Fedora 33: skopeo 2020-7b6058fec9
Summary
Command line utility to inspect images and repositories directly on Docker
registries without the need to pull them
autobuilt v2.1.0, Security fix for CVE-2020-14370 ---- correct release tag
on account of prior faulty build_tag macro ---- Add back in capability
SYS_CHROOT. ---- Remove fchmodat2 from seccomp filters, since it is not in
upstream kernel yet. ---- Remove dangerous capabilities by default. ----Autobuilt v1.1.1
* Fri Oct 2 2020 Lokesh Mandvekar
- Resolves: #1880094
- rebuild for bodhi sake
* Fri Oct 2 2020 Dan Walsh
- Add SETFCAP back into default capabilities
* Thu Oct 1 2020 Lokesh Mandvekar
- bump to v1.2.0
* Thu Oct 1 2020 Lokesh Mandvekar
- fix skopeo gating test
* Mon Sep 28 2020 Lokesh Mandvekar
- tests subpackage requires openssl
* Fri Sep 25 2020 Dan Walsh
- Modify the range of groups used in net.ipv4.ping_group_range to be 1 so that
- it will work more easily with User Namespaces
- Also turn back on AUDIT_WRITE until seccomp.json file is fixed
* Wed Sep 23 2020 Lokesh Mandvekar
- correct release tag on account of prior faulty build_tag macro
* Mon Sep 21 2020 RH Container Bot
- autobuilt v1.1.1
* Mon Sep 21 2020 Dan Walsh
- Add SYS_CHROOT back into default capabilities
* Mon Sep 21 2020 RH Container Bot
- autobuilt v1.1.1
* Mon Sep 21 2020 Dan Walsh
- Remove fchmodat2 from seccomp.json (This syscall does not exist yet)
* Thu Sep 17 2020 RH Container Bot
- autobuilt v1.1.1
* Thu Sep 17 2020 Dan Walsh
- Remove NET_RAW, SYS_CHROOT, MKNOD and AUDIT_WRITE from default list of capabilities
- Turn on ping for 65k users
* Sat Sep 12 2020 Dan Walsh
- update man pages
- Update seccomp rules
- Update configuration files in containers-common
- Update configuration files in containers-storage
* Wed Sep 2 2020 RH Container Bot
- autobuilt v1.1.1
* Mon Aug 10 2020 RH Container Bot
- autobuilt 0c2c7f4
* Sun Aug 9 2020 RH Container Bot
- autobuilt 0f94dbc
* Sat Aug 8 2020 RH Container Bot
- autobuilt baeaad6
* Fri Aug 7 2020 RH Container Bot
- autobuilt 78d2f67
* Mon Aug 3 2020 RH Container Bot
- autobuilt c052ed7
* Mon Aug 3 2020 RH Container Bot
- autobuilt 5e88eb5
* Sun Aug 2 2020 Dan Walsh
- Update configuration files in containers-common
- Update configuration files in containers-storage
* Sat Aug 1 2020 Fedora Release Engineering
- Second attempt - Rebuilt for
https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Fri Jul 31 2020 RH Container Bot
- autobuilt 62fd5a7
* Thu Jul 30 2020 RH Container Bot
- autobuilt 6252c22
* Wed Jul 29 2020 Fedora Release Engineering
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Thu Jul 23 2020 RH Container Bot
- autobuilt 153f18d
* Sat Jul 18 2020 RH Container Bot
- autobuilt 494d237
* Fri Jul 17 2020 RH Container Bot
- autobuilt 89fb89a
* Thu Jul 16 2020 RH Container Bot
- autobuilt 29eec32
* Thu Jul 16 2020 RH Container Bot
- autobuilt 2fa7b99
* Sat Jul 11 2020 RH Container Bot
- autobuilt 6284ceb
* Sat Jul 11 2020 RH Container Bot
- autobuilt 6e295a2
* Fri Jul 10 2020 RH Container Bot
