Ubuntu
runc package

Merge runc from Debian unstable for kinetic

Bug #1971320 reported by Bryce Harrington
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
runc (Ubuntu)
New
Undecided
Lucas Kanashiro
Ubuntu ubuntu-22.08

Bug Description

Upstream: tbd
Debian: 1.1.1+ds1-1 1.1.1+ds1-1
Ubuntu: 1.1.0-0ubuntu1

Debian new has 1.1.1+ds1-1

### New Debian Changes ###

runc (1.1.1+ds1-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 1.1.1+ds1

 -- Shengjing Zhu <email address hidden> Tue, 29 Mar 2022 12:00:14 +0800

runc (1.1.0+ds1-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 1.1.0+ds1
  * Upload to unstable
  * Enable seccomp integration test

 -- Shengjing Zhu <email address hidden> Mon, 07 Feb 2022 01:15:00 +0800

runc (1.1.0~rc.1+ds1-1) experimental; urgency=medium

  * Team upload.
  * New upstream version 1.1.0~rc.1+ds1
  * Disable seccomp notify to build with libseccomp-golang 0.9.1

 -- Shengjing Zhu <email address hidden> Wed, 15 Dec 2021 00:58:10 +0800

runc (1.0.3+ds1-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 1.0.3+ds1
    + CVE-2021-43784: Overflow in netlink bytemsg length field allows
      attacker to override netlink-based container configuration
  * Remove unused lintian override spare-manual-page

 -- Shengjing Zhu <email address hidden> Mon, 06 Dec 2021 15:59:43 +0800

runc (1.0.2+ds1-2) unstable; urgency=medium

  * Team upload.
  * Bump golang-github-checkpoint-restore-go-criu-dev to 5.1.0
  * Drop golang-github-willf-bitset-dev from Depends
  * Remove compatible patch for podman

 -- Shengjing Zhu <email address hidden> Mon, 11 Oct 2021 01:12:21 +0800

runc (1.0.2+ds1-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 1.0.2+ds1
  * Bump golang-github-coreos-go-systemd-dev to 22.3.2

 -- Shengjing Zhu <email address hidden> Mon, 23 Aug 2021 19:02:58 +0800

runc (1.0.1+ds1-2) unstable; urgency=medium

  * Team upload.
  * Upload to unstable
  * Bump golang-github-opencontainers-specs-dev to 1.0.2.66 (Closes: #990820)
  * Update Standards-Version to 4.6.0 (no changes)

 -- Shengjing Zhu <email address hidden> Fri, 20 Aug 2021 23:39:49 +0800

runc (1.0.1+ds1-1) experimental; urgency=medium

  * New upstream version 1.0.1+ds1
  * Add patch to add back deprecated alias
  * Bump golang-github-cilium-ebpf-dev to 0.6.2

 -- Shengjing Zhu <email address hidden> Fri, 16 Jul 2021 23:15:56 +0800

runc (1.0.0+ds1-1) experimental; urgency=medium

  * Team upload.
  * New upstream version 1.0.0+ds1
  * Bump golang-github-cilium-ebpf-dev to 0.6.1

 -- Shengjing Zhu <email address hidden> Tue, 22 Jun 2021 15:32:16 +0800

runc (1.0.0~rc95.86.g2f8e8e9d+ds1-1) experimental; urgency=medium

  * Team upload.
  * New upstream version 1.0.0~rc95.86.g2f8e8e9d+ds1

 -- Shengjing Zhu <email address hidden> Sun, 06 Jun 2021 00:56:37 +0800

runc (1.0.0~rc94+ds1-2) experimental; urgency=medium

  * Team upload.
  * Backport patch for CVE-2021-30465 (Closes: #988768)

 -- Shengjing Zhu <email address hidden> Wed, 19 May 2021 19:48:48 +0800

runc (1.0.0~rc94+ds1-1) experimental; urgency=medium

  * Team upload.
  * New upstream version 1.0.0~rc94+ds1
  * Add patch for go-systemd 22.1.0 compatibility

