From 4631dc9efa49bea13fd2162aecb4ac1e4e679250 Mon Sep 17 00:00:00 2001
From: CentOS Sources <bugs@centos.org>
Date: Jan 21 2020 21:26:32 +0000
Subject: import podman-1.6.4-1.module+el8.2.0+5182+3136e5d4


---

diff --git a/.gitignore b/.gitignore
index 74a0ea1..e444053 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,2 +1 @@
-SOURCES/conmon-8455ce1.tar.gz
-SOURCES/libpod-9b6a98c.tar.gz
+SOURCES/libpod-5cc9284.tar.gz
diff --git a/.podman.metadata b/.podman.metadata
index eb42210..d1ef31e 100644
--- a/.podman.metadata
+++ b/.podman.metadata
@@ -1,2 +1 @@
-64e40f340f3f708ccf7d6815b136fa4265838524 SOURCES/conmon-8455ce1.tar.gz
-7a0712fa60a3afd9ee43ca5452f3168fd597905f SOURCES/libpod-9b6a98c.tar.gz
+dd35f1a00ac7860feeaa77dd5a92bc7bb310b821 SOURCES/libpod-5cc9284.tar.gz
diff --git a/SPECS/podman.spec b/SPECS/podman.spec
index 9145751..5aab85c 100644
--- a/SPECS/podman.spec
+++ b/SPECS/podman.spec
@@ -1,6 +1,9 @@
 %global with_debug 1
 %global with_check 0
 
+%bcond_without varlink
+%global gogenerate go generate
+
 %if 0%{?with_debug}
 %global _find_debuginfo_dwz_opts %{nil}
 %global _dwz_low_mem_die_limit 0
@@ -8,15 +11,10 @@
 %global debug_package   %{nil}
 %endif
 
+%if 0%{?rhel} > 7 && ! 0%{?fedora}
 %define gobuild(o:) \
-go build -buildmode pie -compiler gc -tags="rpm_crashtraceback ${BUILDTAGS:-}" -ldflags "${LDFLAGS:-} -compressdwarf=false -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \\n') -extldflags '%__global_ldflags'" -a -v -x %{?**};
-%define gogenerate go generate
-
-%if 0%{?rhel} > 7 || 0%{?fedora}
-%bcond_without varlink
-%else
-%bcond_with varlink
-%endif # rhel8 and fedora varlink
+go build -buildmode pie -compiler gc -tags="rpm_crashtraceback libtrust_openssl ${BUILDTAGS:-}" -ldflags "${LDFLAGS:-} -compressdwarf=false -B 0x$(head -c20 /dev/urandom|od -An -tx1|tr -d ' \\n') -extldflags '%__global_ldflags'" -a -v -x %{?**};
+%endif
 
 %global provider github
 %global provider_tld com
@@ -25,30 +23,18 @@ go build -buildmode pie -compiler gc -tags="rpm_crashtraceback ${BUILDTAGS:-}" -
 # https://github.com/containers/libpod
 %global provider_prefix %{provider}.%{provider_tld}/%{project}/%{repo}
 %global import_path %{provider_prefix}
-%global git_podman https://%{provider}.%{provider_tld}/%{project}/%{repo}
-%global commit 9b6a98cfd7813513e5697888baa93318395a2055
-%global shortcommit %(c=%{commit}; echo ${c:0:7})
-
-%global import_path_conmon github.com/containers/conmon
-%global git_conmon https://%{import_path_conmon}
-%global commit_conmon 8455ce1ef385120deb827d0f0588c04357bad4c4
-%global shortcommit_conmon %(c=%{commit_conmon}; echo ${c:0:7})
+%global git0 https://%{provider}.%{provider_tld}/%{project}/%{repo}
+%global commit0 5cc92849f7fc9dd734ca2fd8f3ae8830b9a7eb26
+%global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
 
