package/runc: security bump to v1.1.2

Fixes CVE-2022-29162 Minor security issue (which appears to not be exploitable) related to process capabilities. A bug was found in runc where runc exec --cap executed processes with ble Linux process capabilities, creating an atypical Linux environment. For more information, see GHSA-f3fp-gc8g-vw66 and CVE-2022-29162. runc spec no longer sets any inheritable capabilities in the created example OCI spec (config.json) file. https://github.com/opencontainers/runc/releases/tag/v1.1.2 Signed-off-by: Christian Stewart <christian@paral.in> Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-06-01 11:10:47 -07:00 · 2022-06-01 11:10:47 -07:00 · 0295e9602f
commit 0295e9602f
parent 6a1331ba01
2 changed files with 2 additions and 2 deletions
--- a/package/runc/runc.hash
+++ b/package/runc/runc.hash
@ -1,3 +1,3 @@
 # Locally computed
-sha256  11a34535c108b36fd59de58e7bef3a130444c9ea41e4b8bb8f8d4654c8ad654c  runc-1.1.1.tar.gz
+sha256  0ccce82b1d9c058d8fd7443d261c96fd7a803f2775bcb1fec2bdb725bc7640f6  runc-1.1.2.tar.gz
 sha256  552a739c3b25792263f731542238b92f6f8d07e9a488eae27e6c4690038a8243  LICENSE
--- a/package/runc/runc.mk
+++ b/package/runc/runc.mk
@ -4,7 +4,7 @@
 #
 ################################################################################

-RUNC_VERSION = 1.1.1
+RUNC_VERSION = 1.1.2
 RUNC_SITE = $(call github,opencontainers,runc,v$(RUNC_VERSION))
 RUNC_LICENSE = Apache-2.0, LGPL-2.1 (libseccomp)
 RUNC_LICENSE_FILES = LICENSE