntu3~14.04.1) trusty; urgency=medium
* Backport to Ubuntu 14.04 (LP: #1454719).
* Disable d/p/lxc.autodev-support.patch to minimise regression risk as
it is not relevant for the version of LXC on Trusty (1.0.3-0ubuntu3).
* Disable d/p/update-go.net-golang.org.patch: there has been a url
canonical name change upstream, but keeping this patch on involves
backporting golang to 1.4 which is undesirable for this backport
(golang-go.net-dev needs golang-x-text, which does not build
successfully without a 1.4 backport).
* d/rules: revert
http://anonscm.debian.org/cgit/docker/docker.io.git/diff/?id=b1458f5
commit to preserve docker.io symlink.
docker.io (1.6.2~dfsg1-1ubuntu3) wily; urgency=medium
* d/docker.io.postinst: fix restart issue on upgrade path from
1.5.0~dfsg1-1ubuntu2 (LP: #1459916).
docker.io (1.6.2~dfsg1-1ubuntu2) wily; urgency=medium
* Add patches
- d/p/lxc.autodev-support.patch: fix bug: LP: #1466550
Make LXC exec driver compatible with recent lxc where lxc.autodev is enabled
by default.
- d/p/update-go.net-golang.org.patch: fix FTBS bug from wily
docker.io (1.6.2~dfsg1-1ubuntu1) wily; urgency=medium
[ Pierre-André MOREY ]
* Merge from Debian unstable. Remaining changes:
- d/control: bump minimum version of golang-pty-dev for broader
architecture support.
- d/{control,rules}: use gccgo instead of golang to enable builds on
ppc64el, powerpc and arm64.
- System call number updates:
+ d/p/arm64-support.patch
+ d/p/arm-syscall-fix.patch
+ d/p/powerpc-support.patch
* d/p/sync-apparmor-with-lxc.patch replaced by
sync-apparmor-with-lxc.2.patch: update AppArmor policy to be in sync with LXC.
docker.io (1.6.2~dfsg1-1) unstable; urgency=medium
* Update to 1.6.2 upstream release
* Update deps in d/control to match upstream's hack/vendor.sh specifications
docker.io (1.6.1+dfsg1-2) unstable; urgency=medium
* Add --no-restart-on-upgrade to dh_installinit so that we don't force
a stop on upgrade, which can cause other units to fall over. Many thanks
to Michael Stapelberg (sECuRE) for the tip!
docker.io (1.6.1+dfsg1-1) unstable; urgency=high
* Update to 1.6.1 upstream release (Closes: #784726)
- CVE-2015-3627
Insecure opening of file-descriptor 1 leading to privilege escalation
- CVE-2015-3629
Symlink traversal on container respawn allows local privilege escalation
- CVE-2015-3630
Read/write proc paths allow host modification & information disclosure
- CVE-2015-3631
Volume mounts allow LSM profile escalation
docker.io (1.6.0+dfsg1-1ubuntu1) wily; urgency=medium
* Merge from Debian unstable. Remaining changes:
- d/control: bump minimum version of golang-pty-dev for broader
architecture support.
- d/{control,rules}: use gccgo instead of golang to enable builds on
ppc64el, powerpc and arm64.
- d/p/sync-apparmor-with-lxc.patch: update AppArmor policy to be
in sync with LXC.
- System call number updates; dep3 headers updated. All these are in upstream
master but not yet included in the libcontainer release we're using:
+ d/p/arm64-support.patch
+ d/p/arm-syscall-fix.patch
+ d/p/powerpc-support.patch
* Drop changes:
- No longer required as the original bug no longer reproduces:
d/p/device-mapper-cleanup.patch: cleanup any stale docker mounts
from previous shutdown.
- ppc64el support upstreamed:
+ d/p/enable-gccgo-build-v2.patch: add support to docker build
system for gccgo.
+ d/p/remove-X-flag-autogenerate-dockerversion.patch
+ d/p/dockerversion-to-autogen-go-rename.patch
+ d/p/fix-build-dir-autogen.patch: autogen straight into build tree.
