mirror of
https://github.com/opencontainers/runc.git
synced 2026-07-11 06:03:57 +08:00
2c5356e73f
Due to the sensitive nature of these fixes, it was not possible to submit these upstream and vendor the upstream library. Instead, this patch uses a fork of github.com/opencontainers/selinux, branched at commit opencontainers/selinux@879a755db5. In order to permit downstreams to build with this patched version, a snapshot of the forked version has been included in internal/third_party/selinux. Note that since we use "go mod vendor", the patched code is usable even without being "go get"-able. Once the embargo for this issue is lifted we can submit the patches upstream and switch back to a proper upstream go.mod entry. Also, this requires us to temporarily disable the CI job we have that disallows "replace" directives. Fixes: GHSA-cgrx-mc8f-2prm CVE-2025-52881 Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
6 lines
240 B
Plaintext
6 lines
240 B
Plaintext
Antonio Murdaca <runcom@redhat.com> (@runcom)
|
|
Daniel J Walsh <dwalsh@redhat.com> (@rhatdan)
|
|
Mrunal Patel <mpatel@redhat.com> (@mrunalp)
|
|
Sebastiaan van Stijn <github@gone.nl> (@thaJeztah)
|
|
Kirill Kolyshikin <kolyshkin@gmail.com> (@kolyshkin)
|