Skip to content

v2.4.0

Latest
Latest

Choose a tag to compare

View all tags
@github-actions github-actions released this 17 Jun 12:32
· 1 commit to main since this release
v2.4.0
4a72972
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

What's Changed

  • fix(cli): verify PID identity so a reused PID is never mistaken for a box's shim (operability audit #1) by @ZhiXiao-Lin in #119
  • fix(cri): allocate sandbox network IPs under the store write lock (operability audit #4) by @ZhiXiao-Lin in #120
  • fix(runtime): quarantine corrupt store files instead of bricking the catalog (operability audit #2) by @ZhiXiao-Lin in #121
  • fix(cli): run monitor health probes with bounded concurrency, not serially (operability audit #3) by @ZhiXiao-Lin in #122
  • fix(core): durable atomic state writes — fsync before/after rename (operability audit #6) by @ZhiXiao-Lin in #123
  • fix: fail closed on out-of-range resource limits, not lossy casts (operability audit #11/#17/#19/#20) by @ZhiXiao-Lin in #124
  • fix(cli): reject overlapping subnets at network create (operability audit #13) by @ZhiXiao-Lin in #129
  • fix(cli): give the monitor daemon a SIGTERM/SIGINT handler (operability audit #10) by @ZhiXiao-Lin in #130
  • fix: surface boot hints, corrupt-state, and a real recovery command (operability audit #16/#18/#23) by @ZhiXiao-Lin in #125
  • fix(runtime): sweep leaked snapshot .staging-* dirs on store open (operability audit #8) by @ZhiXiao-Lin in #126
  • fix(cri): serialize PersistentCriStore.persist() so a stale snapshot can't win (operability audit #9) by @ZhiXiao-Lin in #127
  • fix(cri): bound the container-log partial-line buffer (operability audit #14) by @ZhiXiao-Lin in #128
  • fix(cli): keep a stopped box's network endpoint (stable IP across stop/start) (operability audit #12) by @ZhiXiao-Lin in #133
  • feat(cli): opt-in snapshot auto-prune on create via env (operability audit #7 follow-up) by @ZhiXiao-Lin in #136
  • fix(cli): expose warm-pool daemon metrics on a /metrics endpoint (operability audit #15) by @ZhiXiao-Lin in #135
  • fix(runtime): GC orphaned build-cache key records (operability audit #21) by @ZhiXiao-Lin in #132
  • fix(cli): emit audit events for box + image lifecycle (operability audit #5) by @ZhiXiao-Lin in #131
  • docs: snapshot prune + auto-prune env, pool --metrics-addr by @ZhiXiao-Lin in #137
  • fix(cli): add 'snapshot prune' to bound snapshot disk usage (operability audit #7) by @ZhiXiao-Lin in #134
  • fix: close 2 seam-review regressions + stale lockfile (operability batch close-out) by @ZhiXiao-Lin in #139
  • fix: restore libkrun submodule to the v2.3.0 pin (revert #124's stray bump) by @ZhiXiao-Lin in #138
  • fix(security): CRITICAL — validate registry digest to block path-traversal arbitrary host file write by @ZhiXiao-Lin in #141
  • fix(security): block host-file deletion via malicious-image whiteout symlink escape by @ZhiXiao-Lin in #140
  • fix(security): cap decompressed output to stop image/archive decompression bombs (HIGH/MED) by @ZhiXiao-Lin in #142
  • fix(lifecycle): serialize per-box boots to stop the orphan-VM restart race (HIGH) by @ZhiXiao-Lin in #146
  • fix(lifecycle): two signal/restart races (monitor resurrect, kill PID-identity) by @ZhiXiao-Lin in #144
  • fix(pool): close warm-pool shutdown-vs-replenish push race (orphaned-VM leak, MED) by @ZhiXiao-Lin in #145
  • fix(security): confine CRI localhostProfile seccomp path to the seccomp root (LOW) by @ZhiXiao-Lin in #143
  • docs(readme): document new operator-facing env vars (decompression caps, seccomp root, snapshot/mirror) by @ZhiXiao-Lin in #147
  • chore(release): v2.4.0 by @ZhiXiao-Lin in #148

Full Changelog: v2.3.0...v2.4.0

Contributors

ZhiXiao-Lin
Assets 6
Loading