Skip to content

go.mod: update to stable containerd v2.0 #89

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
AkihiroSuda merged 1 commit into from
Dec 8, 2025
Merged

go.mod: update to stable containerd v2.0 #89

AkihiroSuda merged 1 commit into from
Dec 8, 2025

Conversation

@thaJeztah
Copy link
Member

@thaJeztah thaJeztah commented Dec 5, 2025

go.mod: update containerd dependency to stable v2.0.x

Updating to the v2.0.7 patch release as minimum, which includes
c8d@3d53430 to reduce some (indirect) dependencies, and c8d@f341477
to downgrade some unreleased versions of dependencies. The v2.0.4
release included a security fix for CVE-2024-40635, so updating to
that version to avoid potential security alerts.

@thaJeztah
go.mod: update to stable containerd v2.0
f11f891 
Updating to the v2.0.7 patch release as minimum, which includes
[c8d@3d53430] to reduce some (indirect) dependencies, and [c8d@f341477]
to downgrade some unreleased versions of dependencies. The v2.0.4
release included a security fix for [CVE-2024-40635], so updating to
that version to avoid potential security alerts.

- v2.0.5 has fixes for [CVE-2025-47291]
- v2.0.7 has fixes for [CVE-2024-25621] and [CVE-2025-64329]

[c8d@3d53430]: containerd/containerd@3d53430
[c8d@f341477]: containerd/containerd@f341477
[CVE-2024-40635]: GHSA-265r-hfxg-fhmg
[CVE-2025-47291]: GHSA-cxfp-7pvr-95ff
[CVE-2024-25621]: GHSA-pwhc-rpq9-4c8w
[CVE-2025-64329]: GHSA-m6hq-p25p-ffr2

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
@thaJeztah thaJeztah marked this pull request as ready for review December 5, 2025 13:49
@thaJeztah thaJeztah requested a review from AkihiroSuda December 5, 2025 13:51
@thaJeztah thaJeztah mentioned this pull request Dec 5, 2025
Merged
@thaJeztah thaJeztah added the dependencies Pull requests that update a dependency file label Dec 5, 2025
@AkihiroSuda AkihiroSuda merged commit a3e9bec into containerd:main Dec 8, 2025
3 checks passed
@AkihiroSuda
Copy link
Member

AkihiroSuda commented Dec 8, 2025

Released https://github.com/containerd/zfs/releases/tag/v2.0.0

Noticed that the repo was stuck in v2.0.0-RC for no reason 😓

@thaJeztah thaJeztah deleted the stable_containerd branch December 8, 2025 09:31
@thaJeztah
Copy link
Member Author

thaJeztah commented Dec 8, 2025

Thanks! Yeah, any tag would do for me; just trying to get rid of some of the transitive dependencies 😅

@thaJeztah thaJeztah mentioned this pull request Dec 9, 2025
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@AkihiroSuda AkihiroSuda AkihiroSuda approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@thaJeztah @AkihiroSuda