Skip to content

Commit 2ece502

Browse files
openshift-merge-bot[bot]openshift-merge-bot[bot]
authored
Merge pull request #6483 from TomSweeneyRedHat/dev/tsweeney/cve-2025-52881-1.41.2
[release-1.41] Bump runc to v1.3.3 - CVE-2025-52881
2 parents 0e4301a + ee97f37 commit 2ece502

Some content is hidden

Large Commits have some content hidden by default. Use the searchbox below for content that may be hidden.

59 files changed

+3732
-1045
lines changed

CHANGELOG.md

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,10 @@
22

33
# Changelog
44

5+
## v1.41.6 (2025-11-06)
6+
7+
[release-1.41] Bump runc to v1.3.3 - CVE-2025-52881
8+
59
## v1.41.5 (2025-09-29)
610

711
[release-1.41] Run: create parent directories of mount targets with mode 0755

changelog.txt

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,6 @@
1+
- Changelog for v1.41.6 (2025-11-06)
2+
* [release-1.41] Bump runc to v1.3.3 - CVE-2025-52881
3+
14
- Changelog for v1.41.5 (2025-09-29)
25

36
[release-1.41] Run: create parent directories of mount targets with mode 0755

define/types.go

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -29,7 +29,7 @@ const (
2929
// identify working containers.
3030
Package = "buildah"
3131
// Version for the Package. Also used by .packit.sh for Packit builds.
32-
Version = "1.41.5"
32+
Version = "1.41.6"
3333

3434
// DefaultRuntime if containers.conf fails.
3535
DefaultRuntime = "runc"

go.mod

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -12,7 +12,7 @@ require (
1212
github.com/containers/luksy v0.0.0-20250609192159-bc60f96d4194
1313
github.com/containers/ocicrypt v1.2.1
1414
github.com/containers/storage v1.59.1
15-
github.com/cyphar/filepath-securejoin v0.4.1
15+
github.com/cyphar/filepath-securejoin v0.5.1
1616
github.com/docker/distribution v2.8.3+incompatible
1717
github.com/docker/docker v28.3.3+incompatible
1818
github.com/docker/go-connections v0.5.0
@@ -26,7 +26,7 @@ require (
2626
github.com/opencontainers/cgroups v0.0.4
2727
github.com/opencontainers/go-digest v1.0.0
2828
github.com/opencontainers/image-spec v1.1.1
29-
github.com/opencontainers/runc v1.3.0
29+
github.com/opencontainers/runc v1.3.3
3030
github.com/opencontainers/runtime-spec v1.2.1
3131
github.com/opencontainers/runtime-tools v0.9.1-0.20250523060157-0ea5ed0382a2
3232
github.com/opencontainers/selinux v1.12.0

go.sum

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -75,8 +75,8 @@ github.com/creack/pty v1.1.18 h1:n56/Zwd5o6whRC5PMGretI4IdRLlmBXYNjScPaBgsbY=
7575
github.com/creack/pty v1.1.18/go.mod h1:MOBLtS5ELjhRRrroQr9kyvTxUAFNvYEK993ew/Vr4O4=
7676
github.com/cyberphone/json-canonicalization v0.0.0-20241213102144-19d51d7fe467 h1:uX1JmpONuD549D73r6cgnxyUu18Zb7yHAy5AYU0Pm4Q=
7777
github.com/cyberphone/json-canonicalization v0.0.0-20241213102144-19d51d7fe467/go.mod h1:uzvlm1mxhHkdfqitSA92i7Se+S9ksOn3a3qmv/kyOCw=
78-
github.com/cyphar/filepath-securejoin v0.4.1 h1:JyxxyPEaktOD+GAnqIqTf9A8tHyAG22rowi7HkoSU1s=
79-
github.com/cyphar/filepath-securejoin v0.4.1/go.mod h1:Sdj7gXlvMcPZsbhwhQ33GguGLDGQL7h7bg04C/+u9jI=
78+
github.com/cyphar/filepath-securejoin v0.5.1 h1:eYgfMq5yryL4fbWfkLpFFy2ukSELzaJOTaUTuh+oF48=
79+
github.com/cyphar/filepath-securejoin v0.5.1/go.mod h1:Sdj7gXlvMcPZsbhwhQ33GguGLDGQL7h7bg04C/+u9jI=
8080
github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
8181
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
8282
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc h1:U9qPSI2PIWSS1VwoXQT9A3Wy9MM3WgvqSxFWenqJduM=
@@ -244,8 +244,8 @@ github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8
244244
github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM=
245245
github.com/opencontainers/image-spec v1.1.1 h1:y0fUlFfIZhPF1W537XOLg0/fcx6zcHCJwooC2xJA040=
246246
github.com/opencontainers/image-spec v1.1.1/go.mod h1:qpqAh3Dmcf36wStyyWU+kCeDgrGnAve2nCC8+7h8Q0M=
247-
github.com/opencontainers/runc v1.3.0 h1:cvP7xbEvD0QQAs0nZKLzkVog2OPZhI/V2w3WmTmUSXI=
248-
github.com/opencontainers/runc v1.3.0/go.mod h1:9wbWt42gV+KRxKRVVugNP6D5+PQciRbenB4fLVsqGPs=
247+
github.com/opencontainers/runc v1.3.3 h1:qlmBbbhu+yY0QM7jqfuat7M1H3/iXjju3VkP9lkFQr4=
248+
github.com/opencontainers/runc v1.3.3/go.mod h1:D7rL72gfWxVs9cJ2/AayxB0Hlvn9g0gaF1R7uunumSI=
249249
github.com/opencontainers/runtime-spec v1.2.1 h1:S4k4ryNgEpxW1dzyqffOmhI1BHYcjzU8lpJfSlR0xww=
250250
github.com/opencontainers/runtime-spec v1.2.1/go.mod h1:jwyrGlmzljRJv/Fgzds9SsS/C5hL+LL3ko9hs6T5lQ0=
251251
github.com/opencontainers/runtime-tools v0.9.1-0.20250523060157-0ea5ed0382a2 h1:2xZEHOdeQBV6PW8ZtimN863bIOl7OCW/X10K0cnxKeA=

vendor/github.com/cyphar/filepath-securejoin/.golangci.yml

Lines changed: 56 additions & 0 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

vendor/github.com/cyphar/filepath-securejoin/CHANGELOG.md

Lines changed: 150 additions & 3 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

0 commit comments

Comments
 (0)