1
0
Fork 1
mirror of https://github.com/NixOS/nixpkgs.git synced 2024-12-04 19:45:54 +00:00
Commit graph

1834 commits

Author SHA1 Message Date
Jörg Thalheim f91d7cf059
cntr: 1.2.1 -> 1.4.1 2020-12-30 07:09:54 +01:00
Florian Klink f13837054b
Merge pull request #107778 from zowoq/containerd
containerd: misc fixes
2020-12-29 01:04:10 +01:00
zowoq 824cfdd019 docker: disable containerd completion
not available in containerd prior to 1.4
2020-12-29 09:33:28 +10:00
zowoq d7d6f5507c containerd: misc fixes
- build man during buildPhase
- use `src.rev` for `commit`
- install completion
2020-12-29 09:33:28 +10:00
freezeboy 8ab8ada2f5 charliecloud: 0.20 -> 0.21 2020-12-27 22:34:18 +01:00
zowoq 70bcf62c05 conmon: 2.0.21 -> 2.0.22
https://github.com/containers/conmon/releases/tag/v2.0.22
2020-12-21 05:28:42 +10:00
Michael Weiss 52424415bc
vpcs: 0.8 -> 0.8.1
Thanks to Repology / Alpine Linux I noticed that the GNS3 team continued
the development. From their README:
> This is a continuation of VPCS, based on the last development version
> and improved with patches wrote by various people from the community.
> The original VPCS code, which is unfortunately not maintained anymore,
> can be viewed on https://sourceforge.net/p/vpcs/code/
2020-12-18 20:45:54 +01:00
Mario Rodas 9c8a7716d3 docker-slim: 1.32.0 -> 1.33.0
https://github.com/docker-slim/docker-slim/releases/tag/1.33.0
2020-12-15 13:45:00 -05:00
R. RyanTM 4cddb0930d dumb-init: 1.2.3 -> 1.2.4 2020-12-10 15:01:17 +00:00
zowoq cfbc1af189 podman: 2.2.0 -> 2.2.1
https://github.com/containers/podman/releases/tag/v2.2.1
2020-12-09 05:37:31 +10:00
R. RyanTM bbbb6dfa36 dumb-init: 1.2.2 -> 1.2.3 2020-12-04 10:05:05 +00:00
Maximilian Bosch ccb3f1c9dd
Merge pull request #105591 from mweinelt/qemu
qemu: fix CVE-2020-28916
2020-12-02 21:14:16 +01:00
Sergey Lukjanov b999879206 docker: 19.03.13 -> 19.03.14 2020-12-01 23:34:59 -08:00
Martin Weinelt 2d55b8def4 containerd: update commit id for version indicator
I forogt to update the `commit` value in 8884729, which is why this the
version output was wrong:

```
❯ ./result/bin/containerd -v
containerd github.com/containerd/containerd v1.4.3 7ad184331fa3e55e52b890ea95e65ba581ae3429
```

This change corrects it.

```
❯ ./result/bin/containerd -v
containerd github.com/containerd/containerd v1.4.3 269548fa27e0089a8b8278fc4fc781d7f65a939b
```
2020-12-01 18:55:01 +01:00
Martin Weinelt 8884729f19
containerd: 1.4.2 -> 1.4.3
Access controls for the shim’s API socket verified that the connecting
process had an effective UID of 0, but did not otherwise restrict
access to the abstract Unix domain socket. This would allow malicious
containers running in the same network namespace as the shim, with an
effective UID of 0 but otherwise reduced privileges, to cause new
processes to be run with elevated privileges.

Fixes: CVE-2020-15257
2020-12-01 17:10:19 +01:00
Martin Weinelt c3f268000e
qemu: fix CVE-2020-28916
While receiving packets via e1000e_write_packet_to_guest an infinite
loop could be triggered if the receive descriptor had a NULL buffer
address.

A privileged guest user could use this to induce a DoS Scenario.

Fixes: CVE-2020-28916
2020-12-01 16:54:21 +01:00
Sascha Grunert bd6067cd5d podman: 2.1.0 -> 2.2.0
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
2020-12-01 22:20:11 +10:00
Martin Weinelt 3200eaef74
Merge pull request #105157 from mweinelt/libslirp
libslirp: fix CVE-2020-29129
2020-11-30 15:56:09 +01:00
Martin Weinelt bd3ce46719
qemu: fix CVE-2020-29129, CVE-2020-29130 in vendored libslirp
Fixes out-of-bounds access in libslirp while processing ARP/NCSI packets.

