runc (0.1.1+dfsg1-2+deb9u3) stretch-security; urgency=high

  * CVE-2021-43784: Fix an issue where an overflow in the Netlink 'bytemsg'
    length field could have allowed an attacker to override Netlink-based
    container configurations. This vulnerability required the attacker to have
    some control over the configuration of the container, but would have
    allowed the attacker to bypass the namespace restrictions of the container
    by simply adding their own Netlink payload which disables all namespaces.

 -- Chris Lamb <lamby@debian.org>  Mon, 06 Dec 2021 14:36:50 -0800

runc (0.1.1+dfsg1-2+deb9u2) stretch-security; urgency=medium

  * Non-maintainer upload by the LTS team.
  * Rebuild with golang-github-seccomp-libseccomp-golang that has
    CVE-2017-18367 fixed.

 -- Adrian Bunk <bunk@debian.org>  Mon, 10 Aug 2020 11:35:05 +0300

runc (0.1.1+dfsg1-2+deb9u1) stretch; urgency=medium

  * Team upload.
  * Add patch to address CVE-2019-5736 (Closes: #922050)

 -- Shengjing Zhu <zhsj@debian.org>  Tue, 19 Mar 2019 00:50:07 +0800

runc (0.1.1+dfsg1-2) unstable; urgency=medium

  * Team upload.
  * Backport patch for CVE-2016-9962 (Closes: #850951)

 -- Tianon Gravi <tianon@debian.org>  Wed, 01 Feb 2017 07:17:54 -0800

runc (0.1.1+dfsg1-1) unstable; urgency=medium

  * New upstream release [June 2016].
  * testworks: disabled privileged and failing tests.
  * Build with "apparmor seccomp" tags (Closes: #830818);
    Build-Depends += "libapparmor-dev".

 -- Dmitry Smirnov <onlyjob@debian.org>  Wed, 13 Jul 2016 23:00:43 +1000

runc (0.1.0+dfsg1-1) unstable; urgency=medium

  * Dropped dependency on "golang-docker-dev" in favour of bundled
    (or build time sub-vendored) "github.com/docker/docker" in order
    to avoid circular dependency with Docker.
  * Standards-Version: 3.9.8.
  * Corrected Vcs-Git URL.

 -- Dmitry Smirnov <onlyjob@debian.org>  Sun, 12 Jun 2016 17:56:45 +1000

runc (0.1.0+dfsg-1) unstable; urgency=medium

  [ Tim Potter ]
  * Team upload
  * New upstream release [April 2016]
    = golang-github-opencontainers-specs-dev (>= 0.5.0~)
  * De-vendor new dependencies; pquerna/ffjson appears unused

 -- Dmitry Smirnov <onlyjob@debian.org>  Sat, 23 Apr 2016 07:59:18 +1000

runc (0.0.9+dfsg-1) unstable; urgency=medium

  * New upstream release [March 2016].
  * (Build-)Depends:
    = golang-github-opencontainers-specs-dev (>= 0.4.0~)
    = golang-github-codegangsta-cli-dev (>= 0.0~git20151221~)
    - help2man
    + go-md2man
  * Install upstream man pages.
  * Install "runc" binary to "/usr/sbin".

 -- Dmitry Smirnov <onlyjob@debian.org>  Sat, 16 Apr 2016 17:23:48 +1000

runc (0.0.8+dfsg-2) unstable; urgency=medium

  * (Build-)Depends:
    + golang-github-docker-go-units-dev
    + golang-github-seccomp-libseccomp-golang-dev

 -- Dmitry Smirnov <onlyjob@debian.org>  Wed, 23 Mar 2016 20:05:01 +1100

runc (0.0.8+dfsg-1) unstable; urgency=medium

  * New upstream release [February 2016].
  * Build-Depends:
    + golang-github-vishvananda-netlink-dev
  * Updated Vcs URLs.
  * Standards-Version: 3.9.7.

 -- Dmitry Smirnov <onlyjob@debian.org>  Fri, 26 Feb 2016 18:19:24 +1100

runc (0.0.4~dfsg-1) unstable; urgency=medium

  * New upstream release (Closes: #802507).
  * Dropped obsolete lintian-overrides.

 -- Dmitry Smirnov <onlyjob@debian.org>  Wed, 21 Oct 2015 09:02:42 +1100

runc (0.0.3~dfsg2-1) unstable; urgency=low

  * Initial release (Closes: #796486).
    Thanks, Alexandre Viau.

 -- Dmitry Smirnov <onlyjob@debian.org>  Sun, 06 Sep 2015 18:06:34 +1000
