Re: [meta-virtualization][PATCH] Update runc-opencontainers to 1.1.12 since old versions have a severe security issue
I should also add that I'll be doing one more bump on a few packages in the next few weeks (including runc), but generally speaking I'm not doing any more updates right now as the large stack in master-next is being stabilized. Bruce On Tue, Mar 19, 2024 at 1:11 PM Bruce Ashfield via lists.yoctoproject.org wrote: > > Look further, there's two commits. 1.11 and 1.12. > > https://git.yoctoproject.org/meta-virtualization/commit/?h=master-next=9213f05f5591b499809b81a46b8d05e10935f001 > > I didn't bump runc-docker, since it is going away. > > Bruce > > On Tue, Mar 19, 2024 at 12:28 PM Thomas Schlien wrote: > > > > Hi, > > > > I had a look at master-next and it only contains version 1.1.11, but not > > 1.1.12 with the CVE patches. > > > > Best regards, > > Thomas > > > > On 19.03.24 16:58, Bruce Ashfield wrote: > > > master-next is already updated to that version. > > > > > > The stack is ongoing release testing, but I do expect to push master > > > shortly. > > > > > > Bruce > > > > > > On Tue, Mar 19, 2024 at 11:54 AM Thomas Schlien wrote: > > >> CVE-2024-21626 > > >> https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv > > >> --- > > >> recipes-containers/runc/runc-opencontainers_git.bb | 4 ++-- > > >> 1 file changed, 2 insertions(+), 2 deletions(-) > > >> > > >> diff --git a/recipes-containers/runc/runc-opencontainers_git.bb > > >> b/recipes-containers/runc/runc-opencontainers_git.bb > > >> index 61e7cfa6..88964276 100644 > > >> --- a/recipes-containers/runc/runc-opencontainers_git.bb > > >> +++ b/recipes-containers/runc/runc-opencontainers_git.bb > > >> @@ -1,11 +1,11 @@ > > >> include runc.inc > > >> > > >> -SRCREV = "f3446b1e5fe75bf419c808d8705c899ab4968b6e" > > >> +SRCREV = "51d5e94601ceffbbd85688df1c928ecccbfa4685" > > >> SRC_URI = " \ > > >> > > >> git://github.com/opencontainers/runc;branch=release-1.1;protocol=https \ > > >> > > >> file://0001-Makefile-respect-GOBUILDFLAGS-for-runc-and-remove-re.patch \ > > >> " > > >> -RUNC_VERSION = "1.1.10" > > >> +RUNC_VERSION = "1.1.12" > > >> > > >> CVE_PRODUCT = "runc" > > >> > > >> -- > > >> 2.40.1 > > >> > > >> > > >> > > >> > > > > > > > > > > > > > > -- > > Dr.-Ing. Thomas Schlien > > Ferncast GmbH > > Gallierstr. 41a, 52074 Aachen > > Germany > > > > Phone: +49 241 99034567 > > Web: www.ferncast.de > > -- > > CEO: Detlef Wiese > > Court of Registration: Amtsgericht Aachen > > Commercial Register: HRB 22350 > > > > > > > > > > > -- > - Thou shalt not follow the NULL pointer, for chaos and madness await > thee at its end > - "Use the force Harry" - Gandalf, Star Trek II > > > -- - Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end - "Use the force Harry" - Gandalf, Star Trek II -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#8650): https://lists.yoctoproject.org/g/meta-virtualization/message/8650 Mute This Topic: https://lists.yoctoproject.org/mt/105026590/21656 Group Owner: meta-virtualization+ow...@lists.yoctoproject.org Unsubscribe: https://lists.yoctoproject.org/g/meta-virtualization/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [meta-virtualization][PATCH] Update runc-opencontainers to 1.1.12 since old versions have a severe security issue
