8000 [25.0 backport] Dockerfile: update runc to v1.1.14 by austinvazquez · Pull Request #48803 · moby/moby · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

[25.0 backport] Dockerfile: update runc to v1.1.14 #48803

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Oct 31, 2024
Merged

[25.0 backport] Dockerfile: update runc to v1.1.14 #48803

merged 2 commits into from
Oct 31, 2024

Conversation

austinvazquez
Copy link
Contributor
@austinvazquez austinvazquez commented Oct 31, 2024
edited
Loading

- What I did

Split from #48452

- How to verify it
CI must be successful

- Description for the changelog

Upgrade `runc` (static binaries only) to  [v1.1.14](https://github.com/opencontainers/runc/releases/tag/v1.1.14)

- A picture of a cute animal (not mandatory but encouraged)

@thaJeztah @austinvazquez
update runc binary to v1.1.13
e6de0b8 
Update the runc binary that's used in CI and for the static packages.

full diff: opencontainers/runc@v1.1.12...v1.1.13

Release notes:

* If building with Go 1.22.x, make sure to use 1.22.4 or a later version.

* Support go 1.22.4+.
* runc list: fix race with runc delete.
* Fix set nofile rlimit error.
* libct/cg/fs: fix setting rt_period vs rt_runtime.
* Fix a debug msg for user ns in nsexec.
* script/*: fix gpg usage wrt keyboxd.
* CI fixes and misc backports.
* Fix codespell warnings.

* Silence security false positives from golang/net.
* libcontainer: allow containers to make apps think fips is enabled/disabled for testing.
* allow overriding VERSION value in Makefile.
* Vagrantfile.fedora: bump Fedora to 39.
* ci/cirrus: rm centos stream 8.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 9101392)
Signed-off-by: Austin Vazquez <macedonv@amazon.com>
@thaJeztah @austinvazquez
update runc binary to 1.1.14
2df0193 
Update the runc binary that's used in CI and for the static packages.

diff: opencontainers/runc@v1.1.13...v1.1.14

Release Notes:

- Fix CVE-2024-45310, a low-severity attack that allowed maliciously configured containers to create empty files and directories on the host.
- Add support for Go 1.23.
- Revert "allow overriding VERSION value in Makefile" and add EXTRA_VERSION.
- rootfs: consolidate mountpoint creation logic.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 2189aa2)
Signed-off-by: Austin Vazquez <macedonv@amazon.com>
@austinvazquez austinvazquez requested a review from tianon as a code owner October 31, 2024 03:35
@austinvazquez austinvazquez changed the title [25.0 backport] ci: update runc to v1.1.14 [25.0 backport] Dockerfile: update runc to v1.1.14 Oct 31, 2024
thaJeztah
thaJeztah approved these changes Oct 31, 2024
View reviewed changes
Copy link
Member
@thaJeztah thaJeztah left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM, thanks!

@thaJeztah thaJeztah added this to the 25.0.7 milestone Oct 31, 2024
@thaJeztah thaJeztah merged commit 1c354d1 into moby:25.0 Oct 31, 2024
146 checks passed
@austinvazquez austinvazquez deleted the cherry-pick-runc-updates-to-25.0 branch October 31, 2024 09:32
@corhere corhere modified the milestones: 25.0.7, 25.0.8 Dec 5, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@thaJeztah thaJeztah thaJeztah approved these changes

@tianon tianon Awaiting requested review from tianon tianon is a code owner

Assignees
No one assigned
Labels
area/packaging area/runtime impact/changelog status/4-merge
Projects
None yet
Milestone
25.0.8
Development

Successfully merging this pull request may close these issues.
3 participants
@austinvazquez @thaJeztah @corhere
0