Skip to content

update runc binary to 1.1.14#48424

Merged
thaJeztah merged 1 commit intomoby:masterfrom
thaJeztah:bump_runc_1.1.14
Sep 3, 2024
Merged

update runc binary to 1.1.14#48424
thaJeztah merged 1 commit intomoby:masterfrom
thaJeztah:bump_runc_1.1.14

Conversation

@thaJeztah
Copy link
Member

@thaJeztah thaJeztah commented Sep 3, 2024
edited by laurazard
Loading

Update the runc binary that's used in CI and for the static packages.

diff: opencontainers/runc@v1.1.13...v1.1.14

Release Notes:

  • Fix CVE-2024-45310 / GHSA-jfvp-7x6p-h2pv, a low-severity attack that allowed maliciously configured containers to create empty files and directories on the host.
  • Add support for Go 1.23.
  • Revert "allow overriding VERSION value in Makefile" and add EXTRA_VERSION.
  • rootfs: consolidate mountpoint creation logic.

- What I did

- How I did it

- How to verify it

- Description for the changelog

Upgrade `runc` to [v1.1.14](https://github.com/opencontainers/runc/releases/tag/v1.1.14), which contains a fix for [CVE-2024-45310](https://github.com/opencontainers/runc/security/advisories/GHSA-jfvp-7x6p-h2pv).

- A picture of a cute animal (not mandatory but encouraged)

@thaJeztah
update runc binary to 1.1.14
2189aa2 
Update the runc binary that's used in CI and for the static packages.

diff: opencontainers/runc@v1.1.13...v1.1.14

Release Notes:

- Fix CVE-2024-45310, a low-severity attack that allowed maliciously configured containers to create empty files and directories on the host.
- Add support for Go 1.23.
- Revert "allow overriding VERSION value in Makefile" and add EXTRA_VERSION.
- rootfs: consolidate mountpoint creation logic.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
@thaJeztah thaJeztah added this to the 28.0.0 milestone Sep 3, 2024
@thaJeztah thaJeztah self-assigned this Sep 3, 2024
@thaJeztah thaJeztah requested a review from tianon as a code owner September 3, 2024 11:34
@thaJeztah thaJeztah mentioned this pull request Sep 3, 2024
Merged
@laurazard
Copy link
Member

laurazard commented Sep 3, 2024

@thaJeztah fixed up the description/changelog which mentioned runc v1.1.13 instead of v1.1.14.

@thaJeztah
Copy link
Member Author

thaJeztah commented Sep 3, 2024

DOH! thanks for that! I copy/pasta'd from a previous PR so that I would use the same wording 😂

@thaJeztah thaJeztah merged commit f9bac83 into moby:master Sep 3, 2024
@thaJeztah thaJeztah deleted the bump_runc_1.1.14 branch September 3, 2024 14:11
@thaJeztah thaJeztah added the area/runtime Runtime label Sep 3, 2024
@austinvazquez austinvazquez mentioned this pull request Sep 3, 2024
Merged
@austinvazquez austinvazquez mentioned this pull request Sep 10, 2024
Closed
@austinvazquez austinvazquez mentioned this pull request Oct 31, 2024
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@vvoland vvoland vvoland approved these changes

@laurazard laurazard laurazard approved these changes

@tianon tianon Awaiting requested review from tianon tianon is a code owner

Assignees

@thaJeztah thaJeztah

Labels

area/packaging area/runtime Runtime area/testing impact/changelog process/cherry-pick/23.0 process/cherry-picked status/2-code-review

Projects

None yet

Milestone

28.0.0

Development

Successfully merging this pull request may close these issues.

4 participants

@thaJeztah @laurazard @vvoland @austinvazquez