projects / runc.git / log
? search:
summary | shortlog | log | commit | commitdiff | tree
first ⋅ prev ⋅ next
runc.git
6 years agorunc (1.0.0~rc6+dfsg1-3) unstable; urgency=medium
commit | commitdiff | tree
Shengjing Zhu [Sun, 10 Mar 2019 09:51:44 +0000 (09:51 +0000)]
runc (1.0.0~rc6+dfsg1-3) unstable; urgency=medium

  * Team upload.

  [ Shengjing Zhu ]
  * Improve patch for CVE-2019-5736 based on upstream commits.
    Now the patch includes following commits:
    + 2d4a37b nsenter: cloned_binary: userspace copy fallback if sendfile fails
    + 16612d7 nsenter: cloned_binary: try to ro-bind /proc/self/exe before
              copying
    + af9da0a nsenter: cloned_binary: use the runc statedir for O_TMPFILE
    + 2429d59 nsenter: cloned_binary: expand and add pre-3.11 fallbacks
    + 5b775bf nsenter: cloned_binary: detect and handle short copies
    + bb7d8b1 nsexec (CVE-2019-5736): avoid parsing environ
    + 0a8e411 nsenter: clone /proc/self/exe to avoid exposing host binary to
              container

  [ Arnaud Rebillout ]
  * Add version and gitcommit to the ldflags (Closes: #909644)
    Note that we fill the git commit with something that is NOT a git commit
    at all, instead we use it as a placeholder for the debian version. The
    debian version is a relevant information for the user, and it's nice to
    be able to show it, some way or another.

[dgit import unpatched runc 1.0.0~rc6+dfsg1-3]

6 years agoImport runc_1.0.0~rc6+dfsg1-3.debian.tar.xz
commit | commitdiff | tree
Shengjing Zhu [Sun, 10 Mar 2019 09:51:44 +0000 (09:51 +0000)]
Import runc_1.0.0~rc6+dfsg1-3.debian.tar.xz

[dgit import tarball runc 1.0.0~rc6+dfsg1-3 runc_1.0.0~rc6+dfsg1-3.debian.tar.xz]

6 years agoImport runc_1.0.0~rc6+dfsg1.orig.tar.xz
commit | commitdiff | tree
Dmitry Smirnov [Thu, 24 Jan 2019 20:55:34 +0000 (20:55 +0000)]
Import runc_1.0.0~rc6+dfsg1.orig.tar.xz

[dgit import orig runc_1.0.0~rc6+dfsg1.orig.tar.xz]

Unnamed repository; edit this file 'description' to name the repository.