Skip to content

1.4.2
Compare
Choose a tag to compare
@giuseppe giuseppe released this 26 Jan 08:43
· 1013 commits to main since this release
1.4.2
This tag was signed with the committer’s verified signature.
giuseppe Giuseppe Scrivano
GPG key ID: 67E38F7A8BA21772
Learn about vigilant mode.
f6fbc8f
This commit was signed with the committer’s verified signature.
giuseppe Giuseppe Scrivano
GPG key ID: 67E38F7A8BA21772
Learn about vigilant mode.
  • CRIU: add pre-dump support.
  • Fix running with a read-only /dev. The /dev/console file is created before re-mounting /dev as read-only.
  • Ignore EROFS when chowning standard stream files.
  • Add validation for sysctls before applying them.
  • Attempt looking up the executable after the setresuid syscall, this solves an issue on NFS when the executable file is not owned by root in the container, but the UID:GID combination configured for the container can access it.
Assets 14