-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Fri, 28 Jun 2024 00:16:20 +0200 Source: runc Binary: runc runc-dbgsym Architecture: armel Version: 1.0.0~rc93+ds1-5+deb11u4 Distribution: bullseye Urgency: medium Maintainer: arm Build Daemon (arm-conova-01) Changed-By: Daniel Leidert Description: runc - Open Container Project - runtime Changes: runc (1.0.0~rc93+ds1-5+deb11u4) bullseye; urgency=medium . * Non-maintainer upload by the Debian LTS Team. * d/patches/0025-Fix-busybox-tarball-url-in-integration-test.patch: Updated. - Fixed download URLs again. * d/patches/CVE-2021-43784.patch: Added to fix CVE-2021-43784. - When writing netlink messages, it is possible to have a byte array larger than UINT16_MAX which would result in the length field overflowing and allowing user-controlled data to be parsed as control characters (such as creating custom mount points, changing which set of namespaces to allow, and so on). * d/patches/0027-Fix-test-for-newer-kernels.patch: Added. - Fix test for newer kernels. * d/patches/CVE-2023-25809.patch: Added to fix CVE-2023-25809. - It was found that rootless runc makes `/sys/fs/cgroup` writable under specific conditions. A container may then gain the write access to user-owned cgroup hierarchy `/sys/fs/cgroup/user.slice/...` on the host. * Update changelog for 1.0.0~rc93+ds1-5+deb11u4~1.gbpce2b39 release * Update patch for download URLs of busybox tarball * Add patch to fix CVE-2021-43784.patch * Add patch to fix tests with newer kernels * Add patch to fix CVE-2023-25809 Checksums-Sha1: a1d6f125733d0e5dafd4e29c067ccc718788da32 2304120 runc-dbgsym_1.0.0~rc93+ds1-5+deb11u4_armel.deb f9088bbe2ee8e12b4ebd2d246da09f2de7c570a5 8005 runc_1.0.0~rc93+ds1-5+deb11u4_armel-buildd.buildinfo b2c295c8a792db8faf557e989d12687273d86e8b 2094408 runc_1.0.0~rc93+ds1-5+deb11u4_armel.deb Checksums-Sha256: 8a2f022350523c1360da5d70c3f561e308d4442e956740cfdb5a7f54dae75117 2304120 runc-dbgsym_1.0.0~rc93+ds1-5+deb11u4_armel.deb 3de0815c119800e1e76585c2e477180b23d606e4b0232498ea32fefccc96ac1f 8005 runc_1.0.0~rc93+ds1-5+deb11u4_armel-buildd.buildinfo 312c250f28059261dcec7bfd78555d9ea74066d1b019c3b1f7fb552926b767c6 2094408 runc_1.0.0~rc93+ds1-5+deb11u4_armel.deb Files: 0179f18cdbcf11ad7f3f3e86b1509d98 2304120 debug optional runc-dbgsym_1.0.0~rc93+ds1-5+deb11u4_armel.deb 5f62b4d1b0c747953b349e58637bdcbf 8005 admin optional runc_1.0.0~rc93+ds1-5+deb11u4_armel-buildd.buildinfo 0fe502d01e333921730ecd57d3a38c5d 2094408 admin optional runc_1.0.0~rc93+ds1-5+deb11u4_armel.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEw2TRpv7HYIvK+TsIbEMdCP/rlD8FAmaAfBoACgkQbEMdCP/r lD+52A/+O+S1Q13bNAwBGxne10ONYwJMVDvnAfRirxqUd7BRL1jdis8m4XdwuQgE XNJYdA3US3iwGCWyGZCT9QXkM5tfBbHl8mHQjzt2OOqajCDsgJFgn3mouiAJJrjg Ief1bPDuBGEn+GYVbVXRD9Ic1D3oHREoDXb17C4aU1ME/GkljQVUfj/x4x17q+WS lj2c6AWzMZjema5/LfcEUbUv5ZCugjM5q/6D5vO4EC8q8aubO2vNz6r4kAWj9Oc6 G1ncJK+7EEhXuC4/hl9FV5u6AApRAsXASz/PWtY+Tgggi8RG+vKC7LYyQ4omjcga jT1uzV8xOmQumwxZVk7IljIGZTMEWIKwSvRKXiEoWzc1Q+PtEiN4dX2mXEv7pdQn LExq8xBqJzm/amVZY5S47Ru6JTVSjK/Ts8VQYRmrbWhOQrv7TpErZMSdEsPvaaz1 WGjDn+zOnFZNhXL176F8y7qtHD8gNcnlPhwdM26lGcvlCfukWfP2+4V01axH1QJY XFTc0UnvAB38C/PFzyqWO/LpDObz58exhDypits0sy8/n9vSaVSdM0YcVfxsixpr J/uoKS4sD9quZlPPuRP8FT8UYrea1BoFJjOOkMSSsDujgUhXHEBhmdPWgGqUkT4/ nZIrB6SHQhKTlVXaqNdimIVH7YMqj2xtU4UjfOeFm1Yb3a0uIgs= =gkXh -----END PGP SIGNATURE-----