diff options
| author |   Rahil Bhimjiani <me@rahil.rocks> | 2024-03-31 12:53:24 +0530 |
|---|---|---|
| committer |   Zac Medico <zmedico@gentoo.org> | 2024-03-31 17:35:09 -0700 |
| commit | 2548753d633ea5a15c023e8584418a96fd1823a6 (patch) | |
| tree | 38a729ad0187f046208e86afef66b5c5889ee0a1 | |
| parent | net-vpn/frp: Use smaller vendor deps tarball (diff) | |
| download | gentoo-2548753d633ea5a15c023e8584418a96fd1823a6.tar.gz gentoo-2548753d633ea5a15c023e8584418a96fd1823a6.tar.bz2 gentoo-2548753d633ea5a15c023e8584418a96fd1823a6.zip | |
app-containers/buildah: cleanup vulnerable versions
1.33.5, 1.33.6
1.34.0
1.35.1
Signed-off-by: Rahil Bhimjiani <me@rahil.rocks>
Bug: https://bugs.gentoo.org/927499
Bug: https://bugs.gentoo.org/927502
Closes: https://github.com/gentoo/gentoo/pull/36011
Signed-off-by: Zac Medico <zmedico@gentoo.org>
| -rw-r--r-- | app-containers/buildah/Manifest | 4 | ||||
| -rw-r--r-- | app-containers/buildah/buildah-1.33.5.ebuild | 125 | ||||
| -rw-r--r-- | app-containers/buildah/buildah-1.33.6.ebuild | 125 | ||||
| -rw-r--r-- | app-containers/buildah/buildah-1.34.0.ebuild | 125 | ||||
| -rw-r--r-- | app-containers/buildah/buildah-1.35.1.ebuild | 132 |
5 files changed, 0 insertions, 511 deletions
diff --git a/app-containers/buildah/Manifest b/app-containers/buildah/Manifest index 0609e39a594c..7c70929c83d1 100644 --- a/app-containers/buildah/Manifest +++ b/app-containers/buildah/Manifest @@ -1,7 +1,3 @@ -DIST buildah-1.33.5.tar.gz 18579521 BLAKE2B a59bfda3dea1f588a2f77a26b942da6ae02a00f1169008f776a2d7699b6b14f38ab29b46b7d0651e9fff3f007e5f95caed99952cc7585c25ea2a3153402958e9 SHA512 82ddfacd69918fb4ca8110d7d5279f4075385e5db5b64b58cf41a90c47e16093f1e65d8ef20136a4cd8f5c23ea8da7f35fb72581cec6472497b9c5b458023e9c -DIST buildah-1.33.6.tar.gz 18585405 BLAKE2B 4a6f6ebfce7799a45b0984b6f9a319becfed87d5acf5f1f784249ff6e5397495ac72c00a22ff0bcc68fd94f1d0a591fa4ac5f0f88bcc9c0a6cdefe117166b4ec SHA512 86eab18af459b0b92361d6e9f56ebe9dab65527d829e7771c13b6c574ef45746a7f53520783ff52978b14aac0d6ee8de32cdabf807666a96dcf46e07e36157e2 DIST buildah-1.33.7.tar.gz 18604354 BLAKE2B d2788096d8d6fd6cc528e8f33edc577778a2775a561ea3c4a983eb4a6fa1d5b570f6d8dc0f77e464d0c242add5d641e20afce83c9f5157021fbc82a009ea47c9 SHA512 1248ad1dcf0d10608674543caf4d78f5052db7932102226e23b73add5e129bd8c614672f3d06aa8052675dd83fa83ef2742ef08fe1a883037b41df8fde893ea1 -DIST buildah-1.34.0.tar.gz 18751419 BLAKE2B 6584c5234e849f9b8cde5e4188791024c8ac5c0ba85859e289f3eb2ec32f97f722ebf25f1291f29e14edf4adc14e19d6a6a76630c820085e9f345736aeb3d4eb SHA512 a3836ce540058f418131969e157d548864727398535e4e99a693d883419b8d764da7166f9b9376c2b9686d8beac101687843c2e93198b16328ef333ad96d55db DIST buildah-1.34.3.tar.gz 18856476 BLAKE2B