runc: Update runc commit to fix CVE-2019-5736
Also update runc version
Signed-off-by: Dave Tucker <dt@docker.com>
diff --git a/hack/dockerfile/install/runc.installer b/hack/dockerfile/install/runc.installer
index 62263b3..43b5504 100755
--- a/hack/dockerfile/install/runc.installer
+++ b/hack/dockerfile/install/runc.installer
@@ -1,14 +1,14 @@
#!/bin/sh
# When updating RUNC_COMMIT, also update runc in vendor.conf accordingly
-RUNC_COMMIT=69663f0bd4b60df09991c08812a60108003fa340
+RUNC_COMMIT=a592beb5bc4c4092b1b1bac971afed27687340c5
install_runc() {
# Do not build with ambient capabilities support
RUNC_BUILDTAGS="${RUNC_BUILDTAGS:-"seccomp apparmor selinux"}"
echo "Install runc version $RUNC_COMMIT"
- git clone https://github.com/opencontainers/runc.git "$GOPATH/src/github.com/opencontainers/runc"
+ git clone https://github.com/docker/runc.git "$GOPATH/src/github.com/opencontainers/runc"
cd "$GOPATH/src/github.com/opencontainers/runc"
git checkout -q "$RUNC_COMMIT"
if [ -z "$1" ]; then
@@ -16,7 +16,8 @@
else
target="$1"
fi
- make BUILDTAGS="$RUNC_BUILDTAGS" "$target"
+ # TODO: Remove me before 18.06.4
+ make BUILDTAGS="$RUNC_BUILDTAGS" VERSION="1.0.0-rc5+dev.docker-18.06" "$target"
mkdir -p ${PREFIX}
cp runc ${PREFIX}/docker-runc
}
