-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Fri, 28 Jun 2024 00:16:20 +0200
Source: runc
Binary: runc runc-dbgsym
Architecture: ppc64el
Version: 1.0.0~rc93+ds1-5+deb11u4
Distribution: bullseye
Urgency: medium
Maintainer: ppc64el Build Daemon (ppc64el-osuosl-01) <buildd_ppc64el-ppc64el-osuosl-01@buildd.debian.org>
Changed-By: Daniel Leidert <dleidert@debian.org>
Description:
 runc       - Open Container Project - runtime
Changes:
 runc (1.0.0~rc93+ds1-5+deb11u4) bullseye; urgency=medium
 .
   * Non-maintainer upload by the Debian LTS Team.
   * d/patches/0025-Fix-busybox-tarball-url-in-integration-test.patch: Updated.
     - Fixed download URLs again.
   * d/patches/CVE-2021-43784.patch: Added to fix CVE-2021-43784.
     - When writing netlink messages, it is possible to have a byte array larger
       than UINT16_MAX which would result in the length field overflowing and
       allowing user-controlled data to be parsed as control characters (such as
       creating custom mount points, changing which set of namespaces to allow,
       and so on).
   * d/patches/0027-Fix-test-for-newer-kernels.patch: Added.
     - Fix test for newer kernels.
   * d/patches/CVE-2023-25809.patch: Added to fix CVE-2023-25809.
     - It was found that rootless runc makes `/sys/fs/cgroup` writable under
       specific conditions. A container may then gain the write access to
       user-owned cgroup hierarchy `/sys/fs/cgroup/user.slice/...` on the host.
   * Update changelog for 1.0.0~rc93+ds1-5+deb11u4~1.gbpce2b39 release
   * Update patch for download URLs of busybox tarball
   * Add patch to fix CVE-2021-43784.patch
   * Add patch to fix tests with newer kernels
   * Add patch to fix CVE-2023-25809
Checksums-Sha1:
 f334fa386dbcde05abd1fa1167d1b331eda3c119 2392132 runc-dbgsym_1.0.0~rc93+ds1-5+deb11u4_ppc64el.deb
 46e5aeb70383e282f0fafc862dfc596642dd7fb5 8124 runc_1.0.0~rc93+ds1-5+deb11u4_ppc64el-buildd.buildinfo
 0f5fabd4b4ad83aeceb3002137e8f32ee48c3a19 2021668 runc_1.0.0~rc93+ds1-5+deb11u4_ppc64el.deb
Checksums-Sha256:
 7f9212c72bc6bcfc10d5ec7dd9bdec8e08c7405f550d890e45758409c6d0769b 2392132 runc-dbgsym_1.0.0~rc93+ds1-5+deb11u4_ppc64el.deb
 613e6abbed82a2105969a70cec82aa84fd9278c0acd3320fdeb378ba84209b13 8124 runc_1.0.0~rc93+ds1-5+deb11u4_ppc64el-buildd.buildinfo
 b1dd0a6cf7504e1298f0415fcf2b6a0f4afbb371598e3c2aec4a475af18fb3b6 2021668 runc_1.0.0~rc93+ds1-5+deb11u4_ppc64el.deb
Files:
 0614874d5e98045d48c816d42342c790 2392132 debug optional runc-dbgsym_1.0.0~rc93+ds1-5+deb11u4_ppc64el.deb
 f42cf3657dea2ec626f28b13da5f046f 8124 admin optional runc_1.0.0~rc93+ds1-5+deb11u4_ppc64el-buildd.buildinfo
 5e3b2f631f078b880a2f57b27fe39088 2021668 admin optional runc_1.0.0~rc93+ds1-5+deb11u4_ppc64el.deb

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEE5v3ycPFoB5xoBEprvMjydu+xvRMFAmaAe+AACgkQvMjydu+x
vRMPvxAAnPwYdWXaSiUbaxWeB4JE/B1zTC7G2doaWYTWQlnyxm1G0l184wGwted/
UF4Xf+EKm17Qsc1Qod3MhIg9HxfNZeOAQzD2oc/awpV6+F38zadMqeqvsXcto+s+
QBrBkmHemtGeZT+ahkdQJ93CsX5g9Wu8JNIj2CParbV8lGiI19Rf0RSVZOWs3jTi
gm5O3Y3caLRkY/RLIbmj1PB29KlQV8ejJxSo6GfdunJegVDDv1BCQVrNwbEde82f
S2IuBapyzBOQT3sJp/jDGQH7WYsZ+c1wE6mZUVfBMgmN9R2d5W/wO3+bALuzVGc7
elrwkcd/pEvd4wyKVqSX0WU6CcJhuZ8cw78k7zfrpMbnRX0N6ugbDplWcOpyo9O3
MIiiSg8ImGwMgB3ct8BQ+L2/kK1dIAfgS6qEbZ9eTAkOE7vNpiqvn1yjuVZQtoNa
p3x6vbrSjtDesZK2KeMVD4+QOB/MPh86wF/3Ziz4oxC3Qn7vnuVPYkJCBa5+u+sX
OndWmyqBzi5IPT+hz9uTdvcbi/Uj6g84fZzFe2BJWiwx5gp+zYVSOALWD/LoeDJA
7XJYRQWZJBVVXMr0Ni2NwV0gwNqDbgj23R5E3tMr8dJFzUWjrcq+XkgJSor6TpMI
nXjfcbzg0dt5oAO5YPNj8CXShPtisJqR3ECGzfv6FNq6EvDoLeM=
=WXAb
-----END PGP SIGNATURE-----