[ubuntu/focal-security] docker.io 20.10.7-0ubuntu1~20.04.1 (Accepted)

Leonidas S. Barbosa leo.barbosa at canonical.com
Thu Aug 5 13:36:58 UTC 2021

docker.io (20.10.7-0ubuntu1~20.04.1) focal-security; urgency=medium

  * Backport version 20.10.7-0ubuntu1 from Impish (LP: #1938908).

docker.io (20.10.7-0ubuntu1) impish; urgency=medium

  * New upstream release.
    - Among new features and bug fixes, the CVE-2021-21284 and CVE-2021-21285
      were addressed.
  * d/watch: adjust regex to correctly match the tarball files.
  * d/rules: make some improvements.
    - Adjust regex in the build-manpages target due to some upstream changes.
    - Separately install the systemd service and socket.
    - Tell dh_installsystemd to not stop the service during the upgrade.
      The previous implementation worked fine until debhelper compat 10 where
      dh_systemd_start was still a thing. In compat 11, it was deprecated
      which means that piece of code was not called.

docker.io (20.10.2-0ubuntu2) hirsute; urgency=medium

  [ William 'jawn-smith' Wilson ]
  * Add a preinst check for aufs storage-driver to fail the upgrade.
    (LP: #1907713)

docker.io (20.10.2-0ubuntu1) hirsute; urgency=medium

  * New upstream release.
  * d/watch: update components, docker-ce is deprecated now.
    Add "engine", "cli" and "packaging" components which were previously
    provided by docker-ce.
  * Pass create-empty-orig to dpkg-source since now there is no main tarball.
    Due to docker-ce deprecation this source package is now composed by
    multiple components but no main tarball. In order to allow that,
    create-empty-orig is passed to dpkg-source which creates an empty
    tarball for us.
  * Drop patches applied by upstream:
    - d/p/41518--apparmor-parser-beta.patch
    - d/p/CVE-2020-15157.patch
  * Add docker systemd service and socket to the debian directory.
    Instead of using the packaging component just to get those two files
    let's embed them in the debian directory. They were downloaded from the
    master branch of the docker/docker-ce-packaging:
  * Apply changes in do-not-bind-docker-to-containerd.patch to systemd service.
    The systemd service is part of the debian packaging directory, so no
    need to have a patch for this.
    This change was a decision made by the Ubuntu community, pay attention
    to this when updating the systemd service file.
  * Pass --name=docker to dh_installsystemd
  * Remove "components/" from all references of engine and cli.
    Now engine and cli are regular components in the root of the source
    package. They are not under the components directory anymore.
  * d/rules: use DEB_VERSION_UPSTREAM from pkg-info.mk instead of VERSION file.
    The VERSION file was previously provided by the deprecated docker-ce.
  * d/rules: do not try to install md2man in /go/bin/md2man.
    Upstream source code changed and by default it tries to install it in
    /go/bin/md2man. A sed command was added to replace this path with
  * d/vim-syntax-docker.install: do not install files from engine.
    Those files do not exist anymore because they were incorporated in vim
    itself upstream.
  * Remove d/{helpers/gitcommit.sh,upstream-version-gitcommits}
    Since the main repo, docker-ce, is deprecated there is no way to get a
    consistent git commit hash across all the components. Let's use
    DEB_VERSION for now.
  * Bump debhelper compatibility level to 11.
    For instance to call dh_installsystemd we need a compat level > 9.
    I picked 11 because it is available from Bionic on in case we want to
    backport the package.

Date: 2021-08-04 22:51:09.632554+00:00
Signed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
-------------- next part --------------
Sorry, changesfile not available.

More information about the Focal-changes mailing list