 -- Shengjing Zhu <email address hidden> Wed, 12 May 2021 23:54:20 +0800

runc (1.0.0~rc93.144.g6538f9f2+ds1-1) experimental; urgency=medium

### Old Ubuntu Delta ###

runc (1.1.0-0ubuntu1) jammy; urgency=medium

  * New upstream release.
  * Refresh patches:
    - d/p/test--skip_TestFactoryNewTmpfs.patch
    - d/p/test--skip-fs-related-cgroups-tests.patch
  * Remove patch not needed anymore:
    - d/p/test--skip-Hugetlb.patch

 -- Lucas Kanashiro <email address hidden> Wed, 09 Feb 2022 11:46:31 -0300

runc (1.0.3-0ubuntu1) jammy; urgency=medium

  * New upstream release (LP: #1946899).
  * d/rules: remove DH_GOLANG_INSTALL_EXTRA, the directories listed there do
    not exist anymore.

 -- Lucas Kanashiro <email address hidden> Mon, 10 Jan 2022 11:51:10 -0300

runc (1.0.1-0ubuntu2) impish; urgency=medium

  * d/p/test--skip-fs-related-cgroups-tests.patch: skip a new cgroups related
    test. It requires permission to write in /sys/fs/cgroup/memory during its
    execution.

 -- Lucas Kanashiro <email address hidden> Mon, 09 Aug 2021 11:40:32 -0300

runc (1.0.1-0ubuntu1) impish; urgency=medium

  * New upstream release.
  * d/watch: adjust regex to correctly match the tarball files on Github.
  * d/p/test--skip-fs-related-cgroups-tests.patch: update according to the
    upstream changes.
  * d/s/lintian-overrides: remove it, the override there is not needed.

 -- Lucas Kanashiro <email address hidden> Thu, 05 Aug 2021 11:48:36 -0300

runc (1.0.0~rc95-0ubuntu1) impish; urgency=medium

  * New upstream release.
    - Several regressions were found in 1.0.0-rc93 by upstream and fixed in
      this new release.
      + Ensure the scratch pipe is read during ExportBPF (LP: #1927219).
    - Drop patches applied by upstream:
      + d/patches/CVE-2021-30465/*.patch
      + d/patches/fix-patchpbf-test-on-32-bit.patch
  * d/rules: set VERSION variable when building runc (LP: #1929106).

 -- Lucas Kanashiro <email address hidden> Thu, 20 May 2021 10:40:14 -0300

runc (1.0.0~rc93-0ubuntu2) impish; urgency=medium

  * SECURITY UPDATE: symlink exchange attack
    - debian/patches/CVE-2021-30465/*.patch: upstream patches to add mount
      destination validation.
    - CVE-2021-30465

 -- Marc Deslauriers <email address hidden> Wed, 05 May 2021 14:27:26 -0400

runc (1.0.0~rc93-0ubuntu1) hirsute; urgency=medium

  * New upstream release (LP: #1919182).
    - runc now has special handling for seccomp profiles to avoid making new
      syscalls unusable for glibc (LP: #1916485).
  * Remove patch addressing a bug fixed by upstream:
    - debian/patches/test--fix_TestGetAdditionalGroups.patch
  * Refresh patch:
    - debian/patches/test--skip-fs-related-cgroups-test.patch
  * Backport upstream patch to fix patchpbf test on armhf:
    - debian/patches/fix-patchpbf-test-on-32-bit.patch

 -- Lucas Kanashiro <email address hidden> Tue, 10 Mar 2021 09:30:36 -0300

runc (1.0.0~rc92-0ubuntu1) hirsute; urgency=medium

  * New upstream release.
  * Refresh patches.
  * Add patch to skip tests relying on cgroups fs mountpoints.
  * Update VCS links to point to Github where the packaging work is done.

