308 Commits

Author SHA1 Message Date
lifubang 34e84588af downgrade github.com/cyphar/filepath-securejoin from v0.6.0 to v0.5.2
The dependency was initially slated for an upgrade from v0.6.0 to v0.6.1
to address an fd leak. However, due to compatibility constraints, we
instead downgrade to v0.5, using v0.5.2 which includes a backported fix
for the same issue.

Signed-off-by: lifubang <lifubang@acmcoder.com>
2025-11-20 11:52:35 +00:00
lifubang ae8839acc2 bump github.com/opencontainers/s
elinux from v1.13.0 to v1.13.1

Signed-off-by: lifubang <lifubang@acmcoder.com>
2025-11-20 11:52:35 +00:00
Aleksa Sarai b9df996b68 deps: update to github.com/opencontainers/selinux@v0.13.0
This new version includes the fixes for CVE-2025-52881, so we can remove
the internal/third_party copy of the library we added in commit
ed6b1693b8 ("selinux: use safe procfs API for labels") as well as the
"replace" directive in go.mod (which is problematic for "go get"
installs).

Fixes: ed6b1693b8 ("selinux: use safe procfs API for labels")
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
(cherry picked from commit 96f1962f91)
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
2025-11-08 02:18:50 +11:00
Aleksa Sarai aca52c4690 openat2: improve resilience on busy systems
Previously, we would see a ~3% failure rate when starting containers
with mounts that contain ".." (which can trigger -EAGAIN). To counteract
this, filepath-securejoin v0.5.1 includes a bump of the internal retry
limit from 32 to 128, which lowers the failure rate to 0.12%.

However, there is still a risk of spurious failure on regular systems.
In order to try to provide more resilience (while avoiding DoS attacks),
this patch also includes an additional retry loop that terminates based
on a deadline rather than retry count. The deadline is 2ms, as my
testing found that ~800us for a single pathrs operation was the longest
latency due to -EAGAIN retries, and that was an outlier compared to the
more common ~400us latencies -- so 2ms should be more than enough for
any real system.

The failure rates above were based on more 50k runs of runc with an
attack script (from libpathrs) running a rename attack on all cores of a
16-core system, which is arguably a worst-case but heavily utilised
servers could likely approach similar results.

Tested-by: Phil Estes <estesp@gmail.com>
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
2025-11-05 19:54:30 +11:00
Aleksa Sarai 2c5356e73f selinux: use safe procfs API for labels
Due to the sensitive nature of these fixes, it was not possible to
submit these upstream and vendor the upstream library. Instead, this
patch uses a fork of github.com/opencontainers/selinux, branched at
commit opencontainers/selinux@879a755db5.

In order to permit downstreams to build with this patched version, a
snapshot of the forked version has been included in
internal/third_party/selinux. Note that since we use "go mod vendor",
the patched code is usable even without being "go get"-able. Once the
embargo for this issue is lifted we can submit the patches upstream and
switch back to a proper upstream go.mod entry.

Also, this requires us to temporarily disable the CI job we have that
disallows "replace" directives.

Fixes: GHSA-cgrx-mc8f-2prm CVE-2025-52881
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
2025-10-16 11:29:35 +11:00
Aleksa Sarai ed55d5b5bf go.mod: update to github.com/cyphar/filepath-securejoin@v0.5.0
In order to avoid lint errors due to the deprecation of the top-level
securejoin methods ported from libpathrs, we need to adjust
internal/pathrs to use the new pathrs-lite subpackage instead.

Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
2025-10-16 11:29:32 +11:00
Aleksa Sarai e34a0a0936 console: verify /dev/pts/ptmx before use
This is primarily done out of an abudance of caution against runc exec
being attacked by a container where /dev/pts/ptmx has been replaced with
some other bad inode (a disconnected NFS handle, a symlink that goes
through a leaked runc file descriptor to reference a host ptmx, etc).

