Fedora 29: runc FEDORA-2019-3fc86a518b
Summary
The runc command can be used to start containers which are packaged
in accordance with the Open Container Initiative's specifications,
and to manage containers running under runc.
Resolves: #1757214, #1757290 - CVE-2019-16884 ---- add patch for cgroupsv2
* Mon Oct 7 2019 Lokesh Mandvekar
- Resolves: #1757214, #1757290 - CVE-2019-16884
- bump to v1.0.0-rc9
* Thu Oct 3 2019 Lokesh Mandvekar
- add patch for cgroupsv2
- From: Giuseppe Scrivano
* Wed May 15 2019 Daniel Walsh
- Fix issue with runc interacting with /dev/stderr
* Wed Apr 24 2019 Daniel Walsh
- Fix issue with runc failing on SELinux disabled machines
* Fri Apr 19 2019 Daniel Walsh
- Revert Build with nokmem
* Wed Apr 17 2019 Daniel Walsh
- Build with nokmem
* Thu Apr 4 2019 Lokesh Mandvekar (Bot)
- autobuilt 029124d
* Wed Apr 3 2019 Lokesh Mandvekar (Bot)
- autobuilt 6a3f474
* Thu Mar 28 2019 Daniel Walsh
- release candidate 7
* Sat Mar 23 2019 Lokesh Mandvekar (Bot)
- autobuilt 11fc498
* Thu Mar 21 2019 Lokesh Mandvekar (Bot)
- autobuilt dd22a84
* Sun Mar 17 2019 Lokesh Mandvekar (Bot)
- autobuilt f56b4cb
* Sat Mar 16 2019 Lokesh Mandvekar (Bot)
- autobuilt 7341c22
* Mon Mar 11 2019 Dan Walsh (Bot)
- Change Requires container-selinux to recommends container-selinux
* Fri Mar 8 2019 Lokesh Mandvekar (Bot)
- autobuilt 2b18fe1
* Wed Mar 6 2019 Lokesh Mandvekar (Bot)
- autobuilt 923a8f8
* Tue Mar 5 2019 Lokesh Mandvekar (Bot)
- autobuilt f739110
* Tue Feb 26 2019 Lokesh Mandvekar (Bot)
- autobuilt f79e211
* Sun Feb 24 2019 Lokesh Mandvekar (Bot)
- autobuilt 5b5130a
* Fri Feb 22 2019 Lokesh Mandvekar (Bot)
- autobuilt 8084f76
* Sat Feb 16 2019 Lokesh Mandvekar (Bot)
- autobuilt 751f18d
* Thu Feb 14 2019 Lokesh Mandvekar (Bot)
- autobuilt f414f49
* Wed Feb 13 2019 Lokesh Mandvekar (Bot)
- autobuilt 0a012df
* Tue Feb 12 2019 Lokesh Mandvekar (Bot)
- autobuilt 6635b4f
* Sat Feb 9 2019 Lokesh Mandvekar (Bot)
- autobuilt dd023c4
* Sat Feb 2 2019 Lokesh Mandvekar (Bot)
- autobuilt e4fa8a4
* Sat Jan 26 2019 Lokesh Mandvekar (Bot)
- autobuilt 8011af4
* Wed Jan 16 2019 Lokesh Mandvekar (Bot)
- autobuilt c1e454b
* Tue Jan 15 2019 Lokesh Mandvekar (Bot)
- autobuilt 12f6a99
* Fri Dec 21 2018 Lokesh Mandvekar (Bot)
- autobuilt bbb17ef
* Tue Dec 11 2018 Lokesh Mandvekar (Bot)
- autobuilt f5b9991
* Sun Dec 9 2018 Lokesh Mandvekar (Bot)
- autobuilt 859f745
* Wed Dec 5 2018 Lokesh Mandvekar (Bot)
- autobuilt 25f3f89
* Tue Dec 4 2018 Lokesh Mandvekar (Bot)
- autobuilt 96ec217
