-
Notifications
You must be signed in to change notification settings - Fork 50
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Weekly portage-stable package updates 2024-05-13 #1982
Weekly portage-stable package updates 2024-05-13 #1982
Conversation
@flatcar/flatcar-security-team: tpm2 package updates fix CVE-2024-29038, CVE-2024-29039 and CVE-2024-29040. I haven't seen an issue filed about them, so should I assume that these are not affecting us? |
Build action triggered: https://github.com/flatcar/scripts/actions/runs/9795341968 |
40fe518
to
7eb74c4
Compare
@krnowak: Thanks. Created an issue flatcar/Flatcar#1454 |
@@ -1 +1,3 @@ | |||
DIST podman-4.9.4.tar.gz 21733620 BLAKE2B 17d099c0a13fbbb77556742313c39995127fc97b4086ef3c2d74a92cc0a4f825a6c729dd099c6d4f4cd3d2ebfd470494babdeaa85a5653b327ea1a16fb5ea993 SHA512 7b52555789a1c214fcf26b0826bdda6cf0ccca588f87c0f15ac5e8358ddac625e17cafbe6a43de07cad964e1418b5ee0d2e38a5cb5dc6f6d4e638399749a7f7b |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This fail to build in the CI. What I don't get is that in the CI the version 4.9.4
is being built. While we're shipping the version 5.0.2
(http://bincache.flatcar-linux.net/images/amd64/3975.0.0/flatcar-podman_packages.txt).
I think the initial import is not a direct import from Gentoo: c692687#diff-c67bda60496165e7503813906b2e4a513ad7a564a349348986c7358f234b62e4
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It's possible, because net-misc/passt
(which is a dependency of podman) also wasn't a pristine copy from Gentoo. I'll investigate.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yep, not a pristine import, see commit 7c775f6.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think the contributor was not aware of this and we missed it at the review. Same thing for sysext Python (which is not yet merged): #1979 (comment)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
To sort this, I would suggest to do the pristine import and mark podman-5.0.2
as stable (to avoid having a downgrade of the sysext image).
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah, that's what I'm doing at the moment. We got a bunch of packages imported in the podman PR, so I'm cleaning this up.
7eb74c4
to
cd69b92
Compare
It's from Gentoo commit 00aadd9b5059a0675edb18cbb3278059b987ed24.
It's from Gentoo commit fb01593108774e0a1d207eb55388a7c04b225ac6.
It's from Gentoo commit 794061a3298b5716db015defa7b3e2c583b73980.
It's from Gentoo commit 794061a3298b5716db015defa7b3e2c583b73980.
It's from Gentoo commit 794061a3298b5716db015defa7b3e2c583b73980.
It's from Gentoo commit 70fc2a87a8c088bd47007c7e2c3954ed831e156d.
It's from Gentoo commit e2dccca015a4d53bf20e3db1577e0c8bf805813b.
It's from Gentoo commit b1bd5d199e46738f80666d4171726fc0941566b7.
It's from Gentoo commit b334e317a509df22a00706212645ab85cbabe2c5.
It's from Gentoo commit 1728e374db8721b71bad2ad4ac1e76e949849a5f.
It's from Gentoo commit 1d6ef8b3872ab702dcd79c32b8b8cd0fc9369864.
It's from Gentoo commit 794061a3298b5716db015defa7b3e2c583b73980.
It's from Gentoo commit 794061a3298b5716db015defa7b3e2c583b73980.
It's from Gentoo commit 4a4b1c938172b65f3fdb5ecc9b5801555dcb23ce.
It's from Gentoo commit e39e3ae8045d92d376b9ab9d0caa1354d6d13602.
It's from Gentoo commit a1722ccc61bf3b9f38d62ec0cca082b070fef768.
It's from Gentoo commit 7f53d58d3f370f3ce5b61ebf183072068ad1306d.
It's from Gentoo commit 16ead53b63e8b7474e4e84a282b9b2b16e061372.
Same "keywords-clobbered" story again.
It's from Gentoo commit 931897ed7d6146c202dc0e6d1f69f3d6b7dc0268.