c91c995a2ff4be8b4e84a70c581a817cb2f1333b08ca297163d218f80d538905c41718cfc267c03173330234c3476344be44df799eaaac891395a22bc7a020b3 SHA512 26d5c48cb5b056a274c1a9c6820a6076337f625fc6dd6683000db871f3de9d37907bd962ced3400334bfc230718219cda2108e2e984be5f8c76ecfa4a2f1e1ac -DIST buildah-1.35.1.tar.gz 19349661 BLAKE2B 31b633f35f937364816dac65e7a801676043630bc3c00ac445ad67afea04142748f76c4aed16690aa990e2c15ed220bdb42b96c6dd9bb0dac9c9d16fc2a27ddc SHA512 3e5af28b3d45e51674d08bef9a92cd64589026d9c6ebee51156738151681395860e372bba2667815e0f90e37984eb9dfdc9b8ad0675b62c8751582b29485d159 DIST buildah-1.35.3.tar.gz 19372597 BLAKE2B 014bea80b3a8c4482bbe098a0c5293892cf9f4f0d4d74ecaba8f155e49fab326689b95b690b413d64f6b576c7269bdb9d0f446244b832afe311e909b3f96856d SHA512 ca325ce1a878eb9e9a6caedf236add16702d8dcd83f15a1995b8215998821218104ea8cb7a5d11fc354ee01d9805c339578975d35db859f1d53b08e0a2139fe3 diff --git a/app-containers/buildah/buildah-1.33.5.ebuild b/app-containers/buildah/buildah-1.33.5.ebuild deleted file mode 100644 index d258b206eb6a..000000000000 --- a/app-containers/buildah/buildah-1.33.5.ebuild +++ /dev/null @@ -1,125 +0,0 @@ -# Copyright 1999-2024 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -inherit go-module linux-info - -DESCRIPTION="A tool that facilitates building OCI images" -HOMEPAGE="https://github.com/containers/buildah" - -# main pkg -LICENSE="Apache-2.0" -# deps -LICENSE+=" BSD BSD-2 CC-BY-SA-4.0 ISC MIT MPL-2.0" - -SLOT="0" -IUSE="apparmor btrfs +seccomp systemd doc test" -RESTRICT="test" -EXTRA_DOCS=( - "CHANGELOG.md" - "CONTRIBUTING.md" - "install.md" - "troubleshooting.md" - "docs/tutorials" -) - -if [[ ${PV} == 9999* ]]; then - inherit git-r3 - EGIT_REPO_URI="https://github.com/containers/buildah.git" -else - SRC_URI="https://github.com/containers/buildah/archive/v${PV}.tar.gz -> ${P}.tar.gz" - KEYWORDS="amd64 ~arm64" -fi - -RDEPEND=" - systemd? ( sys-apps/systemd ) - btrfs? ( sys-fs/btrfs-progs ) - seccomp? ( sys-libs/libseccomp:= ) - apparmor? ( sys-libs/libapparmor:= ) - app-containers/containers-common - app-crypt/gpgme:= - dev-libs/libgpg-error:= - dev-libs/libassuan:= - sys-apps/shadow:= -" -DEPEND="${RDEPEND}" - -pkg_pretend() { - local CONFIG_CHECK="" - use btrfs && CONFIG_CHECK+=" ~BTRFS_FS" - check_extra_config - - linux_config_exists || ewarn "Cannot determine configuration of your kernel." -} - -src_prepare() { - default - - # ensure all necessary files are there - local file - for file in docs/Makefile hack/libsubid_tag.sh hack/apparmor_tag.sh \ - hack/systemd_tag.sh btrfs_installed_tag.sh btrfs_tag.sh; do - [[ -f "${file}" ]] || die - done - - sed -i -e "s|/usr/local|/usr|g" Makefile docs/Makefile || die - echo -e '#!/usr/bin/env bash\necho libsubid' > hack/libsubid_tag.sh || die - - cat <<-EOF > hack/apparmor_tag.sh || die - #!