runc 1.0-rc9 -- "Watch out for that first step, it's a doozy!"
cyphar
Aleksa Sarai
This is a hot-fix for v1.0.0~rc8, primarily fixing CVE-2019-16884.
NOTE: This release's artefacts were updated on 2020-07-30 to correct an
LGPL compliance issue (we previously did not include the source code of
libseccompwith our releases) and thus we had to recompile ourrunc
binaries to be sure we were distributing the correct version oflibseccomp.
All of the binaries are still signed by the same maintainer key, and thus can
still be easily validated.
NOTE: This release's artefacts were updated on 2021-04-07, to correct an
issue with the .tar.xz archive from 2020-07-30 (the archive had malformed
paths due to a bug in historical release scripts -- which caused the update
on 2020-07-30 to change the checksum of the source code archive). See #2895
for more details. All of the binaries are still signed by the same maintainer
key, and thus can still be easily validated.
Static Linking Notices
The runc binary distributed with this release are statically linked with
the following GNU LGPL-2.1 licensed libraries, with runc acting
as a "work that uses the Library":
The versions of these libraries were not modified from their upstream versions,
but in order to comply with the LGPL-2.1 (§6(a)), we have attached the
complete source code for those libraries which (when combined with the attached
runc source code) may be used to exercise your rights under the LGPL-2.1.
However we strongly suggest that you make use of your distribution's packages
or download them from the authoritative upstream sources, especially since
these libraries are related to the security of your containers.
Thanks to the following people who made this release possible:
- Adrian Reber areber@redhat.com
- Akihiro Suda akihiro.suda.cz@hco.ntt.co.jp
- Aleksa Sarai asarai@suse.de
- Andreas Stocker astocker@anexia-it.com
- blacktop blacktop@users.noreply.github.com
- Carlos de Paula me@carlosedp.com
- Danail Branekov danailster@gmail.com
- Daniel J Walsh dwalsh@redhat.com
- Erik Sipsma sipsma@amazon.com
- Filipe Brandenburger filbranden@gmail.com
- Georgi Sabev georgethebeatle@gmail.com
- Giuseppe Scrivano gscrivan@redhat.com
- Howard Zhang howard.zhang@arm.com
- Joe Burianek joe.burianek@pantheon.io
- Jonathan Rudenberg jonathan@titanous.com
- Julien Durillon julien.durillon@gmail.com
- Kenta Tada Kenta.Tada@sony.com
- Lifubang lifubang@acmcoder.com
- Marco Vedovati mvedovati@suse.com
- Michael Crosby crosbymichael@gmail.com
- Mrunal Patel mrunal@me.com
- Odin Ugedal odin@ugedal.com
- Qiang Huang h.huangqiang@huawei.com
- sashayakovtseva sasha@sylabs.io
- Sebastiaan van Stijn github@gone.nl
- Xiaochen Shen xiaochen.shen@intel.com
- Xiao YongBiao xyb4638@gmail.com
Vote: +4 -0 #1
Signed-off-by: Aleksa Sarai asarai@suse.de