Affected by GO-2026-5064 and 2 other vulnerabilities

GO-2026-5064: containerd CRI checkpoint restore CDI annotation smuggling in github.com/containerd/containerd

GO-2026-5338: containerd: CRI checkpoint import allows local image tag poisoning in github.com/containerd/containerd

GO-2026-5622: Arbitrary host CRI log file read via symlink following in CRI checkpoint restore in github.com/containerd/containerd

The highest tagged major version is v2.

apparmor

package

v1.7.33 Latest Latest Go to latest Published: Jun 18, 2026 License: Apache-2.0 Imports: 2 Imported by: 68

Details

Rendered for

This section is empty.

This section is empty.

func HostSupports() bool

HostSupports returns true if apparmor is enabled for the host:

On Linux returns true if apparmor is enabled, apparmor_parser is present, and if we are not running docker-in-docker.
On non-Linux returns false.

This is derived from libcontainer/apparmor.IsEnabled(), with the addition of checks for apparmor_parser to be present and docker-in-docker.

This section is empty.