fix(deps): update module github.com/opencontainers/runc to v1.2.0-rc.3

[renovate]

This PR contains the following updates:

Package	Change	Age	Adoption	Passing	Confidence
github.com/opencontainers/runc	v1.2.0-rc.2.0.20240801140032-ad5b481dace5 -> v1.2.0-rc.3

---

Release Notes

opencontainers/runc (github.com/opencontainers/runc)

v1.2.0-rc.3: runc v1.2.0-rc.3 -- "The supreme happiness of life is the conviction that we are loved."

Compare Source

This is the third release candidate for the 1.2.0 branch of runc. It includes
all patches and bugfixes included in runc 1.1 patch releases (up to and
including 1.1.14) and also includes a fix for a low severity security issue
(CVE-2024-45310).

• Fix CVE-2024-45310, a low-severity attack that allowed
  maliciously configured containers to create empty files and directories on
  the host.

• Document build prerequisites for different platforms. (#​4353)

• Try to delete exec fifo file when failure in creation. (#​4319)
• Revert "libcontainer: seccomp: pass around *os.File for notifyfd". (#​4337)
• Fix link to gvariant documentation in systemd docs. (#​4369)
• Remove pre-go1.17 build-tags. (#​4329)
• libct/userns: assorted (godoc) improvements. (#​4330)
• libct/userns: split userns detection from internal userns code. (#​4331)
• rootfs: consolidate mountpoint creation logic. (#​4359)
• Add Go 1.23, drop 1.21. (#​4360)
• Revert "allow overriding VERSION value in Makefile" and add EXTRA_VERSION.
  (#​4370)
• Mv contrib/cmd tests/cmd (except memfd-bind). (#​4377)
• Makefile: Don't read COMMIT, BUILDTAGS, EXTRA_BUILDTAGS from env vars.
  (#​4380)

Static Linking Notices

The runc binary distributed with this release are statically linked with
the following GNU LGPL-2.1 licensed libraries, with runc acting
as a "work that uses the Library":

• libseccomp

The versions of these libraries were not modified from their upstream versions,
but in order to comply with the LGPL-2.1 (§6(a)), we have attached the
complete source code for those libraries which (when combined with the attached
runc source code) may be used to exercise your rights under the LGPL-2.1.

However we strongly suggest that you make use of your distribution's packages
or download them from the authoritative upstream sources, especially since
these libraries are related to the security of your containers.

---

Thanks to all of the contributors who made this release possible:

• Akihiro Suda [email protected]
• Aleksa Sarai [email protected]
• Avi Deitcher [email protected]
• Kir Kolyshkin [email protected]
• Rodrigo Campos [email protected]
• Sebastiaan van Stijn [email protected]
• lifubang [email protected]
• ver4a [email protected]

Signed-off-by: Aleksa Sarai [email protected]

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Never, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: go.sum

Command failed: go get -d -t ./...
go: module github.com/opencontainers/[email protected] requires go >= 1.22; switching to go1.22.6
go: downloading go1.22.6 (linux/amd64)
go: download go1.22.6: golang.org/[email protected]: verifying module: checksum database disabled by GOSUMDB=off

[openshift-ci]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: renovate[bot]
Once this PR has been reviewed and has the lgtm label, please assign jwhonce for approval. For more information see the Kubernetes Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[packit-as-a-service]

Ephemeral COPR build failed. @containers/packit-build please check.

[Luap99]

#23844

[renovate]

Renovate Ignore Notification

Because you closed this PR without merging, Renovate will ignore this update (v1.2.0-rc.3). You will get a PR once a newer version is released. To ignore this dependency forever, add it to the ignoreDeps array of your Renovate config.

If you accidentally closed this PR, or if you changed your mind: rename this PR to get a fresh replacement PR.