Merge runc from upstream for l-series

Scheduled-For: ubuntu-22.12
Upstream: tbd
Debian: 1.1.4+ds1-1 1.1.3+ds1-7
Ubuntu: 1.1.2-0ubuntu1

Debian new has 1.1.3+ds1-7

### New Debian Changes ###

runc (1.1.4+ds1-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 1.1.4+ds1

 -- Shengjing Zhu <email address hidden> Sat, 27 Aug 2022 18:27:50 +0800

runc (1.1.3+ds1-7) unstable; urgency=medium

  * Team upload.
  * Mark the integration autopkgtest flaky again, needs more investigation on arm

 -- Reinhard Tartler <email address hidden> Wed, 17 Aug 2022 19:12:58 +0200

runc (1.1.3+ds1-6) unstable; urgency=medium

  * Team upload.
  * backport upstream commit c0be1aa2d101dcd3074b5a0e486d58d3f9568d81
    required for podman 4.2
  * Merge with upload to experimental

 -- Reinhard Tartler <email address hidden> Wed, 17 Aug 2022 18:45:35 +0200

runc (1.1.3+ds1-5) experimental; urgency=medium

  * Team upload.
  * Fix integration test on i386 and armhf
  * Enable integration on armel

 -- Shengjing Zhu <email address hidden> Tue, 05 Jul 2022 11:08:08 +0800

runc (1.1.3+ds1-4) experimental; urgency=medium

  * Fix seccomp integration tests again on arm
  * Build with urfave_cli_no_docs tag

 -- Shengjing Zhu <email address hidden> Mon, 04 Jul 2022 16:16:53 +0800

runc (1.1.3+ds1-3) experimental; urgency=medium

  * Fix seccomp integration tests on arm
  * Enable integration on armhf and i386 and remove flaky flag

 -- Shengjing Zhu <email address hidden> Mon, 20 Jun 2022 13:28:53 +0800

runc (1.1.3+ds1-2) unstable; urgency=medium

  * Team upload.
  * Revert 'Vendor github.com/urfave/cli v1.22.1'
    Regression in github.com/urfave/cli is fixed in v1.22.9

 -- Shengjing Zhu <email address hidden> Thu, 16 Jun 2022 23:52:25 +0800

runc (1.1.3+ds1-1) unstable; urgency=medium

  * Team upload.

  [ Debian Janitor ]
  * Remove constraints unnecessary since buster
    * Build-Depends: Drop versioned constraint on
      golang-github-sirupsen-logrus-dev.
    * runc: Drop versioned constraint on docker.io in Breaks.
    * golang-github-opencontainers-runc-dev: Drop versioned constraint on
      golang-github-sirupsen-logrus-dev in Depends.
  * Set upstream metadata fields: Bug-Database, Bug-Submit, Repository-Browse.

  [ Shengjing Zhu ]
  * New upstream version 1.1.3+ds1
    * (1.1.2) CVE-2022-29162: Default inheritable capabilities for linux
      container should be empty
  * Bump golang-github-seccomp-libseccomp-golang-dev to 0.10.0
  * Update Standards-Version to 4.6.1 (no changes)

 -- Shengjing Zhu <email address hidden> Tue, 14 Jun 2022 03:46:31 +0800

runc (1.1.1+ds1-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 1.1.1+ds1

 -- Shengjing Zhu <email address hidden> Tue, 29 Mar 2022 12:00:14 +0800

runc (1.1.0+ds1-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 1.1.0+ds1
  * Upload to unstable
  * Enable seccomp integration test

 -- Shengjing Zhu <email address hidden> Mon, 07 Feb 2022 01:15:00 +0800

runc (1.1.0~rc.1+ds1-1) experimental; urgency=medium

  * Team upload.
  * New upstream version 1.1.0~rc.1+ds1
  * Disable seccomp notify to build with libseccomp-golang 0.9.1

 -- Shengjing Zhu <email address hidden> Wed, 15 Dec 2021 00:58:10 +0800

runc (1.0.3+ds1-1) unstable; urgency=medium

### Old Ubuntu Delta ###

runc (1.1.2-0ubuntu1) kinetic; urgency=medium

  * New upstream release.

