Update containerd binary and vendor to v1.5.8#43025
Merged
thaJeztah merged 2 commits intomoby:masterfrom Nov 17, 2021
Merged
Conversation
The eighth patch release for containerd 1.5 contains a mitigation for CVE-2021-41190 as well as several fixes and updates. Notable Updates * Handle ambiguous OCI manifest parsing * Filter selinux xattr for image volumes in CRI plugin * Use DeactiveLayer to unlock layers that cannot be renamed in Windows snapshotter * Fix pull failure on unexpected EOF * Close task IO before waiting on delete * Log a warning for ignored invalid image labels rather than erroring * Update pull to handle of non-https urls in descriptors See the changelog for complete list of changes Signed-off-by: Sebastiaan van Stijn <[email protected]>
contains a mitigation for CVE-2021-41190 as well as several fixes and updates. full diff: containerd/containerd@v1.5.7...v1.5.8 Signed-off-by: Sebastiaan van Stijn <[email protected]>
thaJeztah
commented
Nov 17, 2021
| require ( | ||
| github.com/Microsoft/go-winio v0.4.17 | ||
| github.com/Microsoft/hcsshim v0.8.21 | ||
| github.com/Microsoft/hcsshim v0.8.23 |
Member
Author
There was a problem hiding this comment.
I'll open a follow-up PR for updating this one (after #42993 is merged, or perhaps I'll update that one)
thaJeztah
commented
Nov 17, 2021
| github.com/containerd/imgcrypt v1.1.1 | ||
| github.com/containerd/nri v0.1.0 | ||
| github.com/containerd/ttrpc v1.0.2 | ||
| github.com/containerd/ttrpc v1.1.0 |
Member
Author
There was a problem hiding this comment.
I'll open a follow-up PR for updating this one
samuelkarp
approved these changes
Nov 17, 2021
tianon
approved these changes
Nov 17, 2021
thaJeztah
added
status/4-merge
area/runtime
thaJeztah
commented
Nov 18, 2021
| # bug fixes or new APIs, however, usually the Go packages are built from a | ||
| # commit from the master branch. | ||
| : "${CONTAINERD_VERSION:=v1.5.7}" | ||
| : "${CONTAINERD_VERSION:=v1.5.8}" |
Member
Author
There was a problem hiding this comment.
whoops; I forgot to update the Windows Dockerfile accordingly 🙈 opened a follow-up #43032
This was referenced Nov 19, 2021
thaJeztah
added a commit
to thaJeztah/docker
that referenced
this pull request
Mar 18, 2022
Possibly more dependencies need to be updated, and instead of this we should cherry-pick. This is just a quick check "what would it look like if we bumped the version in this branch"; Updating to containerd 1.5 Last containerd update in 20.10 is moby@1f88736 (moby#41688) - moby@ab1dd80 moby#42274 - moby@5761fca moby#42274 - moby@42ef2c5 moby#42276 - moby@6202322 moby#42254 - moby@7c1c123 moby#42249 - moby@84df737 moby#42636 - moby@4fc2d4d moby#42656 - moby@3d58d13 moby#42697 - moby@582ef29 moby#42994 - moby@458b4aa moby#43025 Signed-off-by: Sebastiaan van Stijn <[email protected]>
thaJeztah
added a commit
to thaJeztah/docker
that referenced
this pull request
Mar 18, 2022
Possibly more dependencies need to be updated, and instead of this we should cherry-pick. This is just a quick check "what would it look like if we bumped the version in this branch"; Updating to containerd 1.5 Last containerd update in 20.10 is moby@1f88736 (moby#41688) - moby@ab1dd80 moby#42274 - moby@5761fca moby#42274 - moby@42ef2c5 moby#42276 - moby@6202322 moby#42254 - moby@7c1c123 moby#42249 - moby@84df737 moby#42636 - moby@4fc2d4d moby#42656 - moby@3d58d13 moby#42697 - moby@582ef29 moby#42994 - moby@458b4aa moby#43025 Signed-off-by: Sebastiaan van Stijn <[email protected]>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
update containerd binary to v1.5.8
The eighth patch release for containerd 1.5 contains a mitigation for CVE-2021-41190
as well as several fixes and updates.
Notable Updates
See the changelog for complete list of changes
vendor: github.com/containerd/containerd v1.5.8
contains a mitigation for CVE-2021-41190 as well as several fixes and updates.
full diff: containerd/containerd@v1.5.7...v1.5.8