Your message dated Mon, 25 Aug 2025 14:32:27 +0000
with message-id <[email protected]>
and subject line Bug#1110096: fixed in criu 3.17.1-2+deb12u2
has caused the Debian Bug report #1110096,
regarding criu: Broken restore functionality of mount namespaces within CRIU
with Linux security fix backported to all stable series: "mnt-v2: Failed to
make mount 476 slave: Invalid argument."
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1110096: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1110096
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: criu
Version: 4.1-1
Severity: serious
Tags: upstream
Justification: renders package unusable for users restoring container
X-Debbugs-Cc: [email protected]
The criu project today released 4.1.1 as bufix release containing one
single fix:
| This release of CRIU (4.1.1) addresses a critical compatibility issue
| introduced in the Linux kernel and back-ported to all stable releases.
|
| The kernel commit (12f147ddd6de "do_change_type(): refuse to operate on
| unmounted/not ours mounts") addressed the security issue introduced
| almost 20 years ago. Unfortunately, this change inadvertently broke the
| restore functionality of mount namespaces within CRIU. Users attempting
| to restore a container on updated kernels would encounter the error:
| "mnt-v2: Failed to make mount 476 slave: Invalid argument."
|
| This release contains the necessary adjustments to CRIU, allowing it to
| work seamlessly with kernels incorporating this security change.
https://github.com/checkpoint-restore/criu/releases/tag/v4.1.1
The kernel change is a security fix which was backported to all stable
eseries, and in particular for Debian relevant as 6.1.142 (not yet
released but will be soon as DSA), 6.12.34 in trixie.
The fix should land ideally in trixie, but I'm awaere that the last
posibiltiy for unblocks is just around the corner.
I'm right now verifying the fix and filling this bug already for
transparency.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: criu
Source-Version: 3.17.1-2+deb12u2
Done: Salvatore Bonaccorso <[email protected]>
We believe that the bug you reported is fixed in the latest version of
criu, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Salvatore Bonaccorso <[email protected]> (supplier of updated criu package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 24 Aug 2025 15:12:30 +0200
Source: criu
Architecture: source
Version: 3.17.1-2+deb12u2
Distribution: bookworm
Urgency: medium
Maintainer: Salvatore Bonaccorso <[email protected]>
Changed-By: Salvatore Bonaccorso <[email protected]>
Closes: 1110096
Changes:
criu (3.17.1-2+deb12u2) bookworm; urgency=medium
.
* mount-v2: enter the mount namesapce to propagation properties
(Closes: #1110096)
Checksums-Sha1:
e03c80d31b752e9caa9921dd5f1beba12b65994f 2238 criu_3.17.1-2+deb12u2.dsc
768d40ef37822c27e2ec90d828d5772f0f4d8b76 13716
criu_3.17.1-2+deb12u2.debian.tar.xz
Checksums-Sha256:
9bc7473557ebeb93a1c0ef016f4906e8c4851b1efe123dea44c5313702f6ea96 2238
criu_3.17.1-2+deb12u2.dsc
bb1a4b2cc8b2e6b4d9767cd6901045cadcbfdea2739fef471d3a77caddd78ca7 13716
criu_3.17.1-2+deb12u2.debian.tar.xz
Files:
1da9b0f9369e29a9aa8a6b6bb82781fb 2238 admin optional criu_3.17.1-2+deb12u2.dsc
39c6e40c01d7706d799ce9d33760f216 13716 admin optional
criu_3.17.1-2+deb12u2.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQKmBAEBCgCQFiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmirEixfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2
NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQSHGNhcm5pbEBk
ZWJpYW4ub3JnAAoJEAVMuPMTQ89EWQUP/353LvtxKuwHHWWSbLktpb+GPGMRtwRO
dN4Z9vwLg6PJhXxTz0JHRBx+lfnl3pshAJByyDSppcn/IsgRqehD2HyI6QHLb5t8
jcSwVun2ddPx3efGmYhqAClY+0z0VlDW8N+j6jnbZwH8WPyulUgX329W8pugIHly
ctNwbmdVwRYdJLPcHG3bUVZY06ufv3PtS6z8GVxHHcC+G2oygcwu9OwDMlyOmBpH
s+5OYhVgaRFzSahoMxNKWYJhVlfRbiK1Xfy3cPyV3dqzvwWSw8bO4lZhmw6j3eXo
mQYfaA64l3C/bH03yZLPS+fphS1lm8d0Y1hYsvVepvhbZ2+EaikvIOeFi9bUlBm1
59jqfqTtB32sQtHbXGlHS3cU+RbgBCal2op1RfpMcs46Sqbz6xJO/3CjPjnVbsD8
9Z8AAWHB8wCkmjZnus8oPrcw5s7ZJh6Dak5AAz6b7PX8V/9HVnLtSOgXeKEBw6Tt
TH5VDDDXCzWiiWXkJTp9t4PvuGuP2iqYtBgnlaytDZH2+Au0yJ0hdlBgahSYFiHn
hDSKpsMRuIfaZmwNW0h0SXZqBgefVSZTYYXShr2+/2z2E7SEcSFX8vaRcnQItPCK
3fn3fQdtJ5T02Jcwp00kk/QKZpALzf/GC1SIMXXG4VKeNpEv379p4qNG1yTaCEfV
uXBM95Yoe7KH
=2c++
-----END PGP SIGNATURE-----
pgpyrayvJpotr.pgp
Description: PGP signature
--- End Message ---
