podman: update to v4.4.2

Security:
 - This release fixes CVE-2023-0778, which allowed a malicious user to potentially replace a normal file in a volume with a symlink while exporting the volume, allowing for access to arbitrary files on the host file system.

Bugfixes:
 - Fixed a bug where containers started via the podman-kube systemd template would always use the "passthrough" log driver (#17482).
 - Fixed a bug where pulls would unexpectedly encounter an EOF error. Now, Podman automatically transparently resumes aborted pull connections.
 - Fixed a race condition in Podman's signal proxy.

Misc:
 - Updated the containers/image library to v5.24.1.

Patch also refreshed

Signed-off-by: Oskari Rauta <redacted>

diff --git a/utils/podman/Makefile b/utils/podman/Makefile
index d18411e7c61a25ec531803f045a4ab25c3836462..4584f4a2c6572b54446ca094db294b2568d9781f 100644 (file)
--- a/utils/podman/Makefile
+++ b/utils/podman/Makefile
@@ -1,12 +1,12 @@
 include $(TOPDIR)/rules.mk
 
 PKG_NAME:=podman
-PKG_VERSION:=4.4.1
+PKG_VERSION:=4.4.2
 PKG_RELEASE:=1
 
 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
 PKG_SOURCE_URL:=https://github.com/containers/podman/archive/v$(PKG_VERSION)
-PKG_HASH:=0b84dbc3ca1d3cc75708635e3a322c481bb679103040866024b1fa2be6826455
+PKG_HASH:=59cec158438efa8a3e651b19e150d9afd90f7e3f07c30605a997e18b8c54b67c
 
 PKG_LICENSE:=Apache-2.0
 PKG_LICENSE_FILES:=LICENSE

diff --git a/utils/podman/patches/010-do-not-build-docs.patch b/utils/podman/patches/010-do-not-build-docs.patch
index 67317fda39bc09602e22a3702b272d75156449a3..6f77e1b87488d5f68171afb096df7aaef11cf990 100644 (file)
--- a/utils/podman/patches/010-do-not-build-docs.patch
+++ b/utils/podman/patches/010-do-not-build-docs.patch
@@ -9,7 +9,7 @@
  
  .PHONY: binaries
  ifeq ($(shell uname -s),FreeBSD)
-@@ -792,7 +792,7 @@ package-install: package  ## Install rpm
+@@ -797,7 +797,7 @@ package-install: package  ## Install rpm
        /usr/bin/podman info  # will catch a broken conmon
  
  .PHONY: install