containerd

Files

Sebastiaan van Stijn 9037069da8 update to go1.23.1, go1.22.7

- https://github.com/golang/go/issues?q=milestone%3AGo1.23.1+label%3ACherryPickApproved
- full diff: https://github.com/golang/go/compare/go1.23.0...go1.23.1

These minor releases include 3 security fixes following the security policy:

- go/parser: stack exhaustion in all Parse* functions

    Calling any of the Parse functions on Go source code which contains
    deeply nested literals can cause a panic due to stack exhaustion.

    This is CVE-2024-34155 and Go issue https://go.dev/issue/69138.

- encoding/gob: stack exhaustion in Decoder.Decode

    Calling Decoder.Decode on a message which contains deeply nested
    structures can cause a panic due to stack exhaustion.

    This is a follow-up to CVE-2022-30635.

    Thanks to Md Sakib Anwar of The Ohio State University for reporting
    this issue.

    This is CVE-2024-34156 and Go issue https://go.dev/issue/69139.

- go/build/constraint: stack exhaustion in Parse

    Calling Parse on a "// +build" build tag line with deeply nested
    expressions can cause a panic due to stack exhaustion.

    This is CVE-2024-34158 and Go issue https://go.dev/issue/69141.

View the release notes for more information:
https://go.dev/doc/devel/release#go1.23.1

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

2024-09-06 16:12:28 +02:00

config-containerd

script/setup/config-containerd: Use slow_chown

2024-07-10 17:26:31 +02:00

config-selinux

scripts: add missing quotes, and minor linting issues

2021-08-03 17:23:18 +02:00

critools-version

Update cri-tools to v1.30.1

2024-07-11 14:58:44 +02:00

crun-version

Bump crun to 1.16