+ d/p/fix-dynbinary-for-autogen.patch: fix FTBFS on amd64.
docker.io (1.6.0+dfsg1-1) unstable; urgency=medium
* Upload to unstable
* Backport PR 12943 to support golang-go-patricia 2.*
* Remove convenience copies of cgroupfs-mount in init.d / upstart scripts
(Re: #783143)
docker.io (1.6.0+dfsg1-1~exp1) experimental; urgency=medium
* Update to 1.6.0 upstream release
* Adjust "repack.sh" to be more tolerant of "dfsg" suffixes
docker.io (1.6.0~rc7~dfsg1-1~exp1) experimental; urgency=low
* Update to 1.6.0-rc7 upstream release
docker.io (1.6.0~rc4~dfsg1-1) experimental; urgency=low
[ Tianon Gravi ]
* Update to 1.6.0-rc4 upstream release
- drop golang 1.2 support (no longer supported upstream)
- update Homepage to https://dockerproject.com
- add check-config.sh to /usr/share/docker.io/contrib
- add "distribution" as a new multitarball orig
- backport auto "btrfs_noversion" patch from
https://github.com/docker/docker/pull/12048
(simplifying our logic for detecting whether to use it)
- switch from dh-golang to direct install since we're not actually using the
features it offers (due to upstream's build system)
- enable "docker.service" on boot by default for restart policies to work
[ Felipe Sateler ]
* Add Built-Using for glibc (Closes: #769351).
docker.io (1.5.0~dfsg1-1ubuntu2) vivid; urgency=medium
* d/p/arm-syscall-fix.patch: Fix incorrect setns syscall on ARM.
* d/p/powerpc-support.patch: Resolve FTBFS with powerpc builds.
docker.io (1.5.0~dfsg1-1ubuntu1) vivid; urgency=medium
* Merge from Debian experimental (LP: #1430760). Remaining changes:
- d/p/sync-apparmor-with-lxc.patch: Update AppArmor policy to be
in sync with LXC.
- d/p/device-mapper-cleanup.patch: Cleanup any stale docker mounts
from previous shutdown.
- d/control: Bump minimum version of golang-pty-dev for broader
architecture support.
- d/control: use gccgo instead of golang on ppc64el.
* Drop changes:
- d/p/enable-gccgo-build.patch: superceded by new ppc64el patches.
- d/p/enable-non-amd64-arches.patch: superceded by upstream-accepted
patches from IBM as described below.
* New implementation of ppc64el support based on upstreamed IBM patches:
- d/p/enable-gccgo-build-v2.patch: add support to docker build
system for gccgo.
- d/p/remove-X-flag-autogenerate-dockerversion.patch
- d/p/dockerversion-to-autogen-go-rename.patch
- d/rules: conditional build against gccgo when on ppc64.
- d/p/fix-build-dir-autogen.patch: autogen straight into build tree.
- d/p/fix-dynbinary-for-autogen.patch: fix FTBFS on amd64.
* d/p/arm64-support.patch: fix to allow build on arm64.
docker.io (1.5.0~dfsg1-1) experimental; urgency=low
* Update to 1.5.0 upstream release (Closes: #773495)
* Remove several patches applied upstream!
- 9637-fix-nuke-bashism.patch
- enable-non-amd64-arches.patch
* Fix btrfs-tools handling to allow for building with btrfs-tools < 1.16.1
docker.io (1.3.3~dfsg1-2ubuntu7) vivid; urgency=medium
* d/p/enable-gccgo-build.patch: Update for gccgo archs.
docker.io (1.3.3~dfsg1-2ubuntu6) vivid; urgency=medium
* Drop the build dependency on gccgo-go, build-depend on gccgo instead.
docker.io (1.3.3~dfsg1-2ubuntu5) vivid; urgency=medium
* d/p/enable-non-amd64-arches.patch: Replace in preference to upstream
accepted patch from IBM.
* d/p/device-mapper-cleanup.patch: Annotate with upstream bug report.
* d/p/enable-gccgo-build.patch: Annotate with pull request upstream
from IBM, update to deal with autogenerated go code.
* d/p/sync-apparmor-with-lxc.patch: Annotate with upstream pull request
for libcontainer, reference github.com working repository.
* d/control: Drop arm64 architecture for now as its going to require
further work in the dependency chain.
docker.io (1.3.3~dfsg1-2ubuntu4) vivid; urgency=medium
* Enable arm64 architecture using gccgo.
docker.io (1.3.3~dfsg1-2ubuntu3) vivid; urgency=medium
* Enable ppc64el architecture using gccgo:
- d/p/enable-gccgo-build.patch: Add support to docker build
system for gccgo.
- d/control: Use gccgo-go for ppc64el, exclude ppc64el for golang.
