update runc binary to v1.1.12

Update the runc binary that's used in CI and for the static packages, which includes a fix for [CVE-2024-21626]. - release notes: https://github.com/opencontainers/runc/releases/tag/v1.1.12 - full diff: opencontainers/runc@v1.1.11...v1.1.12 [CVE-2024-21626]: GHSA-xr7r-f8xq-vfvv Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit 44bf407) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
moby · Jan 31, 2024 · 4edb71b · 4edb71b
1 parent 667bc3f
commit 4edb71b
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/Dockerfile b/Dockerfile
@@ -283,7 +283,7 @@ RUN git init . && git remote add origin "https://github.com/opencontainers/runc.
 # that is used. If you need to update runc, open a pull request in the containerd
 # project first, and update both after that is merged. When updating RUNC_VERSION,
 # consider updating runc in vendor.mod accordingly.
-ARG RUNC_VERSION=v1.1.11
+ARG RUNC_VERSION=v1.1.12
 RUN git fetch -q --depth 1 origin "${RUNC_VERSION}" +refs/tags/*:refs/tags/* && git checkout -q FETCH_HEAD
 
 FROM base AS runc-build

diff --git a/hack/dockerfile/install/runc.installer b/hack/dockerfile/install/runc.installer
@@ -9,7 +9,7 @@ set -e
 # the containerd project first, and update both after that is merged.
 #
 # When updating RUNC_VERSION, consider updating runc in vendor.mod accordingly
-: "${RUNC_VERSION:=v1.1.11}"
+: "${RUNC_VERSION:=v1.1.12}"
 
 install_runc() {
 	RUNC_BUILDTAGS="${RUNC_BUILDTAGS:-"seccomp"}"