3
0
Fork 0
forked from mirrors/nixpkgs
Commit graph

1825 commits

Author SHA1 Message Date
zowoq cfbc1af189 podman: 2.2.0 -> 2.2.1
https://github.com/containers/podman/releases/tag/v2.2.1
2020-12-09 05:37:31 +10:00
R. RyanTM bbbb6dfa36 dumb-init: 1.2.2 -> 1.2.3 2020-12-04 10:05:05 +00:00
Maximilian Bosch ccb3f1c9dd
Merge pull request #105591 from mweinelt/qemu
qemu: fix CVE-2020-28916
2020-12-02 21:14:16 +01:00
Sergey Lukjanov b999879206 docker: 19.03.13 -> 19.03.14 2020-12-01 23:34:59 -08:00
Martin Weinelt 2d55b8def4 containerd: update commit id for version indicator
I forogt to update the `commit` value in 8884729, which is why this the
version output was wrong:

```
❯ ./result/bin/containerd -v
containerd github.com/containerd/containerd v1.4.3 7ad184331fa3e55e52b890ea95e65ba581ae3429
```

This change corrects it.

```
❯ ./result/bin/containerd -v
containerd github.com/containerd/containerd v1.4.3 269548fa27e0089a8b8278fc4fc781d7f65a939b
```
2020-12-01 18:55:01 +01:00
Martin Weinelt 8884729f19
containerd: 1.4.2 -> 1.4.3
Access controls for the shim’s API socket verified that the connecting
process had an effective UID of 0, but did not otherwise restrict
access to the abstract Unix domain socket. This would allow malicious
containers running in the same network namespace as the shim, with an
effective UID of 0 but otherwise reduced privileges, to cause new
processes to be run with elevated privileges.

Fixes: CVE-2020-15257
2020-12-01 17:10:19 +01:00
Martin Weinelt c3f268000e
qemu: fix CVE-2020-28916
While receiving packets via e1000e_write_packet_to_guest an infinite
loop could be triggered if the receive descriptor had a NULL buffer
address.

A privileged guest user could use this to induce a DoS Scenario.

Fixes: CVE-2020-28916
2020-12-01 16:54:21 +01:00
Sascha Grunert bd6067cd5d podman: 2.1.0 -> 2.2.0
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
2020-12-01 22:20:11 +10:00
Martin Weinelt 3200eaef74
Merge pull request #105157 from mweinelt/libslirp
libslirp: fix CVE-2020-29129
2020-11-30 15:56:09 +01:00
Martin Weinelt bd3ce46719
qemu: fix CVE-2020-29129, CVE-2020-29130 in vendored libslirp
Fixes out-of-bounds access in libslirp while processing ARP/NCSI packets.