/usr/bin/env bash - $(usex apparmor 'echo apparmor' echo) - EOF - - use seccomp || { - cat <<-'EOF' > "${T}/disable_seccomp.patch" - --- a/Makefile - +++ b/Makefile - @@ -5 +5 @@ - -SECURITYTAGS ?= seccomp $(APPARMORTAG) - +SECURITYTAGS ?= $(APPARMORTAG) - EOF - eapply "${T}/disable_seccomp.patch" || die - } - - cat <<-EOF > hack/systemd_tag.sh || die - #!/usr/bin/env bash - $(usex systemd 'echo systemd' echo) - EOF - - echo -e "#!/usr/bin/env bash\n echo" > btrfs_installed_tag.sh || die - cat <<-EOF > btrfs_tag.sh || die - #!/usr/bin/env bash - $(usex btrfs echo 'echo exclude_graphdriver_btrfs btrfs_noversion') - EOF - - use test || { - cat <<-'EOF' > "${T}/disable_tests.patch" - --- a/Makefile - +++ b/Makefile - @@ -54 +54 @@ - -all: bin/buildah bin/imgtype bin/copy bin/tutorial docs - +all: bin/buildah docs - EOF - eapply "${T}/disable_tests.patch" || die - } - -} - -src_compile() { - # For non-live versions, prevent git operations which causes sandbox violations - # https://github.com/gentoo/gentoo/pull/33531#issuecomment-1786107493 - [[ ${PV} != 9999* ]] && export COMMIT_NO="" GIT_COMMIT="" - - default -} - -src_test() { - emake test-unit -} - -src_install() { - emake DESTDIR="${ED}" install install.completions - einstalldocs - use doc && dodoc -r "${EXTRA_DOCS[@]}" -} diff --git a/app-containers/buildah/buildah-1.33.6.ebuild b/app-containers/buildah/buildah-1.33.6.ebuild deleted file mode 100644 index 0a54ae957f04..000000000000 --- a/app-containers/buildah/buildah-1.33.6.ebuild +++ /dev/null @@ -1,125 +0,0 @@ -# Copyright 1999-2024 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -inherit go-module linux-info - -DESCRIPTION="A tool that facilitates building OCI images" -HOMEPAGE="https://github.com/containers/buildah" - -# main pkg -LICENSE="Apache-2.0" -# deps -LICENSE+=" BSD BSD-2 CC-BY-SA-4.0 ISC MIT MPL-2.0" - -SLOT="0" -IUSE="apparmor btrfs +seccomp systemd doc test" -RESTRICT="test" -EXTRA_DOCS=( - "CHANGELOG.md" - "CONTRIBUTING.md" - "install.md" - "troubleshooting.md" - "docs/tutorials" -) - -if [[ ${PV} == 9999* ]]; then - inherit git-r3 - EGIT_REPO_URI="https://github.com/containers/buildah.git" -else - SRC_URI="https://github.com/containers/buildah/archive/v${PV}.tar.gz -> ${P}.tar.gz" - KEYWORDS="~amd64 arm64" -fi - -RDEPEND=" - systemd? ( sys-apps/systemd ) - btrfs? ( sys-fs/btrfs-progs ) - seccomp? ( sys-libs/libseccomp:= ) - apparmor? ( sys-libs/libapparmor:= ) - app-containers/containers-common - app-crypt/gpgme:= - dev-libs/libgpg-error:= - dev-libs/libassuan:= - sys-apps/shadow:= -" -DEPEND="${RDEPEND}" - -pkg_pretend() { - local CONFIG_CHECK="" - use btrfs && CONFIG_CHECK+=" ~BTRFS_FS" - check_extra_config - - linux_config_exists || ewarn "Cannot determine configuration of your kernel." -} - -src_prepare() { - default - - # ensure all necessary files are there - local file - for file in docs/Makefile hack/libsubid_tag.sh hack/apparmor_tag.sh \ - hack/systemd_tag.sh btrfs_installed_tag.sh btrfs_tag.sh; do - [[ -f "${file}" ]] || die - done - - sed -i -e "s|/usr/local|/usr|g" Makefile docs/Makefile || die - echo -e '#!