Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Please make a new release for 1.34.x #5320

Closed
rahilarious opened this issue Feb 3, 2024 · 9 comments
Closed

Please make a new release for 1.34.x #5320

rahilarious opened this issue Feb 3, 2024 · 9 comments
Labels
locked - please file new issue/PR

Comments

@rahilarious
Copy link
Contributor

as Tom has mentioned things are not ready to be stable in main branch.

But as 1.34.0 is already released, shouldn't it receive same kind of treatment as 1.33.x and get mod-bumps? There are some CVEs fixes (buildkit related) in mod-bumps which are security concerns.

Or should 1.34.x users downgrade to 1.33.x?
@rahilarious
Copy link
Contributor Author

CC @TomSweeneyRedHat @ashley-cui

@rahilarious rahilarious mentioned this issue Feb 3, 2024
Closed
@TomSweeneyRedHat
Copy link
Member

@nalind or @rhatdan any concerns with dropping a 1.34.1 sometime next week?

@TomSweeneyRedHat
Copy link
Member

That is after we get the recent CVE fixes that are bubbling in.

@rhatdan
Copy link
Member

rhatdan commented Feb 3, 2024

I am fine with that.

@rahilarious
Copy link
Contributor Author

That is after we get the recent CVE fixes that are bubbling in.

Has dust been settled? :-)

rahilarious added a commit to rahilarious/gentoo that referenced this issue Feb 14, 2024
@rahilarious
app-containers/buildah: mask 1.34.0
4b3b17f 
Masking because it isn't getting security fixes from upstream and seems
like 1.34.x is more suitable for podman 5.x (yet to be released)

containers/buildah#5320

Signed-off-by: Rahil Bhimjiani <me@rahil.rocks>
rahilarious added a commit to rahilarious/gentoo that referenced this issue Feb 15, 2024
@rahilarious
app-containers/buildah: mask 1.34.0
d80de40 
Masking because it isn't getting security fixes from upstream and seems
like 1.34.x is more suitable for podman 5.x (yet to be released)

containers/buildah#5320

Signed-off-by: Rahil Bhimjiani <me@rahil.rocks>
rahilarious added a commit to rahilarious/gentoo that referenced this issue Feb 15, 2024
@rahilarious
app-containers/buildah: mask 1.34.0
082341d 
Masking because it isn't getting security fixes from upstream and seems
like 1.34.x is more suitable for podman 5.x (yet to be released)

containers/buildah#5320

Signed-off-by: Rahil Bhimjiani <me@rahil.rocks>
@TomSweeneyRedHat
Copy link
Member

@rahilarious
The dust finally settled: #5343

Once that's in, I'll need to bump the vendoring on 10 or 12 libraries, then we'll be able to spin a release.

@rahilarious
Copy link
Contributor Author

@rahilarious The dust finally settled: #5343

Once that's in, I'll need to bump the vendoring on 10 or 12 libraries, then we'll be able to spin a release.

Perfect. Can't wait to read Podman 5's release notes.

@TomSweeneyRedHat
Copy link
Member

Done!

https://github.com/containers/buildah/releases/tag/v1.34.1

@rahilarious
Copy link
Contributor Author

Done!

https://github.com/containers/buildah/releases/tag/v1.34.1

woohoo. High (podman)five !

gentoo-bot pushed a commit to gentoo/gentoo that referenced this issue Mar 7, 2024
@zmedico
app-containers/buildah: mask 1.34.0 for amd64 (arm64 first must stabi…
feb2fbb 
…lize 1.33.x)

Masking because it isn't getting security fixes from upstream and seems
like 1.34.x is more suitable for podman 5.x (yet to be released)

containers/buildah#5320

Bug: https://bugs.gentoo.org/924456
From: #35261
Signed-off-by: Zac Medico <zmedico@gentoo.org>
gentoo-bot pushed a commit to gentoo/gentoo that referenced this issue Mar 17, 2024
@rahilarious @zmedico
app-containers/buildah: mask 1.34.0
58493f8 
Masking because it isn't getting security fixes from upstream and seems
like 1.34.x is more suitable for podman 5.x (yet to be released)

containers/buildah#5320

Signed-off-by: Rahil Bhimjiani <me@rahil.rocks>
Closes: #35261
Signed-off-by: Zac Medico <zmedico@gentoo.org>
@stale-locking-app stale-locking-app bot locked as resolved and limited conversation to collaborators May 23, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
locked - please file new issue/PR
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@rhatdan @TomSweeneyRedHat @rahilarious