From c1e6edfa862e065caa6f8b3e9fd50d38d7ed57f5 Mon Sep 17 00:00:00 2001 From: Milinda Brantini Date: Tue, 1 Oct 2024 18:12:50 +0800 Subject: [PATCH] runc: Update to 1.1.14 This is the fourteenth patch release in the 1.1.z release branch of runc. It includes a fix for a low severity security issue (CVE-2024-45310) as well as some minor build-related fixes (including Go 1.23 support). Fix CVE-2024-45310, a low-severity attack that allowed maliciously configured containers to create empty files and directories on the host. Add support for Go 1.23. Revert "allow overriding VERSION value in Makefile" and add EXTRA_VERSION. rootfs: consolidate mountpoint creation logic. Signed-off-by: Milinda Brantini --- utils/runc/Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/utils/runc/Makefile b/utils/runc/Makefile index 1b1abbc7d0..13dd5bec05 100644 --- a/utils/runc/Makefile +++ b/utils/runc/Makefile @@ -1,7 +1,7 @@ include $(TOPDIR)/rules.mk PKG_NAME:=runc -PKG_VERSION:=1.1.13 +PKG_VERSION:=1.1.14 PKG_RELEASE:=1 PKG_LICENSE:=Apache-2.0 PKG_LICENSE_FILES:=LICENSE @@ -9,7 +9,7 @@ PKG_CPE_ID:=cpe:/a:linuxfoundation:runc PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz PKG_SOURCE_URL:=https://codeload.github.com/opencontainers/runc/tar.gz/v${PKG_VERSION}? -PKG_HASH:=789d5749a08ef1fbe5d1999b67883206a68a4e58e6ca0151c411d678f3480b25 +PKG_HASH:=563cf57c38d2e7149234dbe6f63ca0751eb55ef8f586ed12a543dedc1aceba68 PKG_MAINTAINER:=Gerard Ryan -- 2.30.2