data/reports: fix GO-2021-0085.yaml

Add vulnerable_at, symbols, and fix packages

Aliases: CVE-2019-16884, GHSA-fgv8-vj5c-2ppq

Updates #85

Change-Id: I38fafcb65c74a36cde3add37858ea3fbd606ae51
Reviewed-on: https://go-review.googlesource.com/c/vulndb/+/463682
Reviewed-by: Tatiana Bradley <[email protected]>
Run-TryBot: Tatiana Bradley <[email protected]>
Auto-Submit: Tatiana Bradley <[email protected]>
TryBot-Result: Gopher Robot <[email protected]>
Reviewed-by: Tim King <[email protected]>

Author: tatianab

data/osv/GO-2021-0085.json

@@ -32,7 +32,16 @@
       "ecosystem_specific": {
         "imports": [
           {
-            "path": "github.com/opencontainers/runc/libcontainer"
+            "path": "github.com/opencontainers/runc/libcontainer/apparmor",
+            "symbols": [
+              "ApplyProfile"
+            ]
+          },
+          {
+            "path": "github.com/opencontainers/runc/libcontainer/utils",
+            "symbols": [
+              "CloseExecFrom"
+            ]
           }
         ]
       }
@@ -61,7 +70,11 @@
       "ecosystem_specific": {
         "imports": [
           {
-            "path": "github.com/opencontainers/selinux/go-selinux"
+            "path": "github.com/opencontainers/selinux/go-selinux",
+            "symbols": [
+              "readCon",
+              "writeCon"
+            ]
           }
         ]
       }
@@ -76,6 +89,10 @@
       "type": "FIX",
       "url": "https://github.com/opencontainers/runc/commit/cad42f6e0932db0ce08c3a3d9e89e6063ec283e4"
     },
+    {
+      "type": "FIX",
+      "url": "https://github.com/opencontainers/selinux/commit/03b517dc4fd57245b1cf506e8ba7b817b6d309da"
+    },
     {
       "type": "WEB",
       "url": "https://github.com/opencontainers/runc/issues/2128"

data/reports/GO-2021-0085.yaml

@@ -2,13 +2,22 @@ modules:
   - module: github.com/opencontainers/runc
     versions:
       - fixed: 1.0.0-rc8.0.20190930145003-cad42f6e0932
+    vulnerable_at: 1.0.0-rc8
     packages:
-      - package: github.com/opencontainers/runc/libcontainer
+      - package: github.com/opencontainers/runc/libcontainer/apparmor
+        symbols:
+          - ApplyProfile
+      - package: github.com/opencontainers/runc/libcontainer/utils
+        symbols:
+          - CloseExecFrom
   - module: github.com/opencontainers/selinux
     versions:
       - fixed: 1.3.1-0.20190929122143-5215b1806f52
     packages:
       - package: github.com/opencontainers/selinux/go-selinux
+        symbols:
+          - readCon
+          - writeCon
 description: |
     AppArmor restrictions may be bypassed due to improper validation of mount
     targets, allowing a malicious image to mount volumes over e.g. /proc.
@@ -21,4 +30,5 @@ credit: Leopold Schabel
 references:
   - fix: https://github.com/opencontainers/runc/pull/2130
   - fix: https://github.com/opencontainers/runc/commit/cad42f6e0932db0ce08c3a3d9e89e6063ec283e4
+  - fix: https://github.com/opencontainers/selinux/commit/03b517dc4fd57245b1cf506e8ba7b817b6d309da
   - web: https://github.com/opencontainers/runc/issues/2128