Unfortunately, we cannot trivially verify that /dev/pts/ptmx is actually
the /dev/pts from the container without storing stuff like the fsid in
the runc state.json, which is probably not worth the extra effort. This
should at least avoid the most concerning cases.

Reported-by: Aleksa Sarai <cyphar@cyphar.com>
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
2025-10-16 11:29:32 +11:00
dependabot[bot] 2845c532f9 build(deps): bump github.com/opencontainers/cgroups from 0.0.3 to 0.0.4
Bumps [github.com/opencontainers/cgroups](https://github.com/opencontainers/cgroups) from 0.0.3 to 0.0.4.
- [Release notes](https://github.com/opencontainers/cgroups/releases)
- [Changelog](https://github.com/opencontainers/cgroups/blob/main/RELEASES.md)
- [Commits](https://github.com/opencontainers/cgroups/compare/v0.0.3...v0.0.4)

---
updated-dependencies:
- dependency-name: github.com/opencontainers/cgroups
  dependency-version: 0.0.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-09-24 17:04:09 -04:00
Kir Kolyshkin 3764d6e888 deps: bump cgroups to v0.0.3, fix tests
For changelog, see https://github.com/opencontainers/cgroups/releases/tag/v0.0.3

This fixes two runc issues:

1. JSON incompatibility introduced in cgroups v0.0.2 (see
   https://github.com/opencontainers/cgroups/pull/22).

2. Bad CPU shares to CPU weight conversion (see
   https://github.com/opencontainers/runc/issues/4772).

Due to item 2, modify some tests accordingly.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2025-09-23 13:12:41 -04:00
Kir Kolyshkin f5e8c63fdc deps: bump opencontainers/cgroups to v0.0.2
For changes, see https://github.com/opencontainers/cgroups/releases/tag/v0.0.2

Fix integration tests according to changes in [1] (now the CPU quota value set
is rounded the same way systemd does it).

[1]: https://github.com/opencontainers/cgroups/pull/4
Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2025-09-23 13:11:26 -04:00
Kir Kolyshkin a75076b4a4 Switch to opencontainers/cgroups
This removes libcontainer/cgroups packages and starts
using those from github.com/opencontainers/cgroups repo.

Mostly generated by:

  git rm -f libcontainer/cgroups

  find . -type f -name "*.go" -exec sed -i \
    's|github.com/opencontainers/runc/libcontainer/cgroups|github.com/opencontainers/cgroups|g' \
    {} +

  go get github.com/opencontainers/cgroups@v0.0.1
  make vendor
  gofumpt -w .

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2025-02-28 15:20:33 -08:00
dependabot[bot] 537a2276bb build(deps): bump github.com/opencontainers/runtime-spec
Bumps [github.com/opencontainers/runtime-spec](https://github.com/opencontainers/runtime-spec) from 1.2.0 to 1.2.1.
- [Release notes](https://github.com/opencontainers/runtime-spec/releases)
- [Changelog](https://github.com/opencontainers/runtime-spec/blob/main/ChangeLog)
- [Commits](https://github.com/opencontainers/runtime-spec/compare/v1.2.0...v1.2.1)

---
updated-dependencies:
- dependency-name: github.com/opencontainers/runtime-spec
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-28 04:52:38 +00:00
Kir Kolyshkin 79a4ac0553 deps: bump cilium/ebpf to v0.17.3
It has a fix for runc issue 4594.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2025-02-13 00:07:01 -08:00
dependabot[bot] 13277b2017 build(deps): bump golang.org/x/net from 0.34.0 to 0.35.0
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.34.0 to 0.35.0.
- [Commits](https://github.com/golang/net/compare/v0.34.0...v0.35.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-11 04:09:22 +00:00
dependabot[bot] 8529591ccb build(deps): bump google.golang.org/protobuf from 1.36.4 to 1.36.5
Bumps google.golang.org/protobuf from 1.36.4 to 1.36.5.

