diff --git a/packages/Cargo.lock b/packages/Cargo.lock index 93f466651e8..00088a25c55 100644 --- a/packages/Cargo.lock +++ b/packages/Cargo.lock @@ -33,6 +33,7 @@ version = "0.1.0" dependencies = [ "glibc 0.1.0", "libcap 0.1.0", + "libseccomp 0.1.0", "ncurses 0.1.0", "readline 0.1.0", ] diff --git a/packages/ca-certificates/Cargo.toml b/packages/ca-certificates/Cargo.toml index fc5bc3b38fb..5f8006a2a92 100644 --- a/packages/ca-certificates/Cargo.toml +++ b/packages/ca-certificates/Cargo.toml @@ -9,5 +9,5 @@ build = "build.rs" path = "pkg.rs" [[package.metadata.build-package.external-files]] -url = "https://curl.haxx.se/ca/cacert-2019-08-28.pem" -sha512 = "527e23d1e83381583cc2efe4625b01a00baa990afc877bb617727e8bffab17a0dc4f36b60162bad375b576ff09bc27acc7e0f095a34150f23d61825b8a7fb81f" +url = "https://curl.haxx.se/ca/cacert-2019-11-27.pem" +sha512 = "66816e077ee99ceb9535a472e6bbf4f0e48ca838099c8a97c7baf3297fcada9a43016ea1ded63a455ee56a8f18501417a0f744fc17b215bb599cafd76b754518" diff --git a/packages/ca-certificates/ca-certificates.spec b/packages/ca-certificates/ca-certificates.spec index 98b6b107b6f..29f2c58ef5c 100644 --- a/packages/ca-certificates/ca-certificates.spec +++ b/packages/ca-certificates/ca-certificates.spec @@ -1,10 +1,12 @@ Name: %{_cross_os}ca-certificates -Version: 2019.08.28 +Version: 2019.11.27 Release: 1%{?dist} Summary: CA certificates extracted from Mozilla License: MPL 2.0 +# Note: You can see changes here: +# https://hg.mozilla.org/projects/nss/log/tip/lib/ckfw/builtins/certdata.txt URL: https://curl.haxx.se/docs/caextract.html -Source0: https://curl.haxx.se/ca/cacert-2019-08-28.pem +Source0: https://curl.haxx.se/ca/cacert-2019-11-27.pem Source1: ca-certificates.conf %description diff --git a/packages/chrony/Cargo.toml b/packages/chrony/Cargo.toml index b15fc75273e..51d19a2ff09 100644 --- a/packages/chrony/Cargo.toml +++ b/packages/chrony/Cargo.toml @@ -15,5 +15,6 @@ sha512 = "c4f6376a44d71b6ac2b6d86e3d6fb4348642faeef7f3f3a4d6431627b5645efcc868b0 [build-dependencies] glibc = { path = "../glibc" } libcap = { path = "../libcap" } +libseccomp = { path = "../libseccomp" } ncurses = { path = "../ncurses" } readline = { path = "../readline" } diff --git a/packages/cni-plugins/Cargo.toml b/packages/cni-plugins/Cargo.toml index dfd3ba1dbd3..068c2533da5 100644 --- a/packages/cni-plugins/Cargo.toml +++ b/packages/cni-plugins/Cargo.toml @@ -9,8 +9,8 @@ build = "build.rs" path = "pkg.rs" [[package.metadata.build-package.external-files]] -url = "https://github.com/containernetworking/plugins/archive/v0.8.2/plugins-0.8.2.tar.gz" -sha512 = "383540232593c7ef8c28f83e660a58ae6dd2592c6d97a43c8fc1f046a3fa448911d4066ec0a6a7d7e770a1a2dceee7c31d742100b0871e07d691fe6bdffd42f9" +url = "https://github.com/containernetworking/plugins/archive/v0.8.3/plugins-0.8.3.tar.gz" +sha512 = "054479a73ddbfbdb2986ac202ae2da7a69ae7bb693a250885f950a26973c60be3053d4e95ca24cf5eb67c104b9af8231f859e22c01a066ce3a206a186fc55a6d" [build-dependencies] glibc = { path = "../glibc" } diff --git a/packages/cni-plugins/cni-plugins.spec b/packages/cni-plugins/cni-plugins.spec index 065bb19cdba..8e1602a4ff3 100644 --- a/packages/cni-plugins/cni-plugins.spec +++ b/packages/cni-plugins/cni-plugins.spec @@ -2,7 +2,7 @@ %global gorepo plugins %global goimport %{goproject}/%{gorepo} -%global gover 0.8.2 +%global gover 0.8.3 %global rpmver %{gover} %global _dwz_low_mem_die_limit 0 diff --git a/packages/containerd/Cargo.toml b/packages/containerd/Cargo.toml index 01354e6262f..a9a26dd1cef 100644 --- a/packages/containerd/Cargo.toml +++ b/packages/containerd/Cargo.toml @@ -9,8 +9,8 @@ build = "build.rs" path = "pkg.rs" [[package.metadata.build-package.external-files]] -url = "https://github.com/containerd/containerd/archive/v1.3.0/containerd-1.3.0.tar.gz" -sha512 = "cff9f0189b9fdc2b5492c92129af284aa8cd099e48de94cafd90aed191e2d20060c96008111b05fe081de0d4fc41d35f8cba5a3dc2d8cc0a5c37f695fd3cedc1" +url = "https://github.com/containerd/containerd/archive/v1.3.2/containerd-1.3.2.tar.gz" +sha512 = "768a19eb0829e196a61ddedaa11b0d6691caf8f9cc590a3e47ac77c1acad62e64b7a55017a1a6cccfcb87785a083d5ce131048b0e39e48c65e6cd5922382fc3c" [build-dependencies] glibc = { path = "../glibc" } diff --git a/packages/containerd/containerd.spec b/packages/containerd/containerd.spec index 98da04a8306..f61ebe2a29a 100644 --- a/packages/containerd/containerd.spec +++ b/packages/containerd/containerd.spec @@ -2,7 +2,7 @@ %global gorepo containerd %global goimport %{goproject}/%{gorepo} -%global gover 1.3.0 +%global gover 1.3.2 %global rpmver %{gover} %global _dwz_low_mem_die_limit 0 diff --git a/packages/coreutils/Cargo.toml b/packages/coreutils/Cargo.toml index 54e2d3f5ba8..f3fe4c9afa8 100644 --- a/packages/coreutils/Cargo.toml +++ b/packages/coreutils/Cargo.toml @@ -9,8 +9,8 @@ build = "build.rs" path = "pkg.rs" [[package.metadata.build-package.external-files]] -url = "https://ftp.gnu.org/gnu/coreutils/coreutils-8.30.tar.xz" -sha512 = "25bc132c0d89ce71c33e417f04649c9fcfce6c5ef8b19f093b2e9e2851bfde9b5a31e20499d9c427332228ba54b88d445ddb445551e1944bb8f5cbff5ffa4eda" +url = "https://ftp.gnu.org/gnu/coreutils/coreutils-8.31.tar.xz" +sha512 = "ef8941dae845bbf5ae5838bc49e44554a766302930601aada6fa594e8088f0fbad74e481ee392ff89633e68b99e4da3f761fcb5d31ee3b233d540fe2a2d4e1af" [build-dependencies] glibc = { path = "../glibc" } diff --git a/packages/coreutils/coreutils.spec b/packages/coreutils/coreutils.spec index 6daff1ebd51..ac987cb10d4 100644 --- a/packages/coreutils/coreutils.spec +++ b/packages/coreutils/coreutils.spec @@ -1,5 +1,5 @@ Name: %{_cross_os}coreutils -Version: 8.30 +Version: 8.31 Release: 1%{?dist} Summary: A set of basic GNU tools License: GPLv3+ @@ -44,6 +44,7 @@ Requires: %{_cross_os}libxcrypt %{_cross_bindir}/base32 %{_cross_bindir}/base64 %{_cross_bindir}/basename +%{_cross_bindir}/basenc %{_cross_bindir}/cat %{_cross_bindir}/chcon %{_cross_bindir}/chgrp diff --git a/packages/docker-cli/Cargo.toml b/packages/docker-cli/Cargo.toml index dd2680aea99..a96bf620760 100644 --- a/packages/docker-cli/Cargo.toml +++ b/packages/docker-cli/Cargo.toml @@ -9,8 +9,8 @@ build = "build.rs" path = "pkg.rs" [[package.metadata.build-package.external-files]] -url = "https://github.com/docker/cli/archive/v18.09.6/cli-18.09.6.tar.gz" -sha512 = "c2621391c3848cf348f7a719e72c07cb4c7e7d20ba3529a0ec188270b02d6b0e1fdea47b6a61a09228e98f1ebbe0f36e789821ff06dcd30cb17a9c4541b3d444" +url = "https://github.com/docker/cli/archive/v18.09.9/cli-18.09.9.tar.gz" +sha512 = "bc06dbbe8da1d9eaab509eadb6d6af3b2a603176c5c6b8432641dc0f2843a90f14b16455331540c30fd9b0039cc7936c334da3bdc957afebcf0b5a4caf312b7e" [build-dependencies] glibc = { path = "../glibc" } diff --git a/packages/docker-cli/docker-cli.spec b/packages/docker-cli/docker-cli.spec index 405b8b10c04..7938bad84f2 100644 --- a/packages/docker-cli/docker-cli.spec +++ b/packages/docker-cli/docker-cli.spec @@ -2,7 +2,7 @@ %global gorepo cli %global goimport %{goproject}/%{gorepo} -%global gover 18.09.6 +%global gover 18.09.9 %global rpmver %{gover} %global _dwz_low_mem_die_limit 0 diff --git a/packages/docker-engine/Cargo.toml b/packages/docker-engine/Cargo.toml index bba5ee18621..aeb9cc3b8f8 100644 --- a/packages/docker-engine/Cargo.toml +++ b/packages/docker-engine/Cargo.toml @@ -9,8 +9,8 @@ build = "build.rs" path = "pkg.rs" [[package.metadata.build-package.external-files]] -url = "https://github.com/docker/engine/archive/v18.09.6/engine-18.09.6.tar.gz" -sha512 = "3ad016432b892fb9438fcb0b9218cd73fc720255c59cbcccd2f16b9325d5a1e848f115f67fc4131f1f659d98e1f93bf0a8cc3a49081a530dbb134dedee916bf8" +url = "https://github.com/docker/engine/archive/v18.09.9/engine-18.09.9.tar.gz" +sha512 = "070700e5b9dac439fd494ae52824ebbd0a8dbc4bf0351c4173c47f585ab81a0fb39470c4d566a7dc69481b03e04f073727062872d2550505ae67a5d1bb30132e" [build-dependencies] glibc = { path = "../glibc" } diff --git a/packages/docker-engine/docker-engine.spec b/packages/docker-engine/docker-engine.spec index 0875e115c1e..f0922cb2339 100644 --- a/packages/docker-engine/docker-engine.spec +++ b/packages/docker-engine/docker-engine.spec @@ -7,7 +7,7 @@ %global dorepo docker %global doimport %{goproject}/%{dorepo} -%global gover 18.09.6 +%global gover 18.09.9 %global rpmver %{gover} %global _dwz_low_mem_die_limit 0 diff --git a/packages/docker-init/docker-init.spec b/packages/docker-init/docker-init.spec index 1fcfffddf18..b3dfc9884ab 100644 --- a/packages/docker-init/docker-init.spec +++ b/packages/docker-init/docker-init.spec @@ -3,7 +3,7 @@ %global tiniver 0.18.0 Name: %{_cross_os}docker-init -Version: 18.09.6 +Version: 18.09.9 Release: 1%{?dist} Summary: Init for containers License: MIT diff --git a/packages/docker-proxy/Cargo.toml b/packages/docker-proxy/Cargo.toml index 3910b64ac61..60ff6d91f83 100644 --- a/packages/docker-proxy/Cargo.toml +++ b/packages/docker-proxy/Cargo.toml @@ -9,8 +9,8 @@ build = "build.rs" path = "pkg.rs" [[package.metadata.build-package.external-files]] -url = "https://github.com/docker/libnetwork/archive/872f0a83c98add6cae255c8859e29532febc0039/libnetwork-872f0a83c98add6cae255c8859e29532febc0039.tar.gz" -sha512 = "c8e8544a3d8d44dc0f309aa3520a2cf62cee374a06d40473542078de94d88cb484c0dca1cee7ad89fb312c969af1694c848f464d04d61df5a9888058e21a485e" +url = "https://github.com/docker/libnetwork/archive/48722da498b202dfed2eb4299dfcfbdf8b75392d/libnetwork-48722da498b202dfed2eb4299dfcfbdf8b75392d.tar.gz" +sha512 = "58801dadbd70fc4df8f41d605f5721d93c562414241ac632f40e35a04163c3761904f5e917d3e078bf2a46fb873d918b5c31321c319b6db23d437e5875b49c54" [build-dependencies] glibc = { path = "../glibc" } diff --git a/packages/docker-proxy/docker-proxy.spec b/packages/docker-proxy/docker-proxy.spec index 4fe4f1bc235..fdf023a5e1e 100644 --- a/packages/docker-proxy/docker-proxy.spec +++ b/packages/docker-proxy/docker-proxy.spec @@ -1,12 +1,12 @@ %global goproject github.com/docker %global gorepo libnetwork %global goimport %{goproject}/%{gorepo} -%global commit 872f0a83c98add6cae255c8859e29532febc0039 +%global commit 48722da498b202dfed2eb4299dfcfbdf8b75392d %global _dwz_low_mem_die_limit 0 Name: %{_cross_os}docker-proxy -Version: 18.09.6 +Version: 18.09.9 Release: 1%{?dist} Summary: Docker CLI License: ASL 2.0 diff --git a/packages/iptables/0002-extensions-format-security-fixes-in-libip-6-t_icmp.patch b/packages/iptables/0002-extensions-format-security-fixes-in-libip-6-t_icmp.patch deleted file mode 100644 index 1bdbbd1a237..00000000000 --- a/packages/iptables/0002-extensions-format-security-fixes-in-libip-6-t_icmp.patch +++ /dev/null @@ -1,60 +0,0 @@ -From 6e8f0c61f4c9abc2836d772fca97ff0d84c03360 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Adam=20Go=C5=82=C4=99biowski?