On Sun, Jun 12, 2022 at 10:57 PM Shengjing Zhu <z...@debian.org> wrote:
> X-Dbackport: do not set inheritable capabilities, Fixes: > CVE-2022-29162ebbugs-CC: siret...@debian.org, t...@security.debian.org > > Hi, > > On Sun, Jun 12, 2022 at 05:33:48PM -0400, Reinhard Tartler wrote: > > diff -Nru runc-1.0.0~rc93+ds1/debian/changelog > runc-1.0.0~rc93+ds1/debian/changelog > > --- runc-1.0.0~rc93+ds1/debian/changelog 2022-06-12 > 14:49:36.000000000 -0400 > > +++ runc-1.0.0~rc93+ds1/debian/changelog 2021-05-19 > 14:46:14.000000000 -0400 > > @@ -1,10 +1,3 @@ > > -runc (1.0.0~rc93+ds1-5+deb11u1) bullseye; urgency=medium > > - > > - * Team upload. > > - * backport upstream patch: Honor seccomp defaultErrnoRet, Closes: > #1012030 > > - > > - -- Reinhard Tartler <siret...@tauware.de> Sun, 12 Jun 2022 14:49:36 > -0400 > > - > > Could you include the patch for CVE-2022-29162? > > https://security-tracker.debian.org/tracker/CVE-2022-29162 > > If you don't have time, I can work on this later in this week. > > backported as https://salsa.debian.org/go-team/packages/runc/-/commit/05b0597cb4db36f70c3bf737c87466a740a9eadf -- builds fine (and thus passes unit tests), still need to test it on a real machine. Thanks for pointing me to it! -rt -- regards, Reinhard