---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-07 04:09:32 +00:00
dependabot[bot] a274d27598 build(deps): bump golang.org/x/sys from 0.29.0 to 0.30.0
Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.29.0 to 0.30.0.
- [Commits](https://github.com/golang/sys/compare/v0.29.0...v0.30.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-02-05 04:18:02 +00:00
Kir Kolyshkin 8e5bb0d8c4 deps: roll back to cilium/ebpf v0.16.0
Also, exclude v0.17.x until there is a fix for runc issue 4594.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2025-01-31 16:59:54 -08:00
Akihiro Suda f1c0e63252 Merge pull request #4590 from cyphar/securejoin-0.4.0
deps: update to github.com/cyphar/filepath-securejoin@v0.4.1
2025-01-29 16:56:12 +09:00
Aleksa Sarai 70e500e7d1 deps: update to github.com/cyphar/filepath-securejoin@v0.4.1
This release includes a minor breaking API change that requires us to
rework the types of our wrappers, but there is no practical behaviour
change.

Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
2025-01-28 22:33:16 +11:00
dependabot[bot] 24ec764a09 build(deps): bump google.golang.org/protobuf from 1.36.3 to 1.36.4
Bumps google.golang.org/protobuf from 1.36.3 to 1.36.4.

---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-01-27 04:55:54 +00:00
dependabot[bot] 9af7952249 build(deps): bump google.golang.org/protobuf from 1.36.2 to 1.36.3
Bumps google.golang.org/protobuf from 1.36.2 to 1.36.3.

---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-01-16 04:05:13 +00:00
dependabot[bot] a69d289ffd build(deps): bump google.golang.org/protobuf from 1.36.1 to 1.36.2
Bumps google.golang.org/protobuf from 1.36.1 to 1.36.2.

---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-01-08 04:16:24 +00:00
dependabot[bot] 061483b62a build(deps): bump golang.org/x/net from 0.33.0 to 0.34.0
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.33.0 to 0.34.0.
- [Commits](https://github.com/golang/net/compare/v0.33.0...v0.34.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-01-07 04:35:23 +00:00
dependabot[bot] 48ad17f4c6 build(deps): bump golang.org/x/sys from 0.28.0 to 0.29.0
Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.28.0 to 0.29.0.
- [Commits](https://github.com/golang/sys/compare/v0.28.0...v0.29.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2025-01-06 04:55:38 +00:00
dependabot[bot] f848304994 build(deps): bump google.golang.org/protobuf from 1.36.0 to 1.36.1
Bumps google.golang.org/protobuf from 1.36.0 to 1.36.1.

---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-12-25 23:29:14 +08:00
dependabot[bot] 5855ba5303 build(deps): bump github.com/cilium/ebpf from 0.17.0 to 0.17.1
Bumps [github.com/cilium/ebpf](https://github.com/cilium/ebpf) from 0.17.0 to 0.17.1.
- [Release notes](https://github.com/cilium/ebpf/releases)
- [Commits](https://github.com/cilium/ebpf/compare/v0.17.0...v0.17.1)

---
updated-dependencies:
- dependency-name: github.com/cilium/ebpf
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-12-20 04:10:23 +00:00
dependabot[bot] e809db842f build(deps): bump github.com/cilium/ebpf from 0.16.0 to 0.17.0
Bumps [github.com/cilium/ebpf](https://github.com/cilium/ebpf) from 0.16.0 to 0.17.0.
- [Release notes](https://github.com/cilium/ebpf/releases)
- [Commits](https://github.com/cilium/ebpf/compare/v0.16.0...v0.17.0)