 Name: podman
-Version: 1.4.2
+Version: 1.6.4
 Release: 1%{?dist}
 Summary: Manage Pods, Containers and Container Images
 License: ASL 2.0
-URL: %{git_podman}
-Source0: %{git_podman}/archive/%{commit}/%{repo}-%{shortcommit}.tar.gz
-Source1: %{git_conmon}/archive/%{commit_conmon}/conmon-%{shortcommit_conmon}.tar.gz
-
-# e.g. el6 has ppc64 arch without gcc-go, so EA tag is required
-#ExclusiveArch:  %%{?go_arches:%%{go_arches}}%%{!?go_arches:%%{ix86} x86_64 aarch64 %%{arm}}
-ExclusiveArch: aarch64 %{arm} ppc64le s390x x86_64
-# If go_compiler is not set to 1, there is no virtual provide. Use golang instead.
-BuildRequires: %{?go_compiler:compiler(go-compiler)}%{!?go_compiler:golang}
-BuildRequires: device-mapper-devel
+URL: https://%{name}.io/
+Source0: %{git0}/archive/%{commit0}/%{repo}-%{shortcommit0}.tar.gz
+BuildRequires: golang >= 1.12.12-4
 BuildRequires: glib2-devel
 BuildRequires: glibc-devel
 BuildRequires: glibc-static
@@ -61,19 +47,21 @@ BuildRequires: libseccomp-devel
 BuildRequires: libselinux-devel
 BuildRequires: ostree-devel
 BuildRequires: pkgconfig
-Requires: runc
+BuildRequires: make
+BuildRequires: systemd
+BuildRequires: systemd-devel
 Requires: containers-common >= 0.1.29-3
-# can't use default conmon right now, so we ship our own
-#Requires:       conmon
 Requires: containernetworking-plugins >= 0.8.1-1
 Requires: iptables
 Requires: nftables
-Requires: oci-systemd-hook
+Requires: libseccomp >= 2.4.1
+Requires: conmon
 Requires: %{name}-manpages = %{version}-%{release}
-Recommends: container-selinux
-Recommends: slirp4netns
-Recommends: fuse-overlayfs
-Recommends: libvarlink
+Requires: container-selinux
+Requires: slirp4netns >= 0.4.0-1
+Requires: runc >= 1.0.0-57
+Requires: fuse-overlayfs
+Requires: libvarlink
 
