docker.io (20.10.21-0ubuntu1~22.04.8) jammy-security; urgency=medium

  * No change rebuild due to golang-1.22 update 

 -- Evan Caville <evan.caville@canonical.com>  Mon, 23 Jun 2025 09:59:12 +1000

docker.io (20.10.21-0ubuntu1~22.04.7) jammy-security; urgency=medium

  * No change rebuild due to golang-1.21 update

 -- Nishit Majithia <nishit.majithia@canonical.com>  Wed, 10 Jul 2024 10:02:11 +0530

docker.io (20.10.21-0ubuntu1~22.04.6) jammy-security; urgency=medium

  * No change rebuild due to golang-1.20, golang-1.21 updates

 -- Nishit Majithia <nishit.majithia@canonical.com>  Thu, 18 Jan 2024 10:10:23 +0530

docker.io (20.10.21-0ubuntu1~22.04.5) jammy; urgency=medium

  * d/tests: remove since docker.io binary package is now provided by
    src:docker.io-app, and the tests were moved to it.

 -- Lucas Kanashiro <kanashiro@ubuntu.com>  Mon, 17 Jul 2023 16:21:21 -0300

docker.io (20.10.21-0ubuntu1~22.04.4) jammy; urgency=medium

  * Do not provide the docker{.io,-doc} binary packages anymore (LP: #2022390).
    Those binary packages are now provided by src:docker.io-app.
    - d/control: remove docker{.io,-doc} binary package paragraphs.
    - d/docker{.io,-doc}*: remove all files related to the removed binaries.
    - d/rules: remove
      override_dh_{installinit,installsystemd,installudev,install}.

 -- Lucas Kanashiro <kanashiro@ubuntu.com>  Fri, 14 Jul 2023 17:01:52 -0300

docker.io (20.10.21-0ubuntu1~22.04.3) jammy-security; urgency=medium

  * No change rebuild due to golang-1.18 update

 -- Nishit Majithia <nishit.majithia@canonical.com>  Thu, 27 Apr 2023 11:07:25 +0530

docker.io (20.10.21-0ubuntu1~22.04.2) jammy; urgency=medium

  * d/tests: install lxd via snap in docker-in-lxd test.
    Since Jammy, lxd is not available as a .deb anymore. Let's install it via
    snap.

 -- Lucas Kanashiro <kanashiro@ubuntu.com>  Wed, 15 Feb 2023 12:26:57 -0300

docker.io (20.10.21-0ubuntu1~22.04.1) jammy; urgency=medium

  * Backport version 20.10.21-0ubuntu1 from Lunar (LP: #1996909).

 -- Lucas Kanashiro <kanashiro@ubuntu.com>  Thu, 17 Nov 2022 17:08:15 -0300

docker.io (20.10.21-0ubuntu1) lunar; urgency=medium

  * New upstream release.

 -- Lucas Kanashiro <kanashiro@ubuntu.com>  Wed, 16 Nov 2022 15:42:50 -0300

docker.io (20.10.16-0ubuntu1) kinetic; urgency=medium

  * New upstream release.

 -- Lucas Kanashiro <kanashiro@ubuntu.com>  Thu, 12 May 2022 17:04:31 -0300

docker.io (20.10.12-0ubuntu4) jammy; urgency=medium

  * Enable riscv64 architecture (LP: #1963920)

 -- Heinrich Schuchardt <heinrich.schuchardt@canonical.com>  Mon, 07 Mar 2022 16:57:50 +0100

docker.io (20.10.12-0ubuntu2) jammy; urgency=medium

  * d/t/docker-in-lxd: Match "file:/" instead of "file:///" on
    copy_local_apt_files.
    The command "apt-get indextargets" returns a URI field with "file:/"
    as the prefix.  We've been trying to match "file:///", which is
    sometimes unsuccessful and leads to errors because the local apt cache
    is not copied over to the container.  We can use "file:/" instead,
    which will work on both scenarios.  It's also not a problem to just
    strip the "file:" prefix, because even paths like "///var/cache" are
    correctly resolved by the filesystem.

 -- Sergio Durigan Junior <sergio.durigan@canonical.com>  Fri, 14 Jan 2022 14:30:44 -0500

docker.io (20.10.12-0ubuntu1) jammy; urgency=medium

  * New upstream release.
  * Remove all patches, applied by upstream.
  * Build depend on default golang 1.17.
  * d/rules: set GO111MODULE to auto.

 -- Lucas Kanashiro <kanashiro@ubuntu.com>  Mon, 10 Jan 2022 18:08:58 -0300

docker.io (20.10.7-0ubuntu7) jammy; urgency=medium

  * SECURITY UPDATE: docker cli information disclosure on misconfiguration
    - d/p/CVE-2021-41092.patch: Ensure that default authentication config
    has an address.
    - CVE-2021-41092

 -- Ray Veldkamp <ray.veldkamp@canonical.com>  Fri, 22 Oct 2021 17:03:30 +1100

docker.io (20.10.7-0ubuntu6) devel; urgency=medium

  * d/t/control: Drop unused aufs-tools as a test dependency (LP: #1947004)

 -- Lukas Märdian <slyon@ubuntu.com>  Wed, 13 Oct 2021 17:22:20 +0200

docker.io (20.10.7-0ubuntu5) impish; urgency=medium

  [ Sergio Durigan Junior ]
  * d/t/docker-in-lxd:
    Improve dep8 test.  Make it run a more complex test against an
    ubuntu:devel docker container, especially because glibc updates might
    break docker.io.  Improve test reliability when running autopkgtest
    locally.

  [ Steve Beattie ]
  * SECURITY UPDATE: insufficiently restricted directory permissions
    - d/p/CVE-2021-41091.patch: Lock down docker root dir perms.
    - CVE-2021-41091
  * SECURITY UPDATE: permissions modifications outside of install directory
    - d/p/CVE-2021-41089.patch: chrootarchive: don't create parent dirs
      outside of chroot.
    - CVE-2021-41089

 -- Lucas Kanashiro <kanashiro@ubuntu.com>  Tue, 05 Oct 2021 16:45:26 -0300

docker.io (20.10.7-0ubuntu4) impish; urgency=medium

  * d/p/seccomp-add-support-for-clone3-syscall-in-default-policy.patch: Fix
    failure with new glibc clone3 syscall adding it to the default seccomp
    policy (LP: #1943049).

 -- Lucas Kanashiro <kanashiro@ubuntu.com>  Fri, 10 Sep 2021 15:34:38 -0300

docker.io (20.10.7-0ubuntu3) impish; urgency=medium

  * d/t/docker-in-lxd:
    Perform a full upgrade and restart of the container before attempting
    to install docker.io. (LP: #1942276)

 -- Sergio Durigan Junior <sergio.durigan@canonical.com>  Wed, 01 Sep 2021 18:58:31 -0400

docker.io (20.10.7-0ubuntu2) impish; urgency=medium

  * Ship libnetwork into the golang-github-docker-docker-dev package.
    - d/golang-github-docker-docker-dev.install: add libnetwork directories.
    - d/control: add runtime dependency on golang-github-ishidawataru-sctp-dev

 -- Lucas Kanashiro <kanashiro@ubuntu.com>  Fri, 28 May 2021 10:55:12 -0300

docker.io (20.10.7-0ubuntu1) impish; urgency=medium

  * New upstream release.
    - Among new features and bug fixes, the CVE-2021-21284 and CVE-2021-21285
      were addressed.
  * d/watch: adjust regex to correctly match the tarball files.
  * d/rules: make some improvements.
    - Adjust regex in the build-manpages target due to some upstream changes.
    - Separately install the systemd service and socket.
    - Tell dh_installsystemd to not stop the service during the upgrade.
      The previous implementation worked fine until debhelper compat 10 where
      dh_systemd_start was still a thing. In compat 11, it was deprecated
      which means that piece of code was not called.