 -- Lucas Kanashiro <email address hidden> Thu, 12 May 2022 16:15:38 -0300

runc (1.1.0-0ubuntu1) jammy; urgency=medium

  * New upstream release.
  * Refresh patches:
    - d/p/test--skip_TestFactoryNewTmpfs.patch
    - d/p/test--skip-fs-related-cgroups-tests.patch
  * Remove patch not needed anymore:
    - d/p/test--skip-Hugetlb.patch

 -- Lucas Kanashiro <email address hidden> Wed, 09 Feb 2022 11:46:31 -0300

runc (1.0.3-0ubuntu1) jammy; urgency=medium

  * New upstream release (LP: #1946899).
  * d/rules: remove DH_GOLANG_INSTALL_EXTRA, the directories listed there do
    not exist anymore.

 -- Lucas Kanashiro <email address hidden> Mon, 10 Jan 2022 11:51:10 -0300

runc (1.0.1-0ubuntu2) impish; urgency=medium

  * d/p/test--skip-fs-related-cgroups-tests.patch: skip a new cgroups related
    test. It requires permission to write in /sys/fs/cgroup/memory during its
    execution.

 -- Lucas Kanashiro <email address hidden> Mon, 09 Aug 2021 11:40:32 -0300

runc (1.0.1-0ubuntu1) impish; urgency=medium

  * New upstream release.
  * d/watch: adjust regex to correctly match the tarball files on Github.
  * d/p/test--skip-fs-related-cgroups-tests.patch: update according to the
    upstream changes.
  * d/s/lintian-overrides: remove it, the override there is not needed.

 -- Lucas Kanashiro <email address hidden> Thu, 05 Aug 2021 11:48:36 -0300

runc (1.0.0~rc95-0ubuntu1) impish; urgency=medium

  * New upstream release.
    - Several regressions were found in 1.0.0-rc93 by upstream and fixed in
      this new release.
      + Ensure the scratch pipe is read during ExportBPF (LP: #1927219).
    - Drop patches applied by upstream:
      + d/patches/CVE-2021-30465/*.patch
      + d/patches/fix-patchpbf-test-on-32-bit.patch
  * d/rules: set VERSION variable when building runc (LP: #1929106).

 -- Lucas Kanashiro <email address hidden> Thu, 20 May 2021 10:40:14 -0300

runc (1.0.0~rc93-0ubuntu2) impish; urgency=medium

  * SECURITY UPDATE: symlink exchange attack
    - debian/patches/CVE-2021-30465/*.patch: upstream patches to add mount
      destination validation.
    - CVE-2021-30465

 -- Marc Deslauriers <email address hidden> Wed, 05 May 2021 14:27:26 -0400

runc (1.0.0~rc93-0ubuntu1) hirsute; urgency=medium

  * New upstream release (LP: #1919182).
    - runc now has special handling for seccomp profiles to avoid making new
      syscalls unusable for glibc (LP: #1916485).
  * Remove patch addressing a bug fixed by upstream:
    - debian/patches/test--fix_TestGetAdditionalGroups.patch
  * Refresh patch:
    - debian/patches/test--skip-fs-related-cgroups-test.patch
  * Backport upstream patch to fix patchpbf test on armhf:
    - debian/patches/fix-patchpbf-test-on-32-bit.patch

 -- Lucas Kanashiro <email address hidden> Tue, 10 Mar 2021 09:30:36 -0300

runc (1.0.0~rc92-0ubuntu1) hirsute; urgency=medium

  * New upstream release.
  * Refresh patches.
  * Add patch to skip tests relying on cgroups fs mountpoints.
  * Update VCS links to point to Github where the packaging work is done.

