8ebb77ac1d
Fixes the following security issues: - CVE-2019-19921: runc volume mount race condition with shared mounts - CVE-2019-16884: runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because libcontainer/rootfs_linux.go incorrectly checks mount targets, and thus a malicious Docker image can mount over a /proc directory. For details, see the announcement: https://github.com/containerd/containerd/releases/tag/v1.2.12 containerd is now a separate CNCF sponsored project, and is no longer explicitly associated with docker/moby. Signed-off-by: Christian Stewart <christian@paral.in> Signed-off-by: Peter Korsgaard <peter@korsgaard.com> |
||
|---|---|---|
| .. | ||
| Config.in | ||
| docker-containerd.hash | ||
| docker-containerd.mk | ||