 -- Lucas Kanashiro <kanashiro@ubuntu.com>  Tue, 03 Aug 2021 15:58:42 -0300

docker.io (20.10.2-0ubuntu2) hirsute; urgency=medium

  [ William 'jawn-smith' Wilson ]
  * Add a preinst check for aufs storage-driver to fail the upgrade.
    (LP: #1907713)

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Tue, 02 Mar 2021 18:45:16 +1300

docker.io (20.10.2-0ubuntu1) hirsute; urgency=medium

  * New upstream release.
  * d/watch: update components, docker-ce is deprecated now.
    Add "engine", "cli" and "packaging" components which were previously
    provided by docker-ce.
  * Pass create-empty-orig to dpkg-source since now there is no main tarball.
    Due to docker-ce deprecation this source package is now composed by
    multiple components but no main tarball. In order to allow that,
    create-empty-orig is passed to dpkg-source which creates an empty
    tarball for us.
  * Drop patches applied by upstream:
    - d/p/41518--apparmor-parser-beta.patch
    - d/p/CVE-2020-15157.patch
  * Add docker systemd service and socket to the debian directory.
    Instead of using the packaging component just to get those two files
    let's embed them in the debian directory. They were downloaded from the
    master branch of the docker/docker-ce-packaging:
    https://github.com/docker/docker-ce-packaging/tree/master/systemd
  * Apply changes in do-not-bind-docker-to-containerd.patch to systemd service.
    The systemd service is part of the debian packaging directory, so no
    need to have a patch for this.
    This change was a decision made by the Ubuntu community, pay attention
    to this when updating the systemd service file.
  * Pass --name=docker to dh_installsystemd
  * Remove "components/" from all references of engine and cli.
    Now engine and cli are regular components in the root of the source
    package. They are not under the components directory anymore.
  * d/rules: use DEB_VERSION_UPSTREAM from pkg-info.mk instead of VERSION file.
    The VERSION file was previously provided by the deprecated docker-ce.
  * d/rules: do not try to install md2man in /go/bin/md2man.
    Upstream source code changed and by default it tries to install it in
    /go/bin/md2man. A sed command was added to replace this path with
    $(OUR_GOPATH)/bin/md2man.
  * d/vim-syntax-docker.install: do not install files from engine.
    Those files do not exist anymore because they were incorporated in vim
    itself upstream.
  * Remove d/{helpers/gitcommit.sh,upstream-version-gitcommits}
    Since the main repo, docker-ce, is deprecated there is no way to get a
    consistent git commit hash across all the components. Let's use
    DEB_VERSION for now.
  * Bump debhelper compatibility level to 11.
    For instance to call dh_installsystemd we need a compat level > 9.
    I picked 11 because it is available from Bionic on in case we want to
    backport the package.

 -- Lucas Kanashiro <kanashiro@ubuntu.com>  Fri, 15 Jan 2021 10:30:18 -0300

docker.io (19.03.13-0ubuntu6) hirsute; urgency=medium

  * d/docker.io.postinst: check if zfs exists before calling it (LP: #1910133).
    The zfs executable is provided by zfs-fuse | zfsutils and they are
    runtime Suggested dependencies, which means they might not be available
    during configuration time.

 -- Lucas Kanashiro <kanashiro@ubuntu.com>  Mon, 04 Jan 2021 17:25:39 -0300

docker.io (19.03.13-0ubuntu5) hirsute; urgency=medium

  * d/rules: pass -r instead of --no-stop-on-upgrade to dh_systemd_start.
    The --no-stop-on-upgrade is not backport-able to xenial because
    debhelper 9 does not support that, and --no-restart-on-upgrade will be
    deprecated in debhelper 14. Therefore, let's use the short version which
    is supported by a larger range of debhelper versions.

 -- Lucas Kanashiro <kanashiro@ubuntu.com>  Thu, 10 Dec 2020 16:16:09 -0300

docker.io (19.03.13-0ubuntu4) hirsute; urgency=medium

  * d/p/do_not_bind_docker_to_containerd.patch: Update docker.io to not
    stop when containerd is upgraded, by using Wants= rather than BindTo=.
    (LP: #1870514)
  * d/rules: Fix docker.io to not restart its service during package
    upgrades, to prevent service downtime from automatic updates via
    unattended-upgrade.
    (LP: #1906364)

 -- Bryce Harrington <bryce@canonical.com>  Fri, 04 Dec 2020 23:02:49 +0000

docker.io (19.03.13-0ubuntu3) groovy; urgency=medium

  * SECURITY UPDATE: Sensitive information disclosure
    - debian/patches/CVE-2020-15157.patch: Improve fetch function.
    - CVE-2020-15157

 -- Paulo Flabiano Smorigo <pfsmorigo@canonical.com>  Wed, 14 Oct 2020 13:25:32 +0000

docker.io (19.03.13-0ubuntu2) groovy; urgency=medium

  [ Tianon Gravi ]
  * Backport https://github.com/moby/moby/pull/41518 to handle newer AppArmor

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Fri, 09 Oct 2020 08:28:02 +1300

docker.io (19.03.13-0ubuntu1) groovy; urgency=medium

  [ Tianon Gravi ]
  * Update to 19.03.13 upstream release
  * Build against Go 1.13 (per upstream)
  * Use dh-golang to generate appropriate Built-Using

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Thu, 08 Oct 2020 10:43:13 +1300

docker.io (19.03.11-0ubuntu1) groovy; urgency=medium

  * Update to 19.03.11 upstream release (CVE-2020-13401, LP: #1881679)
  * Apply wrap-and-sort
  * Move cgroupfs-mount to Suggests
    (esp. on Ubuntu where systemd is canonical)

 -- Tianon Gravi <tianon@debian.org>  Mon, 01 Jun 2020 15:14:15 -0700

docker.io (19.03.8-0ubuntu4) groovy; urgency=medium

  * Provide "image" and "oci" components in golang dev package,
    mirroring Debian to address libpod FTBFS

 -- Reinhard Tartler <siretart@tauware.de>  Sat, 30 May 2020 11:56:59 -0400

docker.io (19.03.8-0ubuntu3) groovy; urgency=medium

  * Provide the rootless component in golang dev package, mirroring Debian
    (addresses nomad FTBFS).

 -- Logan Rosen <logan@ubuntu.com>  Tue, 26 May 2020 21:06:20 -0400

docker.io (19.03.8-0ubuntu2) groovy; urgency=medium

  [ Jean-Baptiste Lallement ]
  [ Didier Roche ]
  * Fix use with ZFS on root:
    - docker creates one dataset for any layer of containers that were
      created. Create now a <pool>/var/lib/docker for creating them in
      the persistent namespace and migrate existing one here.
    - purge the automated historic that was created.
    The migration only impacts the ubuntu desktop installation with
    experimental ZFS on root, and we have thus to stop and start the daemon
    to migrate data. (LP: #1879473)

 -- Didier Roche <didrocks@ubuntu.com>  Tue, 19 May 2020 11:01:22 +0200

docker.io (19.03.8-0ubuntu1) focal; urgency=medium

  * Update to 19.03.8 upstream release (LP: #1867068)
    - Improve mitigation for CVE-2019-14271 for some nscd configuration.

 -- Tianon Gravi <tianon@debian.org>  Wed, 11 Mar 2020 15:48:33 -0700

docker.io (19.03.6-0ubuntu1) focal; urgency=medium

  * Update to 19.03.6 upstream release

 -- Tianon Gravi <tianon@debian.org>  Tue, 18 Feb 2020 09:03:26 +1300

docker.io (19.03.2-0ubuntu1) eoan; urgency=medium

  * Update to 19.03.2

 -- Tianon Gravi <tianon@debian.org>  Wed, 11 Sep 2019 15:45:55 -0700

docker.io (18.09.9-0ubuntu1) eoan; urgency=medium

  * Update to 18.09.9
  * Remove leftover sysvinit/upstart patches
    - cgroupfs-mount-convenience-copy.patch
    - devicemapper-cleanup.patch

 -- Tianon Gravi <tianon@debian.org>  Wed, 11 Sep 2019 15:21:11 -0700

docker.io (18.09.8-0ubuntu5) eoan; urgency=medium

  * Set GOCACHE to a safely writable directory during build as the cache is
    mandatory with Go 1.12. 

