On Sun, Jun 12, 2022 at 10:57 PM Shengjing Zhu <z...@debian.org> wrote:

> X-Dbackport: do not set inheritable capabilities, Fixes:
> CVE-2022-29162ebbugs-CC: siret...@debian.org, t...@security.debian.org
>
> Hi,
>
> On Sun, Jun 12, 2022 at 05:33:48PM -0400, Reinhard Tartler wrote:
> > diff -Nru runc-1.0.0~rc93+ds1/debian/changelog
> runc-1.0.0~rc93+ds1/debian/changelog
> > --- runc-1.0.0~rc93+ds1/debian/changelog      2022-06-12
> 14:49:36.000000000 -0400
> > +++ runc-1.0.0~rc93+ds1/debian/changelog      2021-05-19
> 14:46:14.000000000 -0400
> > @@ -1,10 +1,3 @@
> > -runc (1.0.0~rc93+ds1-5+deb11u1) bullseye; urgency=medium
> > -
> > -  * Team upload.
> > -  * backport upstream patch: Honor seccomp defaultErrnoRet, Closes:
> #1012030
> > -
> > - -- Reinhard Tartler <siret...@tauware.de>  Sun, 12 Jun 2022 14:49:36
> -0400
> > -
>
> Could you include the patch for CVE-2022-29162?
>
> https://security-tracker.debian.org/tracker/CVE-2022-29162
>
> If you don't have time, I can work on this later in this week.
>
>
backported as
https://salsa.debian.org/go-team/packages/runc/-/commit/05b0597cb4db36f70c3bf737c87466a740a9eadf
-- builds fine (and thus passes unit tests), still need to test it on a
real machine. Thanks for pointing me to it!

-rt


-- 
regards,
    Reinhard

Reply via email to