= -Date: Wed, 14 Nov 2018 07:35:28 +0100 -Subject: [PATCH] extensions: format-security fixes in libip[6]t_icmp -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -commit 61d6c3834de3 ("xtables: add 'printf' attribute to xlate_add") -introduced support for gcc feature to check format string against passed -argument. This commit adds missing bits to extenstions's libipt_icmp.c -and libip6t_icmp6.c that were causing build to fail. - -Fixes: 61d6c3834de3 ("xtables: add 'printf' attribute to xlate_add") -Signed-off-by: Adam Gołębiowski -Signed-off-by: Pablo Neira Ayuso -Signed-off-by: Phil Sutter ---- - extensions/libip6t_icmp6.c | 4 ++-- - extensions/libipt_icmp.c | 2 +- - 2 files changed, 3 insertions(+), 3 deletions(-) - -diff --git a/extensions/libip6t_icmp6.c b/extensions/libip6t_icmp6.c -index 45a71875722c4..cc7bfaeb72fd7 100644 ---- a/extensions/libip6t_icmp6.c -+++ b/extensions/libip6t_icmp6.c -@@ -230,7 +230,7 @@ static unsigned int type_xlate_print(struct xt_xlate *xl, unsigned int icmptype, - type_name = icmp6_type_xlate(icmptype); - - if (type_name) { -- xt_xlate_add(xl, type_name); -+ xt_xlate_add(xl, "%s", type_name); - } else { - for (i = 0; i < ARRAY_SIZE(icmpv6_codes); ++i) - if (icmpv6_codes[i].type == icmptype && -@@ -239,7 +239,7 @@ static unsigned int type_xlate_print(struct xt_xlate *xl, unsigned int icmptype, - break; - - if (i != ARRAY_SIZE(icmpv6_codes)) -- xt_xlate_add(xl, icmpv6_codes[i].name); -+ xt_xlate_add(xl, "%s", icmpv6_codes[i].name); - else - return 0; - } -diff --git a/extensions/libipt_icmp.c b/extensions/libipt_icmp.c -index 5418997668d4c..e76257c54708c 100644 ---- a/extensions/libipt_icmp.c -+++ b/extensions/libipt_icmp.c -@@ -236,7 +236,7 @@ static unsigned int type_xlate_print(struct xt_xlate *xl, unsigned int icmptype, - if (icmp_codes[i].type == icmptype && - icmp_codes[i].code_min == code_min && - icmp_codes[i].code_max == code_max) { -- xt_xlate_add(xl, icmp_codes[i].name); -+ xt_xlate_add(xl, "%s", icmp_codes[i].name); - return 1; - } - } --- -2.21.0 - diff --git a/packages/iptables/Cargo.toml b/packages/iptables/Cargo.toml index 8f4d3c44b88..be6f78f6a8f 100644 --- a/packages/iptables/Cargo.toml +++ b/packages/iptables/Cargo.toml @@ -9,8 +9,8 @@ build = "build.rs" path = "pkg.rs" [[package.metadata.build-package.external-files]] -url = "http://www.netfilter.org/projects/iptables/files/iptables-1.8.2.tar.bz2" -sha512 = "8cf0f515764e1dc6e03284581d682d1949b33e8f25fea29c27ae856f1089fe8ca7b1814524b85f4378fd1fc7c7c7d002f06557b257ae2bbc945f8555bad0dc76" +url = "http://www.netfilter.org/projects/iptables/files/iptables-1.8.4.tar.bz2" +sha512 = "a7faaab58608ffaa51e26e8056551c0e91a49187439d30fcf5cce2800274cc3c0515db6cfba0f4c85613fb80779cf96089b8915db0e89161e9980a6384faebdb" [build-dependencies] glibc = { path = "../glibc" } diff --git a/packages/iptables/iptables.spec b/packages/iptables/iptables.spec index 6eb722b67a7..28599c4d822 100644 --- a/packages/iptables/iptables.spec +++ b/packages/iptables/iptables.spec @@ -1,12 +1,11 @@ Name: %{_cross_os}iptables -Version: 1.8.2 +Version: 1.8.4 Release: 1%{?dist} Summary: Tools for managing Linux kernel packet filtering capabilities License: GPLv2 URL: http://www.netfilter.org/ Source0: http://www.netfilter.org/projects/iptables/files/iptables-%{version}.tar.bz2 Patch1: 0001-iptables-apply-Use-mktemp-instead-of-tempfile.patch -Patch2: 0002-extensions-format-security-fixes-in-libip-6-t_icmp.patch BuildRequires: %{_cross_os}glibc-devel BuildRequires: %{_cross_os}libmnl-devel diff --git a/packages/kubernetes/Cargo.toml b/packages/kubernetes/Cargo.toml index 3cc64b8247f..153d861f274 100644 --- a/packages/kubernetes/Cargo.toml +++ b/packages/kubernetes/Cargo.toml @@ -9,8 +9,8 @@ build = "build.rs" path = "pkg.rs" [[package.metadata.build-package.external-files]] -url = "https://github.com/kubernetes/kubernetes/archive/v1.14.6/kubernetes-1.14.6.tar.gz" -sha512 = "b6ea20955d15d9980154f1c4a5d9a3153702632cfbd18d3e727daee7307465c0d4694b9a0c20a405fbe491c130dae7bfa23b1459c2733a7239918bbca531076f" +url = "https://github.com/kubernetes/kubernetes/archive/v1.14.10/kubernetes-1.14.10.tar.gz" +sha512 = "25ecc7bf737e7cbac6405042ced98ccf824ee9a59f290906b76594ab8742028a5b783e892a5b3a03b59a758641f2fe3dfe6a83d72c603103ec7ab0696e406dfc" [build-dependencies] glibc = { path = "../glibc" } diff --git a/packages/kubernetes/kubernetes.spec b/packages/kubernetes/kubernetes.spec index fd65fc380f2..1eb5d2fc03b 100644 --- a/packages/kubernetes/kubernetes.spec +++ b/packages/kubernetes/kubernetes.spec @@ -2,7 +2,7 @@ %global gorepo kubernetes %global goimport %{goproject}/%{gorepo} -%global gover 1.14.6 +%global gover 1.14.10 %global rpmver %{gover} %global _dwz_low_mem_die_limit 0 diff --git a/packages/libcap/9001-dont-test-during-install.patch b/packages/libcap/9001-dont-test-during-install.patch new file mode 100644 index 00000000000..02db48881d4 --- /dev/null +++ b/packages/libcap/9001-dont-test-during-install.patch @@ -0,0 +1,11 @@ +diff -ru libcap-2.28.orig/Makefile libcap-2.28/Makefile +--- libcap-2.28.orig/Makefile 2019-12-07 11:45:11.000000000 -0800 ++++ libcap-2.28/Makefile 2019-12-18 14:14:17.985096354 -0800 +@@ -16,7 +16,6 @@ + ifeq ($(GOLANG),yes) + $(MAKE) -C go $@ + endif +- $(MAKE) -C tests $@ + $(MAKE) -C progs $@ + $(MAKE) -C doc $@ + $(MAKE) -C kdebug $@ diff --git a/packages/libcap/Cargo.toml b/packages/libcap/Cargo.toml index a5920fc4fc5..d76876ddabb 100644 --- a/packages/libcap/Cargo.toml +++ b/packages/libcap/Cargo.toml @@ -9,8 +9,8 @@ build = "build.rs" path = "pkg.rs" [[package.metadata.build-package.external-files]] -url = "https://git.kernel.org/pub/scm/libs/libcap/libcap.git/snapshot/libcap-2.26.tar.gz" -sha512 = "4a0bfbc1c3efb009a309d9b894aa553009a229323da4780caa424bd70d0579d6b156e2034bc4dee8dc3b2caaf8617a18c74a01095a4c2a8fbe732e5e8a304603" +url = "https://git.kernel.org/pub/scm/libs/libcap/libcap.git/snapshot/libcap-2.28.tar.gz" +sha512 = "eb89d3a4da986790d3679195f00dd907370e109acea65c19d60ea5ae5916a138370121b154cc7261a1ed4d403bfead002cfa160bf8f3473564c5f4c5f7ce6df9" [build-dependencies] glibc = { path = "../glibc" } diff --git a/packages/libcap/libcap.spec b/packages/libcap/libcap.spec index 103c9759a8e..1e1f547a990 100644 --- a/packages/libcap/libcap.spec +++ b/packages/libcap/libcap.spec @@ -1,5 +1,5 @@ Name: %{_cross_os}libcap -Version: 2.26 +Version: 2.28 Release: 1%{?dist} Summary: Library for getting and setting POSIX.1e capabilities License: GPLv2 @@ -10,6 +10,9 @@ BuildRequires: %{_cross_os}glibc-devel BuildRequires: %{_cross_os}libattr-devel Requires: %{_cross_os}libattr +# Local changes. +Patch9001: 9001-dont-test-during-install.patch + %description %{summary}. diff --git a/packages/libexpat/Cargo.toml b/packages/libexpat/Cargo.toml index 3ec24036481..fbe6a18fe0e 100644 --- a/packages/libexpat/Cargo.toml +++ b/packages/libexpat/Cargo.toml @@ -9,9 +9,9 @@ build = "build.rs" path = "pkg.rs" [[package.metadata.build-package.external-files]] -path = "expat-2.2.6.tar.gz" -url = "https://github.com/libexpat/libexpat/archive/R_2_2_6.tar.gz#/expat-2.2.6.tar.gz" -sha512 = "727fbd24041c9af71b32353448583a6d8b38ddf93b10c97510e847939c2ad2be9b40ff6e6e27b725bff277982c2fc96c75f19c4a3ac4a246133eb62870c963d8" +path = "expat-2.2.9.tar.gz" +url = "https://github.com/libexpat/libexpat/archive/R_2_2_9.tar.gz#/expat-2.2.9.tar.gz" +sha512 = "e274fa7f30630450cb3ca681b266d765dbb7f5d00d1275ff9d9b2e2f6e1095893b8af4e3f4172ae6297c7a8a831a0a6becd484fe4bcdca09c37922f630780ef0" [build-dependencies] glibc = { path = "../glibc" } diff --git a/packages/libexpat/libexpat.spec b/packages/libexpat/libexpat.spec index 68a881cf94e..3262e1a3915 100644 --- a/packages/libexpat/libexpat.spec +++ b/packages/libexpat/libexpat.spec @@ -1,4 +1,4 @@ -%global unversion 2_2_6 +%global unversion 2_2_9 Name: %{_cross_os}libexpat Version: %(echo %{unversion} | sed 's/_/./g') diff --git a/packages/libnetfilter_queue/Cargo.toml b/packages/libnetfilter_queue/Cargo.toml index caef224f4de..1bb382f9f47 100644 --- a/packages/libnetfilter_queue/Cargo.toml +++ b/packages/libnetfilter_queue/Cargo.toml @@ -9,8 +9,8 @@ build = "build.rs" path = "pkg.rs" [[package.metadata.build-package.external-files]] -url = "https://netfilter.org/projects/libnetfilter_queue/files/libnetfilter_queue-1.0.2.tar.bz2" -sha512 = "89fec4d943b85f35e7cef3b1b9071b1280c6e1b282b7e5cb97eb17d05b9ddd175194639ead986767d27152540fe8e167383a1f7bbfe3cdf874a5a42a2c096f11" +url = "https://netfilter.org/projects/libnetfilter_queue/files/libnetfilter_queue-1.0.3.tar.bz2" +sha512 = "1d9e0202878bc0ae26ceecd0f4fa4c21f89056e5671d46949f92f21c155d589958b7775760fc837547da34eb9a81e537e95c770d25c166e709dad16de4ca452e" [build-dependencies] glibc = { path = "../glibc" } diff --git a/packages/libnetfilter_queue/libnetfilter_queue.spec b/packages/libnetfilter_queue/libnetfilter_queue.spec index 77537dbc57e..3a6a03eca5d 100644 --- a/packages/libnetfilter_queue/libnetfilter_queue.spec +++ b/packages/libnetfilter_queue/libnetfilter_queue.spec @@ -1,5 +1,5 @@ Name: %{_cross_os}libnetfilter_queue -Version: 1.0.2 +Version: 1.0.3 Release: 1%{?dist} Summary: Library for netfilter queue License: GPLv2 @@ -32,7 +32,6 @@ Requires: %{name} %install %make_install -rm %{buildroot}%{_cross_includedir}/internal.h %files %{_cross_libdir}/*.so.* diff --git a/packages/libnftnl/Cargo.toml b/packages/libnftnl/Cargo.toml index a981315069f..c7c82ed19f2 100644 --- a/packages/libnftnl/Cargo.toml +++ b/packages/libnftnl/Cargo.toml @@ -9,8 +9,8 @@ build = "build.rs" path = "pkg.rs" [[package.metadata.build-package.external-files]] -url = "http://netfilter.org/projects/libnftnl/files/libnftnl-1.1.3.tar.bz2" -sha512 = "3fb96ea1a8bc9eb00fa2cf79f64cc9613250e8b97de6e90e440c7c44e92789e7c7fd603b7347bb02d9d74af725cf8fde5d2e435c5ffdcb784316c67b83ddf0fe" +url = "http://netfilter.org/projects/libnftnl/files/libnftnl-1.1.5.tar.bz2" +sha512 = "a0495e1a99ea9efcf3994db48e50943023ff3d8101055887574ff4eb6b0df8600cf7db68a9c91ca02bbbcc1f01099b008649f88321bb956897bcc90eb4167ee7" [build-dependencies] glibc = { path = "../glibc" } diff --git a/packages/libnftnl/libnftnl.spec b/packages/libnftnl/libnftnl.spec index 1918597b9ec..d84f43d4ba7 100644 --- a/packages/libnftnl/libnftnl.spec +++ b/packages/libnftnl/libnftnl.spec @@ -1,5 +1,5 @@ Name: %{_cross_os}libnftnl -Version: 1.1.3 +Version: 1.1.5 Release: 1%{?dist} Summary: Library for nftables netlink License: GPLv2+ diff --git a/packages/libnl/Cargo.toml b/packages/libnl/Cargo.toml index 49b90b5554d..285500ebce4 100644 --- a/packages/libnl/Cargo.toml +++ b/packages/libnl/Cargo.toml @@ -9,8 +9,8 @@ build = "build.rs" path = "pkg.rs" [[package.metadata.build-package.external-files]] -url = "https://github.com/thom311/libnl/archive/libnl3_4_0.tar.gz" -sha512 = "f7fa6987130b58e4a9cbe5401333a94eec4069324b760bb3a58b0dca74a767e5289e43bcf1ee78ea43a3c9d44a27d3c0e1db5d97c8c208ee2be3ecd9080b269c" +url = "https://github.com/thom311/libnl/archive/libnl3_5_0.tar.gz" +sha512 = "2b762419a21b4560f7d488791a9d7aec0d1c6eac0cd2839ceec0bef5562f130ce44b826691276e1301b9e239f684063037959207474cefec4b46efc32039615d" [build-dependencies] glibc = { path = "../glibc" } diff --git a/packages/libnl/libnl.spec b/packages/libnl/libnl.spec index ee6a381775b..5de2d02e263 100644 --- a/packages/libnl/libnl.spec +++ b/packages/libnl/libnl.spec @@ -1,5 +1,5 @@ -%global rpmver 3.4.0 -%global srcver 3_4_0 +%global rpmver 3.5.0 +%global srcver 3_5_0 Name: %{_cross_os}libnl Version: %{rpmver} diff --git a/packages/libpcap/Cargo.toml b/packages/libpcap/Cargo.toml index 34c441a9c8e..5f77832bec4 100644 --- a/packages/libpcap/Cargo.toml +++ b/packages/libpcap/Cargo.toml @@ -9,8 +9,8 @@ build = "build.rs" path = "pkg.rs" [[package.metadata.build-package.external-files]] -url = "http://www.tcpdump.org/release/libpcap-1.9.0.tar.gz" -sha512 = "0ff25641f1e9d29082766caef45888c19214f770c4f378818caa73fcbc4ae54ad9195549c2499d4879ff46e35741d93b2b02cc5f3d6aa99e85a32194cf10bfe7" +url = "http://www.tcpdump.org/release/libpcap-1.9.1.tar.gz" +sha512 = "ae0d6b0ad8253e7e059336c0f4ed3850d20d7d2f4dc1d942c2951f99a5443a690f0cc42c6f8fdc4a0ccb19e9e985192ba6f399c4bde2c7076e420f547fddfb08" [build-dependencies] glibc = { path = "../glibc" } diff --git a/packages/libpcap/libpcap.spec b/packages/libpcap/libpcap.spec index 5efdcf2c2ec..b396f6be61b 100644 --- a/packages/libpcap/libpcap.spec +++ b/packages/libpcap/libpcap.spec @@ -1,5 +1,5 @@ Name: %{_cross_os}libpcap -Version: 1.9.0 +Version: 1.9.1 Release: 1%{?dist} Summary: Library for packet capture License: BSD with advertising diff --git a/packages/libseccomp/0001-api-define-__SNR_ppoll-again.patch b/packages/libseccomp/0001-api-define-__SNR_ppoll-again.patch new file mode 100644 index 00000000000..7dc8bced731 --- /dev/null +++ b/packages/libseccomp/0001-api-define-__SNR_ppoll-again.patch @@ -0,0 +1,44 @@ +From e3647f5b6b52996bf30d0c2c1d1248e4182e1c1c Mon Sep 17 00:00:00 2001 +From: Miroslav Lichvar +Date: Wed, 13 Nov 2019 13:36:10 +0100 +Subject: [PATCH] api: define __SNR_ppoll again + +Commit bf747eb21e428c2b3ead6ebcca27951b681963a0 accidentally removed the +__SNR_ppoll definition. Add it back, using a PNR value if disabled in +the kernel headers. + +Signed-off-by: Miroslav Lichvar +Acked-by: Tom Hromatka +Signed-off-by: Paul Moore +--- + include/seccomp-syscalls.h | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/include/seccomp-syscalls.h b/include/seccomp-syscalls.h +index 6457592..3c958df 100644 +--- a/include/seccomp-syscalls.h ++++ b/include/seccomp-syscalls.h +@@ -272,6 +272,7 @@ + #define __PNR_timerfd_gettime64 -10238 + #define __PNR_timerfd_settime64 -10239 + #define __PNR_utimensat_time64 -10240 ++#define __PNR_ppoll -10241 + + /* + * libseccomp syscall definitions +@@ -1359,6 +1360,12 @@ + #define __SNR_poll __PNR_poll + #endif + ++#ifdef __NR_ppoll ++#define __SNR_ppoll __NR_ppoll ++#else ++#define __SNR_ppoll __PNR_ppoll ++#endif ++ + #ifdef __NR_ppoll_time64 + #define __SNR_ppoll_time64 __NR_ppoll_time64 + #else +-- +2.23.0 + diff --git a/packages/libseccomp/0002-tests-rely-on-__SNR_xxx-instead-of-__NR_xxx-for-sysc.patch b/packages/libseccomp/0002-tests-rely-on-__SNR_xxx-instead-of-__NR_xxx-for-sysc.patch new file mode 100644 index 00000000000..d978f32887a --- /dev/null +++ b/packages/libseccomp/0002-tests-rely-on-__SNR_xxx-instead-of-__NR_xxx-for-sysc.patch @@ -0,0 +1,40 @@ +From 1ecdddb2a5b61cf527d1f238f88a9d129239f87a Mon Sep 17 00:00:00 2001 +From: Paul Moore +Date: Tue, 5 Nov 2019 15:11:11 -0500 +Subject: [PATCH] tests: rely on __SNR_xxx instead of __NR_xxx for syscalls + +We recently changed how libseccomp handles syscall numbers that are +not defined natively, but we missed test #15. + +Acked-by: Tom Hromatka +Signed-off-by: Paul Moore +--- + tests/15-basic-resolver.c | 6 +++--- + 1 file changed, 3 insertions(+), 3 deletions(-) + +diff --git a/tests/15-basic-resolver.c b/tests/15-basic-resolver.c +index 6badef1..0c1eefe 100644 +--- a/tests/15-basic-resolver.c ++++ b/tests/15-basic-resolver.c +@@ -55,15 +55,15 @@ int main(int argc, char *argv[]) + unsigned int arch; + char *name = NULL; + +- if (seccomp_syscall_resolve_name("open") != __NR_open) ++ if (seccomp_syscall_resolve_name("open") != __SNR_open) + goto fail; +- if (seccomp_syscall_resolve_name("read") != __NR_read) ++ if (seccomp_syscall_resolve_name("read") != __SNR_read) + goto fail; + if (seccomp_syscall_resolve_name("INVALID") != __NR_SCMP_ERROR) + goto fail; + + rc = seccomp_syscall_resolve_name_rewrite(SCMP_ARCH_NATIVE, "openat"); +- if (rc != __NR_openat) ++ if (rc != __SNR_openat) + goto fail; + + while ((arch = arch_list[iter++]) != -1) { +-- +2.23.0 + diff --git a/packages/libseccomp/Cargo.toml b/packages/libseccomp/Cargo.toml index 0cc7fe366c8..6fa5b8a194d 100644 --- a/packages/libseccomp/Cargo.toml +++ b/packages/libseccomp/Cargo.toml @@ -9,8 +9,8 @@ build = "build.rs" path = "pkg.rs" [[package.metadata.build-package.external-files]] -url = "https://github.com/seccomp/libseccomp/releases/download/v2.4.1/libseccomp-2.4.1.tar.gz" -sha512 = "1fe47ebb032635ba1b1cbefb505a0c103bae659844d1bf106d03e7f28b3c470726f7b0dbbe76d10ab89501630dc4f20b162c2eeefa22394eb632f803ae62ccc5" +url = "https://github.com/seccomp/libseccomp/releases/download/v2.4.2/libseccomp-2.4.2.tar.gz" +sha512 = "375a3c7c658be6a08b9bb30963e10bb49e8e066119e0be6d3d97faac3db18b8e2c6938d8b5d3874b2f5331ec8295170112fbae83b5a3b5a5bebc0d6705bdfdbb" [build-dependencies] glibc = { path = "../glibc" } diff --git a/packages/libseccomp/libseccomp.spec b/packages/libseccomp/libseccomp.spec index ebfbdebbe4e..c2e247ec45c 100644 --- a/packages/libseccomp/libseccomp.spec +++ b/packages/libseccomp/libseccomp.spec @@ -1,5 +1,5 @@ Name: %{_cross_os}libseccomp -Version: 2.4.1 +Version: 2.4.2 Release: 1%{?dist} Summary: Library for enhanced seccomp License: LGPLv2 @@ -7,6 +7,10 @@ URL: https://github.com/seccomp/libseccomp Source0: https://github.com/seccomp/libseccomp/releases/download/v%{version}/libseccomp-%{version}.tar.gz BuildRequires: %{_cross_os}glibc-devel +# Backports from upstream after 2.4.2 release +Patch0001: 0001-api-define-__SNR_ppoll-again.patch +Patch0002: 0002-tests-rely-on-__SNR_xxx-instead-of-__NR_xxx-for-sysc.patch + %description %{summary}. diff --git a/packages/libxcrypt/Cargo.toml b/packages/libxcrypt/Cargo.toml index c139b1d3189..2aaa000539b 100644 --- a/packages/libxcrypt/Cargo.toml +++ b/packages/libxcrypt/Cargo.toml @@ -9,8 +9,8 @@ build = "build.rs" path = "pkg.rs" [[package.metadata.build-package.external-files]] -url = "https://github.com/besser82/libxcrypt/archive/v4.4.3/libxcrypt-4.4.3.tar.gz" -sha512 = "c919ded5fcb84e21a0972bb5521aa155471ef11da4478afc31b843c1e55031a16125838883640b0c19eb6e1f717d76d15201ecf3ae5338c5905fe4a807386066" +url = "https://github.com/besser82/libxcrypt/archive/v4.4.10/libxcrypt-4.4.10.tar.gz" +sha512 = "fd714542dad40db721c03270b5a03e2c068b0750e887dcac4c651433d5905d08bd5c5db3762cc2e4ceee0103bd62810559ea197d164126169e0b253675415ca2" [build-dependencies] glibc = { path = "../glibc" } diff --git a/packages/libxcrypt/libxcrypt.spec b/packages/libxcrypt/libxcrypt.spec index 62971643010..9b39373578a 100644 --- a/packages/libxcrypt/libxcrypt.spec +++ b/packages/libxcrypt/libxcrypt.spec @@ -1,5 +1,5 @@ Name: %{_cross_os}libxcrypt -Version: 4.4.3 +Version: 4.4.10 Release: 1%{?dist} Summary: Extended crypt library for descrypt, md5crypt, bcrypt, and others License: LGPLv2+ and BSD and Public Domain diff --git a/packages/procps/Cargo.toml b/packages/procps/Cargo.toml index 04d74d8bb14..d2c8fa12f5a 100644 --- a/packages/procps/Cargo.toml +++ b/packages/procps/Cargo.toml @@ -9,8 +9,8 @@ build = "build.rs" path = "pkg.rs" [[package.metadata.build-package.external-files]] -url = "https://gitlab.com/procps-ng/procps/-/archive/v3.3.15/procps-v3.3.15.tar.gz" -sha512 = "6d2db0e274399d69312564de37660c532a46c3963b8df3ff0e0df417610b15f2c01217e81b921775f2dc83a2c60bacda5a85c945900fb9560392db80f89d1095" +url = "https://gitlab.com/procps-ng/procps/-/archive/v3.3.16/procps-v3.3.16.tar.gz" +sha512 = "40ed713afbca979265b0c0f582b9eb0a8def429c78430d21d6c115d5481e3bc6e7c051771313faf2efbb6f09010cce879aed55e82ea55d78279e9c0a1f793337" [build-dependencies] glibc = { path = "../glibc" } diff --git a/packages/procps/procps.spec b/packages/procps/procps.spec index 1c9b3e52847..c0aabf45f08 100644 --- a/packages/procps/procps.spec +++ b/packages/procps/procps.spec @@ -1,5 +1,5 @@ Name: %{_cross_os}procps -Version: 3.3.15 +Version: 3.3.16 Release: 1%{?dist} Summary: A set of process monitoring tools License: GPL+ and GPLv2 and GPLv2+ and GPLv3+ and LGPLv2+ diff --git a/packages/runc/Cargo.toml b/packages/runc/Cargo.toml index fc03e599c2f..743cd02ce7a 100644 --- a/packages/runc/Cargo.toml +++ b/packages/runc/Cargo.toml @@ -9,8 +9,8 @@ build = "build.rs" path = "pkg.rs" [[package.metadata.build-package.external-files]] -url = "https://github.com/opencontainers/runc/archive/3e425f80a8c931f88e6d94a8c831b9d5aa481657/runc-3e425f80a8c931f88e6d94a8c831b9d5aa481657.tar.gz" -sha512 = "7287738ba1cf50569c5ac3637e45b4c6af6fa4c0b6f9e65d9f9889ef7a5736d49c68cd243f08b94131814c579064e13f04258b90d688285be2b7b1c9eb634801" +url = "https://github.com/opencontainers/runc/archive/d736ef14f0288d6993a1845745d6756cfc9ddd5a/runc-d736ef14f0288d6993a1845745d6756cfc9ddd5a.tar.gz" +sha512 = "56c46fbe4d637a83d67e0aabf2549ba687d8b1e357fdecfffca343c8b166edf4158830aa0a4419edd6994c589b874bb8504eb3969ed3430cda6e233940d34194" [build-dependencies] glibc = { path = "../glibc" } diff --git a/packages/runc/runc.spec b/packages/runc/runc.spec index 7f19e11d354..af9c26fa239 100644 --- a/packages/runc/runc.spec +++ b/packages/runc/runc.spec @@ -1,11 +1,11 @@ %global goproject github.com/opencontainers %global gorepo runc %global goimport %{goproject}/%{gorepo} -%global commit 3e425f80a8c931f88e6d94a8c831b9d5aa481657 -%global shortcommit 3e425f80 +%global commit d736ef14f0288d6993a1845745d6756cfc9ddd5a +%global shortcommit d736ef14 -%global gover 1.0.0-rc8 -%global rpmver 1.0.0~rc8 +%global gover 1.0.0-rc9 +%global rpmver 1.0.0~rc9 %global _dwz_low_mem_die_limit 0 diff --git a/packages/strace/Cargo.toml b/packages/strace/Cargo.toml index 00876a00845..427baf350c8 100644 --- a/packages/strace/Cargo.toml +++ b/packages/strace/Cargo.toml @@ -9,8 +9,8 @@ build = "build.rs" path = "pkg.rs" [[package.metadata.build-package.external-files]] -url = "https://strace.io/files/5.0/strace-5.0.tar.xz" -sha512 = "cba3280ada27ef434eda54d0e150f04ab89ad227d67b29bd0993f9ac7747eb32b0e49af8cc493b92eab99c0848ec8dc6bbd9b1db423abd53f19129dacbddf265" +url = "https://strace.io/files/5.4/strace-5.4.tar.xz" +sha512 = "4ddba2ec4457a2257c18b26dca851e49a275813c4eb3069379a93fcc60228f9b63a3dee9e3719ae606a7cc61d55ab21ce147327223903c302c061e381097a8d7" [build-dependencies] glibc = { path = "../glibc" } diff --git a/packages/strace/strace.spec b/packages/strace/strace.spec index 83b1ed427d1..f7925165739 100644 --- a/packages/strace/strace.spec +++ b/packages/strace/strace.spec @@ -1,5 +1,5 @@ Name: %{_cross_os}strace -Version: 5.0 +Version: 5.4 Release: 1%{?dist} Summary: Linux syscall tracer License: LGPLv2.1+ diff --git a/packages/systemd/0001-cgroup-Check-ancestor-memory-min-for-unified-memory-.patch b/packages/systemd/0001-cgroup-Check-ancestor-memory-min-for-unified-memory-.patch deleted file mode 100644 index b4b390e6db6..00000000000 --- a/packages/systemd/0001-cgroup-Check-ancestor-memory-min-for-unified-memory-.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 9f8b9ecdc890e7c135890997847a30b995615b54 Mon Sep 17 00:00:00 2001 -From: Chris Down -Date: Mon, 30 Sep 2019 18:24:26 +0100 -Subject: [PATCH 1/3] cgroup: Check ancestor memory min for unified memory - config - -Otherwise we might not enable it when we should, ie. DefaultMemoryMin is -set in a parent, but not MemoryMin in the current unit. ---- - src/core/cgroup.