Overview

File _patchinfo of Package patchinfo.31706

<patchinfo incident="31706">
  <category>security</category>
  <rating>important</rating>
  <packager>msmeissn</packager>
  <summary>Security update for catatonit, containerd, runc</summary>
<description>
This update of runc and containerd fixes the following issues:

containerd:

- Update to containerd v1.7.8. Upstream release notes:
  https://github.com/containerd/containerd/releases/tag/v1.7.8

    * CVE-2022-1996: Fixed CORS bypass in go-restful (bsc#1200528)

catatonit:

- Update to catatonit v0.2.0.
  * Change license to GPL-2.0-or-later.

- Update to catatont v0.1.7
  * This release adds the ability for catatonit to be used as the only
    process in a pause container, by passing the -P flag (in this mode no
    subprocess is spawned and thus no signal forwarding is done).

- Update to catatonit v0.1.6, which fixes a few bugs -- mainly ones related to
  socket activation or features somewhat adjacent to socket activation (such as
  passing file descriptors).

runc:

- Update to runc v1.1.10. Upstream changelog is available from
  https://github.com/opencontainers/runc/releases/tag/v1.1.10

</description>
  <issue id="1200528" tracker="bnc">VUL-0: CVE-2022-1996: go-restful: CORS bypass</issue>
  <issue id="2022-1996" tracker="cve"/>
</patchinfo>
openSUSE Build Service is sponsored by
Places