[pkg-go] runc_1.0.0~rc6+dfsg1-3_source.changes ACCEPTED into unstable
Debian FTP Masters
ftpmaster at ftp-master.debian.org
Mon Mar 18 17:19:11 GMT 2019
Accepted:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 10 Mar 2019 17:51:44 +0800
Source: runc
Architecture: source
Version: 1.0.0~rc6+dfsg1-3
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team <pkg-go-maintainers at lists.alioth.debian.org>
Changed-By: Shengjing Zhu <zhsj at debian.org>
Closes: 909644
Changes:
runc (1.0.0~rc6+dfsg1-3) unstable; urgency=medium
.
* Team upload.
.
[ Shengjing Zhu ]
* Improve patch for CVE-2019-5736 based on upstream commits.
Now the patch includes following commits:
+ 2d4a37b nsenter: cloned_binary: userspace copy fallback if sendfile fails
+ 16612d7 nsenter: cloned_binary: try to ro-bind /proc/self/exe before
copying
+ af9da0a nsenter: cloned_binary: use the runc statedir for O_TMPFILE
+ 2429d59 nsenter: cloned_binary: expand and add pre-3.11 fallbacks
+ 5b775bf nsenter: cloned_binary: detect and handle short copies
+ bb7d8b1 nsexec (CVE-2019-5736): avoid parsing environ
+ 0a8e411 nsenter: clone /proc/self/exe to avoid exposing host binary to
container
.
[ Arnaud Rebillout ]
* Add version and gitcommit to the ldflags (Closes: #909644)
Note that we fill the git commit with something that is NOT a git commit
at all, instead we use it as a placeholder for the debian version. The
debian version is a relevant information for the user, and it's nice to
be able to show it, some way or another.
Checksums-Sha1:
16c225b65294f1cd15ae04f8551284d04b20b4ce 2468 runc_1.0.0~rc6+dfsg1-3.dsc
f08fd78b3e0a660d3ec5d293f8437bc248a3ae44 12696 runc_1.0.0~rc6+dfsg1-3.debian.tar.xz
d96ae363bbd67ac75cb5de26cbbc5cb61679a1c0 8081 runc_1.0.0~rc6+dfsg1-3_amd64.buildinfo
Checksums-Sha256:
33fcc1aba06a20d6ead3a915f7555193cb43600b46de08a277c4a660999799aa 2468 runc_1.0.0~rc6+dfsg1-3.dsc
16ca68355ba968535fe328b213c54ac79c330390e2bb3301a4d3ea4d48899409 12696 runc_1.0.0~rc6+dfsg1-3.debian.tar.xz
5e70a81311d0c67a118c0b4dbbdfbc6689b54613d2ab1d2c50ea2e4d53791ffd 8081 runc_1.0.0~rc6+dfsg1-3_amd64.buildinfo
Files:
48c3f959cb069f075ab7cf69c77d9b32 2468 devel optional runc_1.0.0~rc6+dfsg1-3.dsc
20e68df3d980c055efc367b4ae698ee0 12696 devel optional runc_1.0.0~rc6+dfsg1-3.debian.tar.xz
09391d026876901b8d72ad07d8f60f8b 8081 devel optional runc_1.0.0~rc6+dfsg1-3_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQFEBAEBCgAuFiEE85F2DZP0aJKsSKyHONAPABi+PjUFAlyPzwsQHHpoc2pAZGVi
aWFuLm9yZwAKCRA40A8AGL4+NT4BCACIRRrTNBJ/EzduTMvvkMGQmaZVD2EPiwpG
N2b3g62+Wa9eYYGRdv1Lv5cwuQr0s48rBKyho6WwVmu08XkfsFqqFzCtYFAqu56s
wlZT44LWxCk/MGMldggkNWmWSccL6LXWejpJOoNBm3YcQZ7vdovjJWQx3cbivOiN
s0ua8vYziVbU/0E+zUA9ySTMIXMns1p7JfBptoDf/p7jQU+J1lqICkNP5vUaRxxz
P/ZVnpK0JLrxPO1+6Hjk4+CFn/C+EvPcrIGS4zmEJdAlpr6U1CTNxVHTydSR2Vl6
Dk1R09ZyNOZ0oXYRQnCCl029NMdFyiXSeAeourRvrIXtuEwEZjXK
=Imd7
-----END PGP SIGNATURE-----
Thank you for your contribution to Debian.
More information about the Pkg-go-maintainers
mailing list