mirror of
git://git.yoctoproject.org/meta-virtualization.git
synced 2025-07-19 12:50:22 +02:00
7bdfb7806e
Bumping runc to version v1.2.0-69-gb7da1673, which comprises the following commits:
b7da1673 build(deps): bump google.golang.org/protobuf from 1.35.1 to 1.35.2
119111a0 libct/cg: add test for remove a non-existent dir in a ro mount point
068d7da7 Revert "Temporary set vagrant to 2.4.1-1"
ac435895 memfd-bind: elaborate kernel requirements for overlayfs protection
ba3d026e libct/cg: RemovePath: improve comments
12e06a7c libct/cg: RemovePath: simplify logic
db59489b runc delete: fix for rootless cgroup + ro cgroupfs
ca4a7a86 build(deps): bump golang.org/x/net from 0.30.0 to 0.31.0
43af111e MAINTAINERS: move dqminh and hqhq to EMERITUS
ec5e7eb7 build(deps): bump golang.org/x/sys from 0.26.0 to 0.27.0
9cb59b46 ci: rm "skip on CentOS 7" kludges
5000f169 Temporary set vagrant to 2.4.1-1
b9dfb22d readme: drop unused memfd-bind reference
aa505bfa memfd-bind: mention that overlayfs obviates the need for it
9bc42d61 dmz: overlay: set xino=off to disable dmesg spam
9ce7392b Vagrantfile.fedora: bump Fedora to 41
609e9a51 Vagrantfile.fedora: stop using dnf shell
80c46d31 build(deps): bump golang.org/x/net from 0.24.0 to 0.30.0
5586d7ca libct: rm obsoleted comment
f9fd70b7 CHANGELOG: add (forward-port) v1.1.15 changes
8cc73754 libct: fix a comment
ee1bced1 script/check-config.sh: add OVERLAY_FS check
c8f5d033 docs: remove prompt symbols from shell snippets
871057d8 drop runc-dmz solution according to overlay solution
34a92855 test join other container userns with selinux enabled
c78f3f2e libct/nsenter: become root after joining userns
1e674098 libct/int: add exec benchmark
cb201487 libct/int: use testing.TB for utils
4df7b1b1 build(deps): bump golang.org/x/sys from 0.22.0 to 0.26.0
cbb9b309 ci: use Go 1.23
732806e2 runc update: fix updating swap for cgroup v2
cb9f3d6d libct/cg: improve ConvertMemorySwapToCgroupV2Value
69b3be76 build(deps): bump github.com/vishvananda/netlink from 1.1.0 to 1.3.0
eb2ff52a libct: rm x/sys/execabs usage
f20f273a build(deps): bump github.com/opencontainers/selinux
139789f1 build(deps): bump google.golang.org/protobuf from 1.33.0 to 1.35.1
93db63ab build(deps): bump github.com/urfave/cli from 1.22.14 to 1.22.16
af024b6c build(deps): bump github.com/moby/sys/mountinfo from 0.7.1 to 0.7.2
42f96305 VERSION: back to development
0b9fa21b VERSION: release v1.2.0
568231cc Revert "increase memory.max in cgroups.bats"
e6699266 fix an error caused by fd reuse race when starting runc init
515f09f7 dmz: use overlayfs to write-protect /proc/self/exe if possible
8cfbccb6 tests: integration: add helper to check if we're in a userns
54ef07d8 tests/int: skip "update memory vs CheckBeforeUpdate" on EL9
ff775363 tests/int: rm centos-7 exclusion
76a821fa tests/int: update info about EL9 kernel
b5bdf592 libct: rm initWaiter
9fa324c4 dmz: cloned binary: set +x permissions when creating regular tmpfile
324fcea4 Terminate execution for criu that does not meet version requirements
eff6f049 libct/cap: no need to load capabilities
9b60a93c libcontainer/userns: migrate to github.com/moby/sys/userns
1623cde1 go: update github.com/cyphar/filepath-securejoin to v0.3.4
4fdd5616 memfd-bind: more specific doc URL
9e554587 memfd-bind: fixup systemd unit file and README
13a6f560 runc run: fix mount leak
b096459a vendor: update github.com/cyphar/filepath-securejoin to v0.3.3
f55957de build(deps): bump bats-core/bats-action from 2.1.1 to 3.0.0
bb2bd38d change go minimum version in README
faffe1b9 replace strings.SplitN with strings.Cut
1be06760 libcontainer/cgroups/fs: remove todo since strings.Fields performs well
7a449109 libct/README: simplify example, rm inheritable caps
0de19533 runc spec, libct/int: do not add ambient capabilities
3e3f9603 runc exec --cap: do not add capabilities to ambient
5b161e04 update bats-action to 2.1.1
35f999dd remove installation of unused bats support libs
10c951e3 add ErrCgroupNotExist
319e133c go.mod: Use toolchain 1.22.4
8671a7db ci: update to setup bats action from bats-core
30f8f51e runc create/run: warn on rootless + shared pidns + no cgroup
21c61165 tests/int: log when teardown starts
b1449fd5 libct: use Namespaces.IsPrivate more
d8844e29 tests: integration: add setgid mkdirall test
066b109e vendor: update to github.com/cyphar/filepath-securejoin@v0.3.2
646efe70 utils: mkdirall: mask silently ignored mode bits to match os.MkdirAll
457e1ffa tests: add regression test for CVE-2019-19921 / CVE-2023-27561
216175a9 Upgrade Cilium's eBPF library version to 0.16
a31efe70 libct/seccomp/patchbpf: use binary.NativeEndian
429e06a5 libct: Signal: honor RootlessCgroups
dd827f7b utils: switch to securejoin.MkdirAllHandle
1d308c7d vendor: update to github.com/cyphar/filepath-securejoin@v0.3.1
5ab5ef3d deps: update to golang.org/x/sys@v0.22
Signed-off-by: Bruce Ashfield <bruce.ashfield@gmail.com>
|
||
|---|---|---|
| .. | ||
| aardvark-dns | ||
| buildah | ||
| catatonit | ||
| cgroup-lite | ||
| conmon | ||
| container-host-config | ||
| containerd | ||
| cri-o | ||
| cri-tools | ||
| criu | ||
| crun | ||
| docker | ||
| docker-compose | ||
| docker-distribution | ||
| go-digest | ||
| go-errors | ||
| go-spf13-cobra | ||
| go-spf13-pflag | ||
| k3s | ||
| kubernetes | ||
| lxc | ||
| lxcfs | ||
| nerdctl | ||
| netavark | ||
| oci-image-spec | ||
| oci-image-tools | ||
| oci-runtime-spec | ||
| oci-runtime-tools | ||
| oci-systemd-hook | ||
| podman | ||
| podman-compose | ||
| podman-tui | ||
| riddler | ||
| runc | ||
| singularity | ||
| skopeo | ||
| sloci-image | ||
| tini | ||
| umoci | ||