the following vulnerability was published for runc.
| Docker Engine 1.12.2 enabled ambient capabilities with misconfigured
| capability policies. This allowed malicious images to bypass user
| permissions to access files within the container filesystem or mounted
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
Please adjust the affected versions in the BTS as needed.
Pkg-go-maintainers mailing list