Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump runc from v1.1.13 to v1.1.14 #35

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Binary file added cache/runc-amd64
Binary file not shown.
Binary file added cache/runc-arm64
Binary file not shown.
Binary file added cache/runc-ppc64le
Binary file not shown.
7 changes: 7 additions & 0 deletions cache/runc.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,7 @@
{
"tagName": "v1.1.14",
"url": "https://github.com/opencontainers/runc/releases/tag/v1.1.14",
"description": "This is the fourteenth patch release in the 1.1.z release branch of\r\nrunc. It includes a fix for a low severity security issue\r\n(CVE-2024-45310) as well as some minor build-related fixes (including Go\r\n1.23 support).\r\n\r\n * Fix [CVE-2024-45310][cve-2024-45310], a low-severity attack that allowed\r\n maliciously configured containers to create empty files and directories on\r\n the host.\r\n * Add support for Go 1.23. (#4360, #4372)\r\n * Revert \"allow overriding VERSION value in Makefile\" and add EXTRA_VERSION.\r\n (#4370, #4382)\r\n * rootfs: consolidate mountpoint creation logic. (#4359)\r\n\r\n[cve-2024-45310]: https://github.com/opencontainers/runc/security/advisories/GHSA-jfvp-7x6p-h2pv\r\n\r\n### Static Linking Notices ###\r\n\r\nThe `runc` binary distributed with this release are *statically linked* with\r\nthe following [GNU LGPL-2.1][lgpl-2.1] licensed libraries, with `runc` acting\r\nas a \"work that uses the Library\":\r\n\r\n[lgpl-2.1]: https://www.gnu.org/licenses/old-licenses/lgpl-2.1.en.html\r\n\r\n - [libseccomp](https://github.com/seccomp/libseccomp)\r\n\r\nThe versions of these libraries were not modified from their upstream versions,\r\nbut in order to comply with the LGPL-2.1 (&sect;6(a)), we have attached the\r\ncomplete source code for those libraries which (when combined with the attached\r\nrunc source code) may be used to exercise your rights under the LGPL-2.1.\r\n\r\nHowever we strongly suggest that you make use of your distribution's packages\r\nor download them from the authoritative upstream sources, especially since\r\nthese libraries are related to the security of your containers.\r\n\r\n<hr/>\r\n\r\nThanks to all of the contributors who made this release possible:\r\n\r\n * Akihiro Suda <[email protected]>\r\n * Aleksa Sarai <[email protected]>\r\n * Kir Kolyshkin <[email protected]>\r\n * Rodrigo Campos <[email protected]>\r\n * Sebastiaan van Stijn <[email protected]>\r\n * lifubang <[email protected]>\r\n\r\nSigned-off-by: Aleksa Sarai <[email protected]>",
"publishedAt": "2024-09-03T01:26:22Z",
"isLatest": true
}
4 changes: 4 additions & 0 deletions roles/kubespray-defaults/defaults/main/checksums.yml
Original file line number Diff line number Diff line change
Expand Up @@ -750,27 +750,31 @@ cri_dockerd_archive_checksums:
0.3.5: 0
runc_checksums:
arm:
v1.1.14: 0
v1.1.13: 0
v1.1.12: 0
v1.1.11: 0
v1.1.10: 0
v1.1.9: 0
v1.1.8: 0
arm64:
v1.1.14: 050ee97c266bf7d31e1474568ffcbb2a3ff2208087aaa238c8bbe7e398414126
v1.1.13: 4b93701752f5338ed51592b38e039aef8c1a59856d1225df21eba84c2830743c
v1.1.12: 879f910a05c95c10c64ad8eb7d5e3aa8e4b30e65587b3d68e009a3565aed5bb8
v1.1.11: 9f1ee53f06b78cc4a115ca6ae4eec10567999539ce828a22c5351edba043ed12
v1.1.10: 4830afd426bdeacbdf9cb8729524aa2ed51790b8c4b28786995925593708f1c8
v1.1.9: b43e9f561e85906f469eef5a7b7992fc586f750f44a0e011da4467e7008c33a0
v1.1.8: 7c22cb618116d1d5216d79e076349f93a672253d564b19928a099c20e4acd658
amd64:
v1.1.14: a83c0804ebc16826829e7925626c4793da89a9b225bbcc468f2b338ea9f8e8a8
v1.1.13: bcfc299c1ab255e9d045ffaf2e324c0abaf58f599831a7c2c4a80b33f795de94