/usr/bin/env bash\necho libsubid' > hack/libsubid_tag.sh || die - - cat <<-EOF > hack/apparmor_tag.sh || die - #!/usr/bin/env bash - $(usex apparmor 'echo apparmor' echo) - EOF - - use seccomp || { - cat <<-'EOF' > "${T}/disable_seccomp.patch" - --- a/Makefile - +++ b/Makefile - @@ -5 +5 @@ - -SECURITYTAGS ?= seccomp $(APPARMORTAG) - +SECURITYTAGS ?= $(APPARMORTAG) - EOF - eapply "${T}/disable_seccomp.patch" || die - } - - cat <<-EOF > hack/systemd_tag.sh || die - #!/usr/bin/env bash - $(usex systemd 'echo systemd' echo) - EOF - - echo -e "#!/usr/bin/env bash\n echo" > btrfs_installed_tag.sh || die - cat <<-EOF > btrfs_tag.sh || die - #!/usr/bin/env bash - $(usex btrfs echo 'echo exclude_graphdriver_btrfs btrfs_noversion') - EOF - - use test || { - cat <<-'EOF' > "${T}/disable_tests.patch" - --- a/Makefile - +++ b/Makefile - @@ -54 +54 @@ - -all: bin/buildah bin/imgtype bin/copy bin/tutorial docs - +all: bin/buildah docs - EOF - eapply "${T}/disable_tests.patch" || die - } - -} - -src_compile() { - # For non-live versions, prevent git operations which causes sandbox violations - # https://github.com/gentoo/gentoo/pull/33531#issuecomment-1786107493 - [[ ${PV} != 9999* ]] && export COMMIT_NO="" GIT_COMMIT="" - - default -} - -src_test() { - emake test-unit -} - -src_install() { - emake DESTDIR="${ED}" install install.completions - einstalldocs - use doc && dodoc -r "${EXTRA_DOCS[@]}" -} diff --git a/app-containers/buildah/buildah-1.34.0.ebuild b/app-containers/buildah/buildah-1.34.0.ebuild deleted file mode 100644 index 6237903cb5cc..000000000000 --- a/app-containers/buildah/buildah-1.34.0.ebuild +++ /dev/null @@ -1,125 +0,0 @@ -# Copyright 1999-2024 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -inherit go-module linux-info - -DESCRIPTION="A tool that facilitates building OCI images" -HOMEPAGE="https://github.com/containers/buildah" - -# main pkg -LICENSE="Apache-2.0" -# deps -LICENSE+=" BSD BSD-2 CC-BY-SA-4.0 ISC MIT MPL-2.0" - -SLOT="0" -IUSE="apparmor btrfs +seccomp systemd doc test" -RESTRICT="test" -EXTRA_DOCS=( - "CHANGELOG.md" - "CONTRIBUTING.md" - "install.md" - "troubleshooting.md" - "docs/tutorials" -) - -if [[ ${PV} == 9999* ]]; then - inherit git-r3 - EGIT_REPO_URI="https://github.com/containers/buildah.git" -else - SRC_URI="https://github.com/containers/buildah/archive/v${PV}.tar.gz -> ${P}.tar.gz" - # KEYWORDS="amd64 arm64" -fi - -RDEPEND=" - systemd? ( sys-apps/systemd ) - btrfs? ( sys-fs/btrfs-progs ) - seccomp? ( sys-libs/libseccomp:= ) - apparmor? ( sys-libs/libapparmor:= ) - app-containers/containers-common - app-crypt/gpgme:= - dev-libs/libgpg-error:= - dev-libs/libassuan:= - sys-apps/shadow:= -" -DEPEND="${RDEPEND}" - -pkg_pretend() { - local CONFIG_CHECK="" - use btrfs && CONFIG_CHECK+=" ~BTRFS_FS" - check_extra_config - - linux_config_exists || ewarn "Cannot determine configuration of your kernel." -} - -src_prepare() { - default - - # ensure all necessary files are there - local file - for file in docs/Makefile hack/libsubid_tag.sh hack/apparmor_tag.sh \ - hack/systemd_tag.sh btrfs_installed_tag.sh btrfs_tag.sh; do - [[ -f "${file}" ]] || die - done - - sed -i -e "s|/usr/local|/usr|g" Makefile docs/Makefile || die - echo -e '#!/usr/bin/env bash\necho libsubid' > hack/libsubid_tag.sh || die - - cat <<-EOF > hack/apparmor_tag.sh || die - #!/usr/bin/env bash - $(usex apparmor 'echo apparmor' echo) - EOF - - use seccomp || { - cat <<-'EOF' > "${T}/disable_seccomp.patch" - --- a/Makefile - +++ b/Makefile - @@ -5 +5 @@ - -SECURITYTAGS ?= seccomp $(APPARMORTAG) - +SECURITYTAGS ?= $(APPARMORTAG) - EOF - eapply "${T}/disable_seccomp.patch" || die - } - - cat <<-EOF > hack/systemd_tag.sh || die - #!/usr/bin/env bash - $(usex systemd 'echo systemd' echo) - EOF - - echo -e "#!/usr/bin/env bash\n echo" > btrfs_installed_tag.sh || die - cat <<-EOF > btrfs_tag.sh || die - #!/usr/bin/env bash - $(usex btrfs echo 'echo exclude_graphdriver_btrfs btrfs_noversion') - EOF - - use test || { - cat <<-'EOF' > "${T}/disable_tests.patch" - --- a/Makefile - +++ b/Makefile - @@ -54 +54 @@ - -all: bin/buildah bin/imgtype bin/copy bin/tutorial docs - +all: bin/buildah docs - EOF - eapply "${T}/disable_tests.patch" || die - } - -} - -src_compile() { - # For non-live versions, prevent git operations which causes sandbox violations - # https://github.com/gentoo/gentoo/pull/33531#issuecomment-1786107493 - [[ ${PV} != 9999* ]] && export COMMIT_NO="" GIT_COMMIT="" - - default -} - -src_test() { - emake test-unit -} - -src_install() { - emake DESTDIR="${ED}" install install.completions - einstalldocs - use doc && dodoc -r "${EXTRA_DOCS[@]}" -} diff --git a/app-containers/buildah/buildah-1.35.1.ebuild b/app-containers/buildah/buildah-1.35.1.ebuild deleted file mode 100644 index b0b39faf03cb..000000000000 --- a/app-containers/buildah/buildah-1.35.1.ebuild +++ /dev/null @@ -1,132 +0,0 @@ -# Copyright 1999-2024 Gentoo Authors -# Distributed under the terms of the GNU General Public License v2 - -EAPI=8 - -inherit go-module linux-info toolchain-funcs - -DESCRIPTION="A tool that facilitates building OCI images" -HOMEPAGE="https://github.com/containers/buildah" - -# main pkg -LICENSE="Apache-2.0" -# deps -LICENSE+=" BSD BSD-2 CC-BY-SA-4.0 ISC MIT MPL-2.0" - -SLOT="0" -IUSE="apparmor btrfs +seccomp systemd