path: root/docker.spec

Name: docker
Version: 27.2.1
Release: 1
Epoch: 2
Summary: The open-source application container engine

License: Apache-2.0
Source0: https://github.com/docker/cli/archive/refs/tags/v%{version}.tar.gz

URL: https://www.docker.com

# required packages for build
# most are already in the container (see contrib/builder/rpm/ARCH/generate.sh)
BuildRequires: pkgconfig(systemd) golang >= 1.8.3 btrfs-progs-devel device-mapper-devel glibc-static libseccomp-devel
BuildRequires: libselinux-devel libtool-ltdl-devel pkgconfig selinux-policy selinux-policy-devel sqlite-devel systemd-devel
BuildRequires: tar containerd runc docker-proxy git

# required packages on install
Requires: /bin/sh iptables tar xz device-mapper-libs >= 1.02.90-1 systemd-units

# conflicting packages
Provides: docker
Conflicts: docker-io
Conflicts: docker-engine-cs

%description
Docker is an open source project to build, ship and run any application as a
lightweight container.

Docker containers are both hardware-agnostic and platform-agnostic. This means
they can run anywhere, from your laptop to the largest EC2 compute instance and
everything in between - and they don't require you to use a particular
language, framework or packaging system. That makes them great building blocks
for deploying and scaling web apps, databases, and backend services without
depending on a particular stack or provider.

%prep
%autosetup -p1 -n cli-%{version}

%build
export GOPATH="$srcdir"
export PATH="$GOPATH/bin:$PATH"
export CGO_CPPFLAGS="${CPPFLAGS}"
export CGO_CFLAGS="${CFLAGS}"
export CGO_CXXFLAGS="${CXXFLAGS}"
export CGO_LDFLAGS="${LDFLAGS}"
export LDFLAGS=''
export GOFLAGS='-buildmode=pie -trimpath -mod=readonly -modcacherw -ldflags=-linkmode=external -ldflags=-compressdwarf=false -ldflags=-B=gobuildid'
export GO111MODULE=off
export DISABLE_WARN_OUTSIDE_CONTAINER=1

make VERSION=%{version} dynbinary
make manpages

%install

# list files owned by the package here
%files

%changelog
* Thu Sep 12 2024 Funda Wang <fundawang@yeah.net> - 2:27.2.1-1
- update to 27.2.1

* Sat Aug 31 2024 zhongjiawei<zhongjiawei1@huawei.com> - 2:18.09.0-341
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:try to reconnect when containerd grpc return unexpected EOF

* Fri Aug 02 2024 zhongjiawei<zhongjiawei1@huawei.com> - 2:18.09.0-340
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:add clone3 seccomp whitelist for arm64

* Fri Jul 26 2024 zhongjiawei<zhongjiawei1@huawei.com> - 18.09.0-339
- Type:CVE
- CVE:CVE-2024-41110
- SUG:NA
- DESC:fix CVE-2024-41110

* Mon Jul 15 2024 chenjiankun<chenjiankun1@huawei.com> - 18.09.0-338
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:Ignore SIGURG on Linux

* Fri Jun 07 2024 suoxiaocong <suoxiaocong@kylinos.cn> - 18.09.0-337
- Type:BUG
- CVE:NA
- SUG:NA
- DESC:remove ifarch condition check when addding source, this causes src.rpm missing files

* Wed May 08 2024 chenjiankun<chenjiankun1@huawei.com> - 18.09.0-336
- Type:CVE
- CVE:CVE-2024-32473
- SUG:NA
- DESC:fix CVE-2024-32473

* Fri Apr 12 2024 chenjiankun<chenjiankun1@huawei.com> - 18.09.0-335
- Type:CVE
- CVE:CVE-2024-29018
- SUG:NA
- DESC:fix CVE-2024-29018

* Tue Mar 19 2024 chenjiankun<chenjiankun1@huawei.com> - 18.09.0-334
- Type:CVE
- CVE:CVE-2024-24557
- SUG:NA
- DESC:fix CVE-2024-24557

* Fri Dec 22 2023 Lu Jingxiao<lujingxiao@huawei.com> - 2:18.09.0-333
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:sync patches from upstream

* Fri Nov 17 2023 zhongjiawei<zhongjiawei1@huawei.com> - 2:18.09.0-332
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:modify runc rpm package name to runc

* Thu Oct 12 2023 zhongjiawei<zhongjiawei1@huawei.com> - 18.09.0-331
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:add delay after freeze

