[meta-virtualization] [PATCH 2/2] runc: address CVE-2019-5736

[Bruce Ashfield]

Thanks for the patch!

I'm touchy about runc updates, due to many hours of fixing subtle
breakage when updating. Can
we log all of the shortlogs between the two SRCREVs in the commit
message. It'll make tracking
down errors easier when inevitably I end up debugging something.

We need to take care of the opencontainers variant at the same time.
Yes, they are virtually the
same right now, but I'm keeping both recipes around since history
shows that I'll need them again.

Cheers,

Bruce

On Fri, Feb 15, 2019 at 9:56 AM Stefan Agner <stefan at agner.ch> wrote:
>
> From: Stefan Agner <stefan.agner at toradex.com>
>
> Use git hash which addresses CVE-2019-5736. Use the same git hash
> used in top of 18.09 Docker branch.
>
> Fixes: CVE-2019-5736
> Signed-off-by: Stefan Agner <stefan.agner at toradex.com>
> ---
>  recipes-containers/runc/runc-docker_git.bb | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/recipes-containers/runc/runc-docker_git.bb b/recipes-containers/runc/runc-docker_git.bb
> index 41c82f7..4eb2d07 100644
> --- a/recipes-containers/runc/runc-docker_git.bb
> +++ b/recipes-containers/runc/runc-docker_git.bb
> @@ -4,7 +4,7 @@ RRECOMMENDS_${PN} = "lxc docker"
>
>  # Note: this rev is before the required protocol field, update when all components
>  #       have been updated to match.
> -SRCREV_runc-docker = "4a600c04ed480084b2351b3e32c26cb4a2d5d533"
> +SRCREV_runc-docker = "6635b4f0c6af3810594d2770f662f34ddc15b40d"
>  SRC_URI = "git://github.com/opencontainers/runc;nobranch=1;name=runc-docker \
>             file://0001-runc-Add-console-socket-dev-null.patch \
>             file://0001-build-drop-recvtty-and-use-GOBUILDFLAGS.patch \
> --
> 2.13.6
>


-- 
- Thou shalt not follow the NULL pointer, for chaos and madness await
thee at its end
- "Use the force Harry" - Gandalf, Star Trek II