---
updated-dependencies:
- dependency-name: github.com/cilium/ebpf
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-12-20 00:07:03 +00:00
Kir Kolyshkin 5239b05129 Merge pull request #4564 from opencontainers/dependabot/go_modules/golang.org/x/net-0.33.0
build(deps): bump golang.org/x/net from 0.32.0 to 0.33.0
2024-12-19 16:05:57 -08:00
dependabot[bot] c2b11a6353 build(deps): bump golang.org/x/net from 0.32.0 to 0.33.0
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.32.0 to 0.33.0.
- [Commits](https://github.com/golang/net/compare/v0.32.0...v0.33.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-12-19 04:09:48 +00:00
dependabot[bot] 71327d7fcd build(deps): bump github.com/cyphar/filepath-securejoin
Bumps [github.com/cyphar/filepath-securejoin](https://github.com/cyphar/filepath-securejoin) from 0.3.5 to 0.3.6.
- [Release notes](https://github.com/cyphar/filepath-securejoin/releases)
- [Changelog](https://github.com/cyphar/filepath-securejoin/blob/main/CHANGELOG.md)
- [Commits](https://github.com/cyphar/filepath-securejoin/compare/v0.3.5...v0.3.6)

---
updated-dependencies:
- dependency-name: github.com/cyphar/filepath-securejoin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-12-19 01:42:44 +00:00
dependabot[bot] 705382ac66 build(deps): bump google.golang.org/protobuf from 1.35.2 to 1.36.0
Bumps google.golang.org/protobuf from 1.35.2 to 1.36.0.

---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-12-17 04:53:16 +00:00
Aleksa Sarai 2f1b6626f3 deps: update to github.com/cyphar/filepath-securejoin@v0.3.5
This fixes a regression in use of securejoin.MkdirAll, where multiple
runc processes racing to create the same mountpoint in a shared rootfs
would result in spurious EEXIST errors. In particular, this regression
caused issues with BuildKit.

Fixes: dd827f7b71 ("utils: switch to securejoin.MkdirAllHandle")
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
2024-12-06 19:38:46 +11:00
dependabot[bot] d5694eed7c build(deps): bump golang.org/x/net from 0.31.0 to 0.32.0
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.31.0 to 0.32.0.
- [Commits](https://github.com/golang/net/compare/v0.31.0...v0.32.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-12-05 09:28:56 +00:00
dependabot[bot] ec7e90b308 build(deps): bump golang.org/x/sys from 0.27.0 to 0.28.0
Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.27.0 to 0.28.0.
- [Commits](https://github.com/golang/sys/compare/v0.27.0...v0.28.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-12-05 04:47:30 +00:00
Kir Kolyshkin 66969827c0 Switch to github.com/moby/sys/capability v0.4.0
This removes the last unversioned package in runc's direct dependencies.

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2024-12-02 13:18:10 -08:00
dependabot[bot] b7da16731c build(deps): bump google.golang.org/protobuf from 1.35.1 to 1.35.2
Bumps google.golang.org/protobuf from 1.35.1 to 1.35.2.

---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-11-18 12:11:47 +08:00
dependabot[bot] ca4a7a86f8 build(deps): bump golang.org/x/net from 0.30.0 to 0.31.0
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.30.0 to 0.31.0.
- [Commits](https://github.com/golang/net/compare/v0.30.0...v0.31.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-11-11 04:11:55 +00:00
dependabot[bot] ec5e7eb70a build(deps): bump golang.org/x/sys from 0.26.0 to 0.27.0
Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.26.0 to 0.27.0.
- [Commits](https://github.com/golang/sys/compare/v0.26.0...v0.27.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-11-08 04:29:56 +00:00
dependabot[bot] 80c46d31c4 build(deps): bump golang.org/x/net from 0.24.0 to 0.30.0
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.24.0 to 0.30.0.
- [Commits](https://github.com/golang/net/compare/v0.24.0...v0.30.0)

---
updated-dependencies:
- dependency-name: golang.org/x/net
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-11-02 00:36:10 +00:00
dependabot[bot] 4df7b1b199 build(deps): bump golang.org/x/sys from 0.22.0 to 0.26.0
Bumps [golang.org/x/sys](https://github.com/golang/sys) from 0.22.0 to 0.26.0.
- [Commits](https://github.com/golang/sys/compare/v0.22.0...v0.26.0)

