packages/docker
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
43 Commits 1 Branch 0 Tags
Commit Graph

43 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
chenjiankun
3d41826f07 docker: cleanup netns file when stop docker daemon 
fix #I5W2XY

(cherry picked from commit a81ea9875a9ca5bb61fcccc747b4a9f73a175680)
 2022-11-22 16:37:24 +08:00
openeuler-ci-bot
ec2ddd5603
!137 docker:fix compile problem 
From: @DCCooper 
Reviewed-by: @jackchan8, @duguhaotian, @Vanient 
Signed-off-by: @duguhaotian
 2022-10-15 10:03:46 +00:00
DCCooper
27e8320345 docker:fix compile problem 
change runc original install location
(/usr/local/bin --> /usr/bin) to fix compile problem

Signed-off-by: DCCooper <1866858@gmail.com>
 2022-09-24 01:35:03 +08:00
openeuler-ci-bot
ce42130c08
!133 [sync] PR-132: docker: add epoch for easy upgrade 
From: @openeuler-sync-bot 
Reviewed-by: @duguhaotian 
Signed-off-by: @duguhaotian
 2022-09-21 06:16:13 +00:00
chenjiankun
340b8d7164 docker: add epoch for easy upgrade 
(cherry picked from commit 7770ba688f2fe0ba20ff05d55bb9db20ba7854bf)
 2022-09-21 11:28:54 +08:00
openeuler-ci-bot
220dc337d8
!127 [sync] PR-126: docker: ensure layer digest folder removed if ls.driver.Remove fails 
From: @openeuler-sync-bot 
Reviewed-by: @duguhaotian 
Signed-off-by: @duguhaotian
 2022-09-16 06:51:15 +00:00
chenjiankun
9bb3a56c0e docker: ensure layer digest folder removed if ls.driver.Remove fails 
If image pull fails of context canceled, image layer will perform a
rollback operation. When image layer is released, the diff folder of layer
will be removed first, and then the digest folder will be removed.
If the diff folder fails to be removed, such as operation not permitted or
interrupted by others, both the digest folder and diff folder will remain
on the disk, this will cause image not be complete and not repairable.

So we should remove the digest folder first for image layers rollback
and ensure image can be re-pulled completely.

(cherry picked from commit 219f49ee216459dc50dcbddaade9828ad7fa31fb)
 2022-09-16 09:23:38 +08:00
openeuler-ci-bot
55c13ee484
!124 [sync] PR-122: [sync] docker: fix CVE-2022-36109 
From: @openeuler-sync-bot 
Reviewed-by: @duguhaotian 
Signed-off-by: @duguhaotian
 2022-09-15 08:44:54 +00:00
chenjiankun
06e6588807 docker: fix CVE-2022-36109 
fix #I5QLCS

(cherry picked from commit dde1451e0188d0be7b34c14b277b87dbf24e5581)
 2022-09-15 16:28:51 +08:00
openeuler-ci-bot
2f0e2c80ed
!119 [sync] PR-118: [sync] docker: Add an ExitPid field for State struct to record exit process id 
From: @openeuler-sync-bot 
Reviewed-by: @duguhaotian 
Signed-off-by: @duguhaotian
 2022-09-15 08:27:08 +00:00
chenjiankun
d774ef3f7d docker: Add an ExitPid field for State struct to record exit process id 
fix #I5OBUW

(cherry picked from commit c8142e10cf71a5a38616f1a7277ed879e796adca)
 2022-09-15 15:05:15 +08:00
openeuler-ci-bot
d31e1f2b9b
!115 [sync] PR-113: [sync] docker: fix terminal abnormal after docker run 
From: @openeuler-sync-bot 
Reviewed-by: @duguhaotian 
Signed-off-by: @duguhaotian
 2022-09-15 07:03:16 +00:00
chenjiankun
b0de51e996 [sync]docker: fix terminal abnormal after docker run 
fix #I5FTB4
fix #I5LDB4
fix #I5OBZ9

