-
docker.io (20.10.21-0ubuntu1~18.04.3) bionic-security; urgency=medium
* No change rebuild due to golang-1.18 update
-- Nishit Majithia <email address hidden> Thu, 27 Apr 2023 11:06:22 +0530
-
docker.io (20.10.21-0ubuntu1~18.04.2) bionic; urgency=medium
* d/t/basic-smoke: do not pass mirror url to debootstrap call, since, in
Ubuntu, this url changes for non-amd64/non-i386 architectures. By not
passing the url, we pick the default one, which will be correct for the
architecture being tested.
docker.io (20.10.21-0ubuntu1~18.04.1) bionic; urgency=medium
* Backport version 20.10.21-0ubuntu1 from Lunar (LP: #1996909).
- Build with Go 1.18.
- d/control: do not b-d on libbtrfs-dev, it is not available in Bionic.
- d/control: do not build docker.io for riscv64, not supported in Bionic.
- d/t/basic-smoke: debootstrap bionic instead of debian stable.
-- Lucas Kanashiro <email address hidden> Mon, 30 Jan 2023 18:07:30 -0300
-
docker.io (20.10.21-0ubuntu1~18.04.1) bionic; urgency=medium
* Backport version 20.10.21-0ubuntu1 from Lunar (LP: #1996909).
- Build with Go 1.18.
- d/control: do not b-d on libbtrfs-dev, it is not available in Bionic.
- d/control: do not build docker.io for riscv64, not supported in Bionic.
- d/t/basic-smoke: debootstrap bionic instead of debian stable.
-- Lucas Kanashiro <email address hidden> Tue, 03 Jan 2023 15:52:33 -0300
-
docker.io (20.10.12-0ubuntu2~18.04.1) bionic; urgency=medium
* Backport version 20.10.12-0ubuntu2 from Jammy (LP: #1960449).
- Build with Golang 1.16.
+ d/control: b-d on golang-1.16-go instead of golang-any.
+ d/rules: build with Golang 1.16.
- d/control: do not b-d on libbtrfs-dev, it is not available in Bionic
-- Lucas Kanashiro <email address hidden> Mon, 04 Apr 2022 17:53:56 -0300
-
docker.io (20.10.7-0ubuntu5~18.04.3) bionic-security; urgency=medium
* SECURITY UPDATE: docker cli information disclosure on misconfiguration
- d/p/CVE-2021-41092.patch: Ensure that default authentication config
has an address.
- CVE-2021-41092
-- Ray Veldkamp <email address hidden> Fri, 22 Oct 2021 11:57:37 +1100
-
docker.io (20.10.7-0ubuntu5~18.04.2) bionic; urgency=medium
* d/t/control: make basic-smoke do not depend on debian-archive-keyring.
In Bionic, when debian-archive-keyring is installed we are not able to
debootstrap a Debian stable chroot. Removing this dependency make it
work again.
docker.io (20.10.7-0ubuntu5~18.04.1) bionic; urgency=medium
* Backport version 20.10.7-0ubuntu5 from Impish (LP: #1938908).
- d/control: do not b-d on libbtrfs-dev, it is not available in Bionic.
docker.io (20.10.7-0ubuntu5) impish; urgency=medium
[ Sergio Durigan Junior ]
* d/t/docker-in-lxd:
Improve dep8 test. Make it run a more complex test against an
ubuntu:devel docker container, especially because glibc updates might
break docker.io. Improve test reliability when running autopkgtest
locally.
[ Steve Beattie ]
* SECURITY UPDATE: insufficiently restricted directory permissions
- d/p/CVE-2021-41091.patch: Lock down docker root dir perms.
- CVE-2021-41091
* SECURITY UPDATE: permissions modifications outside of install directory
- d/p/CVE-2021-41089.patch: chrootarchive: don't create parent dirs
outside of chroot.
- CVE-2021-41089
docker.io (20.10.7-0ubuntu4) impish; urgency=medium
* d/p/seccomp-add-support-for-clone3-syscall-in-default-policy.patch: Fix
failure with new glibc clone3 syscall adding it to the default seccomp
policy (LP: #1943049).