- d/control: Bump minimum version of golang-pty-dev for broader
architecture support.
docker.io (1.3.3~dfsg1-2ubuntu2) vivid; urgency=medium
* d/p/device-mapper-cleanup.patch: Cleanup any stale docker mounts
from previous shutdown (LP: #1404300).
docker.io (1.3.3~dfsg1-2ubuntu1) vivid; urgency=low
* Merge from Debian unstable (LP: #1407408). Remaining changes:
- d/p/sync-apparmor-with-lxc.patch: Update AppArmor policy to be
in sync with LXC.
docker.io (1.3.3~dfsg1-2) unstable; urgency=medium
* Add fatal-error-old-kernels.patch to make Docker refuse to start on old,
unsupported kernels (Closes: #774376)
* Fix dh_auto_clean to clean up after the build properly, especially to avoid
FTBFS when built twice (Closes: #774482)
docker.io (1.3.3~dfsg1-1ubuntu1) vivid; urgency=medium
* Merge from Debian unstable (LP: #1396572), remaining changes:
- d/p/sync-apparmor-with-lxc.patch: Update AppArmor policy to be
in sync with LXC.
docker.io (1.3.3~dfsg1-1) unstable; urgency=medium
[ Tianon Gravi ]
* Update to 1.3.3 upstream release (Closes: #772909)
- Fix for CVE-2014-9356 (Path traversal during processing of absolute
symlinks)
- Fix for CVE-2014-9357 (Escalation of privileges during decompression of
LZMA (.xz) archives)
- Fix for CVE-2014-9358 (Path traversal and spoofing opportunities presented
through image identifiers)
* Fix bashism in nuke-graph-directory.sh (Closes: #772261)
[ Didier Roche ]
* Support starting systemd service without /etc/default/docker
(Closes: #770293)
docker.io (1.3.2~dfsg1-1ubuntu1) vivid; urgency=low
* Merge from Debian unstable. Remaining changes:
- d/p/sync-apparmor-with-lxc.patch: Update AppArmor policy to be
in sync with LXC.
* Dropped changes, equivalents included in Debian updates:
- d/p/support-no-env-default-file.patch.
docker.io (1.3.2~dfsg1-1) unstable; urgency=high
* Severity is set to high due to the sensitive nature of the CVEs this
upload fixes.
* Update to 1.3.2 upstream release
- Fix for CVE-2014-6407 (Archive extraction host privilege escalation)
- Fix for CVE-2014-6408 (Security options applied to image could lead
to container escalation)
* Remove Daniel Mizyrycki from Uploaders. Thanks for all your work!
docker.io (1.3.1~dfsg1-2) unstable; urgency=medium
* Remove deprecated /usr/bin/docker.io symlink
- added as a temporary shim in 1.0.0~dfsg1-1 (13 Jun 2014)
- unused by package-installed files in 1.2.0~dfsg1-1 (13 Sep 2014)
docker.io (1.3.1~dfsg1-1) unstable; urgency=high
* Update to 1.3.1 upstream release
- fix for CVE-2014-5277
- https://groups.google.com/d/topic/docker-user/oYm0i3xShJU/discussion
docker.io (1.3.0~dfsg1-1) unstable; urgency=medium
* Updated to 1.3.0 upstream release.
* Enable systemd socket activation (Closes: #752555).
docker.io (1.2.0~dfsg1-2) unstable; urgency=medium
* Added "golang-docker-dev" package for the reusable bits of Docker's source.
docker.io (1.2.0~dfsg1-1ubuntu2) vivid; urgency=medium
* Reenable socket activation (race fixed with systemd 215)
* debian/patches/support-no-env-default-file.patch:
- Support removed /etc/default/docker under systemd
docker.io (1.2.0~dfsg1-1ubuntu1) utopic; urgency=medium
* debian/patches/sync-apparmor-with-lxc.patch: update AppArmor policy to
by in sync with LXC. Specifically this:
- reorganizes the rules to allow for easier comparison with other
container policy
- adds comments for many rules
- adds bare dbus rule
- adds ptrace rule to allow ptracing ourselves
- adds deny mount options=(ro, remount, silent) -> /
- allows hugetlbfs
- adds cgmanager mount
- adds /sys/fs/pstore mount
- more specific /sys/kernel/security mount options
- more specific /sys mount options
- more specific /proc/sys/kernel/* deny rules
- more specific /proc/sys/net deny rules
- more specific /sys/class deny rules
- more specific /sys/devices deny rules
- more specific /sys/fs deny rules
docker.io (1.2.0~dfsg1-1) unstable; urgency=medium
* Updated to 1.2.0 upstream release (Closes: #757183, #757023, #757024).
* Added upstream man pages.
* Updated bash and zsh completions to be installed as "docker" and "_docker".
* Updated init scripts to also be installed as "docker".
* Fixed "equivalent" typo in README.Debian (Closes: #756395). Thanks Reuben!
* Removed "docker.io" mention in README.Debian (Closes: #756290). Thanks
Olivier!
Date: 2015-09-23 14:13:11.352232+00:00
Changed-By: Kick In <pierre-andre.morey at canonical.com>
Signed-By: Chris J Arges <chris.j.arges at canonical.com>
https://launchpad.net/ubuntu/+source/docker.io/1.6.2~dfsg1-1ubuntu4~14.04.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list