Hi Jonathan, I had to make a second upload because I used the wrong source for the upload (I started with the Go-team repository, but then decided to introduce the code to the Debian LTS repository, where I finalized my work. Unfortunately, I uploaded a build from the first, which was incomplete. After I discovered my mistake, I built from the correct one and uploaded runc 1.0.0~rc93+ds1-5+deb11u5. The debdiff will show that that it is the one that I uploaded to #1072248. Sorry and thanks.
Regards, Daniel Am Samstag, dem 29.06.2024 um 20:57 +0000 schrieb Jonathan Wiltshire: > package release.debian.org > tags 1072248 = bullseye pending > thanks > > Hi, > > The upload referenced by this bug report has been flagged for > acceptance into the proposed-updates queue for Debian bullseye. > > Thanks for your contribution! > > Upload details > ============== > > Package: runc > Version: 1.0.0~rc93+ds1-5+deb11u4 > > Explanation: Fix-busybox-tarball-url; prevent buffer overflow writing > netlink messages [CVE-2021-43784]; fix tests on newer kernels; > prevent write access to user-owned cgroup hierarchy > '/sys/fs/cgroup/user.slice/...' [CVE-2023-25809]