 # vendored libraries
 # awk '{print "Provides: bundled(golang("$1")) = "$2}' vendor.conf | sort
@@ -83,13 +71,14 @@ Provides: bundled(golang(github.com/blang/semver)) = v3.5.0
 Provides: bundled(golang(github.com/boltdb/bolt)) = master
 Provides: bundled(golang(github.com/buger/goterm)) = 2f8dfbc7dbbff5dd1d391ed91482c24df243b2d3
 Provides: bundled(golang(github.com/BurntSushi/toml)) = v0.2.0
-Provides: bundled(golang(github.com/containerd/cgroups)) = 77e628511d924b13a77cebdc73b757a47f6d751b
+Provides: bundled(golang(github.com/containerd/cgroups)) = 58556f5ad8448d99a6f7bea69ea4bdb7747cfeb0
 Provides: bundled(golang(github.com/containerd/continuity)) = master
-Provides: bundled(golang(github.com/containernetworking/cni)) = v0.7.0-alpha1
+#Provides: bundled(golang(github.com/containernetworking/cni)) = v0.7.0-alpha1
 Provides: bundled(golang(github.com/containernetworking/plugins)) = 1562a1e60ed101aacc5e08ed9dbeba8e9f3d4ec1
-Provides: bundled(golang(github.com/containers/image)) = 134f99bed228d6297dc01d152804f6f09f185418
-Provides: bundled(golang(github.com/containers/psgo)) = 382fc951fe0a8aba62043862ce1a56f77524db87
-Provides: bundled(golang(github.com/containers/storage)) = 17c7d1fee5603ccf6dd97edc14162fc1510e7e23
+Provides: bundled(golang(github.com/containers/image)) = 85d7559d44fd71f30e46e43d809bfbf88d11d916
+Provides: bundled(golang(github.com/containers/psgo)) = 5dde6da0bc8831b35243a847625bcf18183bd1ee
+Provides: bundled(golang(github.com/containers/storage)) = 243c4cd616afdf06b4a975f18c4db083d26b1641
+Provides: bundled(golang(github.com/coreos/go-iptables)) = 25d087f3cffd9aedc0c2b7eff25f23cbf3c20fe1
 Provides: bundled(golang(github.com/coreos/go-systemd)) = v14
 Provides: bundled(golang(github.com/cri-o/ocicni)) = master
 Provides: bundled(golang(github.com/cyphar/filepath-securejoin)) = v0.2.1
@@ -120,6 +109,7 @@ Provides: bundled(golang(github.com/hashicorp/go-multierror)) = 83588e72410abfbe
 Provides: bundled(golang(github.com/imdario/mergo)) = 0.2.2
 Provides: bundled(golang(github.com/json-iterator/go)) = 1.0.0
 Provides: bundled(golang(github.com/kr/pty)) = v1.0.0
+Provides: bundled(golang(github.com/mailru/easyjson)) = 03f2033d19d5860aef995fe360ac7d395cd8ce65
 Provides: bundled(golang(github.com/mattn/go-runewidth)) = v0.0.1
 Provides: bundled(golang(github.com/Microsoft/go-winio)) = 78439966b38d69bf38227fbf57ac8a6fee70f69a
 Provides: bundled(golang(github.com/Microsoft/hcsshim)) = 43f9725307998e09f2e3816c2c0c36dc98f0c982
@@ -127,18 +117,18 @@ Provides: bundled(golang(github.com/mistifyio/go-zfs)) = v2.1.1
 Provides: bundled(golang(github.com/mrunalp/fileutils)) = master
 Provides: bundled(golang(github.com/mtrmac/gpgme)) = b2432428689ca58c2b8e8dea9449d3295cf96fc9
 Provides: bundled(golang(github.com/Nvveen/Gotty)) = master
-Provides: bundled(golang(github.com/opencontainers/go-digest)) = v1.0.0-rc0
+#Provides: bundled(golang(github.com/opencontainers/go-digest)) = v1.0.0-rc0
 Provides: bundled(golang(github.com/opencontainers/image-spec)) = v1.0.0
 Provides: bundled(golang(github.com/opencontainers/runc)) = b4e2ecb452d9ee4381137cc0a7e6715b96bed6de
-Provides: bundled(golang(github.com/opencontainers/runtime-spec)) = v1.0.0
-Provides: bundled(golang(github.com/opencontainers/runtime-tools)) = 625e2322645b151a7cbb93a8b42920933e72167f
+Provides: bundled(golang(github.com/opencontainers/runtime-spec)) = d810dbc60d8c5aeeb3d054bd1132fab2121968ce
+Provides: bundled(golang(github.com/opencontainers/runtime-tools)) = master
 Provides: bundled(golang(github.com/opencontainers/selinux)) = b6fa367ed7f534f9ba25391cc2d467085dbb445a
 Provides: bundled(golang(github.com/openshift/imagebuilder)) = master
 Provides: bundled(golang(github.com/ostreedev/ostree-go)) = master
 Provides: bundled(golang(github.com/pkg/errors)) = v0.8.0
 Provides: bundled(golang(github.com/pmezard/go-difflib)) = 792786c7400a136282c1664665ae0a8db921c6c2
 Provides: bundled(golang(github.com/pquerna/ffjson)) = d49c2bc1aa135aad0c6f4fc2056623ec78f5d5ac
-Provides: bundled(golang(github.com/projectatomic/buildah)) = 35a37f36d37bf84397d7f79f6bb8649f728c19f1
+Provides: bundled(golang(github.com/projectatomic/buildah)) = af5bbde0180026ae87b7fc81c2dc124aa73ec959
 Provides: bundled(golang(github.com/seccomp/containers-golang)) = master
 Provides: bundled(golang(github.com/seccomp/libseccomp-golang)) = v0.9.0
 Provides: bundled(golang(github.com/sirupsen/logrus)) = v1.0.0
@@ -148,8 +138,7 @@ Provides: bundled(golang(github.com/syndtr/gocapability)) = e7cb7fa329f456b38551
 Provides: bundled(golang(github.com/tchap/go-patricia)) = v2.2.6
 Provides: bundled(golang(github.com/ulikunitz/xz)) = v0.5.4
 Provides: bundled(golang(github.com/ulule/deepcopier)) = master
-# version can't have '-'
-#Provides: bundled(golang(github.com/urfave/cli)) = fix-short-opts-parsing
+Provides: bundled(golang(github.com/urfave/cli)) = 934abfb2f102315b5794e15ebc7949e4ca253920
 Provides: bundled(golang(github.com/varlink/go)) = master
 Provides: bundled(golang(github.com/vbatts/tar-split)) = v0.10.2
 Provides: bundled(golang(github.com/vishvananda/netlink)) = master
@@ -177,38 +166,28 @@ Provides: bundled(golang(k8s.io/kube-openapi)) = 275e2ce91dec4c05a4094a7b1daee55
 Provides: bundled(golang(k8s.io/utils)) = 258e2a2fa64568210fbd6267cf1d8fd87c3cb86e
 
