From patchwork Wed Feb  5 12:50:41 2020
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Peter Korsgaard <peter@korsgaard.com>
X-Patchwork-Id: 1233828
Return-Path: <buildroot-bounces@busybox.net>
X-Original-To: incoming-buildroot@patchwork.ozlabs.org
Delivered-To: patchwork-incoming-buildroot@bilbo.ozlabs.org
Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized)
	smtp.mailfrom=busybox.net (client-ip=140.211.166.136;
	helo=silver.osuosl.org;
	envelope-from=buildroot-bounces@busybox.net;
	receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org; dmarc=none (p=none dis=none)
	header.from=korsgaard.com
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
	unprotected) header.d=gmail.com header.i=@gmail.com
	header.a=rsa-sha256 header.s=20161025 header.b=lUdedvOA;
	dkim-atps=neutral
Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 48CLyl5c4Rz9sPK
	for <incoming-buildroot@patchwork.ozlabs.org>;
	Wed,  5 Feb 2020 23:50:55 +1100 (AEDT)
Received: from localhost (localhost [127.0.0.1])
	by silver.osuosl.org (Postfix) with ESMTP id C4654204C7;
	Wed,  5 Feb 2020 12:50:53 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from silver.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id qBdjIGAOk7Gf; Wed,  5 Feb 2020 12:50:52 +0000 (UTC)
Received: from ash.osuosl.org (ash.osuosl.org [140.211.166.34])
	by silver.osuosl.org (Postfix) with ESMTP id 7EAD320791;
	Wed,  5 Feb 2020 12:50:52 +0000 (UTC)
X-Original-To: buildroot@lists.busybox.net
Delivered-To: buildroot@osuosl.org
Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138])
	by ash.osuosl.org (Postfix) with ESMTP id ECA181BF2AF
	for <buildroot@lists.busybox.net>;
	Wed,  5 Feb 2020 12:50:50 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
	by whitealder.osuosl.org (Postfix) with ESMTP id E984C863BE
	for <buildroot@lists.busybox.net>;
	Wed,  5 Feb 2020 12:50:50 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from whitealder.osuosl.org ([127.0.0.1])
	by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id 94u7uRoiHzSr for <buildroot@lists.busybox.net>;
	Wed,  5 Feb 2020 12:50:49 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6
Received: from mail-wr1-f67.google.com (mail-wr1-f67.google.com
	[209.85.221.67])
	by whitealder.osuosl.org (Postfix) with ESMTPS id 9E6B3862C7
	for <buildroot@buildroot.org>; Wed,  5 Feb 2020 12:50:49 +0000 (UTC)
Received: by mail-wr1-f67.google.com with SMTP id w12so2613093wrt.2
	for <buildroot@buildroot.org>; Wed, 05 Feb 2020 04:50:49 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
	h=sender:from:to:cc:subject:date:message-id:mime-version
	:content-transfer-encoding;
	bh=i+CXzZE2VeJkMH0gtGadUILaehe8bDg51WkYLV1sC1w=;
	b=lUdedvOA533y9+nhDvPk5PRK7Xbikhq7flaYngZR+hOkykJEfMM37skHgnTe4RmgtC
	f518r6Tz5HWnuanLUxuzTjz56d9RSWkg+e2uwHTlRQ0gOT8D6wE4O9L81CJCQ1gAyp+N
	s64KsaVKjkNaoXhCVs6LULC560k2HWXiOU71GaJbp3ZlHXoYb7B+nTkacirNNX2oukjE
	lQfQPkqf4i2jpTuU/fJ0jZg9aiZSabjTALQUN1+WoMCsJAxA3+KVlnWsZGBpA95Wmu/N
	KUfTafG8u4+zrf3QA9W8jMU4Da4WZTVPVD5etxpUDks0+52exd8STkMckwh9UI/kAst0
	yIQg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:sender:from:to:cc:subject:date:message-id
	:mime-version:content-transfer-encoding;
	bh=i+CXzZE2VeJkMH0gtGadUILaehe8bDg51WkYLV1sC1w=;
	b=uBQTRdiTutCMa9b7djZYSymqz80eO83ObIl8FXhKDa71Tz8aKNhiHJUq9Uo72AmXV6
	3pfAcR6+v9ztpHOyn2eXaMuMV7lWh+FR8gVmvlk89nDB9nv/fpuCnsFDzm34dYJgNZ/e
	gSVqfM0tG+f3plPG3hSoO4LpLL4af2z3UFxepzUGLOljOve7UBq/YhkAGd/HkM6GQ5/0
	E00GKYwtOsEsT+Q9lbDgRviqf0nJDb5I4aHWvptfvQJxirv83jT+8wCR8WaBobqgPSEV
	zo5RwHR0L+MgLCdEdDXGIAb0EUk3IZXUQNuyDuzYPNtMqELwoIKoyRYXMC9z8QzyaGMf
	wSzg==
X-Gm-Message-State: APjAAAV/zT9n4UzUipnzUWJQrEeYDK3lWasOF+8m2THe94zo8ACnO+m5
	hxP4FBNTXwVrGYxpNDvPAxsvWQDB
X-Google-Smtp-Source: 
 APXvYqxLB3xH6KpupggIC1uULH+c0Fj9EOHNZ4I58ZmFKQQM1uqiqze5ObrxFZj8SfMf2aa8iyRt9Q==
X-Received: by 2002:adf:f850:: with SMTP id
	d16mr27602710wrq.161.1580907047638;
	Wed, 05 Feb 2020 04:50:47 -0800 (PST)
Received: from dell.be.48ers.dk ([2620:0:1055:fd00:ba8a:60ff:feb3:d607])
	by smtp.gmail.com with ESMTPSA id
	w15sm3402986wrs.80.2020.02.05.04.50.46
	(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
	Wed, 05 Feb 2020 04:50:46 -0800 (PST)
Received: from peko by dell.be.48ers.dk with local (Exim 4.92)
	(envelope-from <peko@dell.be.48ers.dk>)
	id 1izK8k-00086p-5x; Wed, 05 Feb 2020 13:50:46 +0100
From: Peter Korsgaard <peter@korsgaard.com>
To: buildroot@buildroot.org
Date: Wed,  5 Feb 2020 13:50:41 +0100
Message-Id: <20200205125042.31122-1-peter@korsgaard.com>
X-Mailer: git-send-email 2.20.1
MIME-Version: 1.0
Subject: [Buildroot] [PATCH] package/runc: security bump to version
	1.0.0-rc10
X-BeenThere: buildroot@busybox.net
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion and development of buildroot <buildroot.busybox.net>
List-Unsubscribe: <http://lists.busybox.net/mailman/options/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=unsubscribe>
List-Archive: <http://lists.busybox.net/pipermail/buildroot/>
List-Post: <mailto:buildroot@busybox.net>
List-Help: <mailto:buildroot-request@busybox.net?subject=help>
List-Subscribe: <http://lists.busybox.net/mailman/listinfo/buildroot>,
	<mailto:buildroot-request@busybox.net?subject=subscribe>
Cc: Peter Korsgaard <peter@korsgaard.com>
Errors-To: buildroot-bounces@busybox.net
Sender: "buildroot" <buildroot-bounces@busybox.net>

