Message ID | 20230329181722.242619-1-christian@paral.in |
---|---|
State | Accepted |
Headers | show |
Series | [v1,1/1] package/runc: security bump to version v1.1.5 | expand |
>>>>> "Christian" == Christian Stewart <christian@paral.in> writes: > This is the fifth patch release in the 1.1.z series of runc, which fixes > three CVEs found in runc. > CVE-2023-25809 is a vulnerability involving rootless containers where > (under specific configurations), the container would have write access to the > /sys/fs/cgroup/user.slice/... cgroup hierarchy. No other hierarchies on the host > were affected. This vulnerability was discovered by Akihiro Suda. > GHSA-m8cg-xc2p-r3fc > CVE-2023-27561 was a regression which effectively re-introduced CVE-2019-19921. > This bug was present from v1.0.0-rc95 to v1.1.4. This regression was discovered > by Beuc. GHSA-vpvm-3wq2-2wvm > CVE-2023-28642 is a variant of CVE-2023-27561 and was fixed by the same patch. > This variant of the above vulnerability was reported by Lei Wang. > GHSA-g2j6-57v7-gm8c > In addition, the following other fixes are included in this release: > - Fix the inability to use /dev/null when inside a container > - Fix changing the ownership of host's /dev/null caused by fd redirection > - Fix rare runc exec/enter unshare error on older kernels, including CentOS < 7.7 > - nsexec: Check for errors in write_log() > https://github.com/opencontainers/runc/releases/tag/v1.1.5 > Signed-off-by: Christian Stewart <christian@paral.in> Committed, thanks.
>>>>> "Peter" == Peter Korsgaard <peter@korsgaard.com> writes: >>>>> "Christian" == Christian Stewart <christian@paral.in> writes: >> This is the fifth patch release in the 1.1.z series of runc, which fixes >> three CVEs found in runc. >> CVE-2023-25809 is a vulnerability involving rootless containers where >> (under specific configurations), the container would have write access to the >> /sys/fs/cgroup/user.slice/... cgroup hierarchy. No other hierarchies on the host >> were affected. This vulnerability was discovered by Akihiro Suda. >> GHSA-m8cg-xc2p-r3fc >> CVE-2023-27561 was a regression which effectively re-introduced CVE-2019-19921. >> This bug was present from v1.0.0-rc95 to v1.1.4. This regression was discovered >> by Beuc. GHSA-vpvm-3wq2-2wvm >> CVE-2023-28642 is a variant of CVE-2023-27561 and was fixed by the same patch. >> This variant of the above vulnerability was reported by Lei Wang. >> GHSA-g2j6-57v7-gm8c >> In addition, the following other fixes are included in this release: >> - Fix the inability to use /dev/null when inside a container >> - Fix changing the ownership of host's /dev/null caused by fd redirection >> - Fix rare runc exec/enter unshare error on older kernels, including CentOS < 7.7 >> - nsexec: Check for errors in write_log() >> https://github.com/opencontainers/runc/releases/tag/v1.1.5 >> Signed-off-by: Christian Stewart <christian@paral.in> > Committed, thanks. Committed to 2023.02.x and 2022.02.x, thanks.
diff --git a/package/runc/runc.hash b/package/runc/runc.hash index 6c8fddd397..eee2e34cbf 100644 --- a/package/runc/runc.hash +++ b/package/runc/runc.hash @@ -1,3 +1,3 @@ # Locally computed -sha256 4f02077432642eebd768fc857318ae7929290b3a3511eb1be338005e360cfa34 runc-1.1.4.tar.gz +sha256 76cbf30637cbb828794d72d32fb3fd6ff3139cd9743b8b44790fd110f43d96b2 runc-1.1.5.tar.gz sha256 552a739c3b25792263f731542238b92f6f8d07e9a488eae27e6c4690038a8243 LICENSE diff --git a/package/runc/runc.mk b/package/runc/runc.mk index b60f1da2e7..9c6b5f9b37 100644 --- a/package/runc/runc.mk +++ b/package/runc/runc.mk @@ -4,7 +4,7 @@ # ################################################################################ -RUNC_VERSION = 1.1.4 +RUNC_VERSION = 1.1.5 RUNC_SITE = $(call github,opencontainers,runc,v$(RUNC_VERSION)) RUNC_LICENSE = Apache-2.0, LGPL-2.1 (libseccomp) RUNC_LICENSE_FILES = LICENSE
This is the fifth patch release in the 1.1.z series of runc, which fixes three CVEs found in runc. CVE-2023-25809 is a vulnerability involving rootless containers where (under specific configurations), the container would have write access to the /sys/fs/cgroup/user.slice/... cgroup hierarchy. No other hierarchies on the host were affected. This vulnerability was discovered by Akihiro Suda. GHSA-m8cg-xc2p-r3fc CVE-2023-27561 was a regression which effectively re-introduced CVE-2019-19921. This bug was present from v1.0.0-rc95 to v1.1.4. This regression was discovered by Beuc. GHSA-vpvm-3wq2-2wvm CVE-2023-28642 is a variant of CVE-2023-27561 and was fixed by the same patch. This variant of the above vulnerability was reported by Lei Wang. GHSA-g2j6-57v7-gm8c In addition, the following other fixes are included in this release: - Fix the inability to use /dev/null when inside a container - Fix changing the ownership of host's /dev/null caused by fd redirection - Fix rare runc exec/enter unshare error on older kernels, including CentOS < 7.7 - nsexec: Check for errors in write_log() https://github.com/opencontainers/runc/releases/tag/v1.1.5 Signed-off-by: Christian Stewart <christian@paral.in> --- package/runc/runc.hash | 2 +- package/runc/runc.mk | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-)