openSUSE: 2020:2106-1 moderate: buildah
Description
This update for buildah fixes the following issues: buildah was updated to v1.17.0 (bsc#1165184): * Handle cases where other tools mount/unmount containers * overlay.MountReadOnly: support RO overlay mounts * overlay: use fusermount for rootless umounts * overlay: fix umount * Switch default log level of Buildah to Warn. Users need to see these messages * Drop error messages about OCI/Docker format to Warning level * build(deps): bump github.com/containers/common from 0.26.0 to 0.26.2 * tests/testreport: adjust for API break in storage v1.23.6 * build(deps): bump github.com/containers/storage from 1.23.5 to 1.23.7 * build(deps): bump github.com/fsouza/go-dockerclient from 1.6.5 to 1.6.6 * copier: put: ignore Typeflag="g" * Use curl to get repo file (fix #2714) * build(deps): bump github.com/containers/common from 0.25.0 to 0.26.0 * build(deps): bump github.com/spf13/cobra from 1.0.0 to 1.1.1 * Remove docs that refer to bors, since we're not using it * Buildah bud should not use stdin by default * bump containerd, docker, and golang.org/x/sys * Makefile: cross: remove windows.386 target * copier.copierHandlerPut: don't check length when there are errors * Stop excessive wrapping * CI: require that conformance tests pass * bump(github.com/openshift/imagebuilder) to v1.1.8 * Skip tlsVerify insecure BUILD_REGISTRY_SOURCES * Fix build path wrong containers/podman#7993 * refactor pullpolicy to avoid deps * build(deps): bump github.com/containers/common from 0.24.0 to 0.25.0 * CI: run gating tasks with a lot more memory * ADD and COPY: descend into excluded directories, sometimes * copier: add more context to a couple of error messages * copier: check an error earlier * copier: log stderr output as debug on success * Update nix pin with make nixpkgs * Set directory ownership when copied with ID mapping * build(deps): bump github.com/sirupsen/logrus from 1.6.0 to 1.7.0 * build(deps): bump github.com/containers/common from 0.23.0 to 0.24.0 * Cirrus: Remove bors artifacts * Sort build flag definitions alphabetically * ADD: only expand archives at the right time * Remove configuration for bors * Shell Completion for podman build flags * Bump c/common to v0.24.0 * New CI check: xref --help vs man pages * CI: re-enable several linters * Move --userns-uid-map/--userns-gid-map description into buildah man page * add: preserve ownerships and permissions on ADDed archives * Makefile: tweak the cross-compile target * Bump containers/common to v0.23.0 * chroot: create bind mount targets 0755 instead of 0700 * Change call to Split() to safer SplitN() * chroot: fix handling of errno seccomp rules * build(deps): bump github.com/containers/image/v5 from 5.5.2 to 5.6.0 * Add In Progress section to contributing * integration tests: make sure tests run in ${topdir}/tests * Run(): ignore containers.conf's environment configuration * Warn when setting healthcheck in OCI format * Cirrus: Skip git-validate on branches * tools: update git-validation to the latest commit * tools: update golangci-lint to v1.18.0 * Add a few tests of push command * Add(): fix handling of relative paths with no ContextDir * build(deps): bump github.com/containers/common from 0.21.0 to 0.22.0 * Lint: Use same linters as podman * Validate: reference HEAD * Fix buildah mount to display container names not ids * Update nix pin with make nixpkgs * Add missing --format option in buildah from man page * Fix up code based on codespell * build(deps): bump github.com/openshift/imagebuilder from 1.1.6 to 1.1.7 * build(deps): bump github.com/containers/storage from 1.23.4 to 1.23.5 * Improve buildah completions * Cirrus: Fix validate commit epoch * Fix bash completion of manifest flags * Uniform some man pages * Update Buildah Tutorial to address BZ1867426 * Update bash completion of manifest add sub command * copier.Get(): hard link targets shouldn't be relative paths * build(deps): bump github.com/onsi/gomega from 1.10.1 to 1.10.2 * Pass timestamp down to history lines * Timestamp gets updated everytime you