Ubuntu
runc package

Merge runc from Debian unstable for oracular

Bug #2064461 reported by Bryce Harrington
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
runc (Ubuntu)
New
Undecided
Lucas Kanashiro
Ubuntu ubuntu-24.06

Bug Description

Upstream: tbd
Debian: 1.1.12+ds1-2 1.1.12+ds1-2
Ubuntu: 1.1.12+ds1-2ubuntu1

Debian new has 1.1.12+ds1-2, which may be available for merge soon.

If it turns out this needs a sync rather than a merge, please change the tag 'needs-merge' to 'needs-sync', and (optionally) update the title as desired.

If this merge pulls in a new upstream version, also consider adding an entry to the Oracular Release Notes: https://discourse.ubuntu.com/c/release/38

### New Debian Changes ###

runc (1.1.12+ds1-2) unstable; urgency=medium

  * Team upload
  * Add pkgconf to Build-Depends

 -- Shengjing Zhu <email address hidden> Tue, 27 Feb 2024 18:01:32 +0800

runc (1.1.12+ds1-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.1.12+ds1
    + CVE-2024-21626: several container breakouts due to internally leaked fds

 -- Shengjing Zhu <email address hidden> Fri, 02 Feb 2024 21:20:26 +0800

runc (1.1.10+ds1-1) unstable; urgency=medium

  * Team upload
  * New upstream version 1.1.10+ds1
  * Bump golang-github-mrunalp-fileutils-dev to 0.5.1
  * Move criu test to isolation-machine

 -- Shengjing Zhu <email address hidden> Sun, 05 Nov 2023 15:26:18 +0800

runc (1.1.5+ds1-5) unstable; urgency=medium

  * Team Upload
  * Rebuild against golang-github-urfave-cli_1.22.14-1, Closes: #1055059
  * Bug fix: 'Fails to build source after successful build', thanks to
    Lucas Nussbaum, Closes: #1046528

 -- Reinhard Tartler <email address hidden> Tue, 31 Oct 2023 08:32:10 -0400

runc (1.1.5+ds1-4) unstable; urgency=medium

  * debian/tests/control: restrict criu dependency to amd64, arm64, armhf

 -- Reinhard Tartler <email address hidden> Wed, 25 Oct 2023 18:09:09 -0400

runc (1.1.5+ds1-3) unstable; urgency=medium

  * Team upload
  * Bump standards version

 -- Reinhard Tartler <email address hidden> Tue, 24 Oct 2023 18:14:00 -0400

runc (1.1.5+ds1-2) experimental; urgency=medium

  * Team upload.
  * compile against go-criu 6

 -- Reinhard Tartler <email address hidden> Sun, 22 Oct 2023 19:29:15 -0400

runc (1.1.5+ds1-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 1.1.5+ds1
    + CVE-2023-25809: rootless: `/sys/fs/cgroup` is writable when cgroupns
      isn't unshared
    + CVE-2023-27561: Incorrect Authorization vulnerability
      (re-introduced CVE-2019-19921) (Closes: #1033520)
    + CVE-2023-28642: AppArmor/SELinux bypass with symlinked /proc
  * Drop patches applied in new version
    - 0009-tests-replace-local-hello-world-bundle-with-busybox-.patch
    - 0010-tests-convert-arm32-arch-string-when-download-bundle.patch
  * Add patch to skip TestOpenat2 when cgroups is not available

 -- Shengjing Zhu <email address hidden> Wed, 29 Mar 2023 17:24:36 +0800

runc (1.1.4+ds1-1) unstable; urgency=medium

  * Team upload.
  * New upstream version 1.1.4+ds1

 -- Shengjing Zhu <email address hidden> Sat, 27 Aug 2022 18:27:50 +0800

runc (1.1.3+ds1-7) unstable; urgency=medium

  * Team upload.
  * Mark the integration autopkgtest flaky again, needs more investigation on arm

 -- Reinhard Tartler <email address hidden> Wed, 17 Aug 2022 19:12:58 +0200

runc (1.1.3+ds1-6) unstable; urgency=medium

  * Team upload.
  * backport upstream commit c0be1aa2d101dcd3074b5a0e486d58d3f9568d81
    required for podman 4.2
  * Merge with upload to experimental

 -- Reinhard Tartler <email address hidden> Wed, 17 Aug 2022 18:45:35 +0200

runc (1.1.3+ds1-5) experimental; urgency=medium

  * Team upload.
  * Fix integration test on i386 and armhf
  * Enable integration on armel

 -- Shengjing Zhu <email address hidden> Tue, 05 Jul 2022 11:08:08 +0800

### Old Ubuntu Delta ###

runc (1.1.12+ds1-2ubuntu1) noble; urgency=medium

  * Merge with Debian unstable (LP: #2060890). Remaining changes:
    - d/control: add non default pkg.runc.with-bin Build-Profiles to runc
      binary package.
    - d/golang-github-opencontainers-runc-dev.docs: install NOTICE file to be
      compliant with the Apache 2 license
    - d/tests/control: remove integration and checkpoint autopkgtest.
      Since they depend on the runc binary package which is not provided by
      this source package by default.
   * Dropped changes (replaced by non default Build-Profiles):
    - d/control: remove the binary paragraph for runc.
    - d/golang-github-opencontainers-runc-dev.install: remove this file, it
      is causing a FTBFS, no need to have it in place, the library files are
      already installed correctly without it.
    - d/runc.*: remove all packaging related files associated to the
      runc binary package
    - d/rules: no need to generate manpages after build
    - d/rules: remove runc binary from the binary package

 -- Shengjing Zhu <email address hidden> Tue, 02 Apr 2024 17:26:37 +0800

Bryce Harrington (bryce)
Changed in runc (Ubuntu):
milestone: none → ubuntu-24.06
Lucas Kanashiro (lucaskanashiro)
Changed in runc (Ubuntu):
assignee: nobody → Lucas Kanashiro (lucaskanashiro)
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.