* Backport version 1.5.5-0ubuntu3 from Impish (LP: #1938908).
- d/control: do not b-d on libbtrfs-dev, it is not available in Bionic.
- d/control: b-d on golang-1.13-go instead of golang-go.
- d/rules: set GO111MODULE to off, to avoid Internet connection during the
build.
* d/p/seccomp-support-clone3-syscall.patch: clone3 is explicitly requested
to give ENOSYS instead of the default EPERM, when CAP_SYS_ADMIN is unset.
(LP: #1943049).
-- Lucas Kanashiro <email address hidden> Fri, 08 Oct 2021 11:55:12 -0300
This bug was fixed in the package containerd - 1.5.5-0ubuntu3~ 18.04.1
--------------- 0ubuntu3~ 18.04.1) bionic; urgency=medium
containerd (1.5.5-
* Backport version 1.5.5-0ubuntu3 from Impish (LP: #1938908).
- d/control: do not b-d on libbtrfs-dev, it is not available in Bionic.
- d/control: b-d on golang-1.13-go instead of golang-go.
- d/rules: set GO111MODULE to off, to avoid Internet connection during the
build.
containerd (1.5.5-0ubuntu3) impish; urgency=medium
* SECURITY UPDATE: insufficiently restricted directory permissions patches/ 1.5-reduce- directory- permissions. patch: reduce v1/linux/ bundle. go, v1/linux/ bundle_ test.go, runtime/ v2/bundle. go, v2/bundle_ default. go, runtime/ v2/bundle_ linux.go, v2/bundle_ linux_test. go, runtime/ v2/bundle_ test.go, /btrfs/ btrfs.go.
- debian/
permissions for bundle dir in runtime/
runtime/
runtime/
runtime/
snapshots
- CVE-2021-41103
containerd (1.5.5-0ubuntu2) impish; urgency=medium
* d/p/seccomp- support- clone3- syscall. patch: clone3 is explicitly requested
to give ENOSYS instead of the default EPERM, when CAP_SYS_ADMIN is unset.
(LP: #1943049).
-- Lucas Kanashiro <email address hidden> Fri, 08 Oct 2021 11:55:12 -0300