beenull/moby
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

update runc binary to v1.0.0-rc10 (CVE-2019-19921)

Browse source 
Notable changes:
* Fix CVE-2019-19921 (Volume mount race condition with shared mounts): https://github.com/opencontainers/runc/pull/2207
* Fix exec FIFO race: https://github.com/opencontainers/runc/pull/2185
* Basic support for cgroup v2.  Almost feature-complete, but still missing support for systemd mode in rootless.
  See also https://github.com/opencontainers/runc/issues/2209 for the known issues.

Full changes: https://github.com/opencontainers/runc/compare/v1.0.0-rc9...v1.0.0-rc10

Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
(cherry picked from commit cd43c1d1ac)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
Akihiro Suda 2020-01-24 16:27:54 +09:00 committed by Sebastiaan van Stijn
parent f8cfa7947c
commit 3bd1759f80
No known key found for this signature in database
GPG key ID: 76698F39D527CE8C
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
hack/dockerfile/install/runc.installer
View file

@ -4,7 +4,7 @@
# The version of runc should match the version that is used by the containerd
# version that is used. If you need to update runc, open a pull request in
# the containerd project first, and update both after that is merged.
RUNC_COMMIT=d736ef14f0288d6993a1845745d6756cfc9ddd5a # v1.0.0-rc9
RUNC_COMMIT=dc9208a3303feef5b3839f4323d9beb36df0a9dd # v1.0.0-rc10
install_runc() {
# If using RHEL7 kernels (3.10.0 el7), disable kmem accounting/limiting