diff --git a/runc-1.0.2.tar.xz b/runc-1.0.2.tar.xz
deleted file mode 100644
index aa1269c..0000000
--- a/runc-1.0.2.tar.xz
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:740acb49e33eaf4958b5109c85363c1d3900f242d4cab47fbdbefa6f8f3c6909
-size 1414636
diff --git a/runc-1.0.2.tar.xz.asc b/runc-1.0.2.tar.xz.asc
deleted file mode 100644
index a4c9b35..0000000
--- a/runc-1.0.2.tar.xz.asc
+++ /dev/null
@@ -1,17 +0,0 @@
------BEGIN PGP SIGNATURE-----
-
-iQJEBAABCAAuFiEEXzbGxhtUYBJKdfWmnhiqJn3bjbQFAmEjV+UQHGFzYXJhaUBz
-dXNlLmNvbQAKCRCeGKomfduNtCm3EACpeyPHWK+/W2neUO0h1OmBwjh5T6MEfFKw
-Jykfcy2hmBOeDA6BrDtmCYm1ehUFAysj3PZ67gg40m9jI9/0EbEs00JVHLMwtM9L
-SiJu+5M3xJUZJxIZ7mC0JdYVWJIWraKHmpsaTdox/gy9vMjGs4GfzrfvTcDCYZcn
-wPTPVQJI1guK8+4C2vjgVPTLKARnpflsXNdlMM0B6r4bJDW/I5vsrTbJpxrEx+e4
-YiBI1mNCElIK8w75oefAovXEotAcDXN/gIdXwFmlL++2sdRYVqSWTbvP1r3axAaD
-XFu0tF1+2kllzurri4DY8ID9TykcI8bNKHnSzmwY9me4NoCOnD8j9QEwm0apKYEw
-ddxopfzlT+WFM4Nq4QqwEN9aY0kHfhGqvEwUAjK5pWd5F4lBF0YDE9M+2SQ/mrqS
-SRnHTbiyEzuuGzfZvVZuaz1KfSldyr1FTV+9H6eBmMHUzIAYjTm4F0QQVAP6/isn
-YcAlogzWoCsZw9V2TmtURCCIoZvnjmgnnDYOqA8zbuhsd8s/RT1A37UhNztOGC+s
-BvEDCn1c0Duo48UUZ5SnGL90xwBnzj0CJniJpnWNk5Rhb2hASevDESt6gugKndvQ
-bwbckX6iFcHMaavHDjQ8DWjFRGePk4QZgURMZOYln5vyLXtaG11ezKFV5lkth7RA
-fce5QrFY7A==
-=3xEL
------END PGP SIGNATURE-----
diff --git a/runc-1.0.3.tar.xz b/runc-1.0.3.tar.xz
new file mode 100644
index 0000000..2850dd8
--- /dev/null
+++ b/runc-1.0.3.tar.xz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:e9297b338f3b382cc3a40d4c4a3bfbe8ff8db9761028691a67ea68e612d21ab6
+size 1415820
diff --git a/runc-1.0.3.tar.xz.asc b/runc-1.0.3.tar.xz.asc
new file mode 100644
index 0000000..0488024
--- /dev/null
+++ b/runc-1.0.3.tar.xz.asc
@@ -0,0 +1,17 @@
+-----BEGIN PGP SIGNATURE-----
+
+iQJDBAABCAAtFiEEXzbGxhtUYBJKdfWmnhiqJn3bjbQFAmGtjaEPHGFzYXJhaUBz
+dXNlLmRlAAoJEJ4YqiZ92420Wv8QALHxw0muAoTPwFNkh3KLbGtiCiniFEJsaWCq
++abTJKOURbRzM2GuTu78cu305PC7KJcy33jgUK7g9AeuJkGj08OqqqIZeQNHThIq
+LQfZOBKjX6PoXSFGSAQzwEehp+Nx8zc09e4u6yspr3GqKgxAlag0aq+qgiwvay/I
+7sfFu54ooEw2zom+EHfYOOuMpmRSP38zw77USpqR6OUQQAm/UX1fGJdEi15qqS2U
+31oUiSRkxwttvJTxXXpcGf71oB8iBLfM4BhFCkHLX0+uQUFh22Nmr8D4d8JE3ur+
+xOJRXfF28o8lNV/ixQ+8c2YvxObF2hqine5ScZ1g8D0/d3oLZDKxuWb7lvSxXnRy
+Ij1Jkw6Lg8RMjvPjjGn+P+l4N74fnPB1oUQIkpBg5YEufUph9NMiURdcbr28w4Is
+alV37DgQno+QxGCou4os7XFlapeLUkc44FN3FNIlCUMew69X8e+QnBo3X4nkm1cl
+rDr+HjmjgZi1vyry/klVfaYy8g8hMmplU0TKRI4wAwElNW0qQZZIvuh+EbLxbVfE
+1Xi1xZM4P2P9vpIYsem9fBQtHexV9j9NnBoZQnF874rUgLFadYHg84IK1lmiEcTr
+0JNUU1l+dLTXGzt9qpOFnVSzQy7fECagEXNLPWBOQzL0esdvZpu+dx3aosKyKDNv
+eJJjGgZy
+=jAoe
+-----END PGP SIGNATURE-----
diff --git a/runc.changes b/runc.changes
index 1b8142a..40fdd75 100644
--- a/runc.changes
+++ b/runc.changes
@@ -1,3 +1,29 @@
+-------------------------------------------------------------------
+Mon Dec  6 04:38:25 UTC 2021 - Aleksa Sarai <asarai@suse.com>
+
+- Update to runc v1.0.3. Upstream changelog is available from
+  https://github.com/opencontainers/runc/releases/tag/v1.0.3. CVE-2021-43784
+
+  * A potential vulnerability was discovered in runc (related to an internal
+    usage of netlink), however upon further investigation we discovered that
+    while this bug was exploitable on the master branch of runc, no released
+    version of runc could be exploited using this bug. The exploit required
+    being able to create a netlink attribute with a length that would overflow a
+    uint16 but this was not possible in any released version of runc. For more
+    information see GHSA-v95c-p5hm-xq8f and CVE-2021-43784.
+
+    Due to an abundance of caution we decided to do an emergency release with
+    this fix, but to reiterate we do not believe this vulnerability was
+    possible to exploit. Thanks to Felix Wilhelm from Google Project Zero for
+    discovering and reporting this vulnerability so quickly.
+  * Fixed inability to start a container with read-write bind mount of a
+    read-only fuse host mount.
+  * Fixed inability to start when read-only /dev in set in spec.
+  * Fixed not removing sub-cgroups upon container delete, when rootless cgroup
+    v2 is used with older systemd.
+  * Fixed returning error from GetStats when hugetlb is unsupported (which
+    causes excessive logging for kubernetes).
+
 -------------------------------------------------------------------
 Mon Aug 23 09:35:05 UTC 2021 - Aleksa Sarai <asarai@suse.com>
 
diff --git a/runc.spec b/runc.spec
index 7d1d342..3506213 100644
--- a/runc.spec
+++ b/runc.spec
@@ -21,12 +21,12 @@
 %define git_version 4144b63817ebcc5b358fc2c8ef95f7cddd709aa7
 
 # Package-wide golang version
-%define go_version 1.13
+%define go_version 1.16
 %define project github.com/opencontainers/runc
 
 Name:           runc
-Version:        1.0.2
-%define _version 1.0.2
+Version:        1.0.3
+%define _version 1.0.3
 Release:        0
 Summary:        Tool for spawning and running OCI containers
 License:        Apache-2.0