Fedora 29: Runc Security Update for CVE-2019-5736 Critical Container Risk

The runc command can be used to start containers which are packaged

in accordance with the Open Container Initiative's specifications,

and to manage containers running under runc.

Security fix for CVE-2019-5736

* Tue Feb 12 2019 Lokesh Mandvekar - 2:1.0.0-68.dev.git6635b4f

- Resolves: #1674488 - CVE-2019-5736

* Tue Jan 15 2019 Dan Walsh - 2:1.0.0-67

- umount all procfs and sysfs with --no-pivot

* Fri Dec 21 2018 Dan Walsh - 2:1.0.0-66.dev.gitbbb17ef

- UPdate to latest upstream for CRIU Fixes

* Sat Nov 24 2018 Dan Walsh - 2:1.0.0-59.dev.gitccb5efd3

- rc6 build

* Wed Nov 7 2018 Lokesh Mandvekar (Bot) - 2:1.0.0-58.dev.git079817c

- autobuilt 079817c

* Thu Nov 1 2018 Lokesh Mandvekar - 2:1.0.0-57.dev.git9e5aa74

- built commit 9e5aa74

* Tue Oct 16 2018 Lokesh Mandvekar - 2:1.0.0-56.dev.git78ef28e

- built commit 78ef28e

[ 1 ] Bug #1664908 - CVE-2019-5736 runc: Execution of malicious containers allows for container escape and access to host filesystem

https://bugzilla.redhat.com/show_bug.cgi?id=1664908

su -c 'dnf upgrade --advisory FEDORA-2019-3f19f13ecd' at the command

line. For more information, refer to the dnf documentation available at

http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org