Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
2397: Bump github.com/opencontainers/runc from 1.0.0-rc9 to 1.0.0-rc90 r=rhatdan a=dependabot-preview[bot] Bumps [github.com/opencontainers/runc](https://github.com/opencontainers/runc) from 1.0.0-rc9 to 1.0.0-rc90. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/opencontainers/runc/releases">github.com/opencontainers/runc's releases</a>.</em></p> <blockquote> <h2>runc 1.0-rc90 -- "We Have To Go Back!"</h2> <p>This release is <em>identical</em> to v1.0.0-rc10 (and thus the version string in the binary will be v1.0.0-rc10).</p> <p>The purpose of this release is to resolve an issue with our versioning scheme (in particular, the format we've used under SemVer means that the "-rcNN" string suffix is sorted lexicographically rather than in the classic <code>sort -V</code> order).</p> <p>Because we cannot do a post-1.0 release yet, this is a workaround to make sure that systems such as Go modules correctly update to the latest runc release. See <a href="https://github-redirect.dependabot.com/opencontainers/runc/issues/2399">#2399</a> for more details.</p> <p>The next release (which would've originally been called -rc11) will be 1.0.0-rc91. I'm sorry.</p> <p>Signed-off-by: Aleksa Sarai <a href="mailto:[email protected]">[email protected]</a></p> <h2>runc 1.0-rc10 -- "Procfs Strikes Back"</h2> <p>This is a hot-fix for v1.0.0~rc9, primarily fixing CVE-2019-19921. Given that the <a href="https://github-redirect.dependabot.com/opencontainers/runtime-spec/pull/1008">relevant runtime-spec PR which was considered a blocker has been merged</a> the next rc release of runc should be the last one before 1.0.0.</p> <p>Other notable changes include:</p> <ul> <li>Fixing an exec-fifo race that could be triggered under Kubernetes (opencontainers/runc#2185).</li> <li>Partial cgroupv2 support (opencontainers/runc#2209 for remaining issues).</li> </ul> <p>Thanks to the following people who made this release possible:</p> <ul> <li>Akihiro Suda <a href="mailto:[email protected]">[email protected]</a></li> <li>Aleksa Sarai <a href="mailto:[email protected]">[email protected]</a></li> <li>James Peach <a href="mailto:[email protected]">[email protected]</a></li> <li>Jordan Liggitt <a href="mailto:[email protected]">[email protected]</a></li> <li>Julia Nedialkova <a href="mailto:[email protected]">[email protected]</a></li> <li>Julio Montes <a href="mailto:[email protected]">[email protected]</a></li> <li>Kevin Kelani <a href="mailto:[email protected]">[email protected]</a></li> <li>Kurnia D Win <a href="mailto:[email protected]">[email protected]</a></li> <li>Manuel Rüger <a href="mailto:[email protected]">[email protected]</a></li> <li>Michael Crosby <a href="mailto:[email protected]">[email protected]</a></li> <li>Mrunal Patel <a href="mailto:[email protected]">[email protected]</a></li> <li>Qiang Huang <a href="mailto:[email protected]">[email protected]</a></li> <li>Radostin Stoyanov <a href="mailto:[email protected]">[email protected]</a></li> <li>Sascha Grunert <a href="mailto:[email protected]">[email protected]</a></li> <li>tianye15 <a href="mailto:[email protected]">[email protected]</a></li> </ul> <p>Vote: <code>+4 -0 [#1](https://github.com/opencontainers/runc/issues/1)</code> Signed-off-by: Aleksa Sarai <a href="mailto:[email protected]">[email protected]</a></p> </tr></table> ... (truncated) </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/opencontainers/runc/commit/dc9208a3303feef5b3839f4323d9beb36df0a9dd"><code>dc9208a</code></a> VERSION: update to 1.0.0~rc10</li> <li><a href="https://github.com/opencontainers/runc/commit/2fc03cc11c775b7a8b2e48d7ee447cb9bef32ad0"><code>2fc03cc</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/opencontainers/runc/issues/2207">#2207</a> from cyphar/fix-double-volume-attack</li> <li><a href="https://github.com/opencontainers/runc/commit/3291d66b98445bd7f7d02eac7f2bca2ac2c56942"><code>3291d66</code></a> rootfs: do not permit /proc mounts to non-directories</li> <li><a href="https://github.com/opencontainers/runc/commit/f6fb7a0338c3ea8488bd9bd7cc7667b113aff8d8"><code>f6fb7a0</code></a> merge branch 'pr-2133'</li> <li><a href="https://github.com/opencontainers/runc/commit/709377ca558df88ea538852c9310b700f140fc9b"><code>709377c</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/opencontainers/runc/issues/2198">#2198</a> from AkihiroSuda/criu-master</li> <li><a href="https://github.com/opencontainers/runc/commit/55f8c254beb00f916c115a7034f7eee0cfd657a1"><code>55f8c25</code></a> temporarily disable CRIU tests</li> <li><a href="https://github.com/opencontainers/runc/commit/5c20ea1472dbeeebdb1bcef31a09888890a25b3a"><code>5c20ea1</code></a> fix merging <a href="https://github-redirect.dependabot.com/opencontainers/runc/issues/2177">#2177</a> and <a href="https://github-redirect.dependabot.com/opencontainers/runc/issues/2169">#2169</a></li> <li><a href="https://github.com/opencontainers/runc/commit/5cc0deaf7a089a91a5ce4b81f835b64fcc4778d6"><code>5cc0dea</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/opencontainers/runc/issues/2169">#2169</a> from AkihiroSuda/split-fs</li> <li><a href="https://github.com/opencontainers/runc/commit/2b52db75279ca687e18156de86d845876e9ef35d"><code>2b52db7</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/opencontainers/runc/issues/2177">#2177</a> from devimc/topic/libcontainer/kata-containers</li> <li><a href="https://github.com/opencontainers/runc/commit/a88592a63474e6976030b4fbded41dd445152236"><code>a88592a</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/opencontainers/runc/issues/2185">#2185</a> from liggitt/exec-race</li> <li>Additional commits viewable in <a href="https://github.com/opencontainers/runc/compare/v1.0.0-rc9...v1.0.0-rc90">compare view</a></li> </ul> </details> <br /> [](https://dependabot.com/compatibility-score/?dependency-name=github.com/opencontainers/runc&package-manager=go_modules&previous-version=1.0.0-rc9&new-version=1.0.0-rc90) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language - `@dependabot badge me` will comment on this PR with code to add a "Dependabot enabled" badge to your readme Additionally, you can set the following in your Dependabot [dashboard](https://app.dependabot.com): - Update frequency (including time of day and day of week) - Pull request limits (per update run and/or open at any time) - Out-of-range updates (receive only lockfile updates, if desired) - Security updates (receive only security updates, if desired) </details> Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
- Loading branch information