- autobuilt f63685f
* Thu Jul 9 2020 RH Container Bot
- autobuilt dc5f68f
* Thu Jul 9 2020 RH Container Bot
- autobuilt 840c487
* Wed Jul 8 2020 RH Container Bot
- autobuilt ee72e80
* Thu Jul 2 2020 RH Container Bot
- autobuilt 6182aa3
* Wed Jul 1 2020 RH Container Bot
- autobuilt ac6b871
* Tue Jun 30 2020 Dan Walsh
- Update configuration files in containers-common
* Fri Jun 26 2020 RH Container Bot
- autobuilt ba8cbf5
* Mon Jun 22 2020 RH Container Bot
- autobuilt 7815c8a
* Mon Jun 22 2020 RH Container Bot
- autobuilt 233e61c
* Thu Jun 18 2020 RH Container Bot
- bump to 1.1.1
- autobuilt 96bd4a0
* Thu Jun 18 2020 RH Container Bot
- autobuilt 6b78619
[ 1 ] Bug #1874268 - CVE-2020-14370 podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API
https://bugzilla.redhat.com/show_bug.cgi?id=1874268
su -c 'dnf upgrade --advisory FEDORA-2020-7b6058fec9' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/
FEDORA-2020-7b6058fec9 2020-10-06 00:14:55.971279 Product : Fedora 33 Version : 1.2.0 Release : 3.fc33 URL : https://github.com/containers/skopeo Summary : Inspect container images and repositories on registries Description : Command line utility to inspect images and repositories directly on Docker registries without the need to pull them autobuilt v2.1.0, Security fix for CVE-2020-14370 ---- correct release tag on account of prior faulty build_tag macro ---- Add back in capability SYS_CHROOT. ---- Remove fchmodat2 from seccomp filters, since it is not in upstream kernel yet. ---- Remove dangerous capabilities by default. ----Autobuilt v1.1.1 * Fri Oct 2 2020 Lokesh Mandvekar - 1:1.2.0-3 - Resolves: #1880094 - rebuild for bodhi sake * Fri Oct 2 2020 Dan Walsh - 1:1.2.0-2 - Add SETFCAP back into default capabilities * Thu Oct 1 2020 Lokesh Mandvekar - 1:1.2.0-1 - bump to v1.2.0 * Thu Oct 1 2020 Lokesh Mandvekar - 1:1.1.1-11 - fix skopeo gating test * Mon Sep 28 2020 Lokesh Mandvekar - 1:1.1.1-10 - tests subpackage requires openssl * Fri Sep 25 2020 Dan Walsh - 1:1.1.1-9 - Modify the range of groups used in net.ipv4.ping_group_range to be 1 so that - it will work more easily with User Namespaces - Also turn back on AUDIT_WRITE until seccomp.json file is fixed * Wed Sep 23 2020 Lokesh Mandvekar - 1:1.1.1-8 - correct release tag on account of prior faulty build_tag macro * Mon Sep 21 2020 RH Container Bot - 1:1.1.1-1 - autobuilt v1.1.1 * Mon Sep 21 2020 Dan Walsh - 1:1.1.1-7 - Add SYS_CHROOT back into default capabilities * Mon Sep 21 2020 RH Container Bot - 1:1.1.1-1 - autobuilt v1.1.1 * Mon Sep 21 2020 Dan Walsh - 1:1.1.1-6 - Remove fchmodat2 from seccomp.json (This syscall does not exist yet) * Thu Sep 17 2020 RH Container Bot - 1:1.1.1-1 - autobuilt v1.1.1 * Thu Sep 17 2020 Dan Walsh - 1:1.1.1-5 - Remove NET_RAW, SYS_CHROOT, MKNOD and AUDIT_WRITE from default list of capabilities - Turn on ping for 65k users * Sat Sep 12 2020 Dan Walsh - 1:1.1.1-4 - update man pages - Update seccomp rules - Update configuration files in containers-common - Update configuration files in containers-storage * Wed Sep 2 2020 RH Container Bot - 1:1.1.1-1 - autobuilt v1.1.1 * Mon Aug 10 2020 RH Container Bot - 1:1.1.1-30.dev.git0c2c7f4 - autobuilt 0c2c7f4 * Sun Aug 9 2020 RH Container Bot - 1:1.1.1-29.dev.git0f94dbc - autobuilt 0f94dbc * Sat Aug 8 2020 RH Container Bot - 1:1.1.1-28.dev.gitbaeaad6 - autobuilt baeaad6 * Fri Aug 7 2020 RH Container Bot - 1:1.1.1-27.dev.git78d2f67 - autobuilt 78d2f67 * Mon Aug 3 2020 RH Container Bot - 1:1.1.1-26.dev.gitc052ed7 - autobuilt c052ed7 * Mon Aug 3 2020 RH Container Bot - 1:1.1.1-25.dev.git5e88eb5 - autobuilt 5e88eb5 * Sun Aug 2 2020 Dan Walsh - 1:1.1.1-23.dev.git62fd5a7 - Update configuration files in containers-common - Update configuration files in containers-storage * Sat Aug 1 2020 Fedora Release Engineering - 1:1.1.1-23.dev.git62fd5a7 - Second attempt - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Fri Jul 31 2020 RH Container Bot - 1:1.1.1-22.dev.git62fd5a7 - autobuilt 62fd5a7 * Thu Jul 30 2020 RH Container Bot - 1:1.1.1-21.dev.git6252c22 - autobuilt 6252c22 * Wed Jul 29 2020 Fedora Release Engineering - 1:1.1.1-20.dev.git153f18d - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild * Thu Jul 23 2020 RH Container Bot - 1:1.1.1-19.dev.git153f18d - autobuilt 153f18d * Sat Jul 18 2020 RH Container Bot - 1:1.1.1-18.dev.git494d237 - autobuilt 494d237 * Fri Jul 17 2020 RH Container Bot - 1:1.1.1-17.dev.git89fb89a - autobuilt 89fb89a * Thu Jul 16 2020 RH Container Bot - 1:1.1.1-16.dev.git29eec32 - autobuilt 29eec32 * Thu Jul 16 2020 RH Container Bot - 1:1.1.1-15.dev.git2fa7b99 - autobuilt 2fa7b99 * Sat Jul 11 2020 RH Container Bot - 1:1.1.1-14.dev.git6284ceb - autobuilt 6284ceb * Sat Jul 11 2020 RH Container Bot - 1:1.1.1-13.dev.git6e295a2 - autobuilt 6e295a2 * Fri Jul 10 2020 RH Container Bot - 1:1.1.1-12.dev.gitf63685f - autobuilt f63685f * Thu Jul 9 2020 RH Container Bot - 1:1.1.1-11.dev.gitdc5f68f - autobuilt dc5f68f * Thu Jul 9 2020 RH Container Bot - 1:1.1.1-10.dev.git840c487 - autobuilt 840c487 * Wed Jul 8 2020 RH Container Bot - 1:1.1.1-9.dev.gitee72e80 - autobuilt ee72e80 * Thu Jul 2 2020 RH Container Bot - 1:1.1.1-8.dev.git6182aa3 - autobuilt 6182aa3 * Wed Jul 1 2020 RH Container Bot - 1:1.1.1-7.dev.gitac6b871 - autobuilt ac6b871 * Tue Jun 30 2020 Dan Walsh - 1:1.1.1-6.dev.gitba8cbf5 - Update configuration files in containers-common * Fri Jun 26 2020 RH Container Bot - 1:1.1.1-5.dev.gitba8cbf5 - autobuilt ba8cbf5 * Mon Jun 22 2020 RH Container Bot - 1:1.1.1-4.dev.git7815c8a - autobuilt 7815c8a * Mon Jun 22 2020 RH Container Bot - 1:1.1.1-3.dev.git233e61c - autobuilt 233e61c * Thu Jun 18 2020 RH Container Bot - 1:1.1.1-2.dev.git96bd4a0 - bump to 1.1.1 - autobuilt 96bd4a0 * Thu Jun 18 2020 RH Container Bot - 1:1.0.1-17.dev.git6b78619 - autobuilt 6b78619 [ 1 ] Bug #1874268 - CVE-2020-14370 podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API https://bugzilla.redhat.com/show_bug.cgi?id=1874268 su -c 'dnf upgrade --advisory FEDORA-2020-7b6058fec9' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/
Change Log
References