-- Lucas Kanashiro <email address hidden> Thu, 21 Oct 2021 16:55:00 -0300
-
docker.io (20.10.7-0ubuntu5~18.04.1) bionic; urgency=medium
* Backport version 20.10.7-0ubuntu5 from Impish (LP: #1938908).
- d/control: do not b-d on libbtrfs-dev, it is not available in Bionic.
docker.io (20.10.7-0ubuntu5) impish; urgency=medium
[ Sergio Durigan Junior ]
* d/t/docker-in-lxd:
Improve dep8 test. Make it run a more complex test against an
ubuntu:devel docker container, especially because glibc updates might
break docker.io. Improve test reliability when running autopkgtest
locally.
[ Steve Beattie ]
* SECURITY UPDATE: insufficiently restricted directory permissions
- d/p/CVE-2021-41091.patch: Lock down docker root dir perms.
- CVE-2021-41091
* SECURITY UPDATE: permissions modifications outside of install directory
- d/p/CVE-2021-41089.patch: chrootarchive: don't create parent dirs
outside of chroot.
- CVE-2021-41089
docker.io (20.10.7-0ubuntu4) impish; urgency=medium
* d/p/seccomp-add-support-for-clone3-syscall-in-default-policy.patch: Fix
failure with new glibc clone3 syscall adding it to the default seccomp
policy (LP: #1943049).
-- Lucas Kanashiro <email address hidden> Wed, 06 Oct 2021 11:08:37 -0300
-
docker.io (20.10.7-0ubuntu1~18.04.2) bionic-security; urgency=medium
* SECURITY UPDATE: permissions modifications outside of install
directory
- d/p/CVE-2021-41089.patch: chrootarchive: don't create parent dirs
outside of chroot
- CVE-2021-41089
-- Steve Beattie <email address hidden> Fri, 01 Oct 2021 06:28:27 -0700
-
docker.io (20.10.7-0ubuntu1~18.04.1) bionic-security; urgency=medium
* Backport version 20.10.7-0ubuntu1 from Impish (LP: #1938908).
- d/control: do not b-d on libbtrfs-dev, it is not available in Bionic.
-- Lucas Kanashiro <email address hidden> Wed, 04 Aug 2021 16:22:59 -0300
-
docker.io (20.10.2-0ubuntu1~18.04.3) bionic-security; urgency=medium
* No change rebuild in -security pocket. (LP: #1937286)
-- Marc Deslauriers <email address hidden> Fri, 23 Jul 2021 15:36:13 -0400
-
docker.io (20.10.2-0ubuntu1~18.04.2) bionic; urgency=medium
* d/rules: pass --no-restart-after-upgrade to dh_installsystemd.
The --no-start flag we pass to dh_installsystemd in d/rules is supposed
to also disable --restart-after-upgrade, however, this feature was buggy
before the now fixed debhelper 13. Due to that we need to manually add
--no-restart-after-upgrade.
docker.io (20.10.2-0ubuntu1~18.04.1) bionic; urgency=medium
* Backport version 20.10.2-0ubuntu1 from Hirsute (LP: #1919322).
- d/control: do not b-d on libbtrfs-dev, it is not available in Bionic.
-- Lucas Kanashiro <email address hidden> Mon, 29 Mar 2021 16:27:41 -0300
-
docker.io (19.03.6-0ubuntu1~18.04.3) bionic; urgency=medium
[ Bryce Harrington ]
* d/p/do_not_bind_docker_to_containerd.patch: Update docker.io to not
stop when containerd is upgraded, by using Wants= rather than BindTo=.
(LP: #1870514)
* d/rules: Fix docker.io to not restart its service during package
upgrades, to prevent service downtime from automatic updates via
unattended-upgrade.
(LP: #1906364)
[ Lucas Kanashiro ]
* Do not build depend on libbtrfs-dev, it is not available in Bionic.
-- Lucas Kanashiro <email address hidden> Thu, 10 Dec 2020 10:23:49 -0300
-
docker.io (19.03.6-0ubuntu1~18.04.2) bionic-security; urgency=medium
* SECURITY UPDATE: Sensitive information disclosure
- debian/patches/CVE-2020-15157.patch: Improve fetch function.