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Mon, 26 Aug 2019 10:20:12 +1200

docker.io (18.09.8-0ubuntu4) eoan; urgency=medium

  * Add dependency on golang-github-docker-docker-credential-helpers-dev,
    needed by github.com/docker/cli/cli/config/credentials/native_store.go.

 -- Steve Langasek <steve.langasek@ubuntu.com>  Fri, 23 Aug 2019 14:21:42 -0700

docker.io (18.09.8-0ubuntu3) eoan; urgency=medium

  * d/tests/docker-in-lxd: skip on eoan+/i386 as lxd images are no longer
    provided. 

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Thu, 18 Jul 2019 22:44:03 +1200

docker.io (18.09.8-0ubuntu2) eoan; urgency=medium

  * Remove extraneous start/stop of docker via init.d script from basic-smoke
    autopkgtest.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Thu, 18 Jul 2019 15:42:38 +1200

docker.io (18.09.8-0ubuntu1) eoan; urgency=medium

  [ Michael Hudson-Doyle ]
  * Version dependency on containerd.

  [ Tianon Gravi ]
  * Remove sysvinit and upstart scripts (LP: #1832819)
  * Update to 18.09.8 (CVE-2019-13509, LP: #1836987)

 -- Tianon Gravi <tianon@debian.org>  Wed, 17 Jul 2019 18:26:58 -0700

docker.io (18.09.7-0ubuntu1) eoan; urgency=medium

  * Update to 18.09.7. (LP: #1834690)
    - Includes fix for CVE-2018-15664.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Fri, 28 Jun 2019 21:13:02 +0100

docker.io (18.09.5-0ubuntu1) disco; urgency=medium

  * Update to 18.09.5.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Fri, 12 Apr 2019 12:27:37 +1200

docker.io (18.09.3-0ubuntu1) disco; urgency=medium

  * Update to 18.09.3.
    - update d/upstream-version-commits
    - refresh d/patches/docker-prefix.patch to maintain dependence on
      docker-specific containerd daemon.
    - remove d/patches/0001-nsenter-clone-proc-self-exe-to-avoid-exposing-host-b.patch,
      now included upstream.
  * Stop bundling containerd and runc and instead depend on the containerd
    package from the archive.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Thu, 14 Mar 2019 11:22:11 +1300

docker.io (18.09.2-0ubuntu1) disco; urgency=medium

  * Update to 18.09.2, including fix for CVE-2019-5736.
    - Convert components/engine/git-bundles/CVE-2019-5736.bundle into
      d/patches/0001-nsenter-clone-proc-self-exe-to-avoid-exposing-host-b.patch.
    - Hard code RUNC_COMMIT in d/rules for now.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Tue, 12 Feb 2019 10:55:11 +1300

docker.io (18.09.1-0ubuntu2) disco; urgency=medium

  * Update "docker-prefix.patch" to also fix "docker.service"

 -- Tianon Gravi <tianon@debian.org>  Fri, 08 Feb 2019 14:52:47 -0800

docker.io (18.09.1-0~ubuntu1) disco; urgency=medium

  [ Michael Hudson-Doyle ]
  * d/tests/docker-in-lxd: Increase timeout passed to lxd waitready.

  [ Tianon Gravi ]
  * Update to 18.09.1 upstream release

  [ Michael Hudson-Doyle ]
  * d/rules: Empty XDG_RUNTIME_DIR when smoke testing runc to avoid it doing
    silly things.
  * d/golang-github-docker-docker-dev.install: install some more go packages
    that other packages in the archive depend on.

 -- Tianon Gravi <tianon@debian.org>  Thu, 17 Jan 2019 16:14:51 -0800

docker.io (18.06.1-0ubuntu2) disco; urgency=medium

  * Fix containerd/runc embedded commit values
  * Add "libsystemd-dev" to "Build-Depends" (LP: #1802979)

 -- Tianon Gravi <tianon@debian.org>  Fri, 19 Oct 2018 13:06:35 -0700

docker.io (18.06.1-0ubuntu1) cosmic; urgency=medium

  * Update to 18.06.1 upstream release (LP: #1794396)
    - drop "fix-btrfs-constants.patch" (applied upstream)
  * Update debconf to prompt more aggressively (LP: #1784602)
    1. does not prompt on initial install (but does start the daemon)
    2. does prompt on every reinstall / upgrade (if the daemon is running)
    3. does prompt during "dpkg-reconfigure docker.io" (but does _not_
       [re]start the daemon)
    4. works properly with DEBIAN_FRONTEND=noninteractive -- user's
       previous/stored answer to the question automatically applies with no
       prompt
  * Check if "docker" group exists before creating it (LP: #1769911)

 -- Tianon Gravi <tianon@debian.org>  Mon, 24 Sep 2018 15:42:19 -0700

docker.io (17.12.1-0ubuntu6) cosmic; urgency=medium

  * d/tests/docker-in-lxd: Avoid startup race and drop lxd-client depends

 -- Stéphane Graber <stgraber@ubuntu.com>  Sat, 15 Sep 2018 03:07:49 +0200

docker.io (17.12.1-0ubuntu5) cosmic; urgency=medium

  * Fix ftbfs by cherry-picking https://github.com/containerd/btrfs/pull/16.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Wed, 01 Aug 2018 11:40:05 +1200

docker.io (17.12.1-0ubuntu4) cosmic; urgency=medium

  * d/tests/docker-in-lxd: only setup network bridge if missing

 -- Stéphane Graber <stgraber@ubuntu.com>  Tue, 05 Jun 2018 22:58:51 -0400

docker.io (17.12.1-0ubuntu3) cosmic; urgency=medium

  * d/tests/docker-in-lxd: switch to ubuntu-daily lxd remote and wait
    for cloud-init to finish before running commands in the container.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Tue, 22 May 2018 10:54:00 +1200

docker.io (17.12.1-0ubuntu2) cosmic; urgency=medium

  * Update btrfs dependencies to use the new libbtrfs-dev & btrfs-progs.

 -- Dimitri John Ledkov <xnox@ubuntu.com>  Thu, 17 May 2018 09:27:15 +0100

docker.io (17.12.1-0ubuntu1) bionic; urgency=medium

  [ Tianon Gravi ]
  * Update to 17.12.1-ce upstream release
    - swap from github.com/docker/docker to .../docker/docker-ce
    - build separate components in a way that can be parallelized
    - remove older (unsupported) contrib/ bits from being shipped
    - drop a lot of unnecessary packaging bits from debian/
  * Adjust debconf prompt:
    - ask during _every_ upgrade
    - default to not restarting

  [ Michael Hudson-Doyle ]
  * Switch to building with default version of Go.
  * Adjust debconf template to match change in behavior.

 -- Tianon Gravi <tianon@debian.org>  Wed, 28 Feb 2018 09:46:05 -0800

docker.io (17.03.2-0ubuntu5) bionic; urgency=medium

  * d/control, d/rules: Fix FTBFS when built with golang 1.10 by build
    depending on golang-1.9-go. See https://github.com/moby/moby/pull/35739
    for upstream discussion on golang 1.10 compatibility.

