Skip to content

containerd 2.3.2

Latest
Latest

Choose a tag to compare

View all tags
@github-actions github-actions released this 18 Jun 23:16
· 133 commits to main since this release
v2.3.2
This tag was signed with the committer’s verified signature.
dmcgowan Derek McGowan
GPG key ID: F58C5D0A4405ACDB
Verified
Learn about vigilant mode.
fff62f1
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Welcome to the v2.3.2 release of containerd!

The second patch release for containerd 2.3 contains various fixes
and updates including security patches.

Security Updates

Highlights

  • Fix a data race when reading shim logs on Windows (#13522)

Image Distribution

  • Allow the last host to retry on transient network errors (#13591)

Runtime

  • Fix container startup failures caused by concurrent task RPC timeouts during slow container creation (#13512)

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

  • Samuel Karp
  • Chris Henzie
  • Akihiro Suda
  • Derek McGowan
  • Akhil Mohan
  • Austin Vazquez
  • Ben Cressey
  • Brian Goff
  • Maksym Pavlenko
  • Sebastiaan van Stijn
  • Sergey Kanzhelev

Changes

30 commits

  • Prepare release notes for v2.3.2 (#13627)
    • fb8ca00b0 Prepare release notes for v2.3.2
    • 9c69960ba Merge commit from fork
    • 0f6251520 Merge commit from fork
    • 91d7471e2 cri: filter CDI annotations on checkpoint restore
    • 7c2e086bf Merge commit from fork
    • dae67765f cri: do not re-tag restored checkpoints
    • 94aa1e2c1 Merge commit from fork
    • 09599078f cri: make checkpoint restore robust to unexpected archive content
    • e1fdb8d22 Merge commit from fork
    • ff1d116ef Bound user-database file reads in openUserFile
    • d156e07cb Merge commit from fork
    • f99aad54a Do not propagate reserved labels from image configs
  • vendor: golang.org/x/crypto v0.53.0 (#13608)
    • 0b9469501 [release/2.3] vendor: golang.org/x/crypto v0.53.0
  • resolver: retry on transient network errors (#13591)
    • 983bbddc1 resolver: retry on transient network errors
  • update runc binary to v1.4.3 (#13601)
  • update go to 1.26.4 (#13580)
    • 8a49dfe85 update go to 1.26.4
    • 5aa6bb2b7 remove 1.26.2 from CI builds as it is not supported any longer due to the dependency
  • Configure udevd children-max for root-test (#13568)
    • bfb8aebc0 Configure udevd children-max for root-test
  • core/runtime/v2: fix race on Windows deferredPipeConnection.c in Read (#13522)
    • 62ceafff0 core/runtime/v2: fix race on Windows deferredPipeConnection.c in Read
  • runc-shim: don't hold the service lock across runc create (#13512)
    • 9b0c0dc58 runc-shim: don't hold the service lock across runc create
  • contrib/checkpoint: increase timeouts to 30s (#13459)
    • f588bc6fb contrib/checkpoint: increase timeouts to 30s

Dependency Changes

  • golang.org/x/crypto v0.49.0 -> v0.53.0
  • golang.org/x/mod v0.35.0 -> v0.36.0
  • golang.org/x/net v0.52.0 -> v0.55.0
  • golang.org/x/sync v0.20.0 -> v0.21.0
  • golang.org/x/sys v0.43.0 -> v0.46.0
  • golang.org/x/term v0.41.0 -> v0.44.0
  • golang.org/x/text v0.35.0 -> v0.38.0

Previous release can be found at v2.3.1

Which file should I download?

  • containerd-<VERSION>-<OS>-<ARCH>.tar.gz: ✅Recommended. Dynamically linked with glibc 2.35 (Ubuntu 22.04).
  • containerd-static-<VERSION>-<OS>-<ARCH>.tar.gz: Statically linked. Expected to be used on Linux distributions that do not use glibc >= 2.35. Not position-independent.

In addition to containerd, typically you will have to install runc
and CNI plugins from their official sites too.

See also the Getting Started documentation.

Assets 25
Loading