Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package docker-stable for openSUSE:Factory checked in at 2025-09-30 17:40:32 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/docker-stable (Old) and /work/SRC/openSUSE:Factory/.docker-stable.new.11973 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "docker-stable" Tue Sep 30 17:40:32 2025 rev:15 rq:1307635 version:unknown Changes: -------- --- /work/SRC/openSUSE:Factory/docker-stable/docker-stable.changes 2025-08-05 14:22:53.069244531 +0200 +++ /work/SRC/openSUSE:Factory/.docker-stable.new.11973/docker-stable.changes 2025-09-30 17:41:29.014971675 +0200 @@ -1,0 +2,19 @@ +Mon Sep 29 05:25:36 UTC 2025 - Aleksa Sarai <[email protected]> + +- Remove git-core recommends on SLE. Most SLE systems have + installRecommends=yes by default and thus end up installing git with Docker. + bsc#1250508 + + This feature is mostly intended for developers ("docker build git://") so + most users already have the dependency installed, and the error when git is + missing is fairly straightforward (so they can easily figure out what they + need to install). + +- Include historical changelog data from before the docker-stable fork. The + initial changelog entry did technically provide all the necessary + information, but our CVE tracking tools do not understand how the package is + forked and so it seems that this package does not include fixes for ~12 years + of updates. So, include a copy of the original package's changelog up until + the fork point. bsc#1250596 + +------------------------------------------------------------------- @@ -276,2 +295,3 @@ -- Initial docker-stable release, forked from Docker 24.0.6-ce release - (packaged on 2023-10-11). +- Initial docker-stable fork, forked from Docker 24.0.7-ce release + (packaged on 2024-02-14). The original changelog is included below for + historical reference. @@ -283,0 +304 @@ + - 0006-Vendor-in-latest-buildkit-v0.11-branch-including-CVE.patch @@ -297,0 +319,3989 @@ + +------------------------------------------------------------------- +Wed Feb 14 08:40:36 UTC 2024 - Dan Čermák <[email protected]> + +- Vendor latest buildkit v0.11: + Add patch 0006-Vendor-in-latest-buildkit-v0.11-branch-including-CVE.patch that + vendors in the latest v0.11 buildkit branch including bugfixes for the following: + * bsc#1219438: CVE-2024-23653 + * bsc#1219268: CVE-2024-23652 + * bsc#1219267: CVE-2024-23651 + +- rebase patches: + * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch + * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch + * 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch + * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch + * 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch + +- switch from %patchN to %patch -PN syntax +- remove unused rpmlint filters and add filters to silence pointless bash & zsh + completion warnings + +------------------------------------------------------------------- +Fri Oct 27 21:14:37 UTC 2023 - Aleksa Sarai <[email protected]> + +- Update to Docker 24.0.7-ce. See upstream changelog online at + <https://docs.docker.com/engine/release-notes/24.0/#2407>. bsc#1217513 + * Deny containers access to /sys/devices/virtual/powercap by default. + - CVE-2020-8694 bsc#1170415 + - CVE-2020-8695 bsc#1170446 + - CVE-2020-12912 bsc#1178760 +- Rebase patches: + * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch + * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch + * 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch + * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch + * 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch + * cli-0001-docs-include-required-tools-in-source-tree.patch + +------------------------------------------------------------------- +Wed Oct 11 10:32:43 UTC 2023 - Aleksa Sarai <[email protected]> + +- Add a patch to fix apparmor on SLE-12, reverting the upstream removal of + version-specific templating for the default apparmor profile. bsc#1213500 + + 0005-SLE12-revert-apparmor-remove-version-conditionals-fr.patch +- Rebase patches: + * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch + * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch + * 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch + * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch + +------------------------------------------------------------------- +Thu Sep 14 01:46:30 UTC 2023 - Aleksa Sarai <[email protected]> + +- Update to Docker 24.0.6-ce. See upstream changelog online at + <https://docs.docker.com/engine/release-notes/24.0/#2406>. bsc#1215323 +- Rebase patches: + * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch + * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch + * 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch + * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch + * cli-0001-docs-include-required-tools-in-source-tree.patch +- Switch from disabledrun to manualrun in _service. +- Add a docker.socket unit file, but with socket activation effectively + disabled to ensure that Docker will always run even if you start the socket + individually. Users should probably just ignore