 -- Tyler Hicks <tyhicks@canonical.com>  Tue, 20 Mar 2018 13:57:16 +0000

docker.io (17.03.2-0ubuntu4) bionic; urgency=medium

  * d/tests/docker-in-lxd: Fix failing test due to /etc/resolv.conf being a
    symlink in Bionic. The 'lxc file pull <path> -' command prints the symlink
    contents (the target path) to stdout, rather than the contents of the
    target file, so use 'lxc exec' to grep /etc/resolv.conf. Grep will follow
    the symlink in situations where /etc/resolv.conf is a symlink.

 -- Tyler Hicks <tyhicks@canonical.com>  Mon, 19 Mar 2018 19:35:52 +0000

docker.io (17.03.2-0ubuntu3) bionic; urgency=medium

  * d/tests/docker-in-lxd: set DEBIAN_FRONTEND=noninteractive when installing
    docker in the lxd container 

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Wed, 21 Feb 2018 10:49:58 +1300

docker.io (17.03.2-0ubuntu2) bionic; urgency=medium

  * Replace "--no-restart-on-upgrade" with "--no-start" and a debconf prompt
    - not restarting Docker causes many issues (LP: #1658691)
    - suggested methods for keeping containers up are to use a restart policy
      ("--restart=..." on "docker run"), Swarm Mode services, or rolling
      replacement of k8s workers
  * Backport 30519 for bashism (LP: #1744599)
    - https://github.com/docker/docker/pull/30519

 -- Tianon Gravi <tianon@debian.org>  Thu, 07 Dec 2017 09:42:53 -0800

docker.io (17.03.2-0ubuntu1) bionic; urgency=medium

  * Update to 17.03.2 upstream release

 -- Tianon Gravi <tianon@debian.org>  Wed, 01 Nov 2017 12:30:17 -0700

docker.io (1.13.1-0ubuntu6) artful; urgency=medium

  * Add missing "runc" patches for LXD-enablement

 -- Tianon Gravi <tianon@debian.org>  Wed, 11 Oct 2017 19:38:03 -0700

docker.io (1.13.1-0ubuntu5) artful; urgency=medium

  * Replace "runc" dependency with a multiorig copy of Docker's exact supported
    commit contents (installed as "/usr/bin/docker-runc" mirroring upstream's
    package)
  * Replace "containerd" in the same way (with the exact upstream-supported
    commit, binaries installed as "/usr/bin/docker-containerd*")

 -- Tianon Gravi <tianon@debian.org>  Fri, 29 Sep 2017 13:22:39 -0700

docker.io (1.13.1-0ubuntu4) artful; urgency=medium

  * d/tests/docker-in-lxd: Better handle DNS with systemd-resolved.

 -- Stéphane Graber <stgraber@ubuntu.com>  Thu, 21 Sep 2017 01:12:33 -0400

docker.io (1.13.1-0ubuntu3) artful; urgency=medium

  * d/tests/docker-in-lxd: check for network-up has a race condition when
    systemd-resolved is used.  Add an additional check for a real DNS server
    in systemd-resolve --status.

 -- Steve Langasek <steve.langasek@ubuntu.com>  Fri, 15 Sep 2017 23:32:16 -0700

docker.io (1.13.1-0ubuntu2) artful; urgency=medium

  * d/tests/docker-in-lxd: copy more apt config into container
  * d/golang-github-docker-docker-dev.install: install missing packages.
    (LP: #1714564)
  * d/control: Add Build-Depend on tzdata.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Mon, 04 Sep 2017 13:31:34 +1200

docker.io (1.13.1-0ubuntu1) artful; urgency=medium

  * Update to 1.13.1 upstream release
    - refresh patches (removing many that are applied upstream in 1.13+)
    - use dh_clean (via debian/clean) instead of explicit "rm" in rules
    - pull in explicit libnetwork sources for "docker-proxy"
    - drop unnecessary dh_golang usage (only used for Built-Using calculation)
    - update "upstream-version-gitcommits" with a more recent list of commits
    - add "tini" for building "docker-init" (used by "docker run --init")
    - prefer Go 1.7 explicitly if it's available

 -- Tianon Gravi <tianon@debian.org>  Tue, 22 Aug 2017 09:30:24 -0700

docker.io (1.12.6-0ubuntu7) artful; urgency=medium

  * Make sure to set security.nesting for the LXD autopkgtest.

 -- Stéphane Graber <stgraber@ubuntu.com>  Tue, 06 Jun 2017 14:55:34 -0600

docker.io (1.12.6-0ubuntu6) artful; urgency=medium

  * Fix FTBFS on Go 1.8.

 -- Stéphane Graber <stgraber@ubuntu.com>  Mon, 05 Jun 2017 16:21:16 -0600

docker.io (1.12.6-0ubuntu5) artful; urgency=medium

  * Update LXD autopkgtest now that the "docker" profile is deprecated.

 -- Stéphane Graber <stgraber@ubuntu.com>  Mon, 05 Jun 2017 15:59:18 -0600

docker.io (1.12.6-0ubuntu4) zesty; urgency=medium

  * Revert 1.12.6-0ubuntu2 as it does not achieve the stated goal on both
    s390x and armhf. And lxc/lxd adt runners are too restrictive to
    e.g. import an ubuntu-base container for a minimal functional test.

 -- Dimitri John Ledkov <xnox@ubuntu.com>  Tue, 14 Mar 2017 09:41:30 +0000

docker.io (1.12.6-0ubuntu3) zesty; urgency=medium

  * debian/tests/docker-in-lxd: Fix a latent version comparison bug that was
    causing migration failures due to the script thinking it was dealing
    with an old LXD (< 2.2) when it was really dealing with a recent LXD
    (>= 2.10). The fix is to use `lxc info` to check if the network extension
    is supported, rather than trying to compare version strings.

 -- Tyler Hicks <tyhicks@canonical.com>  Fri, 10 Mar 2017 17:40:22 +0000

docker.io (1.12.6-0ubuntu2) zesty; urgency=medium

  * Remove isolation-machine restriction from adt smoke-test
    testcase. Should pass on s390x lxd runners; will fails on armhf
    runners but that is not a regressions since previously all tests were
    simply skipped on armhf. LP: #1658150

 -- Dimitri John Ledkov <xnox@ubuntu.com>  Wed, 01 Feb 2017 10:08:00 +0000

docker.io (1.12.6-0ubuntu1) zesty; urgency=medium

  * Update to 1.12.6 upstream release (LP: #1655906)
    - add a few new privileged tests to "skip-privileged-unit-tests.patch"
  * Adjust runc Depends to ensure fix for CVE-2016-9962 is included

 -- Tianon Gravi <tianon@debian.org>  Fri, 13 Jan 2017 11:57:24 +1300

docker.io (1.12.3-0ubuntu4) zesty; urgency=medium

  * Explicity depend on the version of runc that was built with seccomp
    support.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Mon, 12 Dec 2016 11:15:01 +1300

docker.io (1.12.3-0ubuntu3) zesty; urgency=medium

  [ Michael Hudson-Doyle ]
  * d/test/docker-in-lxd: make test for "is network up" more robust. 

  [ Stefan Bader ]
  * Backport upstream 1.13 change to keep existing bridges untouched
    (LP: #1647376)
    - upstream-1.13-Vendor-libnetwork-51d88e9ae63f.patch

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Thu, 08 Dec 2016 11:53:36 +1300

docker.io (1.12.3-0ubuntu2) zesty; urgency=medium

  [ Tianon Gravi ]
  * Enable seccomp support (LP: #1639407)

 -- Steve Langasek <steve.langasek@ubuntu.com>  Wed, 30 Nov 2016 12:34:22 -0800

docker.io (1.12.3-0ubuntu1) zesty; urgency=medium

  * Update to 1.12.3 upstream release
    - https://github.com/docker/docker/releases/tag/v1.12.2
    - https://github.com/docker/docker/releases/tag/v1.12.3

 -- Tianon Gravi <tianon@debian.org>  Tue, 15 Nov 2016 15:50:32 -0800

docker.io (1.12.1-0ubuntu15) yakkety; urgency=medium

  * d/test/docker-in-lxd: use images:ubuntu/${suite}/${arch} instead of
    ubuntu-daily:${suite} because the former does not have cloud-init in it to
    rewrite /etc/apt/sources.list at unexpected times.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Mon, 10 Oct 2016 21:38:17 +1300

docker.io (1.12.1-0ubuntu14) yakkety; urgency=medium

  * d/test/docker-in-lxd: cope with changes in lxd 2.3. 

