Bug#1012723: bullseye-pu: package runc/runc_1.0.0~rc93+ds1-5+deb11u1

To: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 1012723@bugs.debian.org, Shengjing Zhu <zhsj@debian.org>
Cc: siretart@debian.org, team@security.debian.org
Subject: Bug#1012723: bullseye-pu: package runc/runc_1.0.0~rc93+ds1-5+deb11u1
From: Emilio Pozuelo Monfort <pochu@debian.org>
Date: Tue, 14 Jun 2022 11:51:45 +0200
Message-id: <[🔎] 10e11228-2a36-6ae9-3d2b-74d4b830414f@debian.org>
Reply-to: Emilio Pozuelo Monfort <pochu@debian.org>, 1012723@bugs.debian.org
In-reply-to: <[🔎] b684e224e4b095d14ba72cabb3375e678edabaad.camel@adam-barratt.org.uk>
References: <[🔎] 165506962832.77183.8949358322342218657.reportbug@x1.int.tauware.de> <[🔎] 165506962832.77183.8949358322342218657.reportbug@x1.int.tauware.de> <YqanJCznDBZ/iP93@local.zhsj.me> <[🔎] 165506962832.77183.8949358322342218657.reportbug@x1.int.tauware.de> <[🔎] b684e224e4b095d14ba72cabb3375e678edabaad.camel@adam-barratt.org.uk> <[🔎] 165506962832.77183.8949358322342218657.reportbug@x1.int.tauware.de>

On 13/06/2022 19:12, Adam D. Barratt wrote:

On Mon, 2022-06-13 at 10:55 +0800, Shengjing Zhu wrote:

X-Debbugs-CC: siretart@debian.org, team@security.debian.org

Hi,

On Sun, Jun 12, 2022 at 05:33:48PM -0400, Reinhard Tartler wrote:

diff -Nru runc-1.0.0~rc93+ds1/debian/changelog runc-
1.0.0~rc93+ds1/debian/changelog
--- runc-1.0.0~rc93+ds1/debian/changelog	2022-06-12
14:49:36.000000000 -0400
+++ runc-1.0.0~rc93+ds1/debian/changelog	2021-05-19
14:46:14.000000000 -0400
@@ -1,10 +1,3 @@
-runc (1.0.0~rc93+ds1-5+deb11u1) bullseye; urgency=medium
-
-  * Team upload.
-  * backport upstream patch: Honor seccomp defaultErrnoRet,
Closes: #1012030
-
- -- Reinhard Tartler <siretart@tauware.de>  Sun, 12 Jun 2022
14:49:36 -0400
-


Could you include the patch for CVE-2022-29162?

https://security-tracker.debian.org/tracker/CVE-2022-29162

If you don't have time, I can work on this later in this week.


The Security Tracker says it's not fixed in unstable - is that correct?
If so, that needs addressing first before it can be considered for p-u.


The tracker is corrected now, the issue was fixed in 1.1.2.

Cheers,
Emilio

Reply to:

Follow-Ups:
- Bug#1012723: bullseye-pu: package runc/runc_1.0.0~rc93+ds1-5+deb11u1
  - From: Reinhard Tartler <siretart@gmail.com>

References:
- Bug#1012723: bullseye-pu: package runc/runc_1.0.0~rc93+ds1-5+deb11u1
  - From: Reinhard Tartler <siretart@debian.org>
- Bug#1012723: bullseye-pu: package runc/runc_1.0.0~rc93+ds1-5+deb11u1
  - From: Shengjing Zhu <zhsj@debian.org>
- Bug#1012723: bullseye-pu: package runc/runc_1.0.0~rc93+ds1-5+deb11u1
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Prev by Date: Bug#1007222: transition: onetbb
Next by Date: Bug#1007222: transition: onetbb
Previous by thread: Bug#1012723: bullseye-pu: package runc/runc_1.0.0~rc93+ds1-5+deb11u1
Next by thread: Bug#1012723: bullseye-pu: package runc/runc_1.0.0~rc93+ds1-5+deb11u1
Index(es):
- Date
- Thread