Skip to content

deps: update to github.com/opencontainers/selinux@v0.13.0 #4977

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 8, 2025
Merged

deps: update to github.com/opencontainers/selinux@v0.13.0 #4977

merged 1 commit into from
Nov 8, 2025

Conversation

@cyphar
Copy link
Member

@cyphar cyphar commented Nov 7, 2025

This new version includes the fixes for CVE-2025-52881, so we can remove
the internal/third_party copy of the library we added in commit
ed6b169 ("selinux: use safe procfs API for labels") as well as the
"replace" directive in go.mod (which is problematic for "go get"
installs).

Fixes: ed6b169 ("selinux: use safe procfs API for labels")
Signed-off-by: Aleksa Sarai cyphar@cyphar.com

@cyphar
deps: update to github.com/opencontainers/selinux@v0.13.0
96f1962 
This new version includes the fixes for CVE-2025-52881, so we can remove
the internal/third_party copy of the library we added in commit
ed6b169 ("selinux: use safe procfs API for labels") as well as the
"replace" directive in go.mod (which is problematic for "go get"
installs).

Fixes: ed6b169 ("selinux: use safe procfs API for labels")
Signed-off-by: Aleksa Sarai <cyphar@cyphar.com>
@cyphar cyphar added backport/1.2-todo A PR in main branch which needs to be backported to release-1.2 backport/1.3-todo A PR in main branch which needs to be backported to release-1.3 backport/1.4-todo A PR in main branch which needs to backported to release-1.4 labels Nov 7, 2025
This was referenced Nov 7, 2025
Merged
Merged
Merged
Open
@lifubang
Copy link
Member

lifubang commented Nov 8, 2025
edited
Loading

This PR also bumps github.com/cyphar/filepath-securejoin from v0.5.1 to v0.6.0.

@lifubang lifubang merged commit 95762b6 into opencontainers:main Nov 8, 2025
36 checks passed
@cyphar cyphar deleted the selinux-1.13 branch November 8, 2025 01:59
@cyphar cyphar added backport/1.2-done A PR in main branch which has been backported to release-1.2 backport/1.3-done A PR in main branch which has been backported to release-1.3 backport/1.4-done A PR in main branch which has been backported to release-1.4 and removed backport/1.2-todo A PR in main branch which needs to be backported to release-1.2 backport/1.3-todo A PR in main branch which needs to be backported to release-1.3 backport/1.4-todo A PR in main branch which needs to backported to release-1.4 labels Nov 12, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@lifubang lifubang lifubang approved these changes

@AkihiroSuda AkihiroSuda AkihiroSuda approved these changes

Assignees

No one assigned

Labels

backport/1.2-done A PR in main branch which has been backported to release-1.2 backport/1.3-done A PR in main branch which has been backported to release-1.3 backport/1.4-done A PR in main branch which has been backported to release-1.4

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@cyphar @lifubang @AkihiroSuda