kotovalexarian-likes-github/moby--moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Code Releases Activity
moby--moby/vendor/github.com/opencontainers
History
Sebastiaan van Stijn 73c8238614
bump opencontainers/selinux to b29023b86e4a69d1b46b7e7b4e2b6fda03f0b9cd 
This vendoring fixes two issues.

1. When a user specifies an SELinux MCS Label (level) to override moby picking
   an unigue MCS label, the code currently picks a label then overrides with the
   user selected. This works fine, except the unique MCS Label is leaked and will
   not be used until the daemon is restarted.
2. The override label, is not reserved. This could potentially cause an issue
   where the daemon could pick the same MCS Label again for a different container.
   (~ 1/500,000 Chance).

The updated selinux go bindings, now release the overriden unigue label, and reserve
the one specified by the user.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2017-10-31 16:54:16 +01:00
..
go-digest rerun vndr 2017-03-08 02:29:34 +00:00
image-spec Vendor containerd 1.0 2017-10-19 13:19:41 -07:00
runc Update runc to 0351df1c5a66838d0c392b4ac4cf9450de844e2d 2017-09-26 11:07:27 +00:00
runtime-spec Update containerd to 06b9cb35161009dcb7123345749fef02f7cea8e0 2017-08-21 12:04:07 -07:00
selinux bump opencontainers/selinux to b29023b86e4a69d1b46b7e7b4e2b6fda03f0b9cd 2017-10-31 16:54:16 +01:00