Format: 1.8
Date: Wed, 24 Jan 2024 16:33:42 +0530
Source: runc
Binary: runc
Architecture: riscv64
Version: 1.1.7-0ubuntu1~20.04.2
Distribution: focal
Urgency: medium
Maintainer: Launchpad Build Daemon <buildd@bos03-riscv64-059.buildd>
Changed-By: Nishit Majithia <nishit.majithia@canonical.com>
Description:
 runc       - Open Container Project - runtime
Changes:
 runc (1.1.7-0ubuntu1~20.04.2) focal-security; urgency=medium
 .
   * SECURITY UPDATE: container escape vulnerability
     - d/p/0001-Fix-File-to-Close.patch: Fix File to Close
     - d/p/0002-init-verify-after-chdir-that-cwd-is-inside-the-conta.patch:
       init: verify after chdir that cwd is inside the container
     - d/p/0003-setns-init-do-explicit-lookup-of-execve-argument-ear.patch:
       setns init: do explicit lookup of execve argument early
     - d/p/0004-init-close-internal-fds-before-execve.patch: init: close
       internal fds before execve
     - d/p/0005-cgroup-plug-leaks-of-sys-fs-cgroup-handle.patch: cgroup:
       plug leaks of /sys/fs/cgroup handle
     - d/p/0006-libcontainer-mark-all-non-stdio-fds-O_CLOEXEC-before.patch:
       ibcontainer: mark all non-stdio fds O_CLOEXEC before spawning init
     - CVE-2024-21626
Checksums-Sha1:
 fdc74efc509f6229277b6a164b384eb1894d175e 5338900 runc-dbgsym_1.1.7-0ubuntu1~20.04.2_riscv64.ddeb
 e1c2f54de8383cd0f05b59e6064f7b55e95f4d2b 5814 runc_1.1.7-0ubuntu1~20.04.2_riscv64.buildinfo
 3b2e95d131dbc3b37518137741b7b71e7d023b38 3650708 runc_1.1.7-0ubuntu1~20.04.2_riscv64.deb
Checksums-Sha256:
 a0642dcc917eee19aacfd1908695614ac0712fcc3f0e81079dd0564114181215 5338900 runc-dbgsym_1.1.7-0ubuntu1~20.04.2_riscv64.ddeb
 555dac03602bb5ecc297138ee485afa12cc1feb43c09ca6fbf23afc0fac30137 5814 runc_1.1.7-0ubuntu1~20.04.2_riscv64.buildinfo
 9dcfa64af2634ddaf4c4386a317398e6da182cf930546286bc40c3786716d0cf 3650708 runc_1.1.7-0ubuntu1~20.04.2_riscv64.deb
Files:
 1497c38148168baeb19519a1606e9580 5338900 debug optional runc-dbgsym_1.1.7-0ubuntu1~20.04.2_riscv64.ddeb
 7925bd26302a2ad4d5d0701593918bd7 5814 devel optional runc_1.1.7-0ubuntu1~20.04.2_riscv64.buildinfo
 8ca4ec27a3d1684144f30700e0913e35 3650708 devel optional runc_1.1.7-0ubuntu1~20.04.2_riscv64.deb
Original-Maintainer: Debian Go Packaging Team <pkg-go-maintainers@lists.alioth.debian.org>