Format: 1.8 Date: Mon, 15 May 2023 13:18:52 +0200 Source: runc Binary: runc Built-For-Profiles: noudeb Architecture: riscv64 Version: 1.1.4-0ubuntu1~22.10.3 Distribution: kinetic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: David Fernandez Gonzalez Description: runc - Open Container Project - runtime Changes: runc (1.1.4-0ubuntu1~22.10.3) kinetic-security; urgency=medium . * SECURITY UPDATE: Incorrect access control through /sys/fs/cgroup - debian/patches/CVE-2023-25809.patch: apply MS_RDONLY if /sys/fs/cgroup is bind-mounted or mask if bind source is unavailable in libcontainer/rootfs_linux.go. - CVE-2023-25809 * SECURITY UPDATE: Incorrect access control through /proc and /sys - debian/patches/CVE-2023-27561_2023-28642.patch: Prohibit /proc and /sys to be symlinks in libcontainer/rootfs_linux.go. - CVE-2023-27561 - CVE-2023-28642 Checksums-Sha1: 3b1414ef7e4eac8aebdf3d15a21a097227a35dde 6292536 runc-dbgsym_1.1.4-0ubuntu1~22.10.3_riscv64.ddeb 208e36bc9619c3b0e701fa263711cafbf18d415b 6626 runc_1.1.4-0ubuntu1~22.10.3_riscv64.buildinfo 7394567ebd75d3e266e248ace28baa6b81582983 4272458 runc_1.1.4-0ubuntu1~22.10.3_riscv64.deb Checksums-Sha256: cb1ecd1e8667ec9aa269ace71992eee59cefe681459d8550ec8b370e8e2a05e7 6292536 runc-dbgsym_1.1.4-0ubuntu1~22.10.3_riscv64.ddeb 91fd65bb1c67ec7e6b5b93b1d567b9171ac184965d65591b5eb72aa5008db657 6626 runc_1.1.4-0ubuntu1~22.10.3_riscv64.buildinfo d36869f8c027d3515e916df354b4cbdcfd1d67b3d68bb09ba6a39f39e43981e0 4272458 runc_1.1.4-0ubuntu1~22.10.3_riscv64.deb Files: deb08a4cf306d79612b647b7b3366167 6292536 debug optional runc-dbgsym_1.1.4-0ubuntu1~22.10.3_riscv64.ddeb 4b61f227b0a260da85bff2ea891836af 6626 devel optional runc_1.1.4-0ubuntu1~22.10.3_riscv64.buildinfo ae892d5a5dd7855e7eab8653ff960c2f 4272458 devel optional runc_1.1.4-0ubuntu1~22.10.3_riscv64.deb Original-Maintainer: Debian Go Packaging Team