Fixes: CVE-2020-29129, CVE-2020-29130
2020-11-28 02:47:44 +01:00
Sandro 1542fd8e8d
Merge pull request #77421 from Shados/xen-build-efi-binaries 2020-11-27 23:49:07 +01:00
Sandro e6126df5d9
Merge pull request #105132 from r-ryantm/auto-update/containerd
containerd: 1.4.1 -> 1.4.2
2020-11-27 13:15:31 +01:00
R. RyanTM 706ed34eb3 containerd: 1.4.1 -> 1.4.2 2020-11-27 10:28:11 +00:00
Sandro d3badf3b43
Merge pull request #105075 from r-ryantm/auto-update/singularity
singularity: 3.6.4 -> 3.7.0
2020-11-26 23:10:50 +01:00
Florian Klink 1cdbdc3278
Merge pull request #104545 from zowoq/runc
runc: add wrapper for systemd
2020-11-26 22:16:53 +01:00
R. RyanTM 1b0e3aa842 singularity: 3.6.4 -> 3.7.0 2020-11-26 20:28:31 +00:00
Sandro 3d4e98ea6e
Merge pull request #103466 from CheariX/open-vm-tools-11.2.0 2020-11-25 11:25:26 +01:00
Graham Christensen bc49a0815a
utillinux: rename to util-linux 2020-11-24 12:42:06 -05:00
Sascha Grunert 52271f44b1 crun: 0.15.1 -> 0.16
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
2020-11-24 19:35:46 +10:00
zowoq 50e24b8e0a runc: add wrapper for procps, systemd
for cgroupsv2 it needs `busctl` and `systemctl` in its PATH.
2020-11-23 08:46:34 +10:00
zowoq a82d8ca64d runc: add docker to passthru.tests 2020-11-23 08:43:08 +10:00
zowoq cdf6ffdf2e docker: add passthru.tests 2020-11-23 08:43:08 +10:00
zowoq fe78178e09 containerd: add passthru.tests 2020-11-23 08:43:08 +10:00
zowoq 90bb6fbb24 singularity: drop unneeded removeReferencesTo 2020-11-18 08:13:34 +10:00
zowoq 33822cb12f docker: drop redundant removeReferencesTo 2020-11-18 08:13:34 +10:00
Oleksii Filonenko 512c3c0a05 maintainers: rename filalex77 -> Br1ght0ne 2020-11-17 13:09:31 +02:00
Austin Seipp a83e5c4245
firecracker: 0.22.0 -> 0.23.0
Closes #102789.

Signed-off-by: Austin Seipp <aseipp@pobox.com>
2020-11-15 21:28:29 -06:00
Christian Mainka 44e2d0d402 open-vm-tools: 11.1.5 -> 11.2.0 2020-11-11 16:22:41 +01:00
Alexander Bich fae02c06b8 ocaml-libvirt: 0.6.1.4.2017-11-08-unstable -> 0.6.1.5 2020-11-10 05:57:39 +01:00
Maximilian Bosch 50957910fc
Merge pull request #102481 from mweinelt/qemu/cve-2020-27617
qemu: apply patch for CVE-2020-27617
2020-11-09 23:51:22 +01:00
Jörg Thalheim feeda77ec2
Merge pull request #101820 from Chiiruno/dev/looking-glass
looking-glass-client: B1 -> B2
2020-11-09 14:43:27 +01:00
Okina Matara 56fb786f82
looking-glass-client: B1 -> B2 2020-11-07 02:41:16 -06:00
markuskowa b580137d40
Merge pull request #100777 from jbedo/singularity
singularity: 3.6.3 -> 3.6.4
2020-11-06 00:13:36 +01:00
Sascha Grunert d48026dc5b crun: 0.15 -> 0.15.1
Signed-off-by: Sascha Grunert <sgrunert@suse.com>
2020-11-04 08:28:22 +10:00
Phillip Cloud ea270c00b0
bug: fix libnvidia-container build (#101665) 2020-11-03 13:17:06 +01:00
R. RyanTM 2702aced5e charliecloud: 0.19 -> 0.20 2020-11-02 08:19:19 -08:00
Martin Weinelt 0c54b757e9
qemu: apply patch for CVE-2020-27617
An assert(3) failure issue was found in the networking helper functions of QEMU. It could occur in the eth_get_gso_type() routine, if a packet does not have a valid networking L3 protocol (ex. IPv4, IPv6) value. A guest user may use this flaw to crash the QEMU process on the host resulting in DoS scenario.

Fixes: CVE-2020-27617
2020-11-02 14:01:01 +01:00
WORLDofPEACE f2d8aebe8e
Merge pull request #101493 from Magicloud/vbox6116
virtualbox: 6.1.14 -> 6.1.16
2020-10-27 12:37:16 -04:00
Milan Pässler 0dc4ced3eb docker: 19.03.12 -> 19.03.13
Added libseccomp and pkgconfig inputs to containerd, because 1.3.x requires them.
However containerd 1.2.x and 1.4.x do not.
2020-10-27 12:48:51 +01:00
R. RyanTM 6a42a70023 open-vm-tools: 11.1.0 -> 11.1.5 2020-10-25 09:39:40 +01:00
Magicloud e416dc89a1 virtualbox: 6.1.14 -> 6.1.16
6.1.16 is the latest release of Virtualbox. And it is necessary to have it when using Linux 5.9 kernel.
2020-10-24 02:53:08 +08:00