ELSA-2019-4540 - runc security update
| Type: | SECURITY |
| Severity: | IMPORTANT |
| Release Date: | 2019-02-11 |
Description
[1.0.0-19.rc5.git4bb1fe4.0.3.el7]
- Apply patch for CVE-2019-5736 (Wiekus Beukes)
[1.0.0-19.rc5.git4bb1fe4.0.2.el7]
- update Go version to 1.10.8, fix version string (Laszlo (Laca) Peter)
[1.0.0-19.rc5.git4bb1fe4.0.1.el7]
- Tuning .spec file
[2:1.0.0-19.rc5.git4bb1fe4]
- release v1.0.0~rc5
[2:1.0.0-17.rc4.git9f9c962.1]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
[2:1.0.0-17.rc4.git9f9c962]
- Bump to the latest from upstream
[2:1.0.0-16.rc4.gite6516b3]
- install bash completion to correct location
- remove shebang from bash completion gh#1679
- correct rpmlint issues
[2:1.0.0-15.rc4.gite6516b3]
- built commit e6516b3
[2:1.0.0-14.rc4.gitdb093f6]
- Lots of fixes for libcontainer
- support unbindable,runbindable for rootfs propagation
[2:1.0.0-13.rc4.git1d3ab6d]
- Many Stability fixes
- Many fixes for rootless containers
- Many fixes for static builds
[2:1.0.0-12.rc4.gitaea4f21]
- Add container-selinux prerequires to make sure runc is labeled correctly
[2:1.0.0-11.rc4.gitaea4f21]
- disable devel package and %check - makes life easier for module building
[2:1.0.0-10.rc4.gitaea4f21]
- bump Epoch to 2 since bump to v1.0.1 was in error
- bump to v1.0.0-rc4
- built commit aea4f21
[1.0.1-4.rc.gitaea4f21]
- Rebuilt from master, with requierements needed for CRI-O
[1:1.0.1-3.gitc5ec254]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild
[1:1.0.1-2.gitc5ec254]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild
[1.0.1-1.gitc5ec25487]
- v1.0.0-rc5 release of runc
[1.0.0-9.git6394544]
- Just make the criu dependency optional (https://bugzilla.redhat.com/show_bug.cgi?id=1460148)
[1.0.0-8.git6394544.1]
- Do not build for ix86: there is no criu on ix86
[1:1.0.0-7.git6394544.1]
- rebuilt
[1:1.0.0-6.git75f8da7]
- bump to v1.0.0-rc3
- built opencontainers/v1.0.0-rc3 commit 75f8da7
[1:1.0.0-5.rc2.gitc91b5be.1]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild
[1:1.0.0-5.rc2]
- depend on criu for checkpoint/restore
[1:1.0.0-4.rc2]
- enable aarch64
[1:1.0.0-3.rc2]
- Resolves: #1412238 - *CVE-2016-9962* - set init processes as non-dumpable,
runc patch from Michael Crosby
[1:1.0.0-2.rc2.git47ea5c7]
- patch to enable seccomp
- Pass to the compiler in cases where we don't have to define
gobuild for ourselves.
- From: Nalin Dahyabhai
[1:1.0.0-1.rc2.git47ea5c7]
- bump to 1.0.0 rc2
- built commit 47ea5c7
- build with bundled sources for now (some new dependencies need to be packaged)
[1:1.0.0-1.rc1.git04f275d]
- Resolves: #1342707 - bump to v1.0.0-rc1
- built commit 04f275d
- cosmetic changes to make rpmlint happy
[1:0.1.1-4.git57b9972]
- https://fedoraproject.org/wiki/Changes/golang1.7
[1:0.1.1-3.git57b9972]
- Add bash completion
resolves: #1340119
[1:0.1.1-2.gitbaf6536]
- add selinux to BUILDTAGS in addition to the default seccomp tag
[1:0.1.1-0.1.gitbaf6536]
- Update to v0.1.1
resolves: #1330378
[1:0.0.9-0.3.git94dc520]
- Ship man pages too
resolves: #1326115
[1:0.0.9-0.2.git94dc520]
- Extend supported architectures to golang_arches
Disable failing test
related: #1290943
[1:0.0.9-0.1.git94dc520]
- Update to 0.0.9
resolves: #1290943
[1:0.0.8-0.1.git1a124e9]
- Update to 0.0.8
[1:0.0.5-0.4.git97bc9a7]
- https://fedoraproject.org/wiki/Changes/golang1.6
[1:0.0.5-0.3.git97bc9a7]
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild
[1:0.0.5-0.2.git97bc9a7]
- unit-test-devel subpackage requires devel with correct epoch
[1:0.0.5-0.1.git97bc9a7]
- Update to 0.0.5, introduce Epoch for Fedora due to 0.2 version instead of 0.0.2
resolves: #1286114
[0.2-0.2.git90e6d37]
- First package for Fedora
resolves: #1255179
Related CVEs
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory |
|
| Oracle Linux 7 (x86_64) | runc-1.0.0-19.rc5.git4bb1fe4.0.3.el7.src.rpm | a3299c7b5e34e117302196beba5d228b | ELSA-2021-9203 |
| runc-1.0.0-19.rc5.git4bb1fe4.0.3.el7.x86_64.rpm | ad6a839b5e4893803f5c4781bb0adff9 | ELSA-2021-9203 |
This page is generated automatically and has not been checked for errors or omissions. For clarification
or corrections please contact the Oracle Linux ULN team
