ELSA-2024-9200

ULN >
Oracle Linux Errata repository >
ELSA-2024-9200

ELSA-2024-9200 - runc security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2024-11-14

Description

[4:1.1.13-4]
- rebuild against new golang
- Resolves: RHEL-46380

[4:1.1.13-3]
- rebuild against golang-1.22.4
- Resolves: RHEL-46380

[4:1.1.13-2]
- rebuild
- Resolves: RHEL-46380

[4:1.1.13-1]
- update to https://github.com/opencontainers/runc/releases/tag/v1.1.13
- Related: RHEL-27608

[4:1.1.12-2]
- Switch dependency on criu to Recommends
- Resolves: RHEL-25116

[4:1.1.12-1]
- update to https://github.com/opencontainers/runc/releases/tag/v1.1.12
- Related: RHEL-2112

[4:1.1.11-1]
- update to https://github.com/opencontainers/runc/releases/tag/v1.1.11
- Related: RHEL-2112

[4:1.1.10-3]
- Rebuild for CVEs: CVE-2023-39321 CVE-2023-39322 CVE-2023-29409
- Related: Jira:RHEL-2792
- Related: Jira:RHEL-7454

[4:1.1.10-2]
- require container-selinux >= 2.224.0 for dmz feature
- Related: Jira:RHEL-2112

[4:1.1.10-1]
- update to https://github.com/opencontainers/runc/releases/tag/v1.1.10
- Related: RHEL-2112

[4:1.1.9-1]
- update to https://github.com/opencontainers/runc/releases/tag/v1.1.9
- Related: #2176063

[4:1.1.8-1]
- update to https://github.com/opencontainers/runc/releases/tag/v1.1.8
- Related: #2176063

[4:1.1.7-2]
- rebuild for following CVEs:
CVE-2021-43784 CVE-2022-41724 CVE-2023-28642
- Resolves: #2033659
- Resolves: #2179973
- Resolves: #2183103

[4:1.1.7-1]
- update to https://github.com/opencontainers/runc/releases/tag/v1.1.7
- Related: #2176063

[4:1.1.6-1]
- update to https://github.com/opencontainers/runc/releases/tag/v1.1.6
- Related: #2176063

[4:1.1.5-2]
- runc 1.1.5 resolves CVE-2023-25809 and CVE-2023-27561
- Resolves: #2176110
- Resolves: #2183098

[4:1.1.5-1]
- update to https://github.com/opencontainers/runc/releases/tag/v1.1.5
- Related: #2176063

[4:1.1.4-2]
- rebuild
- Resolves: #2102995

[4:1.1.4-1]
- update to https://github.com/opencontainers/runc/releases/tag/v1.1.4
- Related: #2061316

[4:1.1.3-2]
- add patch in attempt to fix gating tests - thanks to Kir Kolyshkin
- Related: #2061316

Related CVEs

CVE-2024-24788

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 9 (aarch64)	runc-1.1.13-4.el9.src.rpm	be8e41a1c723e257b8ad9f24c2c28fa3132e39652d87397eac1622a3c7940415	-	ol9_aarch64_appstream
	runc-1.1.13-4.el9.aarch64.rpm	0cb0d69c79fc0b22cc10f91fb8004adee0995c2c7a356cd3c7b665b86307fb94	-	ol9_aarch64_appstream

Oracle Linux 9 (x86_64)	runc-1.1.13-4.el9.src.rpm	be8e41a1c723e257b8ad9f24c2c28fa3132e39652d87397eac1622a3c7940415	-	ol9_x86_64_appstream
	runc-1.1.13-4.el9.x86_64.rpm	7aecd54bed0951b4efcc1a3ea1a4d969e21df4439688f65a1605dd983b25ef00	-	ol9_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691