 -- Lucas Kanashiro <email address hidden> Tue, 12 Jan 2021 17:30:36 -0300

runc (1.0.0~rc10-0ubuntu3) hirsute; urgency=medium

  * No-change rebuild using new golang

 -- Steve Langasek <email address hidden> Wed, 11 Nov 2020 22:25:13 +0000

runc (1.0.0~rc10-0ubuntu2) groovy; urgency=medium

  * No-change rebuild using new golang

 -- Steve Langasek <email address hidden> Tue, 22 Sep 2020 08:55:00 +0000

runc (1.0.0~rc10-0ubuntu1) focal; urgency=medium

  [ Lucas Kanashiro ]
  * Run dh_golang_autopkgtest with isolation-machine restriction (LP: #1856083)
    - d/control: remove Testsuite field since we are now overwriting the
      autodep8 test definition.
    - d/t/control: overwrite autodep8 test definition to add isolation-machine
      restriction.
  * d/t/control: Use commas in Restrictions field of basic-smoke test

  [ Tianon Gravi ]
  * Update to 1.0.0-rc10 upstream release

 -- Tianon Gravi <email address hidden> Tue, 18 Feb 2020 09:06:24 +1300

runc (1.0.0~rc8+git20190923.3e425f80-0ubuntu1) eoan; urgency=medium

  * New upstream snapshot, fixing CVE-2019-16884.

 -- Michael Hudson-Doyle <email address hidden> Mon, 30 Sep 2019 14:12:18 +1300

runc (1.0.0~rc8-0ubuntu1) eoan; urgency=medium

  * New upstream version.

 -- Michael Hudson-Doyle <email address hidden> Wed, 18 Sep 2019 10:49:47 +0200

runc (1.0.0~rc7+git20190403.029124da-0ubuntu1) disco; urgency=medium

  * New upstream version.
  * Fix dependencies of golang-github-opencontainers-runc-dev package.

 -- Michael Hudson-Doyle <email address hidden> Fri, 12 Apr 2019 12:29:03 +1200

runc (1.0.0~rc6+git20190307.2b18fe1d-0ubuntu1) disco; urgency=medium

  * Update to https://github.com/opencontainers/runc/commit/2b18fe1d885ee5083ef9f0838fee39b62d653e30
    - See also:
        https://github.com/containerd/containerd/blob/v1.2.5/RUNC.md
        https://github.com/containerd/containerd/blob/v1.2.5/vendor.conf#L23
  * d/patches/0001-nsenter-clone-proc-self-exe-to-avoid-exposing-host-b.patch:
    dropped, applied upstream.

 -- Michael Hudson-Doyle <email address hidden> Thu, 14 Mar 2019 11:12:22 +1300

runc (1.0.0~rc6+git20181203.96ec2177-0ubuntu1) disco; urgency=medium

  * Add 'basic-smoke' autopkgtest to verify basic functionality

 -- Tianon Gravi <email address hidden> Thu, 14 Feb 2019 14:23:13 -0800

runc (1.0.0~rc6+git20181203.96ec2177-0~ubuntu2) disco; urgency=medium

  * d/patches/0001-nsenter-clone-proc-self-exe-to-avoid-exposing-host-b.patch:
    Apply upstream fix for CVE-2019-5736.

 -- Michael Hudson-Doyle <email address hidden> Tue, 12 Feb 2019 11:52:37 +1300

runc (1.0.0~rc6+git20181203.96ec2177-0~ubuntu1) disco; urgency=medium

  * Update to https://github.com/opencontainers/runc/commit/96ec2177ae841256168fcf76954f7177af9446eb
    - See also:
        https://github.com/containerd/containerd/blob/v1.2.2/RUNC.md
        https://github.com/containerd/containerd/blob/v1.2.2/vendor.conf#L23

 -- Tianon Gravi <email address hidden> Thu, 17 Jan 2019 21:06:43 -0800