 %description
+%{name} (Pod Manager) is a fully featured container engine that is a simple daemonless tool.  %{name} provides a Docker-CLI comparable command line that eases the transition from other container engines and allows the management of pods, containers and images.  Simply put: alias docker=%{name}.  Most %{name} commands can be run as a regular user, without requiring additional privileges.
+
+%{name} uses Buildah(1) internally to create container images. Both tools share image (not container) storage, hence each can use or manipulate images (but not containers) created by the other.
+
 %{summary}
-libpod provides a library for applications looking to use
-the Container Pod concept popularized by Kubernetes.
+%{repo} Simple management tool for pods, containers and images
 
 %package docker
-Summary: Emulate Docker CLI using podman
+Summary: Emulate Docker CLI using %{name}
 BuildArch: noarch
 Requires: %{name} = %{version}-%{release}
-Recommends: %{name}-manpages = %{version}-%{release}
 Conflicts: docker
-Provides : docker
 Conflicts: docker-latest
 Conflicts: docker-ce
 Conflicts: docker-ee
+Conflicts: moby-engine
 
 %description docker
 This package installs a script named docker that emulates the Docker CLI by
-executing %{name} commands, it also creates links between all Docker CLI man
+executes %{name} commands, it also creates links between all Docker CLI man
 pages and %{name}.
 
-%package tests
-Summary: Tests for %{name}
-Requires: slirp4netns
-Requires: %{name} = %{version}-%{release}
-#Requires: bats  (which RHEL8 doesn't have. If it ever does, un-comment this)
-Requires: jq
-
-%description tests
-%{summary}
-
-This package contains system tests for %{name}
-
 %package manpages
 Summary: Man pages for the %{name} commands
 BuildArch: noarch
@@ -218,8 +197,6 @@ Man pages for the %{name} commands
 
 %package remote
 Summary: (Experimental) Remote client for managing %{name} containers
-Recommends: %{name}-manpages = %{version}-%{release}
-Requires: libvarlink
 
 %description remote
 Remote client for managing %{name} containers.
@@ -231,14 +208,29 @@ run %{name}-remote in production.
 manage pods, containers and container images. %{name}-remote supports ssh
 connections as well.
 
+%package tests
+Summary: Tests for %{name}
+Requires: %{name} = %{version}-%{release}
+#Requires: bats  (which RHEL8 doesn't have. If it ever does, un-comment this)
+Requires: jq
+
+%description tests
+%{summary}
+
+This package contains system tests for %{name}
+
 %prep
-%autosetup -Sgit -n %{repo}-%{commit}
-mv pkg/hooks/README.md pkg/hooks/README-hooks.md
+%autosetup -Sgit -n %{repo}-%{commit0}
 
-# untar conmon
-tar zxf %{SOURCE1}
+sed -i 's/install.bin: podman/install.bin:/' Makefile
+sed -i 's/install.man: docs/install.man:/' Makefile
+sed -i 's/install.remote: podman-remote/install.remote:/' Makefile
+mv pkg/hooks/README.md pkg/hooks/README-hooks.md
 
 %build
+export GO111MODULE=off
+export GOPATH=$(pwd):$(pwd)/_build
+
 mkdir -p $(pwd)/_build
 pushd $(pwd)/_build
 mkdir -p src/%{provider}.%{provider_tld}/%{project}
@@ -246,54 +238,66 @@ ln -s ../../../../ src/%{import_path}
 popd
 ln -s vendor src
 
-export GOPATH=$(pwd):$(pwd)/_build
-
+rm -rf vendor/github.com/containers/storage/drivers/register/register_btrfs.go
 %gogenerate ./cmd/%{name}/varlink/...
 
-export BUILDTAGS="varlink systemd selinux seccomp exclude_graphdriver_btrfs exclude_graphdriver_devicemapper $(hack/libdm_tag.sh)"
+# build %%{name}
+export BUILDTAGS="varlink systemd selinux seccomp btrfs_noversion exclude_graphdriver_devicemapper $(hack/libdm_tag.sh)"
 %gobuild -o bin/%{name} %{import_path}/cmd/%{name}
-export BUILDTAGS="remoteclient varlink systemd selinux seccomp exclude_graphdriver_btrfs exclude_graphdriver_devicemapper $(hack/libdm_tag.sh)"
+
+# build %%{name}-remote
+export BUILDTAGS="remoteclient $BUILDTAGS"
 %gobuild -o bin/%{name}-remote %{import_path}/cmd/%{name}
 
