GNU bug report logs - #69080
[PATCH] gnu: runc: Update to 1.1.12 [security fixes].

Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.

Package: guix-patches; Reported by: Tomas Volf <~@wolfsden.cz>; Keywords: patch; dated Mon, 12 Feb 2024 17:41:02 UTC; Maintainer for guix-patches is guix-patches@HIDDEN.

Message received at submit <at> debbugs.gnu.org:


Received: (at submit) by debbugs.gnu.org; 13 Feb 2024 12:30:00 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Tue Feb 13 07:30:00 2024
Received: from localhost ([127.0.0.1]:42678 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1rZrvD-0001Us-VH
	for submit <at> debbugs.gnu.org; Tue, 13 Feb 2024 07:30:00 -0500
Received: from lists.gnu.org ([209.51.188.17]:55806)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <mail@HIDDEN>) id 1rZrvC-0001Uk-0B
 for submit <at> debbugs.gnu.org; Tue, 13 Feb 2024 07:29:58 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <mail@HIDDEN>) id 1rZruu-00075K-A1
 for guix-patches@HIDDEN; Tue, 13 Feb 2024 07:29:40 -0500
Received: from mira.cbaines.net ([2a01:7e00:e000:2f8:fd4d:b5c7:13fb:3d27])
 by eggs.gnu.org with esmtp (Exim 4.90_1)
 (envelope-from <mail@HIDDEN>) id 1rZrus-0007IE-S2
 for guix-patches@HIDDEN; Tue, 13 Feb 2024 07:29:40 -0500
Received: from localhost (unknown [212.132.255.10])
 by mira.cbaines.net (Postfix) with ESMTPSA id 2EC2327BBE2;
 Tue, 13 Feb 2024 12:29:38 +0000 (GMT)
Received: from felis (localhost.lan [127.0.0.1])
 by localhost (OpenSMTPD) with ESMTP id 11ceec33;
 Tue, 13 Feb 2024 12:29:37 +0000 (UTC)
References: <2bd971824de98080a62ca7a9184a679296835818.1707758978.git.~@wolfsden.cz>
User-agent: mu4e 1.10.7; emacs 29.1
From: Christopher Baines <mail@HIDDEN>
To: Tomas Volf <~@wolfsden.cz>
Subject: Re: [bug#69080] [PATCH] gnu: runc: Update to 1.1.12 [security fixes].
Date: Tue, 13 Feb 2024 12:29:17 +0000
In-reply-to: <2bd971824de98080a62ca7a9184a679296835818.1707758978.git.~@wolfsden.cz>
Message-ID: <87mss4a6oe.fsf@HIDDEN>
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
 micalg=pgp-sha512; protocol="application/pgp-signature"
Received-SPF: pass client-ip=2a01:7e00:e000:2f8:fd4d:b5c7:13fb:3d27;
 envelope-from=mail@HIDDEN; helo=mira.cbaines.net
X-Spam_score_int: -18
X-Spam_score: -1.9
X-Spam_bar: -
X-Spam_report: (-1.9 / 5.0 requ) BAYES_00=-1.9, SPF_HELO_PASS=-0.001,
 SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-Spam-Score: -1.4 (-)
X-Debbugs-Envelope-To: submit
Cc: guix-patches@HIDDEN, 69080-done <at> debbugs.gnu.org
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -2.4 (--)

--=-=-=
Content-Type: text/plain


Tomas Volf <~@wolfsden.cz> writes:

> Fixes CVE-2024-21626.
>
> * gnu/packages/virtualization.scm (runc): Update to 1.1.12.
>
> Change-Id: Ie39eef21fd5e9a01f2777dd8ec54421fb05ae0d5
> ---
>  gnu/packages/virtualization.scm | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)

Thanks for the patch, I've pushed this to master as
85e67f7feac14a1290022b9500c333c51c7f3ca3.

