%global goipath github.com/containerd/containerd %global debug_package %{nil} Version: 1.2.0 Name: containerd Release: 213 Summary: An industry-standard container runtime License: ASL 2.0 URL: https://containerd.io Source0: %{name}-%{version}.tar.gz BuildRequires: golang glibc-static make btrfs-progs-devel %description containerd is an industry-standard container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Linux and Windows, which can manage the complete container lifecycle of its host system: image transfer and storage, container execution and supervision, low-level storage and network attachments, etc. %prep %setup -c -n containerd %build echo %{VERSION}.%{RELEASE} > containerd_version ./apply-patch GO_BUILD_PATH=$PWD/_build install -m 0755 -vd $(dirname $GO_BUILD_PATH/src/%{goipath}) ln -fs $PWD $GO_BUILD_PATH/src/%{goipath} cd $GO_BUILD_PATH/src/%{goipath} export GOPATH=$GO_BUILD_PATH:%{gopath} export BUILDTAGS="no_btrfs no_cri" make %install install -d $RPM_BUILD_ROOT/%{_bindir} install -p -m 755 bin/containerd $RPM_BUILD_ROOT/%{_bindir}/containerd install -p -m 755 bin/containerd-shim $RPM_BUILD_ROOT/%{_bindir}/containerd-shim install -p -m 755 bin/ctr $RPM_BUILD_ROOT/%{_bindir}/ctr %files %{_bindir}/containerd %{_bindir}/containerd-shim %{_bindir}/ctr %changelog * Wed Nov 08 2023 zhongjiawei - 1.2.0-213 - Type:bugfix - ID:NA - SUG:NA - DESC:bump ttrpc to fix containerd-shim socket connect increase leak after restart docker * Tue Sep 19 2023 zhongjiawei - 1.2.0-212 - Type:bugfix - ID:NA - SUG:NA - DESC:sync some patches * Sat Aug 26 2023 chenjiankun - 1.2.0-211 - Type:bugfix - CVE:NA - SUG:NA - DESC:remove socket file when get file fd failed * Fri Jun 16 2023 zhongjiawei - 1.2.0-210 - Type:bugfix - ID:NA - SUG:NA - DESC:fix journald stop container shim log stuck bug * Mon Feb 27 2023 zhongjiawei - 1.2.0-209 - Type:CVE - ID:NA - SUG:NA - DESC:fix CVE-2023-25153 and CVE-2023-25173 * Thu Dec 15 2022 zhongjiawei - 1.2.0-208 - Type:bugfix - ID:NA - SUG:NA - DESC:fix k8s build fail without import context * Tue Dec 13 2022 zhongjiawei - 1.2.0-207 - Type:bugfix - ID:NA - SUG:NA - DESC:Fix goroutine leak in Exec * Wed Nov 16 2022 zhongjiawei - 1.2.0-206 - Type:bugfix - ID:NA - SUG:NA - DESC: add ctr binary into package * Wed Nov 16 2022 zhongjiawei - 1.2.0-205 - Type:bugfix - ID:NA - SUG:NA - DESC: fix version number wrong * Thu Sep 22 2022 zhongjiawei - 1.2.0-204 - Type:bugfix - ID:NA - SUG:NA - DESC: bugfix fix and add CGO security build options * Mon Jul 4 2022 zhongjiawei - 1.2.0-203 - Type:bugfix - ID:NA - SUG:NA - DESC: Limit the response size of ExecSync to fix CVE-2022-31030 * Tue Apr 26 2022 xiadanni - 1.2.0-202 - Type:bugfix - ID:NA - SUG:NA - DESC:Use fs.RootPath when mounting volumes for bundle dir to fix CVE-2022-23648 * Fri Nov 5 2021 xiadanni - 1.2.0-201 - Type:bugfix - ID:NA - SUG:NA - DESC:reduce permissions for bundle dir to fix CVE-2021-41103 * Wed Feb 9 2021 xiadanni - 1.2.0-200 - Type:bugfix - ID:NA - SUG:NA - DESC:sync bugfix and bump version to 200, bugfix include 1. check task list to avoid unnecessary cleanup. 2. fix dead loop 3. cleanup dangling shim by brand new context 4. fix potential panic for task in unknown state * Wed Nov 25 2020 xiadanni - 1.2.0-102 - Type:bugfix - ID:NA - SUG:NA - DESC:sync patches 0059-0063 * Thu Mar 5 2020 xiadanni - 1.2.0-101 - Type:bugfix - ID:NA - SUG:NA - DESC:sync patches 0038-0057 * Wed Jan 1 2020 xiadanni - 1.2.0-100 - Type:requirement - ID:NA - SUG:NA - DESC:package init