-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 28 Jun 2024 00:16:20 +0200
Source: runc
Binary: runc runc-dbgsym
Architecture: armhf
Version: 1.0.0~rc93+ds1-5+deb11u4
Distribution: bullseye
Urgency: medium
Maintainer: arm Build Daemon (arm-conova-01) <buildd_arm64-arm-conova-01@buildd.debian.org>
Changed-By: Daniel Leidert <dleidert@debian.org>
Description:
 runc       - Open Container Project - runtime
Changes:
 runc (1.0.0~rc93+ds1-5+deb11u4) bullseye; urgency=medium
 .
   * Non-maintainer upload by the Debian LTS Team.
   * d/patches/0025-Fix-busybox-tarball-url-in-integration-test.patch: Updated.
     - Fixed download URLs again.
   * d/patches/CVE-2021-43784.patch: Added to fix CVE-2021-43784.
     - When writing netlink messages, it is possible to have a byte array larger
       than UINT16_MAX which would result in the length field overflowing and
       allowing user-controlled data to be parsed as control characters (such as
       creating custom mount points, changing which set of namespaces to allow,
       and so on).
   * d/patches/0027-Fix-test-for-newer-kernels.patch: Added.
     - Fix test for newer kernels.
   * d/patches/CVE-2023-25809.patch: Added to fix CVE-2023-25809.
     - It was found that rootless runc makes `/sys/fs/cgroup` writable under
       specific conditions. A container may then gain the write access to
       user-owned cgroup hierarchy `/sys/fs/cgroup/user.slice/...` on the host.
   * Update changelog for 1.0.0~rc93+ds1-5+deb11u4~1.gbpce2b39 release
   * Update patch for download URLs of busybox tarball
   * Add patch to fix CVE-2021-43784.patch
   * Add patch to fix tests with newer kernels
   * Add patch to fix CVE-2023-25809
Checksums-Sha1:
 62a617e3d2ddb7161c1965c1a8142778a9f26d86 2306216 runc-dbgsym_1.0.0~rc93+ds1-5+deb11u4_armhf.deb
 2708c6aced9c8ac45dd83d4497541dccfdf27b8c 8007 runc_1.0.0~rc93+ds1-5+deb11u4_armhf-buildd.buildinfo
 acfa08acb19c5238d87668d32bd2cc569d95db72 2090356 runc_1.0.0~rc93+ds1-5+deb11u4_armhf.deb
Checksums-Sha256:
 49d0f9f84a049b539015b9d7b8346c29d6320be0cf13417681f9a54cf25df3de 2306216 runc-dbgsym_1.0.0~rc93+ds1-5+deb11u4_armhf.deb
 713dd04979baf3f34a6a0a674e4b18a598a48f6cc5d2fc1cc7bf1f81a3539beb 8007 runc_1.0.0~rc93+ds1-5+deb11u4_armhf-buildd.buildinfo
 37d6ef24b6464bc51ffea6c3b5916861ba392acbf9436dd163185863acd14c24 2090356 runc_1.0.0~rc93+ds1-5+deb11u4_armhf.deb
Files:
 1c955897e28a7a7acef71ae381e4c15b 2306216 debug optional runc-dbgsym_1.0.0~rc93+ds1-5+deb11u4_armhf.deb
 64bdaef33841bda4f717d926cc951f79 8007 admin optional runc_1.0.0~rc93+ds1-5+deb11u4_armhf-buildd.buildinfo
 02a5a332d8fb525633df9c225b2d267a 2090356 admin optional runc_1.0.0~rc93+ds1-5+deb11u4_armhf.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEw2TRpv7HYIvK+TsIbEMdCP/rlD8FAmaAe8wACgkQbEMdCP/r
lD/FhRAAtyV8dvcaoQ3gB5oCZ+qcqCHUWo0ONmLuPcjbgtUuGDoaN5mk8AzUXpaC
wX07P0KXCGwAEfs1L9LdfXB/PWb+/RorFLAZqZy+Lc1gup63aHnH1NF9mGwt+pwD
F1Wr0+H0nN8W+lnDgVs7njbjNAmi2C/pCxnbKUPHfIQzgDQtkmtbIYT/lVk17X4M
hGbWnm85CeBCucvsG967zVrKAizUikNaUwc318+z4fAMgPAdac91GCuaBjKKTE9o
wgt4bNgAldM5Sezayznb22AshH/rM2W/uveYw7xBa0TghNBSPNBCh1WBw32Rr1oL
gGSnMuWDlMA7WuXXz6a3IiIEVGBLp62v6CqVGgqyAF4zC18wza9CQcnNsi+byYQS
OoUg3bH+a9uout3AgRNTGt/Fq2wTlEx0P3EhEtgDr3CgqcB7BvXUU1/LMCdGeVej
9Q56V4haJ/5lX0eiTYPyn87dFCCgwmwk5wlEPKlWqnrAcHjwupIFJhHoNlR14PKr
7sZSZ1ocREzbAjfg77xjmsrtUcNKqaVhakn9Cj34GfD3pxUpnqf8Y05jav9GdhGD
RLH85SEQjWX5Mx6Lgrx1VsHDaOM1x4S8Gz1tGIfyErQrvKkyEAmMLaWpMaVhE8hJ
cs06VXi2gZ5Kjzt6Q8jh9uLWWErsuZOO6ex6J/BLj+A9zvDO9Rc=
=eOex
-----END PGP SIGNATURE-----