inspect an image * bud.bats: use absolute paths in newly-added tests * contrib/cirrus/lib.sh: don't use CN for the hostname * tests: Add some tests * Update manifest add man page * Extend flags of manifest add * build(deps): bump github.com/containers/storage from 1.23.3 to 1.23.4 * build(deps): bump github.com/onsi/ginkgo from 1.14.0 to 1.14.1 * CI: expand cross-compile checks Update to v1.16.2: * fix build on 32bit arches * containerImageRef.NewImageSource(): don't always force timestamps * Add fuse module warning to image readme * Heed our retry delay option values when retrying commit/pull/push * Switch to containers/common for seccomp * Use --timestamp rather then --omit-timestamp * docs: remove outdated notice * docs: remove outdated notice * build-using-dockerfile: add a hidden --log-rusage flag * build(deps): bump github.com/containers/image/v5 from 5.5.1 to 5.5.2 * Discard ReportWriter if user sets options.Quiet * build(deps): bump github.com/containers/common from 0.19.0 to 0.20.3 * Fix ownership of content copied using COPY --from * newTarDigester: zero out timestamps in tar headers * Update nix pin with `make nixpkgs` * bud.bats: correct .dockerignore integration tests * Use pipes for copying * run: include stdout in error message * run: use the correct error for errors.Wrapf * copier: un-export internal types * copier: add Mkdir() * in_podman: don't get tripped up by $CIRRUS_CHANGE_TITLE * docs/buildah-commit.md: tweak some wording, add a --rm example * imagebuildah: don???t blank out destination names when COPYing * Replace retry functions with common/pkg/retry * StageExecutor.historyMatches: compare timestamps using .Equal * Update vendor of containers/common * Fix errors found in coverity scan * Change namespace handling flags to better match podman commands * conformance testing: ignore buildah.BuilderIdentityAnnotation labels * Vendor in containers/storage v1.23.0 * Add buildah.IsContainer interface * Avoid feeding run_buildah to pipe * fix(buildahimage): add xz dependency in buildah image * Bump github.com/containers/common from 0.15.2 to 0.18.0 * Howto for rootless image building from OpenShift * Add --omit-timestamp flag to buildah bud * Update nix pin with `make nixpkgs` * Shutdown storage on failures * Handle COPY --from when an argument is used * Bump github.com/seccomp/containers-golang from 0.5.0 to 0.6.0 * Cirrus: Use newly built VM images * Bump github.com/opencontainers/runc from 1.0.0-rc91 to 1.0.0-rc92 * Enhance the .dockerignore man pages * conformance: add a test for COPY from subdirectory * fix bug manifest inspct * Add documentation for .dockerignore * Add BuilderIdentityAnnotation to identify buildah version * DOC: Add quay.io/containers/buildah image to README.md * Update buildahimages readme * fix spelling mistake in "info" command result display * Don't bind /etc/host and /etc/resolv.conf if network is not present * blobcache: avoid an unnecessary NewImage() * Build static binary with `buildGoModule` * copier: split StripSetidBits into StripSetuidBit/StripSetgidBit/StripStickyBit * tarFilterer: handle multiple archives * Fix a race we hit during conformance tests * Rework conformance testing * Update 02-registries-repositories.md * test-unit: invoke cmd/buildah tests with --flags * parse: fix a type mismatch in a test * Fix compilation of tests/testreport/testreport * build.sh: log the version of Go that we're using * test-unit: increase the test timeout to 40/45 minutes * Add the "copier" package * Fix & add notes regarding problematic language in codebase * Add dependency on github.com/stretchr/testify/require * CompositeDigester: add the ability to filter tar streams * BATS tests: make more robust * vendor golang.org/x/text@v0.3.3 * Switch golang 1.12 to golang 1.13 * imagebuildah: wait for stages that might not have even started yet * chroot, run: not fail on bind mounts from /sys * chroot: do not use setgroups if it is blocked * Set engine env from containers.conf * imagebuildah: return the right stage's image as the "final" image * Fix a help string * Deduplicate