test" -RESTRICT="test" -DOCS=( - "CHANGELOG.md" - "troubleshooting.md" - "docs/tutorials" -) - -if [[ ${PV} == 9999* ]]; then - inherit git-r3 - EGIT_REPO_URI="https://github.com/containers/buildah.git" -else - SRC_URI="https://github.com/containers/buildah/archive/v${PV}.tar.gz -> ${P}.tar.gz" - KEYWORDS="~amd64 ~arm64" -fi - -RDEPEND=" - systemd? ( sys-apps/systemd ) - btrfs? ( sys-fs/btrfs-progs ) - seccomp? ( sys-libs/libseccomp:= ) - apparmor? ( sys-libs/libapparmor:= ) - >=app-containers/containers-common-0.58.0-r1 - app-crypt/gpgme:= - dev-libs/libgpg-error:= - dev-libs/libassuan:= - sys-apps/shadow:= -" -DEPEND="${RDEPEND}" -BDEPEND="dev-go/go-md2man" - -PATCHES=( - "${FILESDIR}"/dont-call-as-directly-upstream-pr-5436.patch -) - -pkg_pretend() { - local CONFIG_CHECK="" - use btrfs && CONFIG_CHECK+=" ~BTRFS_FS" - check_extra_config - - linux_config_exists || ewarn "Cannot determine configuration of your kernel." -} - -src_prepare() { - default - - # ensure all necessary files are there - local file - for file in docs/Makefile hack/libsubid_tag.sh hack/apparmor_tag.sh \ - hack/systemd_tag.sh btrfs_installed_tag.sh btrfs_tag.sh; do - [[ -f "${file}" ]] || die - done - - sed -i -e "s|/usr/local|/usr|g" Makefile docs/Makefile || die - echo -e '#!/usr/bin/env bash\necho libsubid' > hack/libsubid_tag.sh || die - - cat <<-EOF > hack/apparmor_tag.sh || die - #!/usr/bin/env bash - $(usex apparmor 'echo apparmor' echo) - EOF - - use seccomp || { - cat <<-'EOF' > "${T}/disable_seccomp.patch" - --- a/Makefile - +++ b/Makefile - @@ -5 +5 @@ - -SECURITYTAGS ?= seccomp $(APPARMORTAG) - +SECURITYTAGS ?= $(APPARMORTAG) - EOF - eapply "${T}/disable_seccomp.patch" || die - } - - cat <<-EOF > hack/systemd_tag.sh || die - #!/usr/bin/env bash - $(usex systemd 'echo systemd' echo) - EOF - - echo -e "#!/usr/bin/env bash\n echo" > btrfs_installed_tag.sh || die - cat <<-EOF > btrfs_tag.sh || die - #!/usr/bin/env bash - $(usex btrfs echo 'echo exclude_graphdriver_btrfs btrfs_noversion') - EOF - - use test || { - cat <<-'EOF' > "${T}/disable_tests.patch" - --- a/Makefile - +++ b/Makefile - @@ -54 +54 @@ - -all: bin/buildah bin/imgtype bin/copy bin/tutorial docs - +all: bin/buildah docs - @@ -123 +123 @@ - -docs: install.tools ## build the docs on the host - +docs: ## build the docs on the host - EOF - eapply "${T}/disable_tests.patch" || die - } - -} - -src_compile() { - # For non-live versions, prevent git operations which causes sandbox violations - # https://github.com/gentoo/gentoo/pull/33531#issuecomment-1786107493 - [[ ${PV} != 9999* ]] && export COMMIT_NO="" GIT_COMMIT="" - - tc-export AS LD - export GOMD2MAN="$(command -v go-md2man)" - default -} - -src_test() { - emake test-unit -} - -src_install() { - emake DESTDIR="${ED}" install install.completions - einstalldocs -} |