Look further, there's two commits. 1.11 and 1.12. https://git.yoctoproject.org/meta-virtualization/commit/?h=master-next=9213f05f5591b499809b81a46b8d05e10935f001 I didn't bump runc-docker, since it is going away. Bruce On Tue, Mar 19, 2024 at 12:28 PM Thomas Schlien wrote: > > Hi, > > I had a look at master-next and it only contains version 1.1.11, but not > 1.1.12 with the CVE patches. > > Best regards, > Thomas > > On 19.03.24 16:58, Bruce Ashfield wrote: > > master-next is already updated to that version. > > > > The stack is ongoing release testing, but I do expect to push master > > shortly. > > > > Bruce > > > > On Tue, Mar 19, 2024 at 11:54 AM Thomas Schlien wrote: > >> CVE-2024-21626 > >> https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv > >> --- > >> recipes-containers/runc/runc-opencontainers_git.bb | 4 ++-- > >> 1 file changed, 2 insertions(+), 2 deletions(-) > >> > >> diff --git a/recipes-containers/runc/runc-opencontainers_git.bb > >> b/recipes-containers/runc/runc-opencontainers_git.bb > >> index 61e7cfa6..88964276 100644 > >> --- a/recipes-containers/runc/runc-opencontainers_git.bb > >> +++ b/recipes-containers/runc/runc-opencontainers_git.bb > >> @@ -1,11 +1,11 @@ > >> include runc.inc > >> > >> -SRCREV = "f3446b1e5fe75bf419c808d8705c899ab4968b6e" > >> +SRCREV = "51d5e94601ceffbbd85688df1c928ecccbfa4685" > >> SRC_URI = " \ > >> > >> git://github.com/opencontainers/runc;branch=release-1.1;protocol=https \ > >> > >> file://0001-Makefile-respect-GOBUILDFLAGS-for-runc-and-remove-re.patch \ > >> " > >> -RUNC_VERSION = "1.1.10" > >> +RUNC_VERSION = "1.1.12" > >> > >> CVE_PRODUCT = "runc" > >> > >> -- > >> 2.40.1 > >> > >> > >> > >> > > > > > > > > > -- > Dr.-Ing. Thomas Schlien > Ferncast GmbH > Gallierstr. 41a, 52074 Aachen > Germany > > Phone: +49 241 99034567 > Web: www.ferncast.de > -- > CEO: Detlef Wiese > Court of Registration: Amtsgericht Aachen > Commercial Register: HRB 22350 > > > > -- - Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end - "Use the force Harry" - Gandalf, Star Trek II -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#8649): https://lists.yoctoproject.org/g/meta-virtualization/message/8649 Mute This Topic: https://lists.yoctoproject.org/mt/105026590/21656 Group Owner: meta-virtualization+ow...@lists.yoctoproject.org Unsubscribe: https://lists.yoctoproject.org/g/meta-virtualization/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [meta-virtualization][PATCH] Update runc-opencontainers to 1.1.12 since old versions have a severe security issue
Hi, I had a look at master-next and it only contains version 1.1.11, but not 1.1.12 with the CVE patches. Best regards, Thomas On 19.03.24 16:58, Bruce Ashfield wrote: master-next is already updated to that version. The stack is ongoing release testing, but I do expect to push master shortly. Bruce On Tue, Mar 19, 2024 at 11:54 AM Thomas Schlien wrote: CVE-2024-21626 https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv --- recipes-containers/runc/runc-opencontainers_git.bb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/recipes-containers/runc/runc-opencontainers_git.bb b/recipes-containers/runc/runc-opencontainers_git.bb index 61e7cfa6..88964276 100644 --- a/recipes-containers/runc/runc-opencontainers_git.bb +++ b/recipes-containers/runc/runc-opencontainers_git.bb @@ -1,11 +1,11 @@ include runc.inc -SRCREV = "f3446b1e5fe75bf419c808d8705c899ab4968b6e" +SRCREV = "51d5e94601ceffbbd85688df1c928ecccbfa4685" SRC_URI = " \ git://github.com/opencontainers/runc;branch=release-1.1;protocol=https \ file://0001-Makefile-respect-GOBUILDFLAGS-for-runc-and-remove-re.patch \ " -RUNC_VERSION = "1.1.10" +RUNC_VERSION = "1.1.12" CVE_PRODUCT = "runc" -- 2.40.1 -- Dr.-Ing. Thomas Schlien Ferncast GmbH Gallierstr. 