* Tue Nov 27 2018 Lokesh Mandvekar (Bot)
- autobuilt 4932620
* Sun Nov 25 2018 Lokesh Mandvekar (Bot)
- autobuilt 9397a6f
* Sat Nov 24 2018 Dan Walsh
- rc6 build
* Wed Nov 7 2018 Lokesh Mandvekar (Bot)
- autobuilt 079817c
* Thu Nov 1 2018 Lokesh Mandvekar
- built commit 9e5aa74
* Tue Oct 16 2018 Lokesh Mandvekar
- built commit 78ef28e
[ 1 ] Bug #1757214 - CVE-2019-16884 runc: AppArmor can be bypassed by a malicious image that specifies a volume at /proc
https://bugzilla.redhat.com/show_bug.cgi?id=1757214
su -c 'dnf upgrade --advisory FEDORA-2019-3fc86a518b' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/
FEDORA-2019-3fc86a518b 2019-10-15 23:13:06.105369 Product : Fedora 29 Version : 1.0.0 Release : 95.rc9.gitc1485a1.fc29 URL : https://github.com/opencontainers/runc Summary : CLI for running Open Containers Description : The runc command can be used to start containers which are packaged in accordance with the Open Container Initiative's specifications, and to manage containers running under runc. Resolves: #1757214, #1757290 - CVE-2019-16884 ---- add patch for cgroupsv2 * Mon Oct 7 2019 Lokesh Mandvekar - 2:1.0.0-95.rc9.gitc1485a1 - Resolves: #1757214, #1757290 - CVE-2019-16884 - bump to v1.0.0-rc9 * Thu Oct 3 2019 Lokesh Mandvekar - 2:1.0.0-94.dev.gitb9b6cc6 - add patch for cgroupsv2 - From: Giuseppe Scrivano * Wed May 15 2019 Daniel Walsh - 2:1.0.0-93.dev.gitb9b6cc6e - Fix issue with runc interacting with /dev/stderr * Wed Apr 24 2019 Daniel Walsh - 2:1.0.0-92.dev.gitc1b8c57a - Fix issue with runc failing on SELinux disabled machines * Fri Apr 19 2019 Daniel Walsh - 2:1.0.0-91.dev.gitda202113 - Revert Build with nokmem * Wed Apr 17 2019 Daniel Walsh - 2:1.0.0-90.dev.gitda202113 - Build with nokmem * Thu Apr 4 2019 Lokesh Mandvekar (Bot) - 2:1.0.0-89.dev.git029124d - autobuilt 029124d * Wed Apr 3 2019 Lokesh Mandvekar (Bot) - 2:1.0.0-88.dev.git6a3f474 - autobuilt 6a3f474 * Thu Mar 28 2019 Daniel Walsh - 2:1.0.0-87.dev.gitda202113 - release candidate 7 * Sat Mar 23 2019 Lokesh Mandvekar (Bot) - 2:1.0.0-86.dev.git11fc498 - autobuilt 11fc498 * Thu Mar 21 2019 Lokesh Mandvekar (Bot) - 2:1.0.0-85.dev.gitdd22a84 - autobuilt dd22a84 * Sun Mar 17 2019 Lokesh Mandvekar (Bot) - 2:1.0.0-84.dev.gitf56b4cb - autobuilt f56b4cb * Sat Mar 16 2019 Lokesh Mandvekar (Bot) - 2:1.0.0-83.dev.git7341c22 - autobuilt 7341c22 * Mon Mar 11 2019 Dan Walsh (Bot) - 2:1.0.0-82.dev.git2b18fe1 - Change Requires container-selinux to recommends container-selinux * Fri Mar 8 2019 Lokesh Mandvekar (Bot) - 2:1.0.0-81.dev.git2b18fe1 - autobuilt 2b18fe1 * Wed Mar 6 2019 Lokesh Mandvekar (Bot) - 2:1.0.0-80.dev.git923a8f8 - autobuilt 923a8f8 * Tue Mar 5 2019 Lokesh Mandvekar (Bot) - 2:1.0.0-79.dev.gitf739110 - autobuilt f739110 * Tue Feb 26 2019 Lokesh Mandvekar (Bot) - 2:1.0.0-78.dev.gitf79e211 - autobuilt f79e211 * Sun Feb 24 2019 Lokesh Mandvekar (Bot) - 2:1.0.0-77.dev.git5b5130a - autobuilt 5b5130a * Fri Feb 22 2019 Lokesh Mandvekar (Bot) - 2:1.0.0-76.dev.git8084f76 - autobuilt 8084f76 * Sat Feb 16 2019 Lokesh Mandvekar (Bot) - 2:1.0.0-75.dev.git751f18d - autobuilt 751f18d * Thu Feb 14 2019 Lokesh Mandvekar (Bot) - 2:1.0.0-74.dev.gitf414f49 - autobuilt f414f49 * Wed Feb 13 2019 Lokesh Mandvekar (Bot) - 2:1.0.0-73.dev.git0a012df - autobuilt 0a012df * Tue Feb 12 2019 Lokesh Mandvekar (Bot) - 2:1.0.0-72.dev.git6635b4f - autobuilt 6635b4f * Sat Feb 9 2019 Lokesh Mandvekar (Bot) - 2:1.0.0-71.dev.gitdd023c4 - autobuilt dd023c4 * Sat Feb 2 2019 Lokesh Mandvekar (Bot) - 2:1.0.0-70.dev.gite4fa8a4 - autobuilt e4fa8a4 * Sat Jan 26 2019 Lokesh Mandvekar (Bot) - 2:1.0.0-69.dev.git8011af4 - autobuilt 8011af4 * Wed Jan 16 2019 Lokesh Mandvekar (Bot) - 2:1.0.0-68.dev.gitc1e454b - autobuilt c1e454b * Tue Jan 15 2019 Lokesh Mandvekar (Bot) - 2:1.0.0-67.dev.git12f6a99 - autobuilt 12f6a99 * Fri Dec 21 2018 Lokesh Mandvekar (Bot) - 2:1.0.0-66.dev.gitbbb17ef - autobuilt bbb17ef * Tue Dec 11 2018 Lokesh Mandvekar (Bot) - 2:1.0.0-65.dev.gitf5b9991 - autobuilt f5b9991 * Sun Dec 9 2018 Lokesh Mandvekar (Bot) - 2:1.0.0-64.dev.git859f745 - autobuilt 859f745 * Wed Dec 5 2018 Lokesh Mandvekar (Bot) - 2:1.0.0-63.dev.git25f3f89 - autobuilt 25f3f89 * Tue Dec 4 2018 Lokesh Mandvekar (Bot) - 2:1.0.0-62.dev.git96ec217 - autobuilt 96ec217 * Tue Nov 27 2018 Lokesh Mandvekar (Bot) - 2:1.0.0-61.dev.git4932620 - autobuilt 4932620 * Sun Nov 25 2018 Lokesh Mandvekar (Bot) - 2:1.0.0-60.dev.git9397a6f - autobuilt 9397a6f * Sat Nov 24 2018 Dan Walsh - 2:1.0.0-59.dev.gitccb5efd3 - rc6 build * Wed Nov 7 2018 Lokesh Mandvekar (Bot) - 2:1.0.0-58.dev.git079817c - autobuilt 079817c * Thu Nov 1 2018 Lokesh Mandvekar - 2:1.0.0-57.dev.git9e5aa74 - built commit 9e5aa74 * Tue Oct 16 2018 Lokesh Mandvekar - 2:1.0.0-56.dev.git78ef28e - built commit 78ef28e [ 1 ] Bug #1757214 - CVE-2019-16884 runc: AppArmor can be bypassed by a malicious image that specifies a volume at /proc https://bugzilla.redhat.com/show_bug.cgi?id=1757214 su -c 'dnf upgrade --advisory FEDORA-2019-3fc86a518b' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/
Change Log
References