Package "golang-github-opencontainers-runc-dev"

Name:	golang-github-opencontainers-runc-dev
Description:	Open Container Project - development files
Latest version:	1.1.7-0ubuntu1~20.04.2
Release:	focal (20.04)
Level:	updates
Repository:	main
Head package:	runc
Homepage:	https://github.com/opencontainers/runc

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "golang-github-opencontainers-runc-dev"

All arch deb package

APT INSTALL

Other versions of "golang-github-opencontainers-runc-dev" in Focal

Repository	Area	Version
base	main	1.0.0~rc10-0ubuntu1
security	main	1.1.7-0ubuntu1~20.04.2
proposed	main	1.1.7-0ubuntu1~20.04.3

Changelog

Version: 1.1.7-0ubuntu1~20.04.2 2024-02-01 03:07:12 UTC

Version: 1.1.7-0ubuntu1~20.04.2	2024-02-01 03:07:12 UTC
runc (1.1.7-0ubuntu1~20.04.2) focal-security; urgency=medium * SECURITY UPDATE: container escape vulnerability - d/p/0001-Fix-File-to-Close.patch: Fix File to Close - d/p/0002-init-verify-after-chdir-that-cwd-is-inside-the-conta.patch: init: verify after chdir that cwd is inside the container - d/p/0003-setns-init-do-explicit-lookup-of-execve-argument-ear.patch: setns init: do explicit lookup of execve argument early - d/p/0004-init-close-internal-fds-before-execve.patch: init: close internal fds before execve - d/p/0005-cgroup-plug-leaks-of-sys-fs-cgroup-handle.patch: cgroup: plug leaks of /sys/fs/cgroup handle - d/p/0006-libcontainer-mark-all-non-stdio-fds-O_CLOEXEC-before.patch: ibcontainer: mark all non-stdio fds O_CLOEXEC before spawning init - CVE-2024-21626 -- Nishit Majithia <email address hidden> Wed, 24 Jan 2024 16:33:42 +0530
Source diff to previous version

runc (1.1.7-0ubuntu1~20.04.2) focal-security; urgency=medium * SECURITY UPDATE: container escape vulnerability - d/p/0001-Fix-File-to-Close.patch: Fix File to Close - d/p/0002-init-verify-after-chdir-that-cwd-is-inside-the-conta.patch: init: verify after chdir that cwd is inside the container - d/p/0003-setns-init-do-explicit-lookup-of-execve-argument-ear.patch: setns init: do explicit lookup of execve argument early - d/p/0004-init-close-internal-fds-before-execve.patch: init: close internal fds before execve - d/p/0005-cgroup-plug-leaks-of-sys-fs-cgroup-handle.patch: cgroup: plug leaks of /sys/fs/cgroup handle - d/p/0006-libcontainer-mark-all-non-stdio-fds-O_CLOEXEC-before.patch: ibcontainer: mark all non-stdio fds O_CLOEXEC before spawning init - CVE-2024-21626 -- Nishit Majithia <email address hidden> Wed, 24 Jan 2024 16:33:42 +0530

Source diff to previous version

Version: 1.1.7-0ubuntu1~20.04.1	2023-08-02 06:06:59 UTC
`runc (1.1.7-0ubuntu1~20.04.1) focal; urgency=medium * Backport version from Mantic to Focal (LP: #2023694). - Build with Go 1.18 + d/control: b-d on golang-1.18-go intead of golang-any + d/rules: add Go 1.18 to $PATH -- Lucas Kanashiro <email address hidden> Fri, 30 Jun 2023 17:49:24 -0300`
Source diff to previous version

Version: 1.1.4-0ubuntu1~20.04.3 2023-05-17 16:07:21 UTC

runc (1.1.4-0ubuntu1~20.04.3) focal-security; urgency=medium * SECURITY UPDATE: Incorrect access control through /sys/fs/cgroup - debian/patches/CVE-2023-25809.patch: apply MS_RDONLY if /sys/fs/cgroup is bind-mounted or mask if bind source is unavailable in libcontainer/rootfs_linux.go. - CVE-2023-25809 * SECURITY UPDATE: Incorrect access control through /proc and /sys - debian/patches/CVE-2023-27561_2023-28642.patch: Prohibit /proc and /sys to be symlinks in libcontainer/rootfs_linux.go. - CVE-2023-27561 - CVE-2023-28642 -- David Fernandez Gonzalez <email address hidden> Mon, 15 May 2023 12:15:47 +0200

Source diff to previous version

CVE-2023-25809	runc is a CLI tool for spawning and running containers according to the OCI specification. In affected versions it was found that rootless runc makes
CVE-2023-27561	runc through 1.1.4 has Incorrect Access Control leading to Escalation of Privileges, related to libcontainer/rootfs_linux.go. To exploit this, an att
CVE-2023-28642	runc is a CLI tool for spawning and running containers according to the OCI specification. It was found that AppArmor can be bypassed when `/proc` in

Version: 1.1.4-0ubuntu1~20.04.2 2023-05-10 15:07:16 UTC

runc (1.1.4-0ubuntu1~20.04.2) focal; urgency=medium * d/p/lp2013318-fix-device-files-in-containers.patch: Fix inability to use device files such as /dev/null in containers (LP: #2013318) -- Lena Voytek <email address hidden> Wed, 12 Apr 2023 13:21:54 -0700

Source diff to previous version

2013318

Inability to use some devices when inside a container

Version: 1.1.4-0ubuntu1~20.04.1	2023-03-10 00:07:01 UTC
`runc (1.1.4-0ubuntu1~20.04.1) focal; urgency=medium * Backport version 1.1.4-0ubuntu1 from Lunar (LP: #1996909). - d/control: b-d on golang-1.18-go instead of golang-any. - d/rules: build with Golang 1.18. -- Lucas Kanashiro <email address hidden> Thu, 17 Nov 2022 12:24:35 -0300`

About - Send Feedback to @ubuntu_updates

Package "golang-github-opencontainers-runc-dev"

Links

Download "golang-github-opencontainers-runc-dev"

Other versions of "golang-github-opencontainers-runc-dev" in Focal

Changelog

Share this page

Bookmarks

Latest updates

security

PPA updates