Chris

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQKlBAEBCgCPFiEEPonu50WOcg2XVOCyXiijOwuE9XcFAmXLYLFfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDNF
ODlFRUU3NDU4RTcyMEQ5NzU0RTBCMjVFMjhBMzNCMEI4NEY1NzcRHG1haWxAY2Jh
aW5lcy5uZXQACgkQXiijOwuE9XczVQ/+MAGz7KWZCWXVSewn4N9GPN2dB2IJWfCY
1gfffERAlJgoAFG9XAs1i79rjttq1tv5b3lHqPxivm+729XU7t5Oj9I/dWVfD7XS
3R4Sfc6jJdDI/jCeXJ+vP61D5hDjoaBnxZURSYSP5uSu9TJilQ97MIyvcnoSXSa3
Ku/0z9ziBCSnbJx+UCPlawGz9J6QpR44J/8GUTN4MkLVVDk1r4wfkrD3Toq46Bco
h5MAljvyQSQReo7UecxXlci6UuI62iHEZNJ5msgA2kuW9stT+7SBY19iv4IUDhuV
/Yj4ynCg3vIdEAX97znrouTTsCBw/Qtidk7fBVaMeigTMGcMRvzC6CDKWk4sUDIW
oUgnYeRGYYCKkszF2tIJ861j2Vqc5Y9drT2l3OFH/eRPsjzBfr7UqesmPfus1ulz
2BR/9EOLEYIBRNBryYXhHi6CDKXrSpK06NUwIBQMgIYf62nBEBTWJrbTope/bdAf
ojjMakdEcXMJJKetnJrTQKKkaYOvmhT6/LSuIB2YH67KXPxOJebmREwwcROJK/8I
Ooo56u0Azoa/O5gz6uoAIoiUf92LUi66vNSgIq7T8xrdDemsKuapeACxbNKedpuQ
hVQscsUSPD8ujiWWy3LlRiIa4yLUnSsmjhP1HSYfiwdvwRVzJjezthEDlu8LuLV3
qqdqvl8cMMA=
=btS8
-----END PGP SIGNATURE-----
--=-=-=--




Information forwarded to guix-patches@HIDDEN:
bug#69080; Package guix-patches. Full text available.

Message received at submit <at> debbugs.gnu.org:


