I should also add that I'll be doing one more bump on a few packages in the next few weeks (including runc), but generally speaking I'm not doing any more updates right now as the large stack in master-next is being stabilized.
Bruce On Tue, Mar 19, 2024 at 1:11 PM Bruce Ashfield via lists.yoctoproject.org <[email protected]> wrote: > > Look further, there's two commits. 1.11 and 1.12. > > https://git.yoctoproject.org/meta-virtualization/commit/?h=master-next&id=9213f05f5591b499809b81a46b8d05e10935f001 > > I didn't bump runc-docker, since it is going away. > > Bruce > > On Tue, Mar 19, 2024 at 12:28 PM Thomas Schlien <[email protected]> wrote: > > > > Hi, > > > > I had a look at master-next and it only contains version 1.1.11, but not > > 1.1.12 with the CVE patches. > > > > Best regards, > > Thomas > > > > On 19.03.24 16:58, Bruce Ashfield wrote: > > > master-next is already updated to that version. > > > > > > The stack is ongoing release testing, but I do expect to push master > > > shortly. > > > > > > Bruce > > > > > > On Tue, Mar 19, 2024 at 11:54 AM Thomas Schlien <[email protected]> wrote: > > >> CVE-2024-21626 > > >> https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv > > >> --- > > >> recipes-containers/runc/runc-opencontainers_git.bb | 4 ++-- > > >> 1 file changed, 2 insertions(+), 2 deletions(-) > > >> > > >> diff --git a/recipes-containers/runc/runc-opencontainers_git.bb > > >> b/recipes-containers/runc/runc-opencontainers_git.bb > > >> index 61e7cfa6..88964276 100644 > > >> --- a/recipes-containers/runc/runc-opencontainers_git.bb > > >> +++ b/recipes-containers/runc/runc-opencontainers_git.bb > > >> @@ -1,11 +1,11 @@ > > >> include runc.inc > > >> > > >> -SRCREV = "f3446b1e5fe75bf419c808d8705c899ab4968b6e" > > >> +SRCREV = "51d5e94601ceffbbd85688df1c928ecccbfa4685" > > >> SRC_URI = " \ > > >> > > >> git://github.com/opencontainers/runc;branch=release-1.1;protocol=https \ > > >> > > >> file://0001-Makefile-respect-GOBUILDFLAGS-for-runc-and-remove-re.patch \ > > >> " > > >> -RUNC_VERSION = "1.1.10" > > >> +RUNC_VERSION = "1.1.12" > > >> > > >> CVE_PRODUCT = "runc" > > >> > > >> -- > > >> 2.40.1 > > >> > > >> > > >> > > >> > > > > > > > > > > > > > > -- > > Dr.-Ing. Thomas Schlien > > Ferncast GmbH > > Gallierstr. 41a, 52074 Aachen > > Germany > > > > Phone: +49 241 99034567 > > Web: www.ferncast.de > > -- > > CEO: Detlef Wiese > > Court of Registration: Amtsgericht Aachen > > Commercial Register: HRB 22350 > > > > > > > > > > > -- > - Thou shalt not follow the NULL pointer, for chaos and madness await > thee at its end > - "Use the force Harry" - Gandalf, Star Trek II > > > -- - Thou shalt not follow the NULL pointer, for chaos and madness await thee at its end - "Use the force Harry" - Gandalf, Star Trek II
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#8650): https://lists.yoctoproject.org/g/meta-virtualization/message/8650 Mute This Topic: https://lists.yoctoproject.org/mt/105026590/21656 Group Owner: [email protected] Unsubscribe: https://lists.yoctoproject.org/g/meta-virtualization/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
