containerd 1.2.14
Welcome to the v1.2.14 release of containerd!
The fourteenth patch release for containerd 1.2 is a security release to fix CVE-2020-15157.
Security Fixes
- Fix bug which allowed manifests to coerce containerd clients into leaking registry credentials GHSA-742w-89gc-8m9c
Included Changes
- Fix regression pushing manifests as octet stream #4268
- Update golang version
Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.
Contributors
- Sebastiaan van Stijn
- Michael Crosby
- Phil Estes
- Maksym Pavlenko
- Akihiro Suda
- Derek McGowan
- Wei Fu
- Chris C
- Davanum Srinivas
- Erik Sipsma
- Sergey Kanzhelev
- Ted Yu
- Tobias Klauser
- Ulysses Souza
- Zhiyu Li
Changes
48 commits
f8777f130Add release notes for v1.2.14abbb17959Add comment clarifying fix for security issue1ead8d9detreat manifest provided URLs differently7f1f9b1cbMerge pull request #4464 from thaJeztah/1.2_backport_bump_golang_1.13.15f52fbb8a9Bump Golang 1.13.150732aa7a6Bump Golang 1.13.14f6b342959Bump Go 1.13.130a454c2f7Merge pull request #4339 from AkihiroSuda/golang-1.13.12-containerd1.22f4dfde54Bump Golang 1.13.1248cc59890Merge pull request #4319 from hakman/runc-selinux-1.2cbdfca815Build runc with selinux support3b72766afMerge pull request #4268 from dmcgowan/1.2-fix-bad-backport-push-octet-streamf8ae16778Fix incorrect backport of setting octet-streamd4242f0d3Merge pull request #4270 from estesp/travis-ci-fixes17a506c94golangci-lint update and fix05bf3d63aMerge pull request #4173 from thaJeztah/1.2_backport_bump_golang_1.134f6dc01a8Bump Golang 1.13.10493665bd5Bump Golang 1.13.9edc830f98Merge pull request #4149 from thaJeztah/1.2_backport_bump_console053f4d6fdUpdate containerd/console vendor for fixe72c2b5b1Bump containerd console for os.File changes8810a1387bump containerd/console 0650fd9eeb50bab4fc99dceb9f2e14cf58f36e7fb3b1ef317Merge pull request #4121 from payall4u/hotfix-delete-container-errorf8be3cf7fwhen kill container, check if container has been deleted8403abc6fMerge pull request #4060 from thaJeztah/1.2_backport_bump_golang_1.1335a174382Update Golang 1.13.8305703670Update Golang 1.13.7 (CVE-2020-0601, CVE-2020-7919)1591eb809Update Golang 1.13.6fc95ae8edUpdate Golang 1.13.577499e24eUpdate to Golang 1.13.42adf308a2Revert "Update Golang 1.12.14"9d53ba930Revert "Update Golang 1.12.15"c5843f944Revert "Update Golang 1.12.16 (CVE-2020-0601, CVE-2020-7919)"012c4c0afRevert "Update Golang 1.12.17"30267a8daplatforms: update known OS and arch values591f6f491Move flag.Parse in tests to TestMaine7583ca96Merge pull request #4064 from thaJeztah/1.2_backport_namespace_path80914476eMerge pull request #4061 from thaJeztah/1.2_backport_golang_ci_lint469320d92Merge pull request #4067 from thaJeztah/1.2_backport_content_close598f7a7b5Try set GOGC for golintdfff5b146Switch to golangci-linta18c08347fix additional linting failuresc1ceae579Update timestamp atomic write82ddedea2Ensure close in content test961c23a57fix killall when use pidnamespacea386eb648Fix linter errors4fcbc810eMerge pull request #4055 from fuweid/cp12-4048971ad613cbugfix: cleanup dangling shim by brand new context
Changes from containerd/console
10 commits
8375c34Merge pull request #34 from sipsma/close-once38c5469Only close epoller FD at most once.02ecf6aMerge pull request #33 from ulyssessouza/add-file-interfacef652dc3Add File interface instead of using os.File53a0f1dMerge pull request #32 from estesp/check-vendor6214f20Add vendor check now that content is vendored4b1ac2bMerge pull request #31 from TwinProduction/master55928bdEnable vendoring0650fd9Merge pull request #30 from estesp/common-project-content0b9f189Add common project repo checks/README references
Dependency Changes
- github.com/containerd/console c12b1e7919c1 -> 8375c3424e4d
Previous release can be found at v1.2.13