- CVE-2020-15157
-- Paulo Flabiano Smorigo <email address hidden> Wed, 14 Oct 2020 16:52:50 +0000
-
docker.io (19.03.6-0ubuntu1~18.04.1) bionic; urgency=medium
* Backport to Bionic (LP: #1863669)
* Bootstrap Go 1.12.17 as part of the build.
-- Michael Hudson-Doyle <email address hidden> Wed, 19 Feb 2020 14:06:16 +1300
-
docker.io (18.09.7-0ubuntu1~18.04.4) bionic-security; urgency=medium
* SECURITY UPDATE: Double free in docker-credential-helpers library
- debian/patches/CVE-2019-1020014.patch: Fix a double free in the List
functions
- CVE-2019-1020014
-- Mike Salvatore <email address hidden> Wed, 14 Aug 2019 15:41:23 -0400
-
docker.io (18.09.7-0ubuntu1~18.04.3) bionic-security; urgency=medium
* No change rebuild for the -security pocket
docker.io (18.09.7-0ubuntu1~18.04.1) bionic; urgency=medium
* Backport to 18.04. (LP: #1834690)
* Version depedency on containerd.
docker.io (18.09.7-0ubuntu1) eoan; urgency=medium
* Update to 18.09.7. (LP: #1834690)
- Includes fix for CVE-2018-15664.
docker.io (18.09.5-0ubuntu1) disco; urgency=medium
* Update to 18.09.5.
docker.io (18.09.3-0ubuntu1) disco; urgency=medium
* Update to 18.09.3.
- update d/upstream-version-commits
- refresh d/patches/docker-prefix.patch to maintain dependence on
docker-specific containerd daemon.
- remove d/patches/0001-nsenter-clone-proc-self-exe-to-avoid-exposing-host-b.patch,
now included upstream.
* Stop bundling containerd and runc and instead depend on the containerd
package from the archive.
docker.io (18.09.2-0ubuntu1) disco; urgency=medium
* Update to 18.09.2, including fix for CVE-2019-5736.
- Convert components/engine/git-bundles/CVE-2019-5736.bundle into
d/patches/0001-nsenter-clone-proc-self-exe-to-avoid-exposing-host-b.patch.
- Hard code RUNC_COMMIT in d/rules for now.
docker.io (18.09.1-0ubuntu2) disco; urgency=medium
* Update "docker-prefix.patch" to also fix "docker.service"
docker.io (18.09.1-0~ubuntu1) disco; urgency=medium
[ Michael Hudson-Doyle ]
* d/tests/docker-in-lxd: Increase timeout passed to lxd waitready.
[ Tianon Gravi ]
* Update to 18.09.1 upstream release
[ Michael Hudson-Doyle ]
* d/rules: Empty XDG_RUNTIME_DIR when smoke testing runc to avoid it doing
silly things.
* d/golang-github-docker-docker-dev.install: install some more go packages
that other packages in the archive depend on.
docker.io (18.06.1-0ubuntu2) disco; urgency=medium
* Fix containerd/runc embedded commit values
* Add "libsystemd-dev" to "Build-Depends" (LP: #1802979)
-- Mike Salvatore <email address hidden> Mon, 01 Jul 2019 15:31:12 -0400
-
docker.io (18.09.7-0ubuntu1~18.04.1) bionic; urgency=medium
* Backport to 18.04. (LP: #1834690)
* Version depedency on containerd.
-- Michael Hudson-Doyle <email address hidden> Fri, 28 Jun 2019 22:20:45 +0100
-
docker.io (18.09.5-0ubuntu1~18.04.2) bionic; urgency=medium
* Version dependency on containerd.
docker.io (18.09.5-0ubuntu1~18.04.1) bionic; urgency=medium
* Backport to 18.04. (LP: #1824461)
-- Michael Hudson-Doyle <email address hidden> Fri, 10 May 2019 10:59:19 +1200
-
docker.io (18.09.5-0ubuntu1~18.04.1) bionic; urgency=medium
* Backport to 18.04. (LP: #1824461)
-- Michael Hudson-Doyle <email address hidden> Tue, 16 Apr 2019 13:56:34 +1200
-
docker.io (18.09.2-0ubuntu1~18.04.1) bionic; urgency=medium
* Backport to 18.04 (LP: #1815683).
