ELSA-2024-9200

ELSA-2024-9200 - runc security update

Type:SECURITY
Severity:MODERATE
Release Date:2024-11-14

Description


[4:1.1.13-4]
- rebuild against new golang
- Resolves: RHEL-46380

[4:1.1.13-3]
- rebuild against golang-1.22.4
- Resolves: RHEL-46380

[4:1.1.13-2]
- rebuild
- Resolves: RHEL-46380

[4:1.1.13-1]
- update to https://github.com/opencontainers/runc/releases/tag/v1.1.13
- Related: RHEL-27608

[4:1.1.12-2]
- Switch dependency on criu to Recommends
- Resolves: RHEL-25116

[4:1.1.12-1]
- update to https://github.com/opencontainers/runc/releases/tag/v1.1.12
- Related: RHEL-2112

[4:1.1.11-1]
- update to https://github.com/opencontainers/runc/releases/tag/v1.1.11
- Related: RHEL-2112

[4:1.1.10-3]
- Rebuild for CVEs: CVE-2023-39321 CVE-2023-39322 CVE-2023-29409
- Related: Jira:RHEL-2792
- Related: Jira:RHEL-7454

[4:1.1.10-2]
- require container-selinux >= 2.224.0 for dmz feature
- Related: Jira:RHEL-2112

[4:1.1.10-1]
- update to https://github.com/opencontainers/runc/releases/tag/v1.1.10
- Related: RHEL-2112

[4:1.1.9-1]
- update to https://github.com/opencontainers/runc/releases/tag/v1.1.9
- Related: #2176063

[4:1.1.8-1]
- update to https://github.com/opencontainers/runc/releases/tag/v1.1.8
- Related: #2176063

[4:1.1.7-2]
- rebuild for following CVEs:
CVE-2021-43784 CVE-2022-41724 CVE-2023-28642
- Resolves: #2033659
- Resolves: #2179973
- Resolves: #2183103

[4:1.1.7-1]
- update to https://github.com/opencontainers/runc/releases/tag/v1.1.7
- Related: #2176063

[4:1.1.6-1]
- update to https://github.com/opencontainers/runc/releases/tag/v1.1.6
- Related: #2176063

[4:1.1.5-2]
- runc 1.1.5 resolves CVE-2023-25809 and CVE-2023-27561
- Resolves: #2176110
- Resolves: #2183098

[4:1.1.5-1]
- update to https://github.com/opencontainers/runc/releases/tag/v1.1.5
- Related: #2176063

[4:1.1.4-2]
- rebuild
- Resolves: #2102995

[4:1.1.4-1]
- update to https://github.com/opencontainers/runc/releases/tag/v1.1.4
- Related: #2061316

[4:1.1.3-2]
- add patch in attempt to fix gating tests - thanks to Kir Kolyshkin
- Related: #2061316


Related CVEs


CVE-2024-24788

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By AdvisoryChannel Label
Oracle Linux 9 (aarch64) runc-1.1.13-4.el9.src.rpm8e6fbb820d4f4c0ca3d45e0f24494185-ol9_aarch64_appstream
runc-1.1.13-4.el9.aarch64.rpm1c5e437a6d5d0df49ef009d4e5853e68-ol9_aarch64_appstream
Oracle Linux 9 (x86_64) runc-1.1.13-4.el9.src.rpm8e6fbb820d4f4c0ca3d45e0f24494185-ol9_x86_64_appstream
runc-1.1.13-4.el9.x86_64.rpmbe12a222589b03765c9b2b8c8e6928e2-ol9_x86_64_appstream


This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:

software.hardware.complete