* Mon Oct 09 2023 Lu Jingxiao<lujingxiao@huawei.com> - 18.09.0-330
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:fix COPY --from should preserve ownership

* Sat Aug 26 2023 chenjiankun<chenjiankun1@huawei.com> - 18.09.0-329
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:remove useless mount point dir

* Fri Jul 28 2023 jingxiaolu<lujingxiao@huawei.com> - 18.09.0-328
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:define a dummy hostname to use for local connections

* Wed Jul 12 2023 zhongjiawei<zhongjiawei1@huawei.com> - 18.09.0-327
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:remove invalid libcgroup dependencies

* Thu Jun 29 2023 chenjiankun<chenjiankun1@huawei.com> - 18.09.0-326
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:repalce unix.Rmdir with os.RemoveAll when remove mount point dir

* Tue Jun 27 2023 chenjiankun<chenjiankun1@huawei.com> - 18.09.0-325
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:fix blockThreshold full bug

* Thu Jun 08 2023 zhongjiawei<zhongjiawei1@huawei.com> - 18.09.0-324
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:thinpool full because docker daemon restart when docker pull

* Thu Apr 06 2023 zhongjiawei<zhongjiawei1@huawei.com> - 18.09.0-323
- Type:CVE
- CVE:CVE-2023-28840,CVE-2023-28841,CVE-2023-28842
- SUG:NA
- DESC:fix CVE-2023-28840,CVE-2023-28841,CVE-2023-28842

* Wed Mar 29 2023 zhongjiawei<zhongjiawei1@huawei.com> - 18.09.0-322
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:sync some patches

* Thu Mar 16 2023 zhaozhen <zhaozhen@loongson.cn> - 2:18.09.0-321
- Type:feature
- CVE:NA
- SUG:NA
- DESC:add loongarch64 support for docker

* Wed Mar 15 2023 zhongjiawei<zhongjiawei1@huawei.com> - 18.09.0-320
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:try http for docker manifest insecure

* Tue Mar 14 2023 JackChan8<chenjiankun1@huawei.com> - 18.09.0-319
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:fix container missing after restarting dockerd twice

* Fri Mar 10 2023 Song Zhang<zhangsong34@huawei.com> - 18.09.0-318
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:docker stats: fix 'panic: close of closed channel'

* Fri Feb 17 2023 chenjiankun<chenjiankun1@huawei.com> - 18.09.0-317
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:set freezer.state to Thawed to increase freeze chances

* Thu Dec 01 2022 zhongjiawei<zhongjiawei1@huawei.com> - 18.09.0-316
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:do not stop health check before sending signal

* Thu Nov 24 2022 chenjiankun<chenjiankun1@huawei.com> - 18.09.0-315
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:using VERSION-vendor to record version

* Tue Nov 22 2022 chenjiankun<chenjiankun1@huawei.com> - 18.09.0-314
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:fix dockerd core when release network

* Tue Nov 22 2022 chenjiankun<chenjiankun1@huawei.com> - 18.09.0-313
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:cleanup netns file when stop docker daemon

* Mon Oct 17 2022 chenjiankun<chenjiankun1@huawei.com> - 18.09.0-312
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:change runc original install location (/usr/local/bin --> /usr/bin) to fix compile problem

* Wed Sep 21 2022 chenjiankun<chenjiankun1@huawei.com> - 18.09.0-311
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:add epoch for easy upgrade

* Thu Sep 15 2022 chenjiankun<chenjiankun1@huawei.com> - 18.09.0-310
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:ensure layer digest folder removed if ls.driver.Remove fails

* Thu Sep 15 2022 chenjiankun<chenjiankun1@huawei.com> - 18.09.0-309
- Type:CVE
- CVE:CVE-2022-36109
- SUG:NA
- DESC:fix CVE-2022-36109

* Tue Sep 13 2022 chenjiankun<chenjiankun1@huawei.com> - 18.09.0-308
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:Add an ExitPid field for State struct to record exit process id

* Tue Sep 13 2022 chenjiankun<chenjiankun1@huawei.com> - 18.09.0-307
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:fix terminal abnormal after docker run

* Wed Jun 29 2022 zjw<zhongjiawei1@huawei.com> - 18.09.0-306
- Type:CVE
- CVE:CVE-2021-41092
- SUG:NA
- DESC:fix CVE-2021-41092

