v1.1.10 -- "Śruba, przykręcona we śnie, nie zmieni sytuacji, jaka panuje na jawie." This is the tenth (and most likely final) patch release in the 1.1.z release branch of runc. It mainly fixes a few issues in cgroups, and a umask-related issue in tmpcopyup. + Add support for `hugetlb.<pagesize>.rsvd` limiting and accounting. Fixes the issue of postres failing when hugepage limits are set. (#3859, #4077) * Fixed permissions of a newly created directories to not depend on the value of umask in tmpcopyup feature implementation. (#3991, #4060) * libcontainer: cgroup v1 GetStats now ignores missing `kmem.limit_in_bytes` (fixes the compatibility with Linux kernel 6.1+). (#4028) * Fix a semi-arbitrary cgroup write bug when given a malicious hugetlb configuration. This issue is not a security issue because it requires a malicious `config.json`, which is outside of our threat model. (#4103) Thanks to all of the contributors who made this release possible: * Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp> * Aleksa Sarai <cyphar@cyphar.com> * Jordan Rife <jrife0@gmail.com> * Kir Kolyshkin <kolyshkin@gmail.com> * lifubang <lifubang@acmcoder.com> * Mrunal Patel <mrunalp@gmail.com> Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>