(cherry picked from commit b4a83d73a3cdba481691bf29f2f1f17a98d34a14)
 2022-09-15 14:16:29 +08:00
openeuler-ci-bot
4f81b515cd
!96 [sync] PR-95: sync from internal 
From: @openeuler-sync-bot 
Reviewed-by: @duguhaotian 
Signed-off-by: @duguhaotian
 2022-06-29 01:34:38 +00:00
chenjiankun
3de9bb5205 fix CVE-2021-41092 
fix #I5D1C0
fix CVE-2021-41092

(cherry picked from commit b02354202ecd4d7f7153b7f2bfd971c9674d358c)
 2022-06-28 19:30:18 +08:00
chenjiankun
3699f209c3 fix CVE-2021-41091 
fix #I5CA8V
fix CVE-2021-41091

(cherry picked from commit 11682acb91cea5b30488f14c5f693391f62fcce6)
 2022-06-28 19:30:18 +08:00
chenjiankun
65e2e6f6a5 fix CVE-2021-41089 
fix #I5CA8X

(cherry picked from commit 57f2f606bf67d58e1993e0353244a5f6b60cb598)
 2022-06-28 19:30:18 +08:00
chenjiankun
f8ffee8d73 close channel in write side to avoid panic in docker stats 
fix #I5ATMV

(cherry picked from commit e30932844aeb7d94b6ec1491e63acb0d1a9a2b1a)
 2022-06-28 19:30:18 +08:00
chenjiankun
95a9037aa0 fix status inconsistent after restart container 
fix #I5AIPF
fix #I5AD5N

(cherry picked from commit e72fc4bf764a9bca988612213a205c9534ca3c6f)
 2022-06-28 19:30:18 +08:00
openeuler-ci-bot
96b7377c44
!92 [sync] PR-85: docker: sync from sp1 
From: @jackchan8 
Reviewed-by: @zhangsong234, @duguhaotian 
Signed-off-by: @duguhaotian
 2022-06-28 08:39:50 +00:00
chenjiankun
cf8962ea99 docker: sync from sp1 
(cherry picked from commit 660a50e8357f7dae94ab3cda8f42dda3bddf134b)
 2022-06-28 15:54:39 +08:00
openeuler-ci-bot
45884c0a9b
!90 docker:【sync from master】fix-CVE-2022-24769 
From: @duyiwei7w 
Reviewed-by: @yangzhao_kl 
Signed-off-by: @yangzhao_kl
 2022-06-16 02:57:45 +00:00
duyiwei
fbc718add8 fix CVE-2022-24769 2022-06-16 10:05:51 +08:00
openeuler-ci-bot
e4c0fb82df !64 [sync] PR-62: docker:update seccomp whitelist to Linux 5.10 syscall list 
From: @openeuler-sync-bot
Reviewed-by: @duguhaotian
Signed-off-by: @duguhaotian
 2021-10-12 07:15:33 +00:00
xiadanni
931445117a docker:update seccomp whitelist to Linux 5.10 syscall list 
reason: update seccomp whitelist to Linux 5.10 syscall list to meet the
requirement that user uses image with new glibc version.