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Mon, 10 Oct 2016 15:30:42 +1300

docker.io (1.12.1-0ubuntu13) yakkety; urgency=medium

  * d/tests/docker-in-lxd: copy apt config from host to container rather than
    just enabling all of the -proposed pocket. 

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Tue, 27 Sep 2016 12:23:56 +1300

docker.io (1.12.1-0ubuntu12) yakkety; urgency=medium

  * Final(?) docker-in-lxd fix: of course, alpine:latest is only the name of
    the image on amd64.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Mon, 19 Sep 2016 20:34:59 +1200

docker.io (1.12.1-0ubuntu11) yakkety; urgency=medium

  * Even more docker-in-lxd fixes.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Mon, 19 Sep 2016 14:14:33 +1200

docker.io (1.12.1-0ubuntu10) yakkety; urgency=medium

  * Yet another docker-in-lxd fix.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Fri, 16 Sep 2016 19:02:41 +1200

docker.io (1.12.1-0ubuntu9) yakkety; urgency=medium

  * Proxy related fix for docker-in-lxd.  

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Fri, 16 Sep 2016 18:59:54 +1200

docker.io (1.12.1-0ubuntu8) yakkety; urgency=medium

  * Re-enable docker-in-lxd again after many fixes. 

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Fri, 16 Sep 2016 12:26:04 +1200

docker.io (1.12.1-0ubuntu7) yakkety; urgency=medium

  * d/tests/control: disable docker-in-lxd again, does not work in production
    infrastructure. 

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Thu, 08 Sep 2016 09:41:13 +1200

docker.io (1.12.1-0ubuntu6) yakkety; urgency=medium

  * d/tests/control: docker-in-lxd needs to depend on lxd-client as well. 

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Wed, 07 Sep 2016 21:18:18 +1200

docker.io (1.12.1-0ubuntu5) yakkety; urgency=medium

  * Ignore failure to set oom_score_adj, as happens in an unprivileged
    container.
  * Use $DOCKER_OPTS in service file again.
  * Add an autopkgtest to test docker-in-lxd.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Wed, 07 Sep 2016 15:36:50 +1200

docker.io (1.12.1-0ubuntu4) yakkety; urgency=medium

  * Fix service file.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Wed, 07 Sep 2016 14:13:12 +1200

docker.io (1.12.1-0ubuntu3) yakkety; urgency=medium

  * Skip "TestOverlay50LayerRead" on "overlay" driver too (in
    "skip-privileged-unit-tests.patch")

 -- Tianon Gravi <tianon@debian.org>  Mon, 29 Aug 2016 16:00:00 -0700

docker.io (1.12.1-0ubuntu2) yakkety; urgency=medium

  * Add new "overlay2" driver's tests to "skip-privileged-unit-tests.patch"
    (FTBFS fix)

 -- Tianon Gravi <tianon@debian.org>  Fri, 26 Aug 2016 10:20:24 -0700

docker.io (1.12.1-0ubuntu1) yakkety; urgency=medium

  * Update to 1.12.1 upstream release (LP: #1602243)
    - refresh "cgroupfs-mount-convenience-copy.patch"
    - remove "fatal-error-old-kernels.patch"; applied upstream,
      https://github.com/docker/docker/commit/51b23d88422918c24291f5876df35f91b23a446a
    - refresh "change-system-unit-env-file.patch"
    - refresh "21491--systemd-tasksmax.patch"
    - remove "22000--ignore-invalid-host-header.patch"; applied upstream,
      https://github.com/docker/docker/pull/22000
      https://github.com/docker/docker/pull/22888
      https://github.com/docker/docker/pull/23046
    - refresh "remove-docker-prefix.patch"
    - refresh "skip-privileged-unit-tests.patch"; add new privileged tests,
      + TestMakeRemoteContext
      + TestMakeSumTarContext
      + TestDispatch
      + TestEmptyDockerfile
      + TestDockerfileOutsideTheBuildContext
      + TestRealodNoOpts
    - replace "lxd--20902--docker-in-userns.patch" with the upstream-applied
      "lxd--25672--docker-in-userns.patch"
    - remove "lxd--runc-617.patch"; no longer necessary (due to kernel fixes),
      https://github.com/opencontainers/runc/pull/617#issuecomment-223654149
    - remove "21714--no-aufs-in-userns.patch"; applied upstream,
      https://github.com/docker/docker/pull/21714
    - add "man" to "DH_GOLANG_EXCLUDES" (has new "generate.go" which imports the
      non-vendored "github.com/spf13/cobra/doc", causing dh_golang to choke)
    - add "docker-proxy-vendor.patch" to account for "vendor/..." vs
      "vendor/src/..."
    - install new explicit "dockerd" and "docker-proxy" binaries
    - update containerd dependency (>= 0.2.3)
    - update runc dependency (>= 1.0.0-rc1)
  * Update "debian/watch" to use "uscan.tianon.xyz" so older versions are still
    easily fetchable without excess work outside uscan

 -- Tianon Gravi <tianon@debian.org>  Wed, 24 Aug 2016 11:48:34 -0700

docker.io (1.11.2-0ubuntu6) yakkety; urgency=medium

  * Merge from Debian Unstable:
    - more README.Debian notes (including a fixed href)
    - new "docker-doc" package which contains the documentation
    - use "dh-golang" for building (generates appropriate Built-Using)
    - run upstream unit tests during dh_auto_test
    - convert upstream-discouraged "/etc/default/docker" to comments-only
    - utilize dh_install (w/dh-exec) more fully to simplify debian/rules
    - fix "/etc/docker" permissions for co-existence with docker-registry
    - remove "/var/lib/docker" on purge
  * Remaining Ubuntu delta:
    - non-pruned vendor/ (included in golang-github-docker-docker-dev)
    - Docker-in-userns patches
  * Changes from pending Debian upload:
    - build from within GOPATH so Go packages are resolved properly
    - split "dh_auto_build-arch" from "dh_auto_build-indep"
    - include vendor/ in golang-github-docker-docker-dev (since we don't
      necessarily have the appropriate packages for Depends on that package)

 -- Tianon Gravi <tianon@debian.org>  Fri, 19 Aug 2016 10:15:14 -0700

docker.io (1.11.2~ds1-6) unstable; urgency=medium

  [ Tianon Gravi ]
  * Add DEP-3 headers for "skip-racy-unit-tests.patch"
  * Add a note about "check-config.sh" to README.Debian; thanks Tincho!
  * Add "docker-doc" to Suggests (Closes: #831748); thanks Ben!
  * Remove "lxc" from Suggests (no longer a supported execution backend)

  [ Nicolas Braud-Santoni ]
  * Fix /etc/docker permissions (Closes: #831324)

 -- Tianon Gravi <tianon@debian.org>  Wed, 20 Jul 2016 16:34:52 -0700

docker.io (1.11.2~ds1-5) unstable; urgency=medium

  * Skip racy "TestRunCommandWithOutputAndTimeoutKilled" during build (see also
    https://github.com/docker/docker/issues/22965)

 -- Tianon Gravi <tianon@debian.org>  Tue, 12 Jul 2016 07:46:35 -0700

docker.io (1.11.2~ds1-4) unstable; urgency=medium

  [ Tianon Gravi ]
  * Add new script to generate Build-Depends based on "go list" instead of
    "hack/vendor.sh" (and update Build-Depends using it)
  * Update "/etc/default/docker" text to aggressively discourage use, linking to
    upstream's documentation for the recommended alternatives
    ("/etc/docker/daemon.json" and systemd drop-ins)
  * Update gbp.conf for pristine-tar usage now that we're no longer multi-orig
  * Remove "/var/lib/docker" upon purge (Closes: #739257)

  [ Dmitry Smirnov ]
  * Add support for DEB_BUILD_OPTIONS=nocheck in debian/rules

 -- Tianon Gravi <tianon@debian.org>  Mon, 11 Jul 2016 22:09:01 -0700

docker.io (1.11.2~ds1-3) unstable; urgency=medium

  * Team upload.
  * Updated "skip-privileged-unit-tests.patch" to skip more privileged
    tests in order to fix FTBFS in pbuilder.
  * Install "opts" directory to -dev package.

