Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prepare v1.7.13 and update runc to v1.1.12 #9724

Merged
merged 2 commits into from Jan 31, 2024
Merged

Prepare v1.7.13 and update runc to v1.1.12 #9724

merged 2 commits into from Jan 31, 2024

Conversation

dmcgowan
Copy link
Member

Welcome to the v1.7.13 release of containerd!

The thirteenth patch release for containerd 1.7 updates the runc binary
in the release builds to address CVE-2024-21626

Notable Updates

  • Update runc binary to v1.1.12 (GHSA-xr7r-f8xq-vfvv)
  • Update seccomp profile for new syscalls added since Linux 5.16 (#9693)

See the changelog for complete list of changes

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

  • Derek McGowan
  • Akihiro Suda
  • Evan Lezar
  • Paweł Gronowski
  • Phil Estes
  • Wei Fu

Changes

8 commits

  • b97e611b9 Prepare release notes for v1.7.13
  • 2e7fa14db Update runc binary to v1.1.12
  • [release/1.7] seccomp: kernel 6.7 (#9693)
  • [release/1.7] Update container-device-interface to v0.6.2 (#9685)
    • 14628d4aa Update container-device-interface to v0.6.2
  • [release/1.7] content: Add InfoReaderProvider (#9658)

Dependency Changes

  • tags.cncf.io/container-device-interface v0.6.2 new
  • tags.cncf.io/container-device-interface/specs-go v0.6.0 new

Previous release can be found at v1.7.12

@dmcgowan
Update runc binary to v1.1.12
2e7fa14 
Update the runc binary, which includes a fix for [CVE-2024-21626].

- release notes: https://github.com/opencontainers/runc/releases/tag/v1.1.12
- full diff: opencontainers/runc@v1.1.11...v1.1.12

[CVE-2024-21626]: GHSA-xr7r-f8xq-vfvv

Signed-off-by: Derek McGowan <derek@mcg.dev>
(cherry picked from commit 82fb589)
Signed-off-by: Derek McGowan <derek@mcg.dev>
@dmcgowan
Prepare release notes for v1.7.13
b97e611 
Signed-off-by: Derek McGowan <derek@mcg.dev>
laurazard
laurazard approved these changes Jan 31, 2024
View reviewed changes
Copy link
Member

@laurazard laurazard left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@dmcgowan dmcgowan merged commit 7c3aca7 into containerd:release/1.7 Jan 31, 2024
55 of 56 checks passed
@dmcgowan dmcgowan deleted the prepare-v1.7.13 branch April 20, 2024 00:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@samuelkarp samuelkarp samuelkarp approved these changes

@estesp estesp estesp approved these changes

@AkihiroSuda AkihiroSuda AkihiroSuda approved these changes

@laurazard laurazard laurazard approved these changes

Assignees
No one assigned
Labels
size/M
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
6 participants
@dmcgowan @samuelkarp @estesp @AkihiroSuda @laurazard @k8s-ci-robot