environment variables * switch containers/libpod to containers/podman * Bump github.com/containers/ocicrypt from 1.0.2 to 1.0.3 * Bump github.com/opencontainers/selinux from 1.5.2 to 1.6.0 * Mask out /sys/dev to prevent information leak * linux: skip errors from the runtime kill * Mask over the /sys/fs/selinux in mask branch * Add VFS additional image store to container * tests: add auth tests * Allow "readonly" as alias to "ro" in mount options * Ignore OS X specific consistency mount option * Bump github.com/onsi/ginkgo from 1.13.0 to 1.14.0 * Bump github.com/containers/common from 0.14.0 to 0.15.2 * Rootless Buildah should default to IsolationOCIRootless * imagebuildah: fix inheriting multi-stage builds * Make imagebuildah.BuildOptions.Architecture/OS optional * Make imagebuildah.BuildOptions.Jobs optional * Resolve a possible race in imagebuildah.Executor.startStage() * Switch scripts to use containers.conf * Bump openshift/imagebuilder to v1.1.6 * Bump go.etcd.io/bbolt from 1.3.4 to 1.3.5 * buildah, bud: support --jobs=N for parallel execution * executor: refactor build code inside new function * Add bud regression tests * Cirrus: Fix missing htpasswd in registry img * docs: clarify the 'triples' format * CHANGELOG.md: Fix markdown formatting * Add nix derivation for static builds * Bump to v1.16.0-dev - Update to v1.15.1 * Mask over the /sys/fs/selinux in mask branch * chroot: do not use setgroups if it is blocked * chroot, run: not fail on bind mounts from /sys * Allow "readonly" as alias to "ro" in mount options * Add VFS additional image store to container * vendor golang.org/x/text@v0.3.3 * Make imagebuildah.BuildOptions.Architecture/OS optional Update to v1.15.0: * Add CVE-2020-10696 to CHANGELOG.md and changelog.txt * fix lighttpd example * remove dependency on openshift struct * Warn on unset build arguments * vendor: update seccomp/containers-golang to v0.4.1 * Updated docs * clean up comments * update exit code for tests * Implement commit for encryption * implementation of encrypt/decrypt push/pull/bud/from * fix resolve docker image name as transport * Add preliminary profiling support to the CLI * Evaluate symlinks in build context directory * fix error info about get signatures for containerImageSource * Add Security Policy * Cirrus: Fixes from review feedback * imagebuildah: stages shouldn't count as their base images * Update containers/common v0.10.0 * Add registry to buildahimage Dockerfiles * Cirrus: Use pre-installed VM packages + F32 * Cirrus: Re-enable all distro versions * Cirrus: Update to F31 + Use cache images * golangci-lint: Disable gosimple * Lower number of golangci-lint threads * Fix permissions on containers.conf * Don't force tests to use runc * Return exit code from failed containers * cgroup_manager should be under [engine] * Use c/common/pkg/auth in login/logout * Cirrus: Temporarily disable Ubuntu 19 testing * Add containers.conf to stablebyhand build * Update gitignore to exclude test Dockerfiles * Remove warning for systemd inside of container Update to v1.14.6: * Make image history work correctly with new args handling * Don't add args to the RUN environment from the Builder Update to v1.14.5: * Revert FIPS mode change Update to v1.14.4: * Update unshare man page to fix script example * Fix compilation errors on non linux platforms * Preserve volume uid and gid through subsequent commands * Fix potential CVE in tarfile w/ symlink * Fix .dockerignore with globs and ! commands Update to v1.14.2: * Search for local runtime per values in containers.conf * Set correct ownership on working directory * Improve remote manifest retrieval * Correct a couple of incorrect format specifiers * manifest push --format: force an image type, not a list type * run: adjust the order in which elements are added to $ * getDateAndDigestAndSize(): handle creation time not being set * Make the commit id clear like Docker * Show error on copied file above context directory in build * pull/from/commit/push: retry on most failures * Repair buildah so it can use containers.conf