projects / buildroot.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 48fd63e) | patch
package/runc: security bump to version 1.0.0-rc95
authorChristian Stewart <christian@paral.in>
Fri, 21 May 2021 20:15:17 +0000 (13:15 -0700)
committerYann E. MORIN <yann.morin.1998@free.fr>
Fri, 21 May 2021 20:33:14 +0000 (22:33 +0200)
commit96c23d1d0f5fbe3da903507afa39393be844b565
tree99128e581395892ef246f12153e99af15e4dcd13tree
parent48fd63e50440aabf463a65a9d7c5c32ba46f6af7commit | diff
package/runc: security bump to version 1.0.0-rc95

Fixes CVE-2021-30465: runc 1.0.0-rc94 and earlier are vulnerable to a symlink
exchange attack whereby an attacker can request a seemingly-innocuous container
configuration that actually results in the host filesystem being bind-mounted
into the container, allowing for a container escape.

Signed-off-by: Christian Stewart <christian@paral.in>
Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
package/runc/runc.hash diff | blob | history
package/runc/runc.mk diff | blob | history