diff options
| author | Daniel Leidert <dleidert@debian.org> | 2024-02-19 03:04:51 +0100 |
|---|---|---|
| committer | Daniel Leidert <dleidert@debian.org> | 2024-02-19 03:04:51 +0100 |
| commit | 77e961eb0f90381c61794f6c4af3df029cef2b8a (patch) | |
| tree | 593e21d1fc3b87d9de3cd7dbb5860223b5821d81 /data | |
| parent | f02dd5cf817c803ac4e87d7590034fc3fe05eb89 (diff) | |
Reserve DLA-3735-1 for runc
Diffstat (limited to 'data')
| -rw-r--r-- | data/CVE/list | 1 | ||||
| -rw-r--r-- | data/DLA/list | 3 | ||||
| -rw-r--r-- | data/dla-needed.txt | 8 |
3 files changed, 8 insertions, 4 deletions
diff --git a/data/CVE/list b/data/CVE/list index 2735a8dcfa..30992d4c7d 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -161665,7 +161665,6 @@ CVE-2021-43784 (runc is a CLI tool for spawning and running containers on Linux {DLA-2841-1} - runc 1.0.3+ds1-1 [bullseye] - runc <ignored> (Minor issue; not exploitable in 1.0.0) - [buster] - runc <ignored> (Minor issue; not exploitable in 1.0.0) NOTE: https://github.com/opencontainers/runc/security/advisories/GHSA-v95c-p5hm-xq8f NOTE: https://www.openwall.com/lists/oss-security/2021/12/06/1 NOTE: Fixed by: https://github.com/opencontainers/runc/commit/d72d057ba794164c3cce9451a00b72a78b25e1ae diff --git a/data/DLA/list b/data/DLA/list index f388a22db0..586c7a0e5b 100644 --- a/data/DLA/list +++ b/data/DLA/list @@ -1,3 +1,6 @@ +[19 Feb 2024] DLA-3735-1 runc - security update + {CVE-2021-43784 CVE-2024-21626} + [buster] - runc 1.0.0~rc6+dfsg1-3+deb10u3 [17 Feb 2024] DLA-3734-1 openvswitch - security update {CVE-2023-5366} [buster] - openvswitch 2.10.7+ds1-0+deb10u5 diff --git a/data/dla-needed.txt b/data/dla-needed.txt index 35417f3169..3604a9e1b6 100644 --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -249,10 +249,12 @@ ring NOTE: 20230903: Added by Front-Desk (gladk) NOTE: 20230928: will be likely hard to fix see https://lists.debian.org/debian-lts/2023/09/msg00035.html (rouca) -- -runc (dleidert) +runc NOTE: 20240204: Added by Front-Desk (ta) - NOTE: 20240208: Will need 2-3 more days (dleidert) - NOTE: 20240211: Ready to upload, except for https://lists.debian.org/debian-lts/2024/02/msg00014.html - will wait 2-3 days (dleidert) + NOTE: 20240219: Complete fix for CVE-2024-21626 would require backport of + NOTE: 20240219: https://github.com/opencontainers/runc/commit/284ba3057e428f8d6c7afcc3b0ac752e525957df and + NOTE: 20240219: https://github.com/opencontainers/runc/commit/e9665f4d606b64bf9c4652ab2510da368bfbd951. + NOTE: 20240219: But it uses a link to internal/poll.IsPollDescriptor, introduced in Go 1.12, which I cannot backport (dleidert). -- samba NOTE: 20230918: Added by Front-Desk (apo) |