 -- Dmitry Smirnov <onlyjob@debian.org>  Sat, 09 Jul 2016 13:49:02 +1000

docker.io (1.11.2~ds1-2) unstable; urgency=medium

  * Add Tim Potter (tpot) and Dmitry Smirnov (onlyjob) to debian/copyright; they
    were instrumental in getting 1.11 into the archive!
  * Fix golang-github-docker-docker-dev install location (Closes: #830478);
    thanks nicoo!

 -- Tianon Gravi <tianon@debian.org>  Fri, 08 Jul 2016 08:47:44 -0700

docker.io (1.11.2~ds1-1) unstable; urgency=medium

  * Update to 1.11.2 upstream release
    (Closes: #806887, #820149, #822628, #812838)
  * Add NEWS file describing the AUFS issue and the unfortunate possible
    "solutions" (Closes: #799386, #805725)
  * Add "/etc/docker" to the directories explicitly installed by the package
    to help combat issues like #806261
  * Update "Homepage" to "dockerproject.org" (versus ".com" which now redirects)
  * Update "Vcs-Browser" to use https
  * Shrink the Ubuntu delta by pulling in many of the changes
  * Replace "btrfs-tools" relations with "btrfs-progs" (Closes: #824833)
  * Adjust "repack.sh" to allow keeping minor bits of vendor/
  * Fix bad URL in README (Closes: #816844); thanks Clint!
  * Move documentation to dedicated "docker-doc" package
  * Refresh patches, add minor patch to get unit tests running
  * Use gccgo on non-golang architectures (Closes: #785093)
  * Use "dh-golang" to calculate "Built-Using" more accurately
  * Add simple "basic-smoke" DEP8 test

 -- Tianon Gravi <tianon@debian.org>  Mon, 04 Jul 2016 09:59:44 -0700

docker.io (1.11.2-0ubuntu5) yakkety; urgency=medium

  * Add 'allow-stderr' to basic-smoke stanza in debian/tests/control to fix
    autopkgtest on some architectures.
  * Also add aufs-tools and debian-archive-keyring to Depends to reduce log spam.
  * Add set -x to script.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Thu, 07 Jul 2016 09:15:56 +1200

docker.io (1.11.2-0ubuntu4) yakkety; urgency=medium

  [ Tianon Gravi ]
  * Remove erroneous "docker.io.links" file
  * Prefer Go 1.6 more explicitly

  [ Michael Hudson-Doyle ]
  * Add a basic smoke test to debian/tests.
  * Disable debian/tests/integration.

 -- Tianon Gravi <tianon@debian.org>  Wed, 15 Jun 2016 14:11:59 -0700

docker.io (1.11.2-0ubuntu3) yakkety; urgency=medium

  * No change rebuild to pick up s390x fixes.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Fri, 10 Jun 2016 14:39:24 +1200

docker.io (1.11.2-0ubuntu2) yakkety; urgency=medium

  * Remove "docker-" prefix on expected "runc" and "containerd" binaries

 -- Tianon Gravi <tianon@debian.org>  Thu, 09 Jun 2016 09:57:15 -0700

docker.io (1.11.2-0ubuntu1) yakkety; urgency=medium

  * Update to 1.11.2 upstream release (and resync many minor bits with Debian)
  * Update "22000--ignore-invalid-host-header.patch" to fix "index out of range"
    panic and reflect the current state of master acceptance

 -- Tianon Gravi <tianon@debian.org>  Wed, 11 May 2016 08:07:09 -0700

docker.io (1.10.3-0ubuntu7) yakkety; urgency=medium

  [ Tianon Gravi ]
  * Update GOPATH logic in debian/tests/integration to match debian/rules

  [ Michael Hudson-Doyle ]
  * Add d/patches/22000--ignore-invalid-host-header.patch. (LP: #1574904)

 -- Tianon Gravi <tianon@debian.org>  Tue, 26 Apr 2016 16:40:15 -0700

docker.io (1.10.3-0ubuntu6) xenial; urgency=medium

  * Clean up some DEP3 patch metadata (especially "Origin" and "Forwarded")

 -- Tianon Gravi <tianon@debian.org>  Wed, 20 Apr 2016 14:19:16 -0700

docker.io (1.10.3-0ubuntu5) xenial; urgency=medium

  * Rebuild to pick up fixes in golang-1.6 1.6-0ubuntu5.
  * Add golang version to Built-Using in docker package.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Mon, 11 Apr 2016 14:15:45 +1200

docker.io (1.10.3-0ubuntu4) xenial; urgency=medium

  * Drop d/patches/libnetwork-s390x.patch, no longer needed after golang
    updates.

 -- Michael Hudson-Doyle <michael.hudson@ubuntu.com>  Mon, 04 Apr 2016 16:27:28 +1200

docker.io (1.10.3-0ubuntu3) xenial; urgency=medium

  * Do not use aufs in a lxd container.  (LP: #1560685)

 -- Serge Hallyn <serge.hallyn@ubuntu.com>  Thu, 31 Mar 2016 21:30:49 -0500

docker.io (1.10.3-0ubuntu2) xenial; urgency=medium

  * Add "TasksMax=infinity" patch for newer kernel+systemd
  * Add support to DEP8 test script for passing *_proxy environment variables
    forward appropriately

 -- Tianon Gravi <tianon@debian.org>  Mon, 28 Mar 2016 15:20:51 -0700

docker.io (1.10.3-0ubuntu1) xenial; urgency=medium

  [ Joseph Ferguson ]
  * Update "Homepage" to "dockerproject.org" (versus ".com" which now redirects)
  * Update "Vcs-Browser" to use https
  * Add missing "jq" to DEP8 test dependencies
  * Add a few multiarch build system patches to enable running the integration
    tests

 -- Dustin Kirkland <kirkland@ubuntu.com>  Thu, 24 Mar 2016 16:08:42 -0500

docker.io (1.10.2-0ubuntu4) xenial; urgency=medium

  * Add debian/patches/upstream-delegate.patch: Add "Delegate=yes" to docker's
    service file, so that it can manage cgroups by itself. Patch cherry-picked
    from upstream master. (LP: #1546214)

 -- Martin Pitt <martin.pitt@ubuntu.com>  Sun, 13 Mar 2016 22:50:51 +0100

docker.io (1.10.2-0ubuntu3) xenial; urgency=medium

  * debian/control:
    - drop the any- prefix on build arches;  seems that any-armhf isn't
      defined, so armhf builds did not trigger

 -- Dustin Kirkland <kirkland@ubuntu.com>  Thu, 10 Mar 2016 14:41:00 -0500

docker.io (1.10.2-0ubuntu2) xenial; urgency=medium

  * debian/control:
    - disable powerpc build for now

 -- Dustin Kirkland <kirkland@ubuntu.com>  Thu, 10 Mar 2016 10:39:16 -0500

docker.io (1.10.2-0ubuntu1) xenial; urgency=medium

  * Update to 1.10.2 upstream release (LP: #1552790)
    - include upstream's vendored bits (explicitly relying on upstream for
      security updates and support)
    - patches for enabling Docker-in-LXD (still pending upstream)
    - patches for s390x support

