Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bumps containerd to v1.5.9 #612

Merged
merged 1 commit into from Jan 6, 2022
Merged

Bumps containerd to v1.5.9 #612

merged 1 commit into from Jan 6, 2022

Conversation

jrussett
Copy link
Contributor

@jrussett jrussett commented Jan 6, 2022
edited

Addresses CVE-2021-43816

On installations ... with containerd since v1.5.0-beta.0 as the backing container runtime interface (CRI),
an unprivileged pod scheduled to the node may bind mount, via hostPath volume, any privileged,
regular file on disk for complete read/write access (sans delete).

Thank you for submitting a pull request to the diego-release repository. We appreciate the contribution. To help us with getting better context for the pull request please follow these guidelines:

Please make sure to complete the following steps

  • Before PR Submission, Submit an issue for either an Enhancement or Bug
  • Check the Contributing document on how to sign the CLA and run tests in diego-release.
  • Make sure a pull request is done against the develop branch.

Issue Link

#613

Thank you!

@jrussett
Bumps containerd to v1.5.9 (#613)
2727d57 
Addresses [CVE-2021-43816](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43816)

> On installations ... with containerd since v1.5.0-beta.0 as the backing container runtime interface (CRI),
> an unprivileged pod scheduled to the node may bind mount, via hostPath volume, any privileged,
> regular file on disk for complete read/write access (sans delete).

[#180828310](https://www.pivotaltracker.com/story/show/180828310)
@jrussett jrussett changed the title Bumps containerd to v1.5.9 Bumps containerd to v1.5.9 (#613) Jan 6, 2022
@jrussett jrussett changed the title Bumps containerd to v1.5.9 (#613) Bumps containerd to v1.5.9 Jan 6, 2022
@jrussett jrussett merged commit 36cf346 into develop Jan 6, 2022
@geofffranks geofffranks deleted the bump-containerd-to-v1.5.9 branch March 16, 2022 14:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
1 participant
@jrussett