VERSION: release v1.3.1

[cyphar]

runc v1.3.1 -- "この瓦礫の山でよぉ"

This is the first patch release of the 1.3.z release series of runc. It
primarily includes some minor fixes for issues found in 1.3.0.

Fixed:

 * Container processes will no longer inherit the CPU affinity of runc
   by default. Instead, the default CPU affinity of container processes
   will be the largest set of CPUs permitted by the container's cpuset
   cgroup and any other system restrictions (such as isolated CPUs).
   (#4041, #4815, #4858)
 * Setting linux.rootfsPropagation to shared or unbindable now functions
   properly. (#1755, #1815, #4724, #4789)
 * Close seccomp agent connection to prevent resource leaks. (#4796,
   #4799)
 * runc delete and runc stop can now correctly handle cases where runc
   create was killed during setup. Previously it was possible for the
   container to be in such a state that neither runc stop nor runc
   delete would be unable to kill or delete the container. (#4534,
   #4645, #4757, #4793)
 * runc update will no longer clear intelRdt state information. (#4828,
   #4833)
 * CI: Fix exclusion rules and allow us to run jobs manually. (#4760,
   #4763)

Changed:

 * Improvements to the deprecation warnings as part of the
   github.com/opencontainers/cgroups split. (#4784, #4788)
 * Ignore the dmem controller in our cgroup tests, as systemd does not
   yet support it. (#4806, #4811)
 * /proc/net/dev is no longer included in the permitted procfs overmount
   list. Its inclusion was almost certainly an error, and because
   /proc/net is a symlink to /proc/self/net, overmounting this was
   almost certainly never useful (and will be blocked by future kernel
   versions). (#4817, #4820)
 * Simplify the prepareCriuRestoreMounts logic for checkpoint-restore.
   (#4765, #4871)
 * CI: Bump golangci-lint to v2.1. (#4747, #4754)
 * CI: Switch to GitHub-hosted ARM runners. Thanks again to @alexellis
   for supporting runc's ARM CI up until now. (#4844, #4856, #4866)

Thanks to the following contributors who made this release possible:

 * Akihiro Suda <[email protected]>
 * Aleksa Sarai <[email protected]>
 * HirazawaUi <[email protected]>
 * Kir Kolyshkin <[email protected]>
 * Markus Lehtonen <[email protected]>
 * Martin Sivak <[email protected]>
 * Pavel Liubimov <[email protected]>
 * Peter Hunt <[email protected]>
 * Rodrigo Campos <[email protected]>
 * Yusuke Sakurai <[email protected]>
 * lfbzhm <[email protected]>
 * ningmingxiao <[email protected]>

Signed-off-by: Aleksa Sarai <[email protected]>

[rata]

Thanks! I've spotted some typos on the PR numbers

[kolyshkin]

LGTM except for a single nit.

[rata]

@cyphar it seems you forgot to push the fixes here too?

[cyphar]

@rata My bad, pushed.

[rata]

LGTM, thanks!