41a, 52074 Aachen Germany Phone: +49 241 99034567 Web: www.ferncast.de -- CEO: Detlef Wiese Court of Registration: Amtsgericht Aachen Commercial Register: HRB 22350 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#8648): https://lists.yoctoproject.org/g/meta-virtualization/message/8648 Mute This Topic: https://lists.yoctoproject.org/mt/105026590/21656 Group Owner: meta-virtualization+ow...@lists.yoctoproject.org Unsubscribe: https://lists.yoctoproject.org/g/meta-virtualization/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
Re: [meta-virtualization][PATCH] Update runc-opencontainers to 1.1.12 since old versions have a severe security issue
master-next is already updated to that version. The stack is ongoing release testing, but I do expect to push master shortly. Bruce On Tue, Mar 19, 2024 at 11:54 AM Thomas Schlien wrote: > > CVE-2024-21626 > https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv > --- > recipes-containers/runc/runc-opencontainers_git.bb | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/recipes-containers/runc/runc-opencontainers_git.bb > b/recipes-containers/runc/runc-opencontainers_git.bb > index 61e7cfa6..88964276 100644 > --- a/recipes-containers/runc/runc-opencontainers_git.bb > +++ b/recipes-containers/runc/runc-opencontainers_git.bb > @@ -1,11 +1,11 @@ > include runc.inc > > -SRCREV = "f3446b1e5fe75bf419c808d8705c899ab4968b6e" > +SRCREV = "51d5e94601ceffbbd85688df1c928ecccbfa4685" > SRC_URI = " \ > git://github.com/opencontainers/runc;branch=release-1.1;protocol=https \ > file://0001-Makefile-respect-GOBUILDFLAGS-for-runc-and-remove-re.patch \ > " > -RUNC_VERSION = "1.1.10" > +RUNC_VERSION = "1.1.12" > > CVE_PRODUCT = "runc" > > -- > 2.40.1 > > > > -- - Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end - "Use the force Harry" - Gandalf, Star Trek II -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#8647): https://lists.yoctoproject.org/g/meta-virtualization/message/8647 Mute This Topic: https://lists.yoctoproject.org/mt/105026590/21656 Group Owner: meta-virtualization+ow...@lists.yoctoproject.org Unsubscribe: https://lists.yoctoproject.org/g/meta-virtualization/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-
[meta-virtualization][PATCH] Update runc-opencontainers to 1.1.12 since old versions have a severe security issue
CVE-2024-21626 https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv --- recipes-containers/runc/runc-opencontainers_git.bb | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/recipes-containers/runc/runc-opencontainers_git.bb b/recipes-containers/runc/runc-opencontainers_git.bb index 61e7cfa6..88964276 100644 --- a/recipes-containers/runc/runc-opencontainers_git.bb +++ b/recipes-containers/runc/runc-opencontainers_git.bb @@ -1,11 +1,11 @@ include runc.inc -SRCREV = "f3446b1e5fe75bf419c808d8705c899ab4968b6e" +SRCREV = "51d5e94601ceffbbd85688df1c928ecccbfa4685" SRC_URI = " \ git://github.com/opencontainers/runc;branch=release-1.1;protocol=https \ file://0001-Makefile-respect-GOBUILDFLAGS-for-runc-and-remove-re.patch \ " -RUNC_VERSION = "1.1.10" +RUNC_VERSION = "1.1.12" CVE_PRODUCT = "runc" -- 2.40.1 -=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#8646): https://lists.yoctoproject.org/g/meta-virtualization/message/8646 Mute This Topic: https://lists.yoctoproject.org/mt/105026590/21656 Group Owner: meta-virtualization+ow...@lists.yoctoproject.org Unsubscribe: https://lists.yoctoproject.org/g/meta-virtualization/unsub [arch...@mail-archive.com] -=-=-=-=-=-=-=-=-=-=-=-