From d6d9ee59c230e1e69b720555d664b9e99eeadbda Mon Sep 17 00:00:00 2001
From: Daniel J Walsh <dwalsh@redhat.com>
Date: Wed, 8 Nov 2017 17:54:16 +0000
Subject:  Bump github.com/vbatts/tar-split  Fixes CVE That could allow a
 container image to cause a DOS

---
 .gitignore   |  1 +
 buildah.spec | 10 +++++++---
 sources      |  2 +-
 3 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/.gitignore b/.gitignore
index f306b79..57985c7 100644
--- a/.gitignore
+++ b/.gitignore
@@ -5,3 +5,4 @@
 /buildah-b9b2a8a.tar.gz
 /buildah-9cbccf8.tar.gz
 /buildah-35afa1c.tar.gz
+/buildah-f7dc659.tar.gz
diff --git a/buildah.spec b/buildah.spec
index 757788d..4b0db0b 100644
--- a/buildah.spec
+++ b/buildah.spec
@@ -21,12 +21,12 @@
 # https://github.com/projectatomic/buildah
 %global provider_prefix %{provider}.%{provider_tld}/%{project}/%{repo}
 %global import_path     %{provider_prefix}
-%global commit         35afa1c1f4143130668eff755187bac1866a8704
+%global commit         f7dc659e52ba861f12f13c7f98030773a785cbb9
 %global shortcommit    %(c=%{commit}; echo ${c:0:7})
 
 Name:           buildah
 Version:        0.5
-Release:        1.git%{shortcommit}%{?dist}
+Release:        2.git%{shortcommit}%{?dist}
 Summary:        A command line tool used for creating OCI Images
 License:        ASL 2.0
 URL:            https://%{provider_prefix}
@@ -70,7 +70,7 @@ popd
 mv vendor src
 
 export GOPATH=$(pwd)/_build:$(pwd):%{gopath}
-make all
+make all GIT_COMMIT=%{shortcommit}
 
 
 %install
@@ -90,6 +90,10 @@ make DESTDIR=%{buildroot} PREFIX=%{_prefix} install install.completions
 %{_datadir}/bash-completion/completions/buildah
 
 %changelog
+* Wed Nov 08 2017 Dan Walsh <dwalsh@redhat.com> 0.5-2
+-  Bump github.com/vbatts/tar-split
+-  Fixes CVE That could allow a container image to cause a DOS
+
 * Tue Nov 07 2017 Dan Walsh <dwalsh@redhat.com> 0.5-1
 -  Add secrets patch to buildah
 -  Add proper SELinux labeling to buildah run
diff --git a/sources b/sources
index db04117..2891950 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (buildah-35afa1c.tar.gz) = df23f69a566c52dc45fb2f4c1014066a063abe70b42c006f08cd59860fe8fa7906137510591875c0d3664155fe688363af8ea335908a9580ea0753493a045972
+SHA512 (buildah-f7dc659.tar.gz) = 0685d651166a75e6e41f727f790b9b849f469cd3181b3b62d69771767e7b5e44c53e4354cf3a9f6c1662cecd71141b0ad2c54da01955731211f9e3b783089b95
-- 
cgit