projects / snapd.git / log
? search:
summary | shortlog | log | commit | commitdiff | tree
first ⋅ prev ⋅ next
snapd.git
4 years ago[PATCH 2/9] cmd/snap-seccomp: skip tests that fail on 4.19
commit | commitdiff | tree
Zygmunt Krynicki [Thu, 17 Jan 2019 15:11:12 +0000 (17:11 +0200)]
[PATCH 2/9] cmd/snap-seccomp: skip tests that fail on 4.19

It seems that the Debian 4.19.0-1 kernel contains a regression in
seccomp execution. While this issue is investigated in parallel along
with the security team, the release of updated snapd package should not
be held by this issue.

Signed-off-by: Zygmunt Krynicki <me@zygoon.pl>
Gbp-Pq: Name 0002-cmd-snap-seccomp-skip-tests-that-fail-on-4.19.patch

4 years ago[PATCH 1/9] cmd/snap-seccomp: use upstream seccomp package
commit | commitdiff | tree
Zygmunt Krynicki [Thu, 17 Jan 2019 13:48:46 +0000 (15:48 +0200)]
[PATCH 1/9] cmd/snap-seccomp: use upstream seccomp package

Upstream snapd uses a fork that carries additional compatibility patch
required to build snapd for Ubuntu 14.04. This patch is not required with
the latest snapshot of the upstream seccomp golang bindings but they are
neither released upstream nor backported (in their entirety) to Ubuntu
14.04.

The forked seccomp library is not packaged in Debian. As such, to build
snapd, we need to switch to the regular, non-forked package name.

Signed-off-by: Zygmunt Krynicki <me@zygoon.pl>
Signed-off-by: Maciej Borzecki <maciej.zenon.borzecki@canonical.com>
Gbp-Pq: Name 0001-cmd-snap-seccomp-use-upstream-seccomp-package.patch

4 years agosnapd (2.49-1) unstable; urgency=high
commit | commitdiff | tree
Michael Vogt [Wed, 24 Feb 2021 08:23:51 +0000 (08:23 +0000)]
snapd (2.49-1) unstable; urgency=high

  * New upstream release with security updates:
  * SECURITY UPDATE: sandbox escape vulnerability for containers
    (LP: #1910456)
    - many: add Delegate=true to generated systemd units for special
      interfaces
    - interfaces/greengrass-support: back-port interface changes to
      2.48
    - CVE-2020-27352
  * interfaces/builtin/docker-support: allow /run/containerd/s/...
    - This is a new path that docker 19.03.14 (with a new version of
      containerd) uses to avoid containerd CVE issues around the unix
      socket. See also CVE-2020-15257.
  * debian/patches/0013-cherry-pick-pr9936.patch:
    - cherry pick PR#9936 to use all apparmor available (closes: 923500)
  * d/p/0011-cherry-pick-pr9809, d/p/0012-cherry-pick-pr9844:
    - dropped, applied upstream

[dgit import unpatched snapd 2.49-1]

4 years agoImport snapd_2.49.orig.tar.gz
commit | commitdiff | tree
Michael Vogt [Wed, 24 Feb 2021 08:23:51 +0000 (08:23 +0000)]
Import snapd_2.49.orig.tar.gz

[dgit import orig snapd_2.49.orig.tar.gz]

4 years agoImport snapd_2.49-1.debian.tar.xz
commit | commitdiff | tree
Michael Vogt [Wed, 24 Feb 2021 08:23:51 +0000 (08:23 +0000)]
Import snapd_2.49-1.debian.tar.xz

[dgit import tarball snapd 2.49-1 snapd_2.49-1.debian.tar.xz]

Unnamed repository; edit this file 'description' to name the repository.