Fixes: CVE-2020-29129, CVE-2020-29130
2020-11-28 02:47:44 +01:00
Sandro 1542fd8e8d
Merge pull request #77421 from Shados/xen-build-efi-binaries 2020-11-27 23:49:07 +01:00
Sandro e6126df5d9
Merge pull request #105132 from r-ryantm/auto-update/containerd
containerd: 1.4.1 -> 1.4.2
2020-11-27 13:15:31 +01:00
R. RyanTM 706ed34eb3 containerd: 1.4.1 -> 1.4.2 2020-11-27 10:28:11 +00:00
Sandro d3badf3b43
Merge pull request #105075 from r-ryantm/auto-update/singularity
singularity: 3.6.4 -> 3.7.0
2020-11-26 23:10:50 +01:00
Florian Klink 1cdbdc3278
Merge pull request #104545 from zowoq/runc
runc: add wrapper for systemd
2020-11-26 22:16:53 +01:00
R. RyanTM 1b0e3aa842 singularity: 3.6.4 -> 3.7.0 2020-11-26 20:28:31 +00:00
Sandro 3d4e98ea6e
Merge pull request #103466 from CheariX/open-vm-tools-11.2.0 2020-11-25 11:25:26 +01:00
Graham Christensen bc49a0815a
utillinux: rename to util-linux 2020-11-24 12:42:06 -05:00
Sascha Grunert 52271f44b1 crun: 0.15.1 -> 0.16
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
2020-11-24 19:35:46 +10:00
zowoq 50e24b8e0a runc: add wrapper for procps, systemd
for cgroupsv2 it needs `busctl` and `systemctl` in its PATH.
2020-11-23 08:46:34 +10:00
zowoq a82d8ca64d runc: add docker to passthru.tests 2020-11-23 08:43:08 +10:00
zowoq cdf6ffdf2e docker: add passthru.tests 2020-11-23 08:43:08 +10:00
zowoq fe78178e09 containerd: add passthru.tests 2020-11-23 08:43:08 +10:00
zowoq 90bb6fbb24 singularity: drop unneeded removeReferencesTo 2020-11-18 08:13:34 +10:00
zowoq 33822cb12f docker: drop redundant removeReferencesTo 2020-11-18 08:13:34 +10:00
Oleksii Filonenko 512c3c0a05 maintainers: rename filalex77 -> Br1ght0ne 2020-11-17 13:09:31 +02:00
Austin Seipp a83e5c4245
firecracker: 0.22.0 -> 0.23.0
Closes #102789.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2020-11-15 21:28:29 -06:00
Christian Mainka 44e2d0d402 open-vm-tools: 11.1.5 -> 11.2.0 2020-11-11 16:22:41 +01:00
Alexander Bich fae02c06b8 ocaml-libvirt: 0.6.1.4.2017-11-08-unstable -> 0.6.1.5 2020-11-10 05:57:39 +01:00
Maximilian Bosch 50957910fc
Merge pull request #102481 from mweinelt/qemu/cve-2020-27617
qemu: apply patch for CVE-2020-27617
2020-11-09 23:51:22 +01:00
Jörg Thalheim feeda77ec2
Merge pull request #101820 from Chiiruno/dev/looking-glass
looking-glass-client: B1 -> B2
2020-11-09 14:43:27 +01:00
Okina Matara 56fb786f82
looking-glass-client: B1 -> B2 2020-11-07 02:41:16 -06:00
markuskowa b580137d40
Merge pull request #100777 from jbedo/singularity
singularity: 3.6.3 -> 3.6.4
2020-11-06 00:13:36 +01:00
Sascha Grunert d48026dc5b crun: 0.15 -> 0.15.1
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
2020-11-04 08:28:22 +10:00
Phillip Cloud ea270c00b0
bug: fix libnvidia-container build (#101665) 2020-11-03 13:17:06 +01:00
R. RyanTM 2702aced5e charliecloud: 0.19 -> 0.20 2020-11-02 08:19:19 -08:00
Martin Weinelt 0c54b757e9
qemu: apply patch for CVE-2020-27617
An assert(3) failure issue was found in the networking helper functions of QEMU. It could occur in the eth_get_gso_type() routine, if a packet does not have a valid networking L3 protocol (ex. IPv4, IPv6) value. A guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario.

Fixes: CVE-2020-27617
2020-11-02 14:01:01 +01:00
WORLDofPEACE f2d8aebe8e
Merge pull request #101493 from Magicloud/vbox6116
virtualbox: 6.1.14 -> 6.1.16
2020-10-27 12:37:16 -04:00
Milan Pässler 0dc4ced3eb docker: 19.03.12 -> 19.03.13
Added libseccomp and pkgconfig inputs to containerd, because 1.3.x requires them.
However containerd 1.2.x and 1.4.x do not.
2020-10-27 12:48:51 +01:00
R. RyanTM 6a42a70023 open-vm-tools: 11.1.0 -> 11.1.5 2020-10-25 09:39:40 +01:00
Magicloud e416dc89a1 virtualbox: 6.1.14 -> 6.1.16
6.1.16 is the latest release of Virtualbox. And it is necessary to have it when using Linux 5.9 kernel.
2020-10-24 02:53:08 +08:00
Sandro Jäckel e44cc1404b docker: use upstream repo for containerd
http://github.com/docker/containerd is archived and redirects to
https://github.com/docker-archive/containerd.

To make updates easier track the upstream repo which Docker uses.
2020-10-24 00:12:06 +10:00
Josh Holland 802e9ea3a6 open-vm-tools: fix build w/glibc-2.32 2020-10-21 14:21:49 +01:00
Andreas Rammhold 2451796b49
qemu: make ncurses optional for the test runner
This shaves another 3MB off the closure size of QEMU.
2020-10-19 17:49:31 +02:00
Andreas Rammhold e79eed4840
qemu: strip down the features for the test runner
This allows much faster VM-test based systemd testing as the closure of
qemu suddenly shrinks to reasonable sizes again.
2020-10-19 17:39:47 +02:00
Justin Bedo 8a788b8587
singularity: 3.6.3 -> 3.6.4
Important security release addressing CVE-2020-15229.
2020-10-19 09:11:34 +11:00
R. RyanTM ffde8a8e1e
seabios: 1.13.0 -> 1.14.0 (#96616) 2020-10-14 11:09:21 +02:00
Julius Marozas 4eae3ac1ec
virt-manager: 2.2.1 -> 3.1.0 2020-10-12 19:54:03 +03:00
Alexei Robyn 22fdd2465c xen: Build Xen EFI binary 2020-10-10 22:09:31 +11:00
Alexei Robyn 6048a3c1f5 xen: Remove unsupported Xen version (4.8) 2020-10-10 22:09:26 +11:00