NetCube-Systems-Austria/kumquat-buildroot
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

package/runc: security bump to 1.0.0-rc9

Browse Source 
Fixes the following security vulnerability:

- CVE-2019-16884: runc through 1.0.0-rc8, as used in Docker through
  19.03.2-ce and other products, allows AppArmor restriction bypass because
  libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a
  malicious Docker image can mount over a /proc directory.

Signed-off-by: Christian Stewart <christian@paral.in>
[Peter: mention security impact]
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit dbbf08849b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
This commit is contained in:
Christian Stewart 2019-12-02 20:50:00 -08:00 committed by Peter Korsgaard
parent 2967d55844
commit e1ff67df1c
2 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
package/runc/runc.hash
View File

@ -1,3 +1,3 @@
# Locally computed
sha256 efe4ff9bbe49b19074346d65c914d809c0a3e90d062ea9619fe240f931f0b700 runc-v1.0.0-rc8.tar.gz
sha256 2ec69c25df9f02c6fd38eb287145f8afba6772f809abe01df4534b5bfd68e8d4 runc-1.0.0-rc9.tar.gz
sha256 552a739c3b25792263f731542238b92f6f8d07e9a488eae27e6c4690038a8243 LICENSE

4
package/runc/runc.mk
View File

@ -4,8 +4,8 @@
#
################################################################################
RUNC_VERSION = v1.0.0-rc8
RUNC_SITE = $(call github,opencontainers,runc,$(RUNC_VERSION))
RUNC_VERSION = 1.0.0-rc9
RUNC_SITE = $(call github,opencontainers,runc,v$(RUNC_VERSION))
RUNC_LICENSE = Apache-2.0
RUNC_LICENSE_FILES = LICENSE