From 9d01327689a786beba7aabab76816f689aa2565f Mon Sep 17 00:00:00 2001
From: =?utf8?q?Marc-Andr=C3=A9=20Lureau?= <marcandre.lureau@redhat.com>
Date: Wed, 22 Aug 2018 19:02:49 +0200
Subject: [PATCH] configure: require libseccomp 2.2.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf8
Content-Transfer-Encoding: 8bit

The following patch is going to require TSYNC, which is only available
since libseccomp 2.2.0.

libseccomp 2.2.0 was released February 12, 2015.

According to repology, libseccomp version in different distros:

  RHEL-7: 2.3.1
  Debian (Stretch): 2.3.1
  OpenSUSE Leap 15: 2.3.2
  Ubuntu (Xenial):  2.3.1

This will drop support for -sandbox on:

  Debian (Jessie): 2.1.1 (but 2.2.3 in backports)

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Acked-by: Eduardo Otubo <otubo@redhat.com>
(cherry picked from commit d0699bd37c48067cffbd80383172efc29da6d2f9)
*CVE-2018-15746
Signed-off-by: Michael Roth <mdroth@linux.vnet.ibm.com>
---
 configure | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)

diff --git a/configure b/configure
index 2a7796ea80..7b3f80a49c 100755
--- a/configure
+++ b/configure
@@ -2216,13 +2216,10 @@ fi
 ##########################################
 # libseccomp check
 
+libseccomp_minver="2.2.0"
 if test "$seccomp" != "no" ; then
     case "$cpu" in
-    i386|x86_64)
-        libseccomp_minver="2.1.0"
-        ;;
-    mips)
-        libseccomp_minver="2.2.0"
+    i386|x86_64|mips)
         ;;
     arm|aarch64)
         libseccomp_minver="2.2.3"
-- 
2.39.5