Skip to content
v1.1.10 -- "Śruba, przykręcona we śnie, nie zmieni sytuacji, jaka panuje na jawie."

This is the tenth (and most likely final) patch release in the 1.1.z
release branch of runc. It mainly fixes a few issues in cgroups, and a
umask-related issue in tmpcopyup.

+ Add support for `hugetlb.<pagesize>.rsvd` limiting and accounting.
  Fixes the issue of postres failing when hugepage limits are set.
  (#3859, #4077)
* Fixed permissions of a newly created directories to not depend on the value
  of umask in tmpcopyup feature implementation. (#3991, #4060)
* libcontainer: cgroup v1 GetStats now ignores missing `kmem.limit_in_bytes`
  (fixes the compatibility with Linux kernel 6.1+). (#4028)
* Fix a semi-arbitrary cgroup write bug when given a malicious hugetlb
  configuration. This issue is not a security issue because it requires a
  malicious `config.json`, which is outside of our threat model. (#4103)

Thanks to all of the contributors who made this release possible:

 * Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>
 * Aleksa Sarai <cyphar@cyphar.com>
 * Jordan Rife <jrife0@gmail.com>
 * Kir Kolyshkin <kolyshkin@gmail.com>
 * lifubang <lifubang@acmcoder.com>
 * Mrunal Patel <mrunalp@gmail.com>

Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>