 -- Lucas Kanashiro <email address hidden> Tue, 12 Jan 2021 17:30:36 -0300

runc (1.0.0~rc10-0ubuntu3) hirsute; urgency=medium

  * No-change rebuild using new golang

 -- Steve Langasek <email address hidden> Wed, 11 Nov 2020 22:25:13 +0000

runc (1.0.0~rc10-0ubuntu2) groovy; urgency=medium

  * No-change rebuild using new golang

 -- Steve Langasek <email address hidden> Tue, 22 Sep 2020 08:55:00 +0000

runc (1.0.0~rc10-0ubuntu1) focal; urgency=medium

  [ Lucas Kanashiro ]
  * Run dh_golang_autopkgtest with isolation-machine restriction (LP: #1856083)
    - d/control: remove Testsuite field since we are now overwriting the
      autodep8 test definition.
    - d/t/control: overwrite autodep8 test definition to add isolation-machine
      restriction.
  * d/t/control: Use commas in Restrictions field of basic-smoke test

  [ Tianon Gravi ]
  * Update to 1.0.0-rc10 upstream release

 -- Tianon Gravi <email address hidden> Tue, 18 Feb 2020 09:06:24 +1300

runc (1.0.0~rc8+git20190923.3e425f80-0ubuntu1) eoan; urgency=medium

  * New upstream snapshot, fixing CVE-2019-16884.

 -- Michael Hudson-Doyle <email address hidden> Mon, 30 Sep 2019 14:12:18 +1300

runc (1.0.0~rc8-0ubuntu1) eoan; urgency=medium

  * New upstream version.

 -- Michael Hudson-Doyle <email address hidden> Wed, 18 Sep 2019 10:49:47 +0200

runc (1.0.0~rc7+git20190403.029124da-0ubuntu1) disco; urgency=medium

  * New upstream version.
  * Fix dependencies of golang-github-opencontainers-runc-dev package.

 -- Michael Hudson-Doyle <email address hidden> Fri, 12 Apr 2019 12:29:03 +1200

runc (1.0.0~rc6+git20190307.2b18fe1d-0ubuntu1) disco; urgency=medium

  * Update to https://github.com/opencontainers/runc/commit/2b18fe1d885ee5083ef9f0838fee39b62d653e30
    - See also:
        https://github.com/containerd/containerd/blob/v1.2.5/RUNC.md
        https://github.com/containerd/containerd/blob/v1.2.5/vendor.conf#L23
  * d/patches/0001-nsenter-clone-proc-self-exe-to-avoid-exposing-host-b.patch:
    dropped, applied upstream.

 -- Michael Hudson-Doyle <email address hidden> Thu, 14 Mar 2019 11:12:22 +1300

runc (1.0.0~rc6+git20181203.96ec2177-0ubuntu1) disco; urgency=medium

  * Add 'basic-smoke' autopkgtest to verify basic functionality

 -- Tianon Gravi <email address hidden> Thu, 14 Feb 2019 14:23:13 -0800

runc (1.0.0~rc6+git20181203.96ec2177-0~ubuntu2) disco; urgency=medium

  * d/patches/0001-nsenter-clone-proc-self-exe-to-avoid-exposing-host-b.patch:
    Apply upstream fix for CVE-2019-5736.

 -- Michael Hudson-Doyle <email address hidden> Tue, 12 Feb 2019 11:52:37 +1300

runc (1.0.0~rc6+git20181203.96ec2177-0~ubuntu1) disco; urgency=medium

  * Update to https://github.com/opencontainers/runc/commit/96ec2177ae841256168fcf76954f7177af9446eb
    - See also:
        https://github.com/containerd/containerd/blob/v1.2.2/RUNC.md
        https://github.com/containerd/containerd/blob/v1.2.2/vendor.conf#L23

 -- Tianon Gravi <email address hidden> Thu, 17 Jan 2019 21:06:43 -0800

CVE References

Bryce Harrington (bryce)
Changed in runc (Ubuntu):
milestone: none → ubuntu-22.06
Lucas Kanashiro (lucaskanashiro)
Changed in runc (Ubuntu):
assignee: nobody → Lucas Kanashiro (lucaskanashiro)
Lucas Kanashiro (lucaskanashiro)
Changed in runc (Ubuntu):
milestone: ubuntu-22.06 → ubuntu-22.08
Revision history for this message
Lucas Kanashiro (lucaskanashiro) wrote :

runc was already updated in the beginning of the kinetic cycle and unfortunately I did not find the time to do it again in the end of the cycle as I was expecting. This update is postponed to the beginning of the next cycle.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.