Publishing details
Changelog
runc (1.1.4-0ubuntu1~18.04.2) bionic-security; urgency=medium
* d/p/lp2013318-fix-device-files-in-containers.patch: Fix inability to use
device files such as /dev/null in containers (LP: #2013318)
* SECURITY UPDATE: Incorrect access control through /sys/fs/cgroup
- debian/patches/CVE-2023-25809.patch: apply MS_RDONLY if
/sys/fs/cgroup is bind-mounted or mask if bind source is unavailable
in libcontainer/rootfs_linux.go.
- CVE-2023-25809
* SECURITY UPDATE: Incorrect access control through /proc and /sys
- debian/patches/CVE-2023-27561_2023-28642.patch: Prohibit /proc and
/sys to be symlinks in libcontainer/rootfs_linux.go.
- CVE-2023-27561
- CVE-2023-28642
-- David Fernandez Gonzalez <email address hidden> Tue, 16 May 2023 12:07:05 +0200
Builds
Built packages
-
golang-github-opencontainers-runc-dev
Open Container Project - development files
-
runc
Open Container Project - runtime
-
runc-dbgsym
debug symbols for runc
Package files