v1.1.12: aadeef400b8f05645768c1476d1023f7875b78f52c7ff1967a6dbce236b8cbd8
v1.1.11: 77ae134de014613c44d25e6310a57a219a7a91155cd47d069a0f22a2cad5caea
v1.1.10: 81f73a59be3d122ab484d7dfe9ddc81030f595cc59968f61c113a9a38a2c113a
v1.1.9: b9bfdd4cb27cddbb6172a442df165a80bfc0538a676fbca1a6a6c8f4c6933b43
v1.1.8: 1d05ed79854efc707841dfc7afbf3b86546fc1d0b3a204435ca921c14af8385b
ppc64le:
v1.1.14: 31630474455c4208594623f1337a06556c7fe42d3983000ca800ad3bef6d8164
v1.1.13: 4675d51dc0b08ad8e17d3065f2e4ce47760728945f33d3092385e792357e6519
v1.1.12: 4069d1d57724126e116ad6dbd84409082d1b0afee1ee960b17558f146a742bb6
v1.1.11: e3d1da41f97db1bb7e9a8d96c9092747c14ee53bc9f160048828e63f3a2d0896
Expand Down
2 changes: 1 addition & 1 deletion roles/kubespray-defaults/defaults/main/download.yml
Original file line number Diff line number Diff line change
Expand Up @@ -75,7 +75,7 @@ image_arch: "{{ host_architecture | default('amd64') }}"

# Versions
crun_version: 1.14.4
runc_version: v1.1.13
runc_version: v1.1.14
kata_containers_version: 3.1.3
youki_version: 0.1.0
gvisor_version: 20240305
Expand Down
17 changes: 17 additions & 0 deletions version_diff.json
Original file line number Diff line number Diff line change
@@ -0,0 +1,17 @@
{
"runc": {
"current_version": "v1.1.13",
"latest_version": "v1.1.14",
"release": {
"tagName": "v1.1.14",
"url": "https://github.com/opencontainers/runc/releases/tag/v1.1.14",
"description": "This is the fourteenth patch release in the 1.1.z release branch of\r\nrunc. It includes a fix for a low severity security issue\r\n(CVE-2024-45310) as well as some minor build-related fixes (including Go\r\n1.23 support).\r\n\r\n * Fix [CVE-2024-45310][cve-2024-45310], a low-severity attack that allowed\r\n maliciously configured containers to create empty files and directories on\r\n the host.\r\n * Add support for Go 1.23. (#4360, #4372)\r\n * Revert \"allow overriding VERSION value in Makefile\" and add EXTRA_VERSION.\r\n (#4370, #4382)\r\n * rootfs: consolidate mountpoint creation logic. (#4359)\r\n\r\n[cve-2024-45310]: https://github.com/opencontainers/runc/security/advisories/GHSA-jfvp-7x6p-h2pv\r\n\r\n### Static Linking Notices ###\r\n\r\nThe `runc` binary distributed with this release are *statically linked* with\r\nthe following [GNU LGPL-2.1][lgpl-2.1] licensed libraries, with `runc` acting\r\nas a \"work that uses the Library\":\r\n\r\n[lgpl-2.1]: https://www.gnu.org/licenses/old-licenses/lgpl-2.1.en.html\r\n\r\n - [libseccomp](https://github.com/seccomp/libseccomp)\r\n\r\nThe versions of these libraries were not modified from their upstream versions,\r\nbut in order to comply with the LGPL-2.1 (&sect;6(a)), we have attached the\r\ncomplete source code for those libraries which (when combined with the attached\r\nrunc source code) may be used to exercise your rights under the LGPL-2.1.\r\n\r\nHowever we strongly suggest that you make use of your distribution's packages\r\nor download them from the authoritative upstream sources, especially since\r\nthese libraries are related to the security of your containers.\r\n\r\n<hr/>\r\n\r\nThanks to all of the contributors who made this release possible:\r\n\r\n * Akihiro Suda <[email protected]>\r\n * Aleksa Sarai <[email protected]>\r\n * Kir Kolyshkin <[email protected]>\r\n * Rodrigo Campos <[email protected]>\r\n * Sebastiaan van Stijn <[email protected]>\r\n * lifubang <[email protected]>\r\n\r\nSigned-off-by: Aleksa Sarai <[email protected]>",
"publishedAt": "2024-09-03T01:26:22Z",
"isLatest": true,
"component": "runc",
"owner": "opencontainers",
"repo": "runc",
"release_type": "release"
}
}
}