-- Michael Hudson-Doyle <email address hidden> Wed, 13 Feb 2019 13:24:14 +1300
-
docker.io (18.06.1-0ubuntu1.2~18.04.1) bionic-security; urgency=medium
* SECURITY UPDATE: Container escape and root privilege escalation
- debian/patches/CVE-2019-5736.patch: nsenter: clone /proc/self/exe to
avoid exposing host binary to container
- CVE-2019-5736
* debian/control: change docker.io build-depends to use btrfs-progs explicitly
-- Mike Salvatore <email address hidden> Thu, 24 Jan 2019 05:49:48 -0500
-
docker.io (18.06.1-0ubuntu1~18.04.1) bionic; urgency=medium
* Backport to 18.04 (LP: #1794396)
-- Michael Hudson-Doyle <email address hidden> Thu, 27 Sep 2018 14:39:50 +1200
-
docker.io (17.12.1-0ubuntu1) bionic; urgency=medium
[ Tianon Gravi ]
* Update to 17.12.1-ce upstream release
- swap from github.com/docker/docker to .../docker/docker-ce
- build separate components in a way that can be parallelized
- remove older (unsupported) contrib/ bits from being shipped
- drop a lot of unnecessary packaging bits from debian/
* Adjust debconf prompt:
- ask during _every_ upgrade
- default to not restarting
[ Michael Hudson-Doyle ]
* Switch to building with default version of Go.
* Adjust debconf template to match change in behavior.
-- Tianon Gravi <email address hidden> Wed, 28 Feb 2018 09:46:05 -0800
-
docker.io (17.03.2-0ubuntu5) bionic; urgency=medium
* d/control, d/rules: Fix FTBFS when built with golang 1.10 by build
depending on golang-1.9-go. See https://github.com/moby/moby/pull/35739
for upstream discussion on golang 1.10 compatibility.
-- Tyler Hicks <email address hidden> Tue, 20 Mar 2018 13:57:16 +0000
-
docker.io (17.03.2-0ubuntu4) bionic; urgency=medium
* d/tests/docker-in-lxd: Fix failing test due to /etc/resolv.conf being a
symlink in Bionic. The 'lxc file pull <path> -' command prints the symlink
contents (the target path) to stdout, rather than the contents of the
target file, so use 'lxc exec' to grep /etc/resolv.conf. Grep will follow
the symlink in situations where /etc/resolv.conf is a symlink.
-- Tyler Hicks <email address hidden> Mon, 19 Mar 2018 19:35:52 +0000
-
docker.io (17.03.2-0ubuntu3) bionic; urgency=medium
* d/tests/docker-in-lxd: set DEBIAN_FRONTEND=noninteractive when installing
docker in the lxd container
-- Michael Hudson-Doyle <email address hidden> Wed, 21 Feb 2018 10:49:58 +1300
-
docker.io (17.03.2-0ubuntu2) bionic; urgency=medium
* Replace "--no-restart-on-upgrade" with "--no-start" and a debconf prompt
- not restarting Docker causes many issues (LP: #1658691)
- suggested methods for keeping containers up are to use a restart policy
("--restart=..." on "docker run"), Swarm Mode services, or rolling
replacement of k8s workers
* Backport 30519 for bashism (LP: #1744599)
- https://github.com/docker/docker/pull/30519
-- Tianon Gravi <email address hidden> Thu, 07 Dec 2017 09:42:53 -0800
-
docker.io (17.03.2-0ubuntu1) bionic; urgency=medium
* Update to 17.03.2 upstream release
-- Tianon Gravi <email address hidden> Wed, 01 Nov 2017 12:30:17 -0700
-
docker.io (1.13.1-0ubuntu6) artful; urgency=medium
* Add missing "runc" patches for LXD-enablement
-- Tianon Gravi <email address hidden> Wed, 11 Oct 2017 19:38:03 -0700