-# build conmon
-pushd conmon-%{commit_conmon}
-%{__make} all
-popd
+%{__make} docs
+./docs/dckrman.sh ./docs/build/man/*
 
 %install
-install -dp %{buildroot}{%{_unitdir}
-%{__make} PREFIX=%{buildroot}%{_usr} ETCDIR=%{buildroot}%{_sysconfdir} \
+install -dp %{buildroot}%{_unitdir}
+PODMAN_VERSION=%{version} %{__make} PREFIX=%{buildroot}%{_prefix} ETCDIR=%{buildroot}%{_sysconfdir} \
         install.bin \
         install.remote \
         install.man \
         install.cni \
         install.systemd \
-        install.completions \
-        install.docker
+        install.completions
 
 # install libpod.conf
 install -dp %{buildroot}%{_datadir}/containers
-install -p -m 644 %{repo}.conf %{buildroot}%{_datadir}/containers
+install -m 644 %{repo}.conf %{buildroot}%{_datadir}/containers
 
-# install conmon
-pushd conmon-%{commit_conmon}
-%{__make} LIBEXECDIR=%{buildroot}%{_libexecdir} install.%{name}
-popd
+# install docker-docs
+install -dp %{buildroot}%{_mandir}/man1
+install -m 644 docs/build/man/docker*.1 -t %{buildroot}%{_mandir}/man1
+
+# install docker symlink
+install -m 755 docker %{buildroot}%{_bindir}
+
+# install test stuff
+ln -s ./ ./vendor/src # ./vendor/src -> ./vendor
+install -d -p %{buildroot}/%{_datadir}/%{name}/test/system
+cp -pav test/system %{buildroot}/%{_datadir}/%{name}/test/
 
 %check
 %if 0%{?with_check}
+# Since we aren't packaging up the vendor directory we need to link
+# back to it somehow. Hack it up so that we can add the vendor
+# directory from BUILD dir as a gopath to be searched when executing
+# tests from the BUILDROOT dir.
 ln -s ./ ./vendor/src # ./vendor/src -> ./vendor
+
 export GOPATH=%{buildroot}/%{gopath}:$(pwd)/vendor:%{gopath}
 
+%if ! 0%{?gotest:1}
+%global gotest go test
+%endif
+
 %gotest %{import_path}/cmd/%{name}
 %gotest %{import_path}/libkpod
 %gotest %{import_path}/libpod
 %gotest %{import_path}/pkg/registrar
 %endif
 
-install -d -p %{buildroot}/%{_datadir}/%{name}/test/system
-cp -pav test/system %{buildroot}/%{_datadir}/%{name}/test/
-
 %triggerpostun -- %{name} < 1.1
 %{_bindir}/%{name} system renumber
 exit 0
@@ -305,33 +309,116 @@ exit 0
 %license LICENSE
 %doc README.md CONTRIBUTING.md pkg/hooks/README-hooks.md install.md code-of-conduct.md transfer.md
 %{_bindir}/%{name}
+%{_mandir}/man5/*.5*
 %{_datadir}/bash-completion/completions/*
-%dir %{_datadir}/zsh/site-functions
-%{_datadir}/zsh/site-functions/_%{name}
-%dir %{_libexecdir}/%{name}
-%{_libexecdir}/%{name}/conmon
+# By "owning" the site-functions dir, we don't need to Require zsh
+%{_datadir}/zsh/site-functions
+%{_datadir}/zsh/site-functions/*
 %config(noreplace) %{_sysconfdir}/cni/net.d/87-%{name}-bridge.conflist
 %{_datadir}/containers/%{repo}.conf
 %{_unitdir}/io.%{name}.service
 %{_unitdir}/io.%{name}.socket
+%{_userunitdir}/io.%{name}.service
+%{_userunitdir}/io.%{name}.socket
+
 %{_usr}/lib/tmpfiles.d/%{name}.conf
 
 %files docker
 %{_bindir}/docker
-
-%files tests
-%license LICENSE
-%{_datadir}/%{name}/test
+%{_mandir}/man1/docker*.1*
 
 %files manpages
-%{_mandir}/man1/*.1*
-%{_mandir}/man5/*.5*
+%{_mandir}/man1/%{name}*.1*
 
