-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 28 Jun 2024 00:16:20 +0200 Source: runc Binary: runc runc-dbgsym Architecture: arm64 Version: 1.0.0~rc93+ds1-5+deb11u4 Distribution: bullseye Urgency: medium Maintainer: arm Build Daemon (arm-arm-04) Changed-By: Daniel Leidert Description: runc - Open Container Project - runtime Changes: runc (1.0.0~rc93+ds1-5+deb11u4) bullseye; urgency=medium . * Non-maintainer upload by the Debian LTS Team. * d/patches/0025-Fix-busybox-tarball-url-in-integration-test.patch: Updated. - Fixed download URLs again. * d/patches/CVE-2021-43784.patch: Added to fix CVE-2021-43784. - When writing netlink messages, it is possible to have a byte array larger than UINT16_MAX which would result in the length field overflowing and allowing user-controlled data to be parsed as control characters (such as creating custom mount points, changing which set of namespaces to allow, and so on). * d/patches/0027-Fix-test-for-newer-kernels.patch: Added. - Fix test for newer kernels. * d/patches/CVE-2023-25809.patch: Added to fix CVE-2023-25809. - It was found that rootless runc makes `/sys/fs/cgroup` writable under specific conditions. A container may then gain the write access to user-owned cgroup hierarchy `/sys/fs/cgroup/user.slice/...` on the host. * Update changelog for 1.0.0~rc93+ds1-5+deb11u4~1.gbpce2b39 release * Update patch for download URLs of busybox tarball * Add patch to fix CVE-2021-43784.patch * Add patch to fix tests with newer kernels * Add patch to fix CVE-2023-25809 Checksums-Sha1: 3d689137c1ae09b13a1d8e48490205ee4e42b685 2379492 runc-dbgsym_1.0.0~rc93+ds1-5+deb11u4_arm64.deb 5f21f4012f9148ec46dcd10783d642c92dd0d114 8076 runc_1.0.0~rc93+ds1-5+deb11u4_arm64-buildd.buildinfo 2fcc429f17420b47e8cd5f6b6d320c57f46f30b4 2078628 runc_1.0.0~rc93+ds1-5+deb11u4_arm64.deb Checksums-Sha256: b35fd0cff3e4dfddbbccee794fa4cf3e88ae19cf2f918648e48c2de34da774c6 2379492 runc-dbgsym_1.0.0~rc93+ds1-5+deb11u4_arm64.deb 6a51c31faa328f70234a9e0a00ca82b6a3a39143a8e31139349def32c145a34b 8076 runc_1.0.0~rc93+ds1-5+deb11u4_arm64-buildd.buildinfo a93e26383f73e119a4279368e15ef984ca822e74a89a374c816f56758e7963c0 2078628 runc_1.0.0~rc93+ds1-5+deb11u4_arm64.deb Files: a350a14bee81bffecdeb4ae6bd24ce45 2379492 debug optional runc-dbgsym_1.0.0~rc93+ds1-5+deb11u4_arm64.deb 5aef0e32a345836fdf8c8b3f2945ca64 8076 admin optional runc_1.0.0~rc93+ds1-5+deb11u4_arm64-buildd.buildinfo 38e260589b0843395dd64c356c58eac5 2078628 admin optional runc_1.0.0~rc93+ds1-5+deb11u4_arm64.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEI50kmNpDqaVj/srT9SjIc4+ajYAFAmaAe+MACgkQ9SjIc4+a jYC3gxAAulo7pgD8DyEYDfEb1NQRttFQWyzEz69yNpHAsnO2AxmELPNzAjAZFFTn AImaPKmgbea5RX6y+WQbfWNUZXnTOvIK2kq/1irkaR+sDj72c3xBm4ADcnLxWF0s CysSoV3Re8kNcvzfHv5xDKMeyAJBdUEXq/SvoJDNRW2oQZLOnhFXPh09uiiofoRJ LHKzqxhX80mUACo7e0lL/XVGSC7jIvel5t+fGJl+bFFUmYoauYfVd4ZegUGgTWtO X6UKmEpJYDgZItrC8+DjqEjlVz44r6TthU5Rhnh2LiuzHeQuQnWVdBYGKMkRjm5D zlHfPJZC1Yqq6XL9uo+vm56W52/FrtV5RbggdRKvXTEyq8Bzo3Gc/Xl4PwQAWmhY vb9UsUdCTy8YakV4gZt3K/+iozPFwqImd/oCOhUGrHCnNv/RHvoci0uQ6tzZ1rfv tT0mW3Iy/yg/+6XAZ2PA50HCCNymUv/WiuGyyCAv2ROGtJ6qOOnInZIOUUAOl/HE /v+xcGMtLsFWGGyAWYWGByExyAa2KTZkJVtPPbdGtz1xO28+mhm6UUibgWTVF175 CapcW+TB+61X6lnH59gMi9eYgGLJKG7NIVhkTXCZ2BZhFux4OFUJ/mXsIPPb3NnI Oxvp7yjdQSOr3Q2qkorJhhV5hYg7aHtA/+0aYec098bPFynbNgs= =1HJJ -----END PGP SIGNATURE-----