update runc binary to v1.0.0-rc95

full diff: https://github.com/opencontainers/runc/compare/v1.0.0-rc94...v1.0.0-rc95

Release notes:

This release of runc contains a fix for CVE-2021-30465, and users are
strongly recommended to update (especially if you are providing
semi-limited access to spawn containers to untrusted users).

Aside from this security fix, only a few other changes were made since
v1.0.0-rc94 (the only user-visible change was the addition of support
for defaultErrnoRet in seccomp profiles).

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit efec2bb368)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
Sebastiaan van Stijn 2021-05-19 13:10:20 +02:00
parent 989c08c367
commit fb179ff098
No known key found for this signature in database
GPG key ID: 76698F39D527CE8C

View file

@ -4,7 +4,7 @@
# The version of runc should match the version that is used by the containerd
# version that is used. If you need to update runc, open a pull request in
# the containerd project first, and update both after that is merged.
: ${RUNC_COMMIT:=2c7861bc5e1b3e756392236553ec14a78a09f8bf} # v1.0.0-rc94
: ${RUNC_COMMIT:=b9ee9c6314599f1b4a7f497e1f1f856fe433d3b7} # v1.0.0-rc95
install_runc() {
# If using RHEL7 kernels (3.10.0 el7), disable kmem accounting/limiting