From a916309fff0f838eb94e928713dbc3c0d0ac7aa4 Mon Sep 17 00:00:00 2001
From: Kir Kolyshkin <kolyshkin@gmail.com>
Date: Thu, 5 May 2022 12:49:49 -0700
Subject: [PATCH] VERSION: release 1.1.2

Signed-off-by: Kir Kolyshkin <kolyshkin@gmail.com>
---
 CHANGELOG.md | 25 +++++++++++++++++++++++--
 VERSION      |  2 +-
 2 files changed, 24 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 44cfe0a0415..93a69170fea 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,4 +1,4 @@
-# Changelog/
+# Changelog
 This file documents all notable changes made to this project since runc 1.0.
 
 The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
@@ -6,6 +6,24 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ## [Unreleased]
 
+
+## [1.1.2] - 2022-05-06
+
+> I should think I’m going to be a perpetual student.
+
+### Security
+ * A bug was found in runc where runc exec --cap executed processes with
+   non-empty inheritable Linux process capabilities, creating an atypical Linux
+   environment. For more information, see [GHSA-f3fp-gc8g-vw66][] and
+   CVE-2022-29162.
+
+### Changed
+ * `runc spec` no longer sets any inheritable capabilities in the created
+   example OCI spec (`config.json`) file.
+
+[GHSA-f3fp-gc8g-vw66]: https://github.com/opencontainers/runc/security/advisories/GHSA-f3fp-gc8g-vw66
+
+
 ## [1.1.1] - 2022-03-28
 
 > Violence is the last refuge of the incompetent.
@@ -25,6 +43,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
  * libcontainer/cgroups no longer panics in cgroup v1 managers if `stat`
    of `/sys/fs/cgroup/unified` returns an error other than ENOENT. (#3435)
 
+
 ## [1.1.0] - 2022-01-14
 
 > A plan depends as much upon execution as it does upon concept.
@@ -35,6 +54,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
    should avoid folks accidentally creating broken runc binaries (and
    incorrectly importing our internal libraries into their projects). (#3331)
 
+
 ## [1.1.0-rc.1] - 2021-12-14
 
 > He who controls the spice controls the universe.
@@ -252,7 +272,8 @@ implementation (libcontainer) is *not* covered by this policy.
    cgroups at all during `runc update`). (#2994)
 
 <!-- minor releases -->
-[Unreleased]: https://github.com/opencontainers/runc/compare/v1.1.1...HEAD
+[Unreleased]: https://github.com/opencontainers/runc/compare/v1.1.2...HEAD
+[1.1.2]: https://github.com/opencontainers/runc/compare/v1.1.1...v1.1.2
 [1.1.1]: https://github.com/opencontainers/runc/compare/v1.1.0...v1.1.1
 [1.1.0]: https://github.com/opencontainers/runc/compare/v1.1.0-rc.1...v1.1.0
 [1.0.0]: https://github.com/opencontainers/runc/releases/tag/v1.0.0
diff --git a/VERSION b/VERSION
index ab422610db4..45a1b3f4452 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-1.1.1+dev
+1.1.2