* Wed Jun 29 2022 zjw<zhongjiawei1@huawei.com> - 18.09.0-305
- Type:CVE
- CVE:CVE-2021-41091
- SUG:NA
- DESC:fix CVE-2021-41091

* Wed Jun 29 2022 zjw<zhongjiawei1@huawei.com> - 18.09.0-304
- Type:CVE
- CVE:CVE-2021-41089
- SUG:NA
- DESC:fix CVE-2021-41089

* Wed Jun 29 2022 zjw<zhongjiawei1@huawei.com> - 18.09.0-303
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:close channel in write side to avoid panic in docker stats

* Tue Jun 28 2022 zjw<zhongjiawei1@huawei.com> - 18.09.0-302
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:fix status inconsistent after restart container

* Thu Jun 16 2022 duyiwei <duyiwei@kylinos.cn> - 18.09.0-301
- Type:bugfix
- CVE:CVE-2022-24769
- SUG:NA
- DESC:fix CVE-2022-24769

* Tue Mar 22 2022 chenjiankun<chenjiankun1@huawei.com> - 18.09.0-300
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:sync from internal

* Wed Mar 02 2022 chenjiankun<chenjiankun1@huawei.com> - 18.09.0-120
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:Use original process spec for execs

* Tue Dec 28 2021 chenjiankun<chenjiankun1@huawei.com> - 18.09.0-119
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:disable go module build

* Sun Sep 26 2021 xiadanni<xiadanni1@huawei.com> - 18.09.0-118
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:update seccomp whitelist to Linux 5.10 syscall list

* Wed Sep 08 2021 xiadanni<xiadanni1@huawei.com> - 18.09.0-117
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:add clone3 to seccomp whitelist to fix curl failed in X86

* Fri Sep 03 2021 chenjiankun<chenjiankun1@huawei.com> - 18.09.0-116
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:enable debuginfo

* Thu Apr 01 2021 wangfengtu<wangfengtu@huawei.com> - 18.09.0-115
- Type:bugfix
- CVE:NA
- SUG:NA
- DESC:rollback if docker restart when doing BlkDiscard

* Thu Mar 18 2021 xiadanni<xiadanni1@huawei.com> - 18.09.0-114
- Type:bugfix
- CVE:CVE-2021-21284,CVE-2021-21285
- SUG:NA
- DESC:sync bugfix, include:
       1.fix execCommands leak in health-check
       2.check containerd pid before kill it
       3.fix CVE-2021-21284
       4.fix CVE-2021-21285

* Tue Feb 09 2021 lixiang<lixiang172@huawei.com> - 18.09.0-113
- Type:enhancement
- CVE:NA
- SUG:restart
- DESC:remove go-md2man build require

* Mon Jan 18 2021 yangyanchao<yangyanchao6@huawei.com> - 18.09.0-111
- Type:requirement
- ID:NA
- CVE:NA
- SUG:restart
- docker:components:add config files for riscv

* Mon Jan 4 2021 jingrui<jingrui@huawei.com> - 18.09.0-107
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:sync bugfix include
  1. fix image cleanup failed.
  2. cleanup load tmp files.
  3. kill residual container process.
  4. resume suspend dm device.
  5. dont kill containerd during dockerd starting.
  6. handle exit event for restore failed container.
  7. wait io with timeout when start failed.
  8. support hostname mirror registry.
  9. mask unused proc files.

* Tue Dec 8 2020 xiadanni<xiadanni1@huawei.com> - 18.09.0-104
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:runc don't deny all devices when update cgroup resource

* Thu Dec 3 2020 xiadanni<xiadanni1@huawei.com> - 18.09.0-103
- Type:bugfix
- ID:NA
- SUG:restart
- DESC:containerd fix CVE-2020-15257

* Fri Nov 27 2020 liuzekun<liuzekun@huawei.com> - 18.09.0-102
- Type:bugfix
- ID:NA
- CVE:NA
- SUG:restart
- DESC:
1.delete stale containerd object on start failure
2.remove redundant word item
3.delete event is not need to process
4.stat process exit file when kill process dire
5.sync cli vendor
6.fix CVE-2020-13401
7.do not add w to LDFLAGS
8.add files in proc for mask
9.fix docker load files leak
10.do not sync if BYPAAS_SYNC is false
11.fix panic on single character volumes
12.fix stats memory usage display error
13.add more messages for ops when device not found
14.mask proc pin_memory