It's from Gentoo commit 50cdc115fe2fcf6b96a88e071eccb7b1b0f86586.
It's from Gentoo commit e61a70fcbe1a8cd07355938471f01bf25e013b64.
It's from Gentoo commit 70f92c9e45abde54a61a38bc52045c1aecbb70ac.
cd69b92
to
75b152e
Compare
75b152e
to
f5e7118
Compare
Closing in favor of #2070. |
CI: http://jenkins.infra.kinvolk.io:8080/job/container/job/sdk/1485/cldsv/
Closes flatcar/Flatcar#1454
Closes flatcar/Flatcar#1456
Blocked on flatcar/bootengine#97
--
app-arch/libarchive: [PROD] [DEV]
app-arch/zstd: [PROD] [DEV]
app-crypt/gnupg: [PROD] [DEV]
app-crypt/tpm2-tools: [PROD] [DEV]
app-crypt/tpm2-tss: [PROD] [DEV]
app-emulation/qemu:
app-emulation/qemu-guest-agent: [PROD] [DEV]
app-portage/elt-patches:
app-shells/bash:
dev-db/sqlite: [PROD] [DEV]
dev-lang/perl:
dev-lang/python:
dev-libs/cyrus-sasl:
dev-libs/glib: [PROD] [DEV]
dev-libs/libassuan: [PROD] [DEV]
dev-libs/libdnet:
dev-libs/libgpg-error: [PROD] [DEV]
dev-libs/libpcre2: [PROD] [DEV]
dev-libs/libsodium: [PROD] [DEV]
dev-libs/libusb: [PROD] [DEV]
dev-libs/libxml2: [PROD] [DEV]
dev-python/backports-tarfile:
dev-python/cython:
dev-python/docutils:
dev-python/editables:
dev-python/gpep517:
dev-python/hatchling:
dev-python/installer:
dev-python/jaraco-context:
dev-python/jaraco-functools:
dev-python/jaraco-text:
dev-python/lxml:
dev-python/markupsafe:
dev-python/more-itertools:
dev-python/ordered-set:
dev-python/packaging:
dev-python/pathspec:
dev-python/olefile:
dev-python/pillow:
dev-python/pluggy:
dev-python/setuptools:
dev-python/six:
dev-python/tomli:
dev-python/trove-classifiers:
dev-python/wheel:
dev-util/bpftool: [PROD] [DEV]
dev-util/gdbus-codegen:
dev-util/glib-utils:
dev-util/pkgconf: [PROD] [DEV]
eclass/alternatives.eclass:
eclass/autotools.eclass:
eclass/elisp-common.eclass:
eclass/epatch.eclass:
eclass/eutils.eclass:
eclass/flag-o-matic.eclass:
eclass/gnuconfig.eclass:
eclass/python-utils-r1.eclass:
eclass/toolchain.eclass:
eclass/xorg-3.eclass:
licenses:
net-analyzer/nmap: [PROD] [DEV]
net-libs/gnutls: [PROD] [DEV]
net-misc/curl: [PROD] [DEV]
net-misc/passt:
net-misc/whois: [PROD] [DEV]
profiles:
sys-apps/attr:
sys-apps/file:
sys-apps/findutils:
sys-apps/grep: [PROD] [DEV]
sys-apps/kexec-tools: [PROD] [DEV]
sys-apps/kmod: [PROD] [DEV]
sys-apps/pcsc-lite:
sys-apps/portage: [DEV]
sys-apps/usbutils:
sys-block/parted: [PROD] [DEV]
sys-devel/binutils: [DEV]
sys-devel/gcc:
sys-firmware/intel-microcode:
sys-fs/multipath-tools: [PROD] [DEV]
sys-fs/xfsprogs: [PROD] [DEV]
sys-fs/zfs:
sys-fs/zfs-kmod:
sys-libs/binutils-libs: [PROD] [DEV]
sys-libs/cracklib:
sys-libs/ldb:
sys-libs/libseccomp:
sys-libs/libunwind: [PROD] [DEV]
sys-libs/ncurses: [PROD] [DEV]
sys-libs/tevent:
sys-libs/zlib: [PROD] [DEV]
sys-process/psmisc: [DEV]
--