 -- Tianon Gravi <tianon@debian.org>  Tue, 01 Mar 2016 14:21:20 -0800

docker.io (1.8.3~ds1-2) unstable; urgency=medium

  * Move "overlay" higher in priority (Closes: #799087)
  * Adjust "native.cgroupdriver" to default to "cgroupfs" (Closes: #798778)

 -- Tianon Gravi <tianon@debian.org>  Wed, 04 Nov 2015 00:09:02 -0800

docker.io (1.8.3~ds1-1) unstable; urgency=medium

  * Update to 1.8.3 upstream release (CVE-2014-8178, CVE-2014-8179)

 -- Tianon Gravi <tianon@debian.org>  Thu, 29 Oct 2015 19:40:51 -0700

docker.io (1.8.2~ds1-2) unstable; urgency=medium

  * Swap Build-Depends order to appease buildds (Closes: #803136)

 -- Tianon Gravi <tianon@debian.org>  Thu, 29 Oct 2015 07:23:10 -0700

docker.io (1.8.2~ds1-1) unstable; urgency=medium

  * Update to 1.8.2 upstream release
  * Rename golang-docker-dev package to golang-github-docker-docker-dev
  * Add SELinux support (Closes: #799620)

 -- Tianon Gravi <tianon@debian.org>  Wed, 28 Oct 2015 14:21:00 -0700

docker.io (1.7.1~dfsg1-1) unstable; urgency=medium

  * Update to 1.7.1 upstream release
  * Remove patches applied upstream; refresh other patches
  * Update Build-Depends

 -- Tianon Gravi <tianon@debian.org>  Wed, 26 Aug 2015 10:13:48 -0700

docker.io (1.6.2~dfsg1-2) unstable; urgency=medium

  * Add DEP8 tests
    - integration: runs upstream's integration tests
  * Replace "code.google.com/p/go.net" with canonical "golang.org/x/net"
    (Closes: #789736)

 -- Tianon Gravi <admwiggin@gmail.com>  Wed, 01 Jul 2015 07:45:19 -0600

docker.io (1.6.2~dfsg1-1) unstable; urgency=medium

  * Update to 1.6.2 upstream release
  * Update deps in d/control to match upstream's hack/vendor.sh specifications

 -- Tianon Gravi <admwiggin@gmail.com>  Thu, 21 May 2015 00:47:43 -0600

docker.io (1.6.1+dfsg1-2) unstable; urgency=medium

  * Add --no-restart-on-upgrade to dh_installinit so that we don't force
    a stop on upgrade, which can cause other units to fall over. Many thanks
    to Michael Stapelberg (sECuRE) for the tip!

 -- Paul Tagliamonte <paultag@debian.org>  Sun, 10 May 2015 13:02:54 -0400

docker.io (1.6.1+dfsg1-1) unstable; urgency=high

  * Update to 1.6.1 upstream release (Closes: #784726)
    - CVE-2015-3627
      Insecure opening of file-descriptor 1 leading to privilege escalation
    - CVE-2015-3629
      Symlink traversal on container respawn allows local privilege escalation
    - CVE-2015-3630
      Read/write proc paths allow host modification & information disclosure
    - CVE-2015-3631
      Volume mounts allow LSM profile escalation

 -- Tianon Gravi <admwiggin@gmail.com>  Fri, 08 May 2015 17:57:10 -0600

docker.io (1.6.0+dfsg1-1) unstable; urgency=medium

  * Upload to unstable
  * Backport PR 12943 to support golang-go-patricia 2.*
  * Remove convenience copies of cgroupfs-mount in init.d / upstart scripts
    (Re: #783143)

 -- Tianon Gravi <admwiggin@gmail.com>  Tue, 05 May 2015 15:10:49 -0600

docker.io (1.6.0+dfsg1-1~exp1) experimental; urgency=medium

  * Update to 1.6.0 upstream release
  * Adjust "repack.sh" to be more tolerant of "dfsg" suffixes

 -- Tianon Gravi <admwiggin@gmail.com>  Thu, 16 Apr 2015 18:00:21 -0600

docker.io (1.6.0~rc7~dfsg1-1~exp1) experimental; urgency=low

  * Update to 1.6.0-rc7 upstream release

 -- Tianon Gravi <admwiggin@gmail.com>  Wed, 15 Apr 2015 19:35:46 -0600

docker.io (1.6.0~rc4~dfsg1-1) experimental; urgency=low

  [ Tianon Gravi ]
  * Update to 1.6.0-rc4 upstream release
    - drop golang 1.2 support (no longer supported upstream)
    - update Homepage to https://dockerproject.com
    - add check-config.sh to /usr/share/docker.io/contrib
    - add "distribution" as a new multitarball orig
    - backport auto "btrfs_noversion" patch from
      https://github.com/docker/docker/pull/12048
      (simplifying our logic for detecting whether to use it)
    - switch from dh-golang to direct install since we're not actually using the
      features it offers (due to upstream's build system)
    - enable "docker.service" on boot by default for restart policies to work

  [ Felipe Sateler ]
  * Add Built-Using for glibc (Closes: #769351).

 -- Tianon Gravi <admwiggin@gmail.com>  Mon, 06 Apr 2015 17:11:33 -0600

docker.io (1.5.0~dfsg1-1) experimental; urgency=low

  * Update to 1.5.0 upstream release (Closes: #773495)
  * Remove several patches applied upstream!
    - 9637-fix-nuke-bashism.patch
    - enable-non-amd64-arches.patch
  * Fix btrfs-tools handling to allow for building with btrfs-tools < 1.16.1

 -- Tianon Gravi <admwiggin@gmail.com>  Tue, 10 Mar 2015 22:58:49 -0600

docker.io (1.3.3~dfsg1-2) unstable; urgency=medium

  * Add fatal-error-old-kernels.patch to make Docker refuse to start on old,
    unsupported kernels (Closes: #774376)
  * Fix dh_auto_clean to clean up after the build properly, especially to avoid
    FTBFS when built twice (Closes: #774482)

 -- Tianon Gravi <admwiggin@gmail.com>  Sat, 03 Jan 2015 00:11:47 -0700

docker.io (1.3.3~dfsg1-1) unstable; urgency=medium

  [ Tianon Gravi ]
  * Update to 1.3.3 upstream release (Closes: #772909)
    - Fix for CVE-2014-9356 (Path traversal during processing of absolute
      symlinks)
    - Fix for CVE-2014-9357 (Escalation of privileges during decompression of
      LZMA (.xz) archives)
    - Fix for CVE-2014-9358 (Path traversal and spoofing opportunities presented
      through image identifiers)
  * Fix bashism in nuke-graph-directory.sh (Closes: #772261)

  [ Didier Roche ]
  * Support starting systemd service without /etc/default/docker
    (Closes: #770293)

 -- Tianon Gravi <admwiggin@gmail.com>  Thu, 18 Dec 2014 21:54:12 -0700

docker.io (1.3.2~dfsg1-1) unstable; urgency=high

  * Severity is set to high due to the sensitive nature of the CVEs this
    upload fixes.
  * Update to 1.3.2 upstream release
    - Fix for CVE-2014-6407 (Archive extraction host privilege escalation)
    - Fix for CVE-2014-6408 (Security options applied to image could lead
                             to container escalation)
  * Remove Daniel Mizyrycki from Uploaders. Thanks for all your work!