Fixes the following security vulnerability:

- CVE-2019-19921: runc volume mount race condition with shared mounts

For details see the announcement:
https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc10

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
 package/runc/runc.hash | 2 +-
 package/runc/runc.mk   | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/package/runc/runc.hash b/package/runc/runc.hash
index 3e8eff3cca..b895f6fccb 100644
--- a/package/runc/runc.hash
+++ b/package/runc/runc.hash
@@ -1,3 +1,3 @@
 # Locally computed
-sha256	2ec69c25df9f02c6fd38eb287145f8afba6772f809abe01df4534b5bfd68e8d4  runc-1.0.0-rc9.tar.gz
+sha256	6b44985023347fb9c5a2cc6f761df8c41cc2c84a7a68a6e6acf834dff6653a9a  runc-1.0.0-rc10.tar.gz
 sha256  552a739c3b25792263f731542238b92f6f8d07e9a488eae27e6c4690038a8243  LICENSE
diff --git a/package/runc/runc.mk b/package/runc/runc.mk
index acf61ab160..4c2f84ab16 100644
--- a/package/runc/runc.mk
+++ b/package/runc/runc.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-RUNC_VERSION = 1.0.0-rc9
+RUNC_VERSION = 1.0.0-rc10
 RUNC_SITE = $(call github,opencontainers,runc,v$(RUNC_VERSION))
 RUNC_LICENSE = Apache-2.0
 RUNC_LICENSE_FILES = LICENSE