 %files remote
-%license LICENSE
 %{_bindir}/%{name}-remote
 
+%files tests
+%license LICENSE
+%{_datadir}/%{name}/test
+
 %changelog
+* Wed Dec 11 2019 Jindrich Novy <jnovy@redhat.com> - 1.6.4-1
+- update to 1.6.4
+- Related: RHELPLAN-25139
+
+* Sat Dec 07 2019 Jindrich Novy <jnovy@redhat.com> - 1.6.3-6
+- remove BR: device-mapper-devel, minor spec file changes
+- Related: RHELPLAN-25139
+
+* Tue Dec 03 2019 Jindrich Novy <jnovy@redhat.com> - 1.6.3-5
+- Ensure volumes reacquire locks on state refresh (thanks Matt Heon)
+- Related: RHELPLAN-25139
+
+* Fri Nov 29 2019 Jindrich Novy <jnovy@redhat.com> - 1.6.3-4
+- use the file events logger backend if systemd isn't available
+  (thanks to Giuseppe Scrivano)
+- Related: RHELPLAN-25139
+
+* Thu Nov 21 2019 Jindrich Novy <jnovy@redhat.com> - 1.6.3-3
+- require slirp4netns >= 0.4.0-1
+- Resolves: #1766774
+
+* Tue Nov 19 2019 Jindrich Novy <jnovy@redhat.com> - 1.6.3-2
+- apply fix to not to fail gating tests:
+  don't parse the config for cgroup-manager default
+- don't hang while on podman run --rm - bug 1767663
+- Related: RHELPLAN-25139
+
+* Mon Nov 18 2019 Jindrich Novy <jnovy@redhat.com> - 1.6.3-1
+- update to podman 1.6.3
+- addresses CVE-2019-18466
+- Related: RHELPLAN-25139
+
+* Fri Nov 08 2019 Jindrich Novy <jnovy@redhat.com> - 1.6.2-6
+- fix %%gobuild macro to not to ignore BUILDTAGS
+- Related: RHELPLAN-25139
+
+* Tue Nov 05 2019 Jindrich Novy <jnovy@redhat.com> - 1.6.2-5
+- use btrfs_noversion to really disable BTRFS support
+- amend/reuse BUILDTAGS
+- still keep device-mapper-devel BR otherwise build fails
+  despite dm support being disabled (build scripting invokes
+  pkg-config for devmapper which is shipped by the dm-devel
+  package)
+- Related: RHELPLAN-25139
+
+* Mon Nov 04 2019 Jindrich Novy <jnovy@redhat.com> - 1.6.2-4
+- disable BTRFS support
+- Related: RHELPLAN-25139
+
+* Mon Nov 04 2019 Jindrich Novy <jnovy@redhat.com> - 1.6.2-3
+- split podman and conmon packages
+- drop BR: device-mapper-devel and update BRs in general
+- Related: RHELPLAN-25139
+
+* Fri Nov 01 2019 Jindrich Novy <jnovy@redhat.com> - 1.6.2-2
+- drop oci-systemd-hook requirement
+- drop upstreamed CVE-2019-10214 patch
+- Related: RHELPLAN-25139
+
+* Tue Oct 29 2019 Jindrich Novy <jnovy@redhat.com> - 1.6.2-1
+- update to podman 1.6.2
+
+* Wed Oct 16 2019 Jindrich Novy <jnovy@redhat.com> - 1.4.2-6
+- fix build with --nocheck (#1721394)
+- escape commented out macros
+
+* Thu Sep 12 2019 Jindrich Novy <jnovy@redhat.com> - 1.4.2-5
+- Fix CVE-2019-10214 (#1734649).
+
+* Tue Sep 03 2019 Jindrich Novy <jnovy@redhat.com> - 1.4.2-4
+- update to latest conmon (Resolves: #1743685)
+
+* Wed Aug 28 2019 Jindrich Novy <jnovy@redhat.com> - 1.4.2-3
+- update to v1.4.2-stable1
+- Resolves: #1741157
+
+* Wed Jun 19 2019 Lokesh Mandvekar <lsm5@redhat.com> - 1.4.2-2
+- Resolves: #1669197, #1705763, #1737077, #1671622, #1723879, #1730281,
+- Resolves: #1731117
+- built libpod v1.4.2-stable1
+
 * Wed Jun 19 2019 Lokesh Mandvekar <lsm5@redhat.com> - 1.4.2-1
 - Resolves: #1721638
 - bump to v1.4.2