a go security module for container runtime
If you want to update runc to 1.1.12, you can choose dmz as the entrypoint of the container:
dmz entrypoint arg0 arg1 ...
To use this similar way to protect CVE-2024-21626, we still have a little work to do, it will be comming soon.