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/core/cgroup.c b/src/core/cgroup.c -index 60a7799..4ff88fb 100644 ---- a/src/core/cgroup.c -+++ b/src/core/cgroup.c -@@ -933,7 +933,7 @@ static bool unit_has_unified_memory_config(Unit *u) { - c = unit_get_cgroup_context(u); - assert(c); - -- return c->memory_min > 0 || unit_get_ancestor_memory_low(u) > 0 || -+ return unit_get_ancestor_memory_min(u) > 0 || unit_get_ancestor_memory_low(u) > 0 || - c->memory_high != CGROUP_LIMIT_MAX || c->memory_max != CGROUP_LIMIT_MAX || - c->memory_swap_max != CGROUP_LIMIT_MAX; - } --- -2.21.0 - diff --git a/packages/systemd/0002-cgroup-Respect-DefaultMemoryMin-when-setting-memory..patch b/packages/systemd/0002-cgroup-Respect-DefaultMemoryMin-when-setting-memory..patch deleted file mode 100644 index 3080c6fe0fd..00000000000 --- a/packages/systemd/0002-cgroup-Respect-DefaultMemoryMin-when-setting-memory..patch +++ /dev/null @@ -1,30 +0,0 @@ -From a6f1a1fb95de9959e4fef8c7eccf3632f16e649a Mon Sep 17 00:00:00 2001 -From: Chris Down -Date: Mon, 30 Sep 2019 18:25:09 +0100 -Subject: [PATCH 2/3] cgroup: Respect DefaultMemoryMin when setting memory.min - -This is an oversight from https://github.com/systemd/systemd/pull/12332. - -Sadly the tests didn't catch it since it requires a real cgroup -hierarchy to see, and it wasn't seen in prod since we're only currently -using DefaultMemoryLow, not DefaultMemoryMin. :-( ---- - src/core/cgroup.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/core/cgroup.c b/src/core/cgroup.c -index 4ff88fb..94a83e0 100644 ---- a/src/core/cgroup.c -+++ b/src/core/cgroup.c -@@ -1200,7 +1200,7 @@ static void cgroup_context_apply( - log_cgroup_compat(u, "Applying MemoryLimit=%" PRIu64 " as MemoryMax=", max); - } - -- cgroup_apply_unified_memory_limit(u, "memory.min", c->memory_min); -+ cgroup_apply_unified_memory_limit(u, "memory.min", unit_get_ancestor_memory_min(u)); - cgroup_apply_unified_memory_limit(u, "memory.low", unit_get_ancestor_memory_low(u)); - cgroup_apply_unified_memory_limit(u, "memory.high", c->memory_high); - cgroup_apply_unified_memory_limit(u, "memory.max", max); --- -2.21.0 - diff --git a/packages/systemd/0003-cgroup-Mark-memory-protections-as-explicitly-set-in-.patch b/packages/systemd/0003-cgroup-Mark-memory-protections-as-explicitly-set-in-.patch deleted file mode 100644 index 7124cbbb2fc..00000000000 --- a/packages/systemd/0003-cgroup-Mark-memory-protections-as-explicitly-set-in-.patch +++ /dev/null @@ -1,107 +0,0 @@ -From 852e31226bb2ce3871fa98850a64b8e600b63a2c Mon Sep 17 00:00:00 2001 -From: Chris Down -Date: Mon, 30 Sep 2019 18:36:13 +0100 -Subject: [PATCH 3/3] cgroup: Mark memory protections as explicitly set in - transient units - -A later version of the DefaultMemory{Low,Min} patch changed these to -require explicitly setting memory_foo_set, but we only set that in -load-fragment, not dbus-cgroup. - -Without these, we may fall back to either DefaultMemoryFoo or -CGROUP_LIMIT_MIN when we really shouldn't. ---- - src/core/dbus-cgroup.c | 64 +++++++++++++++++++++++++++++++----------- - 1 file changed, 48 insertions(+), 16 deletions(-) - -diff --git a/src/core/dbus-cgroup.c b/src/core/dbus-cgroup.c -index 2f2313c..accd831 100644 ---- a/src/core/dbus-cgroup.c -+++ b/src/core/dbus-cgroup.c -@@ -749,17 +749,33 @@ int bus_cgroup_set_property( - if (streq(name, "MemoryAccounting")) - return bus_cgroup_set_boolean(u, name, &c->memory_accounting, CGROUP_MASK_MEMORY, message, flags, error); - -- if (streq(name, "MemoryMin")) -- return bus_cgroup_set_memory_protection(u, name, &c->memory_min, message, flags, error); -+ if (streq(name, "MemoryMin")) { -+ r = bus_cgroup_set_memory_protection(u, name, &c->memory_min, message, flags, error); -+ if (r > 0) -+ c->memory_min_set = true; -+ return r; -+ } - -- if (streq(name, "MemoryLow")) -- return bus_cgroup_set_memory_protection(u, name, &c->memory_low, message, flags, error); -+ if (streq(name, "MemoryLow")) { -+ r = bus_cgroup_set_memory_protection(u, name, &c->memory_low, message, flags, error); -+ if (r > 0) -+ c->memory_low_set = true; -+ return r; -+ } - -- if (streq(name, "DefaultMemoryMin")) -- return bus_cgroup_set_memory_protection(u, name, &c->default_memory_min, message, flags, error); -+ if (streq(name, "DefaultMemoryMin")) { -+ r = bus_cgroup_set_memory_protection(u, name, &c->default_memory_min, message, flags, error); -+ if (r > 0) -+ c->default_memory_min_set = true; -+ return r; -+ } - -- if (streq(name, "DefaultMemoryLow")) -- return bus_cgroup_set_memory_protection(u, name, &c->default_memory_low, message, flags, error); -+ if (streq(name, "DefaultMemoryLow")) { -+ r = bus_cgroup_set_memory_protection(u, name, &c->default_memory_low, message, flags, error); -+ if (r > 0) -+ c->default_memory_low_set = true; -+ return r; -+ } - - if (streq(name, "MemoryHigh")) - return bus_cgroup_set_memory(u, name, &c->memory_high, message, flags, error); -@@ -773,17 +789,33 @@ int bus_cgroup_set_property( - if (streq(name, "MemoryLimit")) - return bus_cgroup_set_memory(u, name, &c->memory_limit, message, flags, error); - -- if (streq(name, "MemoryMinScale")) -- return bus_cgroup_set_memory_protection_scale(u, name, &c->memory_min, message, flags, error); -+ if (streq(name, "MemoryMinScale")) { -+ r = bus_cgroup_set_memory_protection_scale(u, name, &c->memory_min, message, flags, error); -+ if (r > 0) -+ c->memory_min_set = true; -+ return r; -+ } - -- if (streq(name, "MemoryLowScale")) -- return bus_cgroup_set_memory_protection_scale(u, name, &c->memory_low, message, flags, error); -+ if (streq(name, "MemoryLowScale")) { -+ r = bus_cgroup_set_memory_protection_scale(u, name, &c->memory_low, message, flags, error); -+ if (r > 0) -+ c->memory_low_set = true; -+ return r; -+ } - -- if (streq(name, "DefaultMemoryMinScale")) -- return bus_cgroup_set_memory_protection_scale(u, name, &c->default_memory_min, message, flags, error); -+ if (streq(name, "DefaultMemoryMinScale")) { -+ r = bus_cgroup_set_memory_protection_scale(u, name, &c->default_memory_min, message, flags, error); -+ if (r > 0) -+ c->default_memory_min_set = true; -+ return r; -+ } - -- if (streq(name, "DefaultMemoryLowScale")) -- return bus_cgroup_set_memory_protection_scale(u, name, &c->default_memory_low, message, flags, error); -+ if (streq(name, "DefaultMemoryLowScale")) { -+ r = bus_cgroup_set_memory_protection_scale(u, name, &c->default_memory_low, message, flags, error); -+ if (r > 0) -+ c->default_memory_low_set = true; -+ return r; -+ } - - if (streq(name, "MemoryHighScale")) - return bus_cgroup_set_memory_scale(u, name, &c->memory_high, message, flags, error); --- -2.21.0 - diff --git a/packages/systemd/Cargo.toml b/packages/systemd/Cargo.toml index c16c9ae744d..2ad2ffd20db 100644 --- a/packages/systemd/Cargo.toml +++ b/packages/systemd/Cargo.toml @@ -9,8 +9,8 @@ build = "build.rs" path = "pkg.rs" [[package.metadata.build-package.external-files]] -url = "https://github.com/systemd/systemd/archive/v243/systemd-243.tar.gz" -sha512 = "56b52a297aa5ac04d9667eb3afb1598725b197de73ff72baa1aabbc2844e36fba7b7fccdf6d214ae8b5b926616b2b7e15772763aaa80ec938d74333ff9c8673e" +url = "https://github.com/systemd/systemd/archive/v244/systemd-244.tar.gz" +sha512 = "08f260fb15b5eb273faafda826dd9154e9a02841b4c5911cc1c7e1445072ad51389f8cced7b9acf112737c20fd56b2fbf48b3f914733c934c774d38a23b616fb" [build-dependencies] glibc = { path = "../glibc" } diff --git a/packages/systemd/systemd.spec b/packages/systemd/systemd.spec index da0b0f19c54..b75af3f94b6 100644 --- a/packages/systemd/systemd.spec +++ b/packages/systemd/systemd.spec @@ -2,7 +2,7 @@ %global __arch_install_post /usr/lib/rpm/check-buildroot Name: %{_cross_os}systemd -Version: 243 +Version: 244 Release: 1%{?dist} Summary: System and Service Manager License: LGPLv2+ and MIT and GPLv2+ @@ -11,11 +11,6 @@ Source0: https://github.com/systemd/systemd/archive/v%{version}/systemd-%{versio Source1: run-tmpfiles.conf Source2: systemd-modules-load.conf -# Upstream fixes. -Patch0001: 0001-cgroup-Check-ancestor-memory-min-for-unified-memory-.patch -Patch0002: 0002-cgroup-Respect-DefaultMemoryMin-when-setting-memory..patch -Patch0003: 0003-cgroup-Mark-memory-protections-as-explicitly-set-in-.patch - # Local changes. Patch9001: 9001-move-stateful-paths-to-ephemeral-storage.patch Patch9002: 9002-do-not-create-unused-state-directories.patch diff --git a/packages/tcpdump/Cargo.toml b/packages/tcpdump/Cargo.toml index 2fcbf8d792c..dbbb7e5f560 100644 --- a/packages/tcpdump/Cargo.toml +++ b/packages/tcpdump/Cargo.toml @@ -9,8 +9,8 @@ build = "build.rs" path = "pkg.rs" [[package.metadata.build-package.external-files]] -url = "http://www.tcpdump.org/release/tcpdump-4.9.2.tar.gz" -sha512 = "e1bc19a5867d6e3628f3941bdf3ec831bf13784f1233ca1bccc46aac1702f47ee9357d7ff0ca62cddf211b3c8884488c21144cabddd92c861e32398cd8f7c44b" +url = "http://www.tcpdump.org/release/tcpdump-4.9.3.tar.gz" +sha512 = "3aec673f78b996a4df884b1240e5d0a26a2ca81ee7aca8a2e6d50255bb53476e008a5ced4409e278a956710d8a4d31d85bbb800c9f1aab92b0b1046b59292a22" [build-dependencies] glibc = { path = "../glibc" } diff --git a/packages/tcpdump/tcpdump.spec b/packages/tcpdump/tcpdump.spec index 29c9fbff976..55c9c1c8e7e 100644 --- a/packages/tcpdump/tcpdump.spec +++ b/packages/tcpdump/tcpdump.spec @@ -1,5 +1,5 @@ Name: %{_cross_os}tcpdump -Version: 4.9.2 +Version: 4.9.3 Release: 1%{?dist} Summary: Network monitoring tool License: BSD with advertising diff --git a/packages/util-linux/Cargo.toml b/packages/util-linux/Cargo.toml index ceea0a0f16c..778a9eddca8 100644 --- a/packages/util-linux/Cargo.toml +++ b/packages/util-linux/Cargo.toml @@ -9,8 +9,8 @@ build = "build.rs" path = "pkg.rs" [[package.metadata.build-package.external-files]] -url = "https://www.kernel.org/pub/linux/utils/util-linux/v2.33/util-linux-2.33.1.tar.xz" -sha512 = "94ada47e472b62a612c26fd5a5b7423e09366690a8a96f777191a5d920981eb0f224474bc2f128e827299bf60062770011332757e1551a8cd3764b5c70ae4ba2" +url = "https://www.kernel.org/pub/linux/utils/util-linux/v2.34/util-linux-2.34.tar.xz" +sha512 = "2d0b76f63d32e7afb7acf61a83fabbfd58baa34ab78b3a331ce87f9c676a5fd71c56a493ded95039540d2c46b6048caaa38d7fb4491eb3d52d7b09dc54655cd7" [build-dependencies] glibc = { path = "../glibc" } diff --git a/packages/util-linux/util-linux.spec b/packages/util-linux/util-linux.spec index dce4c5df57b..a5876f7af9f 100644 --- a/packages/util-linux/util-linux.spec +++ b/packages/util-linux/util-linux.spec @@ -1,10 +1,10 @@ Name: %{_cross_os}util-linux -Version: 2.33.1 +Version: 2.34 Release: 1%{?dist} Summary: A collection of basic system utilities License: GPLv2 and GPLv2+ and LGPLv2+ and BSD with advertising and Public Domain URL: http://en.wikipedia.org/wiki/Util-linux -Source0: https://www.kernel.org/pub/linux/utils/util-linux/v2.33/util-linux-%{version}.tar.xz +Source0: https://www.kernel.org/pub/linux/utils/util-linux/v2.34/util-linux-%{version}.tar.xz BuildRequires: %{_cross_os}glibc-devel BuildRequires: %{_cross_os}libacl-devel BuildRequires: %{_cross_os}libselinux-devel @@ -153,6 +153,7 @@ sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool %exclude %{_cross_bindir}/eject %exclude %{_cross_bindir}/fincore %exclude %{_cross_bindir}/getopt +%exclude %{_cross_bindir}/hardlink %exclude %{_cross_bindir}/hexdump %exclude %{_cross_bindir}/isosize %exclude %{_cross_bindir}/last