Your message dated Wed, 30 Jul 2025 02:34:00 +0000
with message-id <[email protected]>
and subject line Bug#1110096: fixed in criu 4.1.1-1
has caused the Debian Bug report #1110096,
regarding criu: Broken restore functionality of mount namespaces within CRIU
with Linux security fix backported to all stable series: "mnt-v2: Failed to
make mount 476 slave: Invalid argument."
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1110096: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1110096
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: criu
Version: 4.1-1
Severity: serious
Tags: upstream
Justification: renders package unusable for users restoring container
X-Debbugs-Cc: [email protected]
The criu project today released 4.1.1 as bufix release containing one
single fix:
| This release of CRIU (4.1.1) addresses a critical compatibility issue
| introduced in the Linux kernel and back-ported to all stable releases.
|
| The kernel commit (12f147ddd6de "do_change_type(): refuse to operate on
| unmounted/not ours mounts") addressed the security issue introduced
| almost 20 years ago. Unfortunately, this change inadvertently broke the
| restore functionality of mount namespaces within CRIU. Users attempting
| to restore a container on updated kernels would encounter the error:
| "mnt-v2: Failed to make mount 476 slave: Invalid argument."
|
| This release contains the necessary adjustments to CRIU, allowing it to
| work seamlessly with kernels incorporating this security change.
https://github.com/checkpoint-restore/criu/releases/tag/v4.1.1
The kernel change is a security fix which was backported to all stable
eseries, and in particular for Debian relevant as 6.1.142 (not yet
released but will be soon as DSA), 6.12.34 in trixie.
The fix should land ideally in trixie, but I'm awaere that the last
posibiltiy for unblocks is just around the corner.
I'm right now verifying the fix and filling this bug already for
transparency.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: criu
Source-Version: 4.1.1-1
Done: Salvatore Bonaccorso <[email protected]>
We believe that the bug you reported is fixed in the latest version of
criu, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <[email protected]> (supplier of updated criu package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 29 Jul 2025 20:37:31 +0200
Source: criu
Architecture: source
Version: 4.1.1-1
Distribution: unstable
Urgency: medium
Maintainer: Salvatore Bonaccorso <[email protected]>
Changed-By: Salvatore Bonaccorso <[email protected]>
Closes: 1110096
Changes:
criu (4.1.1-1) unstable; urgency=medium
.
* New upstream version 4.1.1
- mount-v2: enter the mount namesapce to propagation properties
(Closes: #1110096)
Checksums-Sha1:
8de5b862db52c2e1ef0fc28acffebcaac9edfeaa 2806 criu_4.1.1-1.dsc
fd070609736ec795b2272641ef4b88d61e93ac2c 1021136 criu_4.1.1.orig.tar.xz
d112f70bd100c3d06b9fbb52a974f230e18451f4 12368 criu_4.1.1-1.debian.tar.xz
Checksums-Sha256:
12206f74ab852907156db8fdf1fb2a40ebbc897d28c133a2cbe804fab13f8b62 2806
criu_4.1.1-1.dsc
f80a66cb3726bb2116266d4759ce3bcbfab7abdb6b6d430bf20dd41911717afe 1021136
criu_4.1.1.orig.tar.xz
103855d69544c3417abdb5b309c1773db98af2293c4dc48bba39e244b85c778e 12368
criu_4.1.1-1.debian.tar.xz
Files:
b76fc936ca0591d50d299348b03875e9 2806 admin optional criu_4.1.1-1.dsc
6de15517e9b86997b34f67d99dced2a5 1021136 admin optional criu_4.1.1.orig.tar.xz
b461ee9e2cd47a03b881637b2dc8e7d7 12368 admin optional
criu_4.1.1-1.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmiJOPxfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89Eel0P/3a2+PlKkBAJo1Hn5w3EIO2GANEIc3En
tu8mGxaBRZ6ilhLFXMHMwQgI3FRLTcyOjbk4ewPGSC/GqUxznYSfZVCqNiNGmNIW
e82bs4VzRBsdcFcKDwvaPUALQmV2yC79ReZ1m6igYyIiECzVdDjkAacCuvFdSQR1
MvMaX55mL/7IaETsosug9qcWsu2CH2EmYnxO6sLHuKGQRXFlzM/klQy37R48dkN2
XXsY4O5GxEs3KYgFVJCN1KhuFK4yKtbvUiQGG2fvQiaA7LOoH3D9eK/yCmztQzEg
ujJOk/PPdhoVg+c+UGoPeIS7L7Ut0jCJjVZwfrgQdfNOKxup7yWqaaXPLCZA81lG
X+gdDNGByK0hAuA+Q8hrkACvXFvcJlRyz8ZVDoshPkj3XCRDZ04bKqboSXSHKThT
kIJL00Z/aTs5yRY21GglsU+uFYgyOoTYw6F+Z/XwcGiwf+IX/QBjSb5nl4Ho9lZE
Ssb6PWskMf9g2AJJVQC2qncZBpwU5hmx/NP1gzupQ5Ohl41/7kqKfvUehwNju+zq
U0TXeFcJN9aIg+/pvMVUXrNv/3DISeBtHwrhicvRE9wi6wy21b4OtOlx7Bam4sbw
4NpSnvKIMv9/WsrblFqYAyhsdyXTVFmuozUAbCOE9v6digGtQ5AgnJ2ouzLOmlV/
7gwSqAVNpRQd
=+Xhn
-----END PGP SIGNATURE-----
pgphYfUV83fbD.pgp
Description: PGP signature
--- End Message ---
