Open klepiz opened 8 months ago
As cause of the recent docker vulnerabilty https://snyk.io/blog/leaky-vessels-docker-runc-container-breakout-vulnerabilities/, urrently the lastest version of summerwind/actions-runner contains Docker version 24.0.7, build afdd53b, Docker required to be updated to Docker Engine 4.25.2 and runc 1.1.12 which contains a fix CVE-2024-24557, CVE-2024-23650, CVE-2024-23651, CVE-2024-23652 and CVE-2024-23653 and CVE-2024-21626
Is there a faster way to update the docker/runc version for actions-runner-controller? my current k8s master/nodes are already updated to the latest version of runc
Any updates here in how to proceed?
What would you like added? and Why is this needed?
As cause of the recent docker vulnerabilty https://snyk.io/blog/leaky-vessels-docker-runc-container-breakout-vulnerabilities/, urrently the lastest version of summerwind/actions-runner contains Docker version 24.0.7, build afdd53b, Docker required to be updated to Docker Engine 4.25.2 and runc 1.1.12 which contains a fix CVE-2024-24557, CVE-2024-23650, CVE-2024-23651, CVE-2024-23652 and CVE-2024-23653 and CVE-2024-21626
Questions
Is there a faster way to update the docker/runc version for actions-runner-controller? my current k8s master/nodes are already updated to the latest version of runc