---
updated-dependencies:
- dependency-name: golang.org/x/sys
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-23 07:56:22 +00:00
dependabot[bot] f22cee6634 Merge pull request #4460 from opencontainers/dependabot/go_modules/github.com/vishvananda/netlink-1.3.0 2024-10-23 07:55:40 +00:00
Aleksa Sarai b69954038c merge #4465 into opencontainers/runc:main
Kir Kolyshkin (1):
  libct: rm x/sys/execabs usage

LGTMs: AkihiroSuda cyphar
2024-10-23 18:52:54 +11:00
dependabot[bot] 69b3be763a build(deps): bump github.com/vishvananda/netlink from 1.1.0 to 1.3.0
Bumps [github.com/vishvananda/netlink](https://github.com/vishvananda/netlink) from 1.1.0 to 1.3.0.
- [Release notes](https://github.com/vishvananda/netlink/releases)
- [Commits](https://github.com/vishvananda/netlink/compare/v1.1.0...v1.3.0)

---
updated-dependencies:
- dependency-name: github.com/vishvananda/netlink
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-23 06:49:47 +00:00
Kir Kolyshkin d123e56739 Merge pull request #4467 from opencontainers/dependabot/go_modules/google.golang.org/protobuf-1.35.1
build(deps): bump google.golang.org/protobuf from 1.33.0 to 1.35.1
2024-10-22 23:49:04 -07:00
Kir Kolyshkin eb2ff52ace libct: rm x/sys/execabs usage
Since Go 1.19, the same functionality is there in os/exec package.
As we require go 1.22 now, there's no need to have this.

This basically reverts commit 9258eac0 ("libct/start: use execabs for
newuidmap lookup").

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
2024-10-22 23:45:18 -07:00
dependabot[bot] f20f273aff build(deps): bump github.com/opencontainers/selinux
Bumps [github.com/opencontainers/selinux](https://github.com/opencontainers/selinux) from 1.11.0 to 1.11.1.
- [Release notes](https://github.com/opencontainers/selinux/releases)
- [Commits](https://github.com/opencontainers/selinux/compare/v1.11.0...v1.11.1)

---
updated-dependencies:
- dependency-name: github.com/opencontainers/selinux
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-23 04:20:54 +00:00
dependabot[bot] 139789f1bd build(deps): bump google.golang.org/protobuf from 1.33.0 to 1.35.1
Bumps google.golang.org/protobuf from 1.33.0 to 1.35.1.

---
updated-dependencies:
- dependency-name: google.golang.org/protobuf
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-23 04:20:52 +00:00
Akihiro Suda e98851de36 Merge pull request #4464 from opencontainers/dependabot/go_modules/github.com/urfave/cli-1.22.16
build(deps): bump github.com/urfave/cli from 1.22.14 to 1.22.16
2024-10-23 10:46:42 +09:00
dependabot[bot] 93db63ab52 build(deps): bump github.com/urfave/cli from 1.22.14 to 1.22.16
Bumps [github.com/urfave/cli](https://github.com/urfave/cli) from 1.22.14 to 1.22.16.
- [Release notes](https://github.com/urfave/cli/releases)
- [Changelog](https://github.com/urfave/cli/blob/main/docs/CHANGELOG.md)
- [Commits](https://github.com/urfave/cli/compare/v1.22.14...v1.22.16)

---
updated-dependencies:
- dependency-name: github.com/urfave/cli
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-22 13:23:32 +00:00
dependabot[bot] af024b6c2b build(deps): bump github.com/moby/sys/mountinfo from 0.7.1 to 0.7.2
Bumps [github.com/moby/sys/mountinfo](https://github.com/moby/sys) from 0.7.1 to 0.7.2.
- [Release notes](https://github.com/moby/sys/releases)
- [Commits](https://github.com/moby/sys/compare/signal/v0.7.1...mountinfo/v0.7.2)

---
updated-dependencies:
- dependency-name: github.com/moby/sys/mountinfo
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-10-22 13:23:25 +00:00