on the server side * Fixing formatting & build instructions * Fix XDG_RUNTIME_DIR for authfile * Show validation command-line Update to v1.14.0: * getDateAndDigestAndSize(): use manifest.Digest * Touch up os/arch doc * chroot: handle slightly broken seccomp defaults * buildahimage: specify fuse-overlayfs mount options * parse: don't complain about not being able to rename something to itself * Fix build for 32bit platforms * Allow users to set OS and architecture on bud * Fix COPY in containerfile with envvar * Add --sign-by to bud/commit/push, --remove-signatures for pull/push * Add support for containers.conf * manifest push: add --format option Update to v1.13.1: * copyFileWithTar: close source files at the right time * copy: don't digest files that we ignore * Check for .dockerignore specifically * Don't setup excludes, if their is only one pattern to match * set HOME env to /root on chroot-isolation by default * docs: fix references to containers-*.5 * fix bug Add check .dockerignore COPY file * buildah bud --volume: run from tmpdir, not source dir * Fix imageNamePrefix to give consistent names in buildah-from * cpp: use -traditional and -undef flags * discard outputs coming from onbuild command on buildah-from --quiet * make --format columnizing consistent with buildah images * Fix option handling for volumes in build * Rework overlay pkg for use with libpod * Fix buildahimage builds for buildah * Add support for FIPS-Mode backends * Set the TMPDIR for pulling/pushing image to $TMPDIR Update to v1.12.0: * Allow ADD to use http src * imgtype: reset storage opts if driver overridden * Start using containers/common * overlay.bats typo: fuse-overlays should be fuse-overlayfs * chroot: Unmount with MNT_DETACH instead of UnmountMountpoints() * bind: don't complain about missing mountpoints * imgtype: check earlier for expected manifest type * Add history names support Update to v1.11.6: * Handle missing equal sign in --from and --chown flags for COPY/ADD * bud COPY does not download URL * Fix .dockerignore exclude regression * commit(docker): always set ContainerID and ContainerConfig * Touch up commit man page image parameter * Add builder identity annotations. Update to v1.11.5: * buildah: add "manifest" command * pkg/supplemented: add a package for grouping images together * pkg/manifests: add a manifest list build/manipulation API * Update for ErrUnauthorizedForCredentials API change in containers/image * Update for manifest-lists API changes in containers/image * version: also note the version of containers/image * Move to containers/image v5.0.0 * Enable --device directory as src device * Add clarification to the Tutorial for new users * Silence "using cache" to ensure -q is fully quiet * Move runtime flag to bud from common * Commit: check for storage.ErrImageUnknown using errors.Cause() * Fix crash when invalid COPY --from flag is specified. Update to v1.11.4: * buildah: add a "manifest" command * pkg/manifests: add a manifest list build/manipulation API * Update for ErrUnauthorizedForCredentials API change in containers/image * Update for manifest-lists API changes in containers/image * Move to containers/image v5.0.0 * Enable --device directory as src device * Add clarification to the Tutorial for new users * Silence "using cache" to ensure -q is fully quiet * Move runtime flag to bud from common * Commit: check for storage.ErrImageUnknown using errors.Cause() * Fix crash when invalid COPY --from flag is specified. Update to v1.11.3: * Add cgroups2 * Add support for retrieving context from stdin "-" * Added tutorial on how to include Buildah as library * Fix --build-args handling * Print build 'STEP' line to stdout, not stderr * Use Containerfile by default Update to v1.11.2: * Add some cleanup code * Move devices code to unit specific directory. Update to v1.11.1: * Add --devices flag to bud and from * Add support for /run/.containerenv * Allow mounts.conf entries for equal source and destination paths * Fix label and annotation for 1-line Dockerfiles * Preserve file and directory mount