Possibility of upgrading runc go binary to v1.1.5

[nilushancosta]

Hi team,
About a month ago, when I scanned datadog/agent:7.43.1 Docker image using Trivy, I noticed this image being vulnerable to CVE-2023-27561 due to github.com/opencontainers/runc v1.1.3 that is installed in the image. The scan results showed that this vulnerability is fixed in version v1.1.5 of this go binary.

When I scanned the latest agent image (datadog/agent:7.44.1) few days ago, it is still having this vulnerability.

Would it be possible to release a new version of the Docker image with the fixed version?

[amenasria]

Hey @nilushancosta,
Sorry for the delay, this was fixed in this PR which was shipped from the 7.45.0 version of the Datadog Agent. Unfortunately we're not planning on fixing 7.44.1, so please update your Agent to 7.45.0 if you want to fix this !