Comment 15 for bug 1916485

As I understand it I don't see there is any issue here with libseccomp in Ubuntu as it currently stands - whilst the aforementioned runc workaround commit description specifies a number of shortcomings with libseccomp and the inability to easily handle and distinguish newly added syscalls between it and glibc etc, until there is some more generic mechanism for either libseccomp policy authors, or libseccomp itself, to easily identify what syscalls are supported by a given system and therefore whether the generated policy is sufficient to enumerate these, there is no obvious "fix" for libseccomp itself.