 -- Paul Tagliamonte <paultag@debian.org>  Mon, 24 Nov 2014 19:14:28 -0500

docker.io (1.3.1~dfsg1-2) unstable; urgency=medium

  * Remove deprecated /usr/bin/docker.io symlink
    - added as a temporary shim in 1.0.0~dfsg1-1 (13 Jun 2014)
    - unused by package-installed files in 1.2.0~dfsg1-1 (13 Sep 2014)

 -- Tianon Gravi <admwiggin@gmail.com>  Fri, 07 Nov 2014 13:11:34 -0700

docker.io (1.3.1~dfsg1-1) unstable; urgency=high

  * Update to 1.3.1 upstream release
    - fix for CVE-2014-5277
    - https://groups.google.com/d/topic/docker-user/oYm0i3xShJU/discussion

 -- Tianon Gravi <admwiggin@gmail.com>  Mon, 03 Nov 2014 08:26:29 -0700

docker.io (1.3.0~dfsg1-1) unstable; urgency=medium

  * Updated to 1.3.0 upstream release.
  * Enable systemd socket activation (Closes: #752555).

 -- Tianon Gravi <admwiggin@gmail.com>  Fri, 17 Oct 2014 00:56:07 -0600

docker.io (1.2.0~dfsg1-2) unstable; urgency=medium

  * Added "golang-docker-dev" package for the reusable bits of Docker's source.

 -- Tianon Gravi <admwiggin@gmail.com>  Thu, 09 Oct 2014 00:08:11 +0000

docker.io (1.2.0~dfsg1-1) unstable; urgency=medium

  * Updated to 1.2.0 upstream release (Closes: #757183, #757023, #757024).
  * Added upstream man pages.
  * Updated bash and zsh completions to be installed as "docker" and "_docker".
  * Updated init scripts to also be installed as "docker".
  * Fixed "equivalent" typo in README.Debian (Closes: #756395). Thanks Reuben!
  * Removed "docker.io" mention in README.Debian (Closes: #756290). Thanks
    Olivier!

 -- Tianon Gravi <admwiggin@gmail.com>  Sat, 13 Sep 2014 11:43:17 -0600

docker.io (1.0.0~dfsg1-1) unstable; urgency=medium

  * Updated to 1.0.0 upstream release. Huzzah!
  * I've removed what is commonly called a `button' of patches against
    the docker package. Exact patches:
     - bash-completion-docker.io.patch
     - systemd-docker.io.patch
     - sysvinit-provides-docker.io.patch
     - zsh-completion-docker.io.patch
     - mkimage-docker.io.patch
  * I know y'all are guessing why; and the answer's pretty simple -- we're
    no longer docker.io(1). Since the src:docker package now ships wmdocker(1),
    we can safely declare a breaks/replaces on the pre-wmdocker version of the
    package, allowing existing users to safely update, both src:docker and
    src:docker.io side. This brings us into line with other distros, which
    now ship wmdocker(1) and docker(1).
  * As a stop-gap, I'm still shipping a docker.io(1) symlink to allow
    migration away.

 -- Paul Tagliamonte <paultag@debian.org>  Fri, 13 Jun 2014 21:04:53 -0400

docker.io (0.11.1~dfsg1-1) unstable; urgency=medium

  [ Paul Tagliamonte ]
  * Use EnvironmentFile with the systemd unit file. (Closes: #746774)
  * Patch out version checking code. (Closes: #747140)
  * Remove all host checking for non-amd64 host arches. Let docker build
    and run on all platforms now. (Closes: #747139, #739914)

  [ Tianon Gravi ]
  * Updated to 0.11.1 upstream release.
  * Added backported upstream patch for removing RemoteAddr assumptions
    that cause events to not be delivered to more than one unix socket
    listener.

 -- Tianon Gravi <admwiggin@gmail.com>  Fri, 09 May 2014 17:30:45 -0400

docker.io (0.9.1~dfsg1-2) unstable; urgency=medium

  * Added upstream apparmor patch to fix newer apparmor versions (such as the
    version appearing in Ubuntu 14.04).
  * Added mkimage-* docker.io binary name patches (Closes: #740855).

 -- Tianon Gravi <admwiggin@gmail.com>  Tue, 08 Apr 2014 23:19:08 -0400

docker.io (0.9.1~dfsg1-1) unstable; urgency=medium

  * Updated to 0.9.1 upstream release (Closes: #743424).
  * Added cgroupfs-mount dependency (Closes: #742641).
  * Added Suggests entries for optional features, chiefly lxc (Closes: #742081).
  * Added notes about "root-equivalence" to README.Debian (Closes: #742387).

 -- Tianon Gravi <admwiggin@gmail.com>  Thu, 03 Apr 2014 21:38:30 -0400

docker.io (0.9.0+dfsg1-1) unstable; urgency=medium

  * Updated README.Debian to not be quite so outdated (Closes: #740850).
  * Updated to 0.9.0 upstream release.

 -- Tianon Gravi <admwiggin@gmail.com>  Tue, 11 Mar 2014 22:24:31 -0400

docker.io (0.8.1+dfsg1-1) unstable; urgency=medium

  * Updated to 0.8.1 upstream release.

 -- Tianon Gravi <admwiggin@gmail.com>  Tue, 25 Feb 2014 20:56:31 -0500

docker.io (0.8.0+dfsg1-2) unstable; urgency=medium

  [ Tianon Gravi ]
  * Added more license notes to debian/copyright (Closes: #738627).

 -- Tianon Gravi <admwiggin@gmail.com>  Sat, 15 Feb 2014 17:51:58 -0500

docker.io (0.8.0+dfsg1-1) unstable; urgency=medium

  [ Prach Pongpanich ]
  * Added zsh completion.

  [ Tianon Gravi ]
  * Updated to 0.8.0 upstream release.
  * Added vim syntax files in new vim-syntax-docker package.
  * Added note about minimum recommended kernel version to Description.
  * Added contrib/*-integration files in /usr/share/docker.io/contrib.

 -- Tianon Gravi <admwiggin@gmail.com>  Mon, 10 Feb 2014 20:41:10 -0500

docker.io (0.7.6+dfsg1-1) unstable; urgency=medium

  [ Johan Euphrosine ]
  * Updated to 0.7.6.
  * Added dependency to gocapability.
  * Clean patches.

  [ Tianon Gravi ]
  * Added contrib/mk* scripts from upstream into /usr/share/docker.io/contrib
    (Closes: #736068).
  * Added upstream udev rules file to stop device-mapper devices and mounts from
    appearing in desktop environments through udisks.

 -- Johan Euphrosine <proppy@google.com>  Wed, 22 Jan 2014 22:50:47 -0500

docker.io (0.7.1+dfsg1-1) unstable; urgency=medium

  [ Prach Pongpanich ]
  * Fixed "docker: command not found" errors while using bash tab completion
    (Closes: #735372).

  [ Tianon Gravi ]
  * Updated to 0.7.1 upstream release (while we wait for gocapability to be
    packaged).
  * Added xz-utils recommend which is required for decompressing certain images
    from the index.

 -- Tianon Gravi <admwiggin@gmail.com>  Wed, 15 Jan 2014 20:22:34 -0500

docker.io (0.6.7+dfsg1-3) unstable; urgency=medium

  * Fixed FTBFS on non-amd64 platforms by setting the correct GOPATH.
  * Fixed issues with Docker finding a valid dockerinit (Closes: #734758).
  * Added aufs-tools dependency.

 -- Tianon Gravi <admwiggin@gmail.com>  Thu, 09 Jan 2014 20:10:20 -0500

docker.io (0.6.7+dfsg1-2) unstable; urgency=medium

  * Added iptables dependency required for Docker to start.
  * Added ca-certificates recommend required for pulling from the index.

 -- Tianon Gravi <admwiggin@gmail.com>  Wed, 08 Jan 2014 19:14:02 -0500

docker.io (0.6.7+dfsg1-1) unstable; urgency=medium

  * Initial release (Closes: #706060, #730569)
  * Document missing licenses in the source tree. Bad, paultag. Thanks
    alteholz.

 -- Paul Tagliamonte <paultag@debian.org>  Tue, 07 Jan 2014 21:06:10 -0500
