We are planning to do a release next week with updated versions of software that don't contain the exploit. We are not doing a release this week because there are two lines of defense that block this exploit on Atomic Host:
1. /usr/ is mounted read-only 2. SELinux is enabled by default SELinux blocks this exploit and /usr/ being read-only prevents the runc binary from being overwritten. Even if you had disabled SELinux /usr/ is still mounted read only so you're Atomic Host systems should be safe. Dusty https://nvd.nist.gov/vuln/detail/CVE-2019-5736