Received: (at submit) by debbugs.gnu.org; 12 Feb 2024 17:40:25 +0000
From debbugs-submit-bounces <at> debbugs.gnu.org Mon Feb 12 12:40:24 2024
Received: from localhost ([127.0.0.1]:44935 helo=debbugs.gnu.org)
	by debbugs.gnu.org with esmtp (Exim 4.84_2)
	(envelope-from <debbugs-submit-bounces <at> debbugs.gnu.org>)
	id 1rZaI0-0004dk-1z
	for submit <at> debbugs.gnu.org; Mon, 12 Feb 2024 12:40:24 -0500
Received: from lists.gnu.org ([2001:470:142::17]:41374)
 by debbugs.gnu.org with esmtp (Exim 4.84_2)
 (envelope-from <~@wolfsden.cz>) id 1rZa8D-0003qy-Sh
 for submit <at> debbugs.gnu.org; Mon, 12 Feb 2024 12:30:17 -0500
Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <~@wolfsden.cz>) id 1rZa7q-00043a-ME
 for guix-patches@HIDDEN; Mon, 12 Feb 2024 12:29:50 -0500
Received: from wolfsden.cz ([37.205.8.62])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <~@wolfsden.cz>) id 1rZa7n-0007uN-RR
 for guix-patches@HIDDEN; Mon, 12 Feb 2024 12:29:50 -0500
Received: by wolfsden.cz (Postfix, from userid 104)
 id F255128992A; Mon, 12 Feb 2024 17:29:44 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wolfsden.cz; s=mail;
 t=1707758984; bh=+4dufG2dsPa9tmD+4pfsCLDiokJG+Jva2edkrMEsW6E=;
 h=From:To:Cc:Subject:Date;
 b=CySqtVGBUIYvIbLo7T/Tz3WT4bIEtaIxrb9UnVSSQRI1uwq626W4jyOnDd91Jrdl2
 0T8aQ3aBGCXa3cpGVHAS+SZlOXNbBRTnHEe9EM/aY6gF0UQn9YJkelWk3LzDNCgvfU
 yjvgcjXpi7JsfCQd7LelBH8/mLcJHas81KklK6iWsPWF8JTZGcpfARcLa86a1oRgZM
 a3RToL8oe1zdbu6s3eC+P529Tq3gBDiIICAEHUhrCjGvLaUp2n6LAlUtZ0h4g9tQQD
 0l/w6jPG9vYy6HwHFKUPfSdsx6+EKmixQHnMQ9qDB31wFZbP66JoBSkw2gfGYh/eH3
 MSJczPejfsO7oMsDq/3efLlski7Z1r9Dn6k95uen8OQaElJ4adK1jt0dhoLl7PPmjC
 gZ+dEMXssiH/Md/5CplhU99ncGKkQ18q5pYUlS6tYUPziI58arPcDivuzoeLsnGIXu
 biToCc7Oqx3nhIhiXf1GItcPy73syIu78wQZ/FdnAKONINaGSO299pi2lfVy+RguHi
 fCexaaunbelxlsgcXPHTABTDvextBTNdIlkCyiWLeJtZiud6ADPRstpDLwJhVZI2HT
 yFcAKZOP3SAt7asnQinON3cPeLZ5Qejkk8A0OJDz+PM2IbhSBtLrVZZQAlpqZEJSiW
 5rw/4aF/ayGUPPUX89xW/XFE=
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on wolfsden
X-Spam-Level: 
X-Spam-Status: No, score=-1.2 required=5.0 tests=ALL_TRUSTED,DKIM_SIGNED,
 DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,T_SCC_BODY_TEXT_LINE,
 URIBL_BLOCKED autolearn=unavailable autolearn_force=no version=3.4.6
Received: from localhost (unknown [193.32.127.159])
 by wolfsden.cz (Postfix) with ESMTPSA id E3DCC289591;
 Mon, 12 Feb 2024 17:29:43 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=wolfsden.cz; s=mail;
 t=1707758984; bh=+4dufG2dsPa9tmD+4pfsCLDiokJG+Jva2edkrMEsW6E=;
 h=From:To:Cc:Subject:Date;
 b=CySqtVGBUIYvIbLo7T/Tz3WT4bIEtaIxrb9UnVSSQRI1uwq626W4jyOnDd91Jrdl2
 0T8aQ3aBGCXa3cpGVHAS+SZlOXNbBRTnHEe9EM/aY6gF0UQn9YJkelWk3LzDNCgvfU
 yjvgcjXpi7JsfCQd7LelBH8/mLcJHas81KklK6iWsPWF8JTZGcpfARcLa86a1oRgZM
 a3RToL8oe1zdbu6s3eC+P529Tq3gBDiIICAEHUhrCjGvLaUp2n6LAlUtZ0h4g9tQQD
 0l/w6jPG9vYy6HwHFKUPfSdsx6+EKmixQHnMQ9qDB31wFZbP66JoBSkw2gfGYh/eH3
 MSJczPejfsO7oMsDq/3efLlski7Z1r9Dn6k95uen8OQaElJ4adK1jt0dhoLl7PPmjC
 gZ+dEMXssiH/Md/5CplhU99ncGKkQ18q5pYUlS6tYUPziI58arPcDivuzoeLsnGIXu
 biToCc7Oqx3nhIhiXf1GItcPy73syIu78wQZ/FdnAKONINaGSO299pi2lfVy+RguHi
 fCexaaunbelxlsgcXPHTABTDvextBTNdIlkCyiWLeJtZiud6ADPRstpDLwJhVZI2HT
 yFcAKZOP3SAt7asnQinON3cPeLZ5Qejkk8A0OJDz+PM2IbhSBtLrVZZQAlpqZEJSiW
 5rw/4aF/ayGUPPUX89xW/XFE=
From: Tomas Volf <~@wolfsden.cz>
To: guix-patches@HIDDEN
Subject: [PATCH] gnu: runc: Update to 1.1.12 [security fixes].
Date: Mon, 12 Feb 2024 18:29:38 +0100
Message-ID: <2bd971824de98080a62ca7a9184a679296835818.1707758978.git.~@wolfsden.cz>
X-Mailer: git-send-email 2.41.0
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Received-SPF: pass client-ip=37.205.8.62; envelope-from=~@wolfsden.cz;
 helo=wolfsden.cz
X-Spam_score_int: -20
X-Spam_score: -2.1
X-Spam_bar: --
X-Spam_report: (-2.1 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_PASS=-0.001,
 SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-Spam-Score: 1.0 (+)
X-Debbugs-Envelope-To: submit
Cc: Tomas Volf <~@wolfsden.cz>
X-BeenThere: debbugs-submit <at> debbugs.gnu.org
X-Mailman-Version: 2.1.18
Precedence: list
List-Id: <debbugs-submit.debbugs.gnu.org>
List-Unsubscribe: <https://debbugs.gnu.org/cgi-bin/mailman/options/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=unsubscribe>
List-Archive: <https://debbugs.gnu.org/cgi-bin/mailman/private/debbugs-submit/>
List-Post: <mailto:debbugs-submit <at> debbugs.gnu.org>
List-Help: <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=help>
List-Subscribe: <https://debbugs.gnu.org/cgi-bin/mailman/listinfo/debbugs-submit>, 
 <mailto:debbugs-submit-request <at> debbugs.gnu.org?subject=subscribe>
Errors-To: debbugs-submit-bounces <at> debbugs.gnu.org
Sender: "Debbugs-submit" <debbugs-submit-bounces <at> debbugs.gnu.org>
X-Spam-Score: -0.0 (/)

