Debian Package Tracker

From: Shengjing Zhu <zhsj@debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted runc 1.0.0~rc6+dfsg1-3 (source) into unstable
Date: Mon, 18 Mar 2019 17:19:11 +0000
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 10 Mar 2019 17:51:44 +0800
Source: runc
Architecture: source
Version: 1.0.0~rc6+dfsg1-3
Distribution: unstable
Urgency: medium
Maintainer: Debian Go Packaging Team <pkg-go-maintainers@lists.alioth.debian.org>
Changed-By: Shengjing Zhu <zhsj@debian.org>
Closes: 909644
Changes:
 runc (1.0.0~rc6+dfsg1-3) unstable; urgency=medium
 .
   * Team upload.
 .
   [ Shengjing Zhu ]
   * Improve patch for CVE-2019-5736 based on upstream commits.
     Now the patch includes following commits:
     + 2d4a37b nsenter: cloned_binary: userspace copy fallback if sendfile fails
     + 16612d7 nsenter: cloned_binary: try to ro-bind /proc/self/exe before
               copying
     + af9da0a nsenter: cloned_binary: use the runc statedir for O_TMPFILE
     + 2429d59 nsenter: cloned_binary: expand and add pre-3.11 fallbacks
     + 5b775bf nsenter: cloned_binary: detect and handle short copies
     + bb7d8b1 nsexec (CVE-2019-5736): avoid parsing environ
     + 0a8e411 nsenter: clone /proc/self/exe to avoid exposing host binary to
               container
 .
   [ Arnaud Rebillout ]
   * Add version and gitcommit to the ldflags (Closes: #909644)
     Note that we fill the git commit with something that is NOT a git commit
     at all, instead we use it as a placeholder for the debian version. The
     debian version is a relevant information for the user, and it's nice to
     be able to show it, some way or another.
Checksums-Sha1:
 16c225b65294f1cd15ae04f8551284d04b20b4ce 2468 runc_1.0.0~rc6+dfsg1-3.dsc
 f08fd78b3e0a660d3ec5d293f8437bc248a3ae44 12696 runc_1.0.0~rc6+dfsg1-3.debian.tar.xz
 d96ae363bbd67ac75cb5de26cbbc5cb61679a1c0 8081 runc_1.0.0~rc6+dfsg1-3_amd64.buildinfo
Checksums-Sha256:
 33fcc1aba06a20d6ead3a915f7555193cb43600b46de08a277c4a660999799aa 2468 runc_1.0.0~rc6+dfsg1-3.dsc
 16ca68355ba968535fe328b213c54ac79c330390e2bb3301a4d3ea4d48899409 12696 runc_1.0.0~rc6+dfsg1-3.debian.tar.xz
 5e70a81311d0c67a118c0b4dbbdfbc6689b54613d2ab1d2c50ea2e4d53791ffd 8081 runc_1.0.0~rc6+dfsg1-3_amd64.buildinfo
Files:
 48c3f959cb069f075ab7cf69c77d9b32 2468 devel optional runc_1.0.0~rc6+dfsg1-3.dsc
 20e68df3d980c055efc367b4ae698ee0 12696 devel optional runc_1.0.0~rc6+dfsg1-3.debian.tar.xz
 09391d026876901b8d72ad07d8f60f8b 8081 devel optional runc_1.0.0~rc6+dfsg1-3_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQFEBAEBCgAuFiEE85F2DZP0aJKsSKyHONAPABi+PjUFAlyPzwsQHHpoc2pAZGVi
aWFuLm9yZwAKCRA40A8AGL4+NT4BCACIRRrTNBJ/EzduTMvvkMGQmaZVD2EPiwpG
N2b3g62+Wa9eYYGRdv1Lv5cwuQr0s48rBKyho6WwVmu08XkfsFqqFzCtYFAqu56s
wlZT44LWxCk/MGMldggkNWmWSccL6LXWejpJOoNBm3YcQZ7vdovjJWQx3cbivOiN
s0ua8vYziVbU/0E+zUA9ySTMIXMns1p7JfBptoDf/p7jQU+J1lqICkNP5vUaRxxz
P/ZVnpK0JLrxPO1+6Hjk4+CFn/C+EvPcrIGS4zmEJdAlpr6U1CTNxVHTydSR2Vl6
Dk1R09ZyNOZ0oXYRQnCCl029NMdFyiXSeAeourRvrIXtuEwEZjXK
=Imd7
-----END PGP SIGNATURE-----
News for package runc