Signed-off-by: xiadanni <xiadanni1@huawei.com>
(cherry picked from commit ff5aa8ab6ec06b5101ef5787ca6f10e3f66c4a0f)
 2021-10-12 14:49:09 +08:00
xiadanni
4fe3a150f4 docker:bump version again for runc fix systemd cgroup 
Signed-off-by: xiadanni <xiadanni1@huawei.com>
(cherry picked from commit b7bc05d288539788c36340ccefddbc2fc7c743f1)
 2021-10-12 14:49:09 +08:00
openeuler-ci-bot
07ce8e59e8 !52 [sync] PR-49: docker: bump version for runc fix systemd cgroup after memory type changed 
From: @openeuler-sync-bot
Reviewed-by: @yangzhao_kl
Signed-off-by: @yangzhao_kl
 2021-08-12 02:32:08 +00:00
xiadanni
cb64af2f86 docker: bump version for runc fix systemd cgroup after memory type changed 
Signed-off-by: xiadanni <xiadanni1@huawei.com>
(cherry picked from commit 65f671460fa1b4faf0c31407b283bf55355784d5)
 2021-08-11 09:31:39 +08:00
openeuler-ci-bot
c72b2da141 !47 [sync] PR-45: docker:remove go-md2man build require 
From: @openeuler-sync-bot
Reviewed-by: @caihaomin
Signed-off-by: @caihaomin
 2021-08-10 07:25:19 +00:00
chenjiankun
7fd3c11f8c docker:remove go-md2man build require 
(cherry picked from commit 547bf388089cb8f0a8c90e8c25faa08e09b1e99b)
 2021-05-06 19:36:05 +08:00
openeuler-ci-bot
94d0954ade !36 [sync] PR-35: docker:prevent an invalid image from crashing docker daemon(CVE-2021-21285) 
From: @openeuler-sync-bot
Reviewed-by: @jing-rui,@caihaomin
Signed-off-by: @caihaomin
 2021-03-19 11:17:34 +08:00
xiadanni
d2de75f5f0 docker:prevent an invalid image from crashing docker daemon 
(CVE-2021-21285)

Change-Id: Ic43557af6156beb8b842e2dc9ba20eefa207abc0
Signed-off-by: xiadanni <xiadanni1@huawei.com>
(cherry picked from commit 2a49c58d90a1efd68e87b61a0a475d730875e844)
 2021-03-18 15:12:04 +08:00
openeuler-ci-bot
66e001b711 !34 docker:Fix Access to remapped root allows privilege escalation to real root (CVE-2021-21284) 
From: @Vanient
Reviewed-by: @jing-rui,@caihaomin
Signed-off-by: @caihaomin
 2021-03-05 14:16:36 +08:00
xiadanni
5fc83aff47 docker:Fix Access to remapped root allows privilege escalation to real root (CVE-2021-21284) 
Change-Id: I483f23d368c047147932da22c80cf23c8944669b
Signed-off-by: xiadanni <xiadanni1@huawei.com>
 2021-03-05 11:24:44 +08:00
xiadanni
9fba6cf9d7 docker: sync bugfix and bump version 
Change-Id: I8fbbbe26d0279c9921416733ce36da9d57587240
Signed-off-by: xiadanni <xiadanni1@huawei.com>
 2021-03-05 11:24:18 +08:00
openeuler-ci-bot
ae8c0ce502 !22 sync bugfix 
From: @jing-rui
Reviewed-by: @flyflyflypeng
Signed-off-by: @flyflyflypeng
 2021-01-19 09:59:31 +08:00
jingrui
adcc59f71c docker: sync bugfix 
Change-Id: Ida64f926d5d3a2a1f99c8718918737836e256897
Signed-off-by: jingrui <jingrui@huawei.com>
 2021-01-18 21:44:33 +08:00
openeuler-ci-bot
a387d4f07c !13 sync patches from internal 
From: @zvier
Reviewed-by: @jing-rui
Signed-off-by: @jing-rui
 2020-11-28 14:06:46 +08:00
zvier
449e60b25a sync patches from internal 
Signed-off-by: liuzekun <liuzekun@huawei.com>
 2020-11-28 11:20:04 +08:00
openeuler-ci-bot
62eb84806e !2 docker: add patches 
Merge pull request !2 from Grooooot/master
 2020-03-05 19:16:01 +08:00
Grooooot
e7de2c79b3 docker: add patches 
Signed-off-by: Grooooot <isula@huawei.com>
 2020-03-05 15:13:09 +08:00
dogsheng
be56a4fe89 Package init 2019-12-25 19:10:46 +08:00
overweight
6138d366d1 Package init 2019-09-30 10:37:25 -04:00