permissions * Replace --debug=false with --log-level=error * Set TMPDIR to /var/tmp by default * Truncate output of too long image names * Ignore EmptyLayer if Squash is set Update to v1.11.0: * Add --digestfile and Re-add push statement as debug * Add --log-level command line option and deprecate --debug * Add security-related volume options to validator * Allow buildah bud to be called without arguments * Allow to override build date with SOURCE_DATE_EPOCH * Correctly detect ExitError values from Run() * Disable empty logrus timestamps to reduce logger noise * Fix directory pull image names * Fix handling of /dev/null masked devices * Fix possible runtime panic on bud * Update bud/from help to contain indicator for --dns=none * Update documentation about bud * Update shebangs to take env into consideration * Use content digests in ADD/COPY history entries * add support for cgroupsV2 * add: add a DryRun flag to AddAndCopyOptions * add: handle hard links when copying with .dockerignore * add: teach copyFileWithTar() about symlinks and directories * imagebuilder: fix detection of referenced stage roots * pull/commit/push: pay attention to $BUILD_REGISTRY_SOURCES * run_linux: fix mounting /sys in a userns Update to v1.10.1: * Add automatic apparmor tag discovery * Add overlayfs to fuse-overlayfs tip * Bug fix for volume minus syntax * Bump container/storage v1.13.1 and containers/image v3.0.1 * Bump containers/image to v3.0.2 to fix keyring issue * Fix bug whereby --get-login has no effect * Bump github.com/containernetworking/cni to v0.7.1 - Add appamor-pattern requirement - Update build process to match the latest repository architecture - Update to v1.10.0 * vendor github.com/containers/image@v3.0.0 * Remove GO111MODULE in favor of -mod=vendor * Vendor in containers/storage v1.12.16 * Add '-' minus syntax for removal of config values * tests: enable overlay tests for rootless * rootless, overlay: use fuse-overlayfs * vendor github.com/containers/image@v2.0.1 * Added '-' syntax to remove volume config option * delete successfully pushed message * Add golint linter and apply fixes * vendor github.com/containers/storage@v1.12.15 * Change wait to sleep in buildahimage readme * Handle ReadOnly images when deleting images * Add support for listing read/only images * from/import: record the base image's digest, if it has one * Fix CNI version retrieval to not require network connection * Add misspell linter and apply fixes * Add goimports linter and apply fixes * Add stylecheck linter and apply fixes * Add unconvert linter and apply fixes * image: make sure we don't try to use zstd compression * run.bats: skip the "z" flag when testing --mount * Update to runc v1.0.0-rc8 * Update to match updated runtime-tools API * bump github.com/opencontainers/runtime-tools to v0.9.0 * Build e2e tests using the proper build tags * Add unparam linter and apply fixes * Run: correct a typo in the --cap-add help text * unshare: add a --mount flag * fix push check image name is not empty * add: fix slow copy with no excludes * Add errcheck linter and fix missing error check * Improve tests/tools/Makefile parallelism and abstraction * Fix response body not closed resource leak * Switch to golangci-lint * Add gomod instructions and mailing list links * On Masked path, check if /dev/null already mounted before mounting * Update to containers/storage v1.12.13 * Refactor code in package imagebuildah * Add rootless podman with NFS issue in documentation * Add --mount for buildah run * import method ValidateVolumeOpts from libpod * Fix typo * Makefile: set GO111MODULE=off * rootless: add the built-in slirp DNS server * Update docker/libnetwork to get rid of outdated sctp package * Update buildah-login.md * migrate to go modules * install.md: mention go modules * tests/tools: go module for test binaries * fix --volume splits comma delimited option * Add bud test for RUN with a priv'd command * vendor logrus v1.4.2 * pkg/cli: panic when flags can't be hidden * pkg/unshare: check all errors * pull: check error during report write * run_linux.go: ignore unchecked errors * conformance test: catch copy error * chroot/run_test.go: export funcs to actually be executed * tests/imgtype: ignore error when shutting down the store * testreport: check json error * bind/util.go: remove unused func * rm chroot/util.go * imagebuildah: remove unused dedupeStringSlice * StageExecutor: EnsureContainerPath: catch error from SecureJoin() * imagebuildah/build.go: return instead of branching * rmi: avoid redundant branching * conformance tests: nilness: allocate map * imagebuildah/build.go: avoid redundant filepath.Join() * imagebuildah/build.go: avoid redundant os.Stat() * imagebuildah: omit comparison to bool * fix "ineffectual assignment" lint errors * docker: ignore "repeats json tag" lint error * pkg/unshare: use ... instead of iterating a slice * conformance: bud test: use raw strings for regexes * conformance suite: remove unused func/var * buildah test suite: remove unused vars/funcs * testreport: fix golangci-lint errors * util: remove redundant return statement * chroot: only log clean-up errors * images_test: ignore golangci-lint error * blobcache: log error when draining the pipe * imagebuildah: check errors in deferred calls * chroot: fix error handling in deferred funcs * cmd: check all errors * chroot/run_test.go: check errors * chroot/run.go: check errors in deferred calls * imagebuildah.Executor: remove unused onbuild field * docker/types.go: remove unused struct fields * util: use strings.ContainsRune instead of index check * Cirrus: Initial implementation * buildah-run: fix-out-of-range panic (2) * Update containers/image to v2.0.0 * run: fix hang with run and --isolation=chroot * run: fix hang when using run * chroot: drop unused function call * remove before imgageID on build * Always close stdin pipe * Write deny to setgroups when doing single user mapping * Avoid including linux/memfd.h * Add a test for the symlink pointing to a directory * Add missing continue * Fix the handling of symlinks to absolute paths * Only set default network sysctls if not rootless * Support --dns=none like podman * fix bug --cpu-shares parsing typo * Fix validate complaint * Update vendor on containers/storage to v1.12.10 * Create directory paths for COPY thereby ensuring correct perms * imagebuildah: use a stable sort for comparing build args * imagebuildah: tighten up cache checking * bud.bats: add a test verying the order of --build-args * add -t to podman run * imagebuildah: simplify screening by top layers * imagebuildah: handle ID mappings for COPY --from * imagebuildah: apply additionalTags ourselves * bud.bats: test additional tags with cached images * bud.bats: add a test for WORKDIR and COPY with absolute destinations * Cleanup Overlay Mounts content * Add support for file secret mounts * Add ability to skip secrets in mounts file * allow 32bit builds * fix tutorial instructions * imagebuilder: pass the right contextDir to Add() * add: use fileutils.PatternMatcher for .dockerignore * bud.bats: add another .dockerignore test * unshare: fallback to single usermapping * addHelperSymlink: clear the destination on os.IsExist errors * bud.bats: test replacing symbolic links * imagebuildah: fix handling of destinations that end with '/' * bud.bats: test COPY with a final "/" in the destination * linux: add check for sysctl before using it * unshare: set _CONTAINERS_ROOTLESS_GID * Rework buildahimamges * build context: support https git repos * Add a test for ENV special chars behaviour * Check in new Dockerfiles * Apply custom SHELL during build time * config: expand variables only at the command line * SetEnv: we only need to expand v once * Add default /root if empty on chroot iso * Add support for Overlay volumes into the container. * Export buildah validate volume functions so it can share code with libpod * Bump baseline test to F30 * Fix rootless handling of /dev/shm size * Avoid fmt.Printf() in the library * imagebuildah: tighten cache checking back up * Handle WORKDIR with dangling target * Default Authfile to proper path * Make buildah run --isolation follow BUILDAH_ISOLATION environment * Vendor in latest containers/storage and containers/image * getParent/getChildren: handle layerless images * imagebuildah: recognize cache images for layerless images * bud.bats: test scratch images with --layers caching * Get CHANGELOG.md updates * Add some symlinks to test our .dockerignore logic * imagebuildah: addHelper: handle symbolic links * commit/push: use an everything-allowed policy * Correct manpage formatting in files section * Remove must be root statement from buildah doc * Change image names to stable, testing and upstream * Don't create directory on container * Replace kubernetes/pause in tests with k8s.gcr.io/pause * imagebuildah: don't remove intermediate images if we need them * Rework buildahimagegit to buildahimageupstream * Fix Transient Mounts * Handle WORKDIRs that are symlinks * allow podman to build a client for windows * Touch up 1.9-dev to 1.9.0-dev * Resolve symlink when checking container path * commit: commit on every instruction, but not always with layers * CommitOptions: drop the unused OnBuild field * makeImageRef: pass in the whole CommitOptions structure * cmd: API cleanup: stores before images * run: check if SELinux is enabled * Fix buildahimages Dockerfiles to include support for additionalimages mounted from host. * Detect changes in rootdir * Fix typo in buildah-pull(1) * Vendor in latest containers/storage * Keep track of any build-args used during buildah bud --layers * commit: always set a parent ID * imagebuildah: rework unused-argument detection * fix bug dest path when COPY .dockerignore * Move Host IDMAppings code from util to unshare * Add BUILDAH_ISOLATION rootless back * Travis CI: fail fast, upon error in any step * imagebuildah: only commit images for intermediate stages if we have to * Use errors.Cause() when checking for IsNotExist errors * auto pass http_proxy to container * imagebuildah: don't leak image structs * Add Dockerfiles for buildahimages * Bump to Replace golang 1.10 with 1.12 * add --dns* flags to buildah bud * Add hack/build_speed.sh test speeds on building container images * Create buildahimage Dockerfile for Quay * rename 'is' to 'expect_output' * squash.bats: test squashing in multi-layered builds * bud.bats: test COPY --from in a Dockerfile while using the cache * commit: make target image names optional * Fix bud-args to allow comma separation * oops, missed some tests in commit.bats * new helper: expect_line_count * New tests for #1467 (string slices in cmdline opts) * Workarounds for dealing with travis; review feedback * BATS tests - extensive but minor cleanup * imagebuildah: defer pulling images for COPY --from * imagebuildah: centralize COMMIT and image ID output * Travis: do not use traviswait * imagebuildah: only initialize imagebuilder configuration once per stage * Make cleaner error on Dockerfile build errors * unshare: move to pkg/ * unshare: move some code from cmd/buildah/unshare * Fix handling of Slices versus Arrays * imagebuildah: reorganize stage and per-stage logic * imagebuildah: add empty layers for instructions * Add missing step in installing into Ubuntu * fix bug in .dockerignore support * imagebuildah: deduplicate prepended "FROM" instructions * Touch up intro * commit: set created-by to the shell if it isn't set * commit: check that we always set a "created-by" * docs/buildah.md: add "containers-" prefixes under "SEE ALSO" Update to v1.7.2 * Updates vendored containers/storage to latest version * rootless: by default use the host network namespace - Full changelog: https://github.com/containers/buildah/releases/tag/v1.6 This update was imported from the SUSE:SLE-15-SP1:Update update project.
Patch
Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2020-2106=1
Package List
- openSUSE Leap 15.1 (x86_64): buildah-1.17.0-lp151.2.6.1
References
https://www.suse.com/security/cve/CVE-2019-10214.html https://www.suse.com/security/cve/CVE-2020-10696.html https://bugzilla.suse.com/1165184 https://bugzilla.suse.com/1167864--===============5559745400015135941=