this unit file. bsc#1210141 + +------------------------------------------------------------------- +Tue Jul 25 19:40:25 UTC 2023 - Dirk Müller <[email protected]> + +- Update to Docker 24.0.5-ce. See upstream changelog online at + <https://docs.docker.com/engine/release-notes/24.0/#2405>. bsc#1213229 + +------------------------------------------------------------------- +Fri Jul 7 21:29:05 UTC 2023 - Aleksa Sarai <[email protected]> + +- Update to Docker 24.0.4-ce. See upstream changelog online at + <https://docs.docker.com/engine/release-notes/24.0/#2404>. bsc#1213500 + +------------------------------------------------------------------- +Fri Jul 7 02:35:02 UTC 2023 - Aleksa Sarai <[email protected]> + +- Update to Docker 24.0.3-ce. See upstream changelog online at + <https://docs.docker.com/engine/release-notes/24.0/#2403>. bsc#1213120 +- Rebase patches: + * cli-0001-docs-include-required-tools-in-source-tree.patch + +------------------------------------------------------------------- +Thu Jun 29 10:07:13 UTC 2023 - Danish Prakash <[email protected]> + +- Recommend docker-rootless-extras instead of Require(ing) it, given + it's an additional functionality and not inherently required for + docker to function. + +------------------------------------------------------------------- +Tue Jun 20 15:28:13 UTC 2023 - Danish Prakash <[email protected]> + +- Add docker-rootless-extras subpackage + (https://docs.docker.com/engine/security/rootless) + +------------------------------------------------------------------- +Wed Jun 14 13:02:01 UTC 2023 - Aleksa Sarai <[email protected]> + +- Update to Docker 24.0.2-ce. See upstream changelog online at + <https://docs.docker.com/engine/release-notes/24.0/#2402>. bsc#1212368 + * Includes the upstreamed fix for the mount table pollution issue. + bsc#1210797 +- Add Recommends for docker-buildx, and add /usr/lib/docker/cli-plugins as + being provided by this package. +- Rebase patches: + * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch + * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch + * 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch + * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch + * cli-0001-docs-include-required-tools-in-source-tree.patch + +------------------------------------------------------------------- +Sun May 21 02:31:35 UTC 2023 - Aleksa Sarai <[email protected]> + +- Update to Docker 23.0.6-ce. See upstream changelog online at + <https://docs.docker.com/engine/release-notes/23.0/#2306>. bsc#1211578 +- Rebase patches: + * cli-0001-docs-include-required-tools-in-source-tree.patch +- Re-unify packaging for SLE-12 and SLE-15. +- Add patch to fix build on SLE-12 by switching back to libbtrfs-devel headers + (the uapi headers in SLE-12 are too old). + + 0003-BUILD-SLE12-revert-graphdriver-btrfs-use-kernel-UAPI.patch +- Re-numbered patches: + - 0003-bsc1073877-apparmor-clobber-docker-default-profile-o.patch + + 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch` + +------------------------------------------------------------------- +Thu Apr 27 14:09:05 UTC 2023 - Aleksa Sarai <[email protected]> + +- Update to Docker 23.0.5-ce. See upstream changelog online at + <https://docs.docker.com/engine/release-notes/23.0/#2305>. +- Rebase patches: + * cli-0001-docs-include-required-tools-in-source-tree.patch + +------------------------------------------------------------------- +Wed Apr 26 00:31:54 UTC 2023 - Aleksa Sarai <[email protected]> + +- Update to Docker 23.0.4-ce. See upstream changelog online at + <https://docs.docker.com/engine/release-notes/23.0/#2304>. bsc#1208074 +- Fixes: + * bsc#1214107 - CVE-2023-28840 + * bsc#1214108 - CVE-2023-28841 + * bsc#1214109 - CVE-2023-28842 +- Rebase patches: + * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch + * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch + * 0003-bsc1073877-apparmor-clobber-docker-default-profile-o.patch +- Renumbered patches: + - 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch +- Remove upstreamed patches: + - 0005-bsc1183855-btrfs-Do-not-disable-quota-on-cleanup.patch + - 0006-bsc1193930-vendor-update-golang.org-x-crypto.patch + - 0007-bsc1200022-fifo.Close-prevent-possible-panic-if-fifo.patch +- Backport <https://github.com/docker/cli/pull/4228> to allow man pages to be + built without internet access in OBS. + + cli-0001-docs-include-required-tools-in-source-tree.patch + +------------------------------------------------------------------- +Wed Feb 1 14:33:19 UTC 2023 - Dirk Müller <[email protected]> + +- update to 20.10.23-ce. + * see upstream changelog at https://docs.docker.com/engine/release-notes/#201023 + +- drop kubic flavor as kubic is EOL. this removes: + kubelet.env docker-kubic-service.conf 0003-PRIVATE-REGISTRY-add-private-registry-mirror-support.patch + +------------------------------------------------------------------- +Tue Dec 6 11:49:32 UTC 2022 - Aleksa Sarai <[email protected]> + +- Update to Docker 20.10.21-ce. See upstream changelog online at + <https://docs.docker.com/engine/release-notes/#201021>. bsc#1206065 + bsc#1205375 CVE-2022-36109 +- Rebase patches: + * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch + * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch + * 0003-PRIVATE-REGISTRY-add-private-registry-mirror-support.patch + * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch + * 0005-bsc1183855-btrfs-Do-not-disable-quota-on-cleanup.patch + * 0006-bsc1193930-vendor-update-golang.org-x-crypto.patch + * 0007-bsc1200022-fifo.Close-prevent-possible-panic-if-fifo.patch +- The PRIVATE-REGISTRY patch will now output a warning if it is being used (in + preparation for removing the feature). This feature was never meant to be + used by users directly (and is only available in the -kubic/CaaSP version of + the package anyway) and thus should not affect any users. + +------------------------------------------------------------------- +Mon Oct 24 09:45:20 UTC 2022 - Dan Čermák <[email protected]> + +- Fix wrong After: in docker.service, fixes bsc#1188447 + +------------------------------------------------------------------- +Thu Sep 29 08:40:35 UTC 2022 - Aleksa Sarai <[email protected]> + +- Add apparmor-parser as a Recommends to make sure that most users will end up + with it installed even if they are primarily running SELinux. + +------------------------------------------------------------------- +Thu Sep 29 07:27:03 UTC 2022 - Fabian Vogt <[email protected]> + +- Fix syntax of boolean dependency + +------------------------------------------------------------------- +Thu Jul 28 07:42:33 UTC 2022 - Frederic Crozat <[email protected]> + +- Allow to install container-selinux instead of apparmor-parser. + +------------------------------------------------------------------- +Sun Jul 17 17:06:01 UTC 2022 - Callum Farmer <[email protected]> + +- Change to using systemd-sysusers + +------------------------------------------------------------------- +Wed Jun 29 12:19:55 UTC 2022 - Aleksa Sarai <[email protected]> + +- Backport <https://github.com/containerd/fifo/pull/32> to fix a crash-on-start + issue with dockerd. bsc#1200022 + + 0007-bsc1200022-fifo.Close-prevent-possible-panic-if-fifo.patch + +------------------------------------------------------------------- +Tue Jun 7 07:18:41 UTC 2022 - Aleksa Sarai <[email protected]> + +- Update to Docker 20.10.17-ce. See upstream changelog online at + <https://docs.docker.com/engine/release-notes/#201017>. bsc#1200145 +- Rebase patches: + * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch + * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch + * 0003-PRIVATE-REGISTRY-add-private-registry-mirror-support.patch + * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch + * 0005-bsc1183855-btrfs-Do-not-disable-quota-on-cleanup.patch + * 0006-bsc1193930-vendor-update-golang.org-x-crypto.patch + +------------------------------------------------------------------- +Fri Apr 29 02:51:43 UTC 2022 - Aleksa Sarai <[email protected]> + +- Add patch to update golang.org/x/crypto for CVE-2021-43565 and CVE-2022-27191. + bsc#1193930 bsc#1197284 + * 0006-bsc1193930-vendor-update-golang.org-x-crypto.patch +- Rebase patches: + * 0001-SECRETS-daemon-allow-directory-creation-in-run-secre.patch + * 0002-SECRETS-SUSE-implement-SUSE-container-secrets.patch + * 0003-PRIVATE-REGISTRY-add-private-registry-mirror-support.patch + * 0004-bsc1073877-apparmor-clobber-docker-default-profile-o.patch + * 0005-bsc1183855-btrfs-Do-not-disable-quota-on-cleanup.patch + +------------------------------------------------------------------- +Thu Apr 14 04:09:58 UTC 2022 - Aleksa Sarai <[email protected]> + +- Update to Docker 20.10.14-ce. See upstream changelog online at + <https://docs.docker.com/engine/release-notes/#201014>. bsc#1197517 + CVE-2022-24769 + +------------------------------------------------------------------- +Mon Jan 17 07:23:01 UTC 2022 - Aleksa Sarai <[email protected]> + +- Update to Docker 20.10.12-ce. See upstream changelog online at + <https://docs.docker.com/engine/release-notes/#201012>. +- Remove CHANGELOG.md. It hasn't been maintained since 2017, and all of the + changelogs are currently only available online. + +------------------------------------------------------------------- +Thu Nov 18 08:35:37 UTC 2021 - Aleksa Sarai <[email protected]> + +- Update to Docker 20.10.11-ce. See upstream changelog online at + <https://docs.docker.com/engine/release-notes/#201011>. bsc#1192814 ++++ 3720 more lines (skipped) ++++ between /work/SRC/openSUSE:Factory/docker-stable/docker-stable.changes ++++ and /work/SRC/openSUSE:Factory/.docker-stable.new.11973/docker-stable.changes ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ docker-stable.spec ++++++ --- /var/tmp/diff_new_pack.9r1GKE/_old 2025-09-30 17:41:34.091185371 +0200 +++ /var/tmp/diff_new_pack.9r1GKE/_new 2025-09-30 17:41:34.107186044 +0200 @@ -1,7 +1,7 @@ # # spec file for package docker-stable # -# Copyright (c) 2025 SUSE LLC +# Copyright (c) 2025 SUSE LLC and contributors # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -224,7 +224,9 @@ # different storage-driver than devicemapper Recommends: lvm2 >= 2.2.89 Recommends: %{name}-rootless-extras +%if 0%{?is_opensuse} Recommends: git-core >= 1.7 +%endif ExcludeArch: s390 ppc %description