Fixes CVE-2024-21626.

* gnu/packages/virtualization.scm (runc): Update to 1.1.12.

Change-Id: Ie39eef21fd5e9a01f2777dd8ec54421fb05ae0d5
---
 gnu/packages/virtualization.scm | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gnu/packages/virtualization.scm b/gnu/packages/virtualization.scm
index 91f7a151a6..7b42b30f71 100644
--- a/gnu/packages/virtualization.scm
+++ b/gnu/packages/virtualization.scm
@@ -2149,7 +2149,7 @@ (define-public looking-glass-client
 (define-public runc
   (package
     (name "runc")
-    (version "1.1.9")
+    (version "1.1.12")
     (source (origin
               (method url-fetch)
               (uri (string-append
@@ -2158,7 +2158,7 @@ (define-public runc
               (file-name (string-append name "-" version ".tar.xz"))
               (sha256
                (base32
-                "1hhxqwg0mblrgv2aim3scfd9xg13l6i22j124sdma5sf2fzgx5bn"))))
+                "1mx4iik1gx1am3d2s4ljhrirwjzf4ikn8frba5hdhy74012y7na7"))))
     (build-system go-build-system)
     (arguments
      '(#:import-path "github.com/opencontainers/runc"

base-commit: e257de4365b24a84f39813aea2e8b4ab6259f283
-- 
2.41.0





Acknowledgement sent to Tomas Volf <~@wolfsden.cz>:
New bug report received and forwarded. Copy sent to guix-patches@HIDDEN. Full text available.
Report forwarded to guix-patches@HIDDEN:
bug#69080; Package guix-patches. Full text available.
Please note: This is a static page, with minimal formatting, updated once a day.
Click here to see this page with the latest information and nicer formatting.
Last modified: Tue, 13 Feb 2024 12:30:01 UTC

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997 nCipher Corporation Ltd, 1994-97 Ian Jackson.