moby/hack/dockerfile at v28.5.2 - moby

mirror of https://github.com/moby/moby.git synced 2026-01-16 02:11:34 +00:00

Files

Paweł Gronowski 19675151a3 Dockerfile: update runc binary to v1.3.3

Update the version used in CI and for the static binaries.

- release notes: https://github.com/opencontainers/runc/releases/tag/v1.3.3
- full diff: https://github.com/opencontainers/runc/compare/v1.3.2...v1.3.3

This release contains fixes for three high-severity security
vulnerabilities in runc (CVE-2025-31133, CVE-2025-52565, and
CVE-2025-52881). All three vulnerabilities ultimately allow (through
different methods) for full container breakouts by bypassing runc's
restrictions for writing to arbitrary /proc files.

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
(cherry picked from commit 35f6a78082)
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>

2025-11-05 11:00:17 +01:00

etc/docker

hack: Add explicit containerd feature to daemon.json

2024-11-13 14:45:01 +01:00

install

Dockerfile: update runc binary to v1.3.3

2025-11-05 11:00:17 +01:00

cli.sh

hack/d/cli.sh: properly handle errors in curl

2023-07-17 10:18:19 -06:00