-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 28 Jun 2024 00:16:20 +0200
Source: runc
Binary: runc runc-dbgsym
Architecture: mipsel
Version: 1.0.0~rc93+ds1-5+deb11u4
Distribution: bullseye
Urgency: medium
Maintainer: mips64el Build Daemon (mipsel-osuosl-01) <buildd_mips64el-mipsel-osuosl-01@buildd.debian.org>
Changed-By: Daniel Leidert <dleidert@debian.org>
Description:
 runc       - Open Container Project - runtime
Changes:
 runc (1.0.0~rc93+ds1-5+deb11u4) bullseye; urgency=medium
 .
   * Non-maintainer upload by the Debian LTS Team.
   * d/patches/0025-Fix-busybox-tarball-url-in-integration-test.patch: Updated.
     - Fixed download URLs again.
   * d/patches/CVE-2021-43784.patch: Added to fix CVE-2021-43784.
     - When writing netlink messages, it is possible to have a byte array larger
       than UINT16_MAX which would result in the length field overflowing and
       allowing user-controlled data to be parsed as control characters (such as
       creating custom mount points, changing which set of namespaces to allow,
       and so on).
   * d/patches/0027-Fix-test-for-newer-kernels.patch: Added.
     - Fix test for newer kernels.
   * d/patches/CVE-2023-25809.patch: Added to fix CVE-2023-25809.
     - It was found that rootless runc makes `/sys/fs/cgroup` writable under
       specific conditions. A container may then gain the write access to
       user-owned cgroup hierarchy `/sys/fs/cgroup/user.slice/...` on the host.
   * Update changelog for 1.0.0~rc93+ds1-5+deb11u4~1.gbpce2b39 release
   * Update patch for download URLs of busybox tarball
   * Add patch to fix CVE-2021-43784.patch
   * Add patch to fix tests with newer kernels
   * Add patch to fix CVE-2023-25809
Checksums-Sha1:
 a9129a6e4fe98b7758d561032edc5c87d9067432 2333704 runc-dbgsym_1.0.0~rc93+ds1-5+deb11u4_mipsel.deb
 bdfecfd4462c2c88cb6fc52a718c0dc7ef1e52fb 7968 runc_1.0.0~rc93+ds1-5+deb11u4_mipsel-buildd.buildinfo
 221ce9ec70d8c782a3a09c351e52812ccb5e62ad 1935928 runc_1.0.0~rc93+ds1-5+deb11u4_mipsel.deb
Checksums-Sha256:
 162396a7c154e755e1a90baac4d663133344fd33c43085bbe506c5913068d107 2333704 runc-dbgsym_1.0.0~rc93+ds1-5+deb11u4_mipsel.deb
 ad7632093c6c4ca034d6bdf6a9ad3d79876927805887ceb30e25666b1c135e3d 7968 runc_1.0.0~rc93+ds1-5+deb11u4_mipsel-buildd.buildinfo
 0d4e1992aba4d35586d81bbac963b3de80dfe1a9c34ec9eb1f1d0faf705e508e 1935928 runc_1.0.0~rc93+ds1-5+deb11u4_mipsel.deb
Files:
 9c3504187111d2553b48aa708fe5c543 2333704 debug optional runc-dbgsym_1.0.0~rc93+ds1-5+deb11u4_mipsel.deb
 4eaabb20242d21f541ac17cf82d5a7c4 7968 admin optional runc_1.0.0~rc93+ds1-5+deb11u4_mipsel-buildd.buildinfo
 e58a1c45ee5da0baf738eae42e7ce05b 1935928 admin optional runc_1.0.0~rc93+ds1-5+deb11u4_mipsel.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEwOi7AjfMfAOkP0DckzO9iVHf454FAmafiyMACgkQkzO9iVHf
456PSxAAzJXbVMwG+pfy3DSCVOS5NkqSr7+k+W96ijANmKGwwTFc0tQI9Tav7FnX
gNbgT3V2TusmEt4X1FA7dz7u1NWNVV5+jSlKhN5J5mnGjDYpEeFOfJpR+uqVwpNd
063IqoYjBD/Aoqx73D1UiQxBu9R5stzP4xW/dXGrSroLc1ucBEZw1pZAldrsg86I
q8xwad8/mwdmgFXDO5lXA2YzYSp6TCtBxqzs3MdzuilAwxJ7LBFw7SxLOa3ikq3M
m5I4IXLkIhpnPiCOD0U8wUKfSP9IVXIKln4BqjIWr2BnzBe+3FMpEbAQ0vBozJE+
6WOo/uzmqGddxzkxJ74TUZxlx6qog4lp2L9AoDZ4Ycirm94reD5bb1WkKMiTKzDr
K51fUb+LNla3g/CPiQd94D+rk4LvxVlVxWAj6Qrno9vC5KUMaALYKuwhmLL45ZIO
3a4wW2nsnoYaXFX/1kPZXMQPmFLYj9qqcCppJ+DJ/7XgqfT4Rx9ci4banQrIwKFP
lZVyvw1zMa1trO6rfH4uKaDH0f+OcnOFMgz29bkesSye69VSxpSkke27LZ/oJAwJ
C5URUlJxfEpcNoPmWVy0g4N8UdpWxnOgK1XQnVvYekF2H64cGshhSNypl6HDYrFM
6FVHOaw7JvtGNEoqKg3id/W22cLkv8TEspHqlHc+nALT2kaz8Uk=
=3rwW
-----END PGP SIGNATURE-----