Skip to content

v1.29.1
Compare
Choose a tag to compare
@haircommander haircommander released this 11 Jan 21:45
· 416 commits to main since this release
v1.29.1
78e179b
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

CRI-O v1.29.1

The release notes have been generated for the commit range
v1.29.0...v1.29.1 on Fri, 12 Jan 2024 12:56:11 EST.

Note This release fixes CVE-2023-6476

Downloads

Download one of our static release bundles via our Google Cloud Bucket:

To verify the artifact signatures via cosign, run:

> export COSIGN_EXPERIMENTAL=1
> cosign verify-blob cri-o.amd64.v1.29.1.tar.gz \
    --certificate-identity https://github.com/cri-o/cri-o/.github/workflows/test.yml@refs/tags/v1.29.1 \
    --certificate-oidc-issuer https://token.actions.githubusercontent.com \
    --certificate-github-workflow-repository cri-o/cri-o \
    --certificate-github-workflow-ref refs/tags/v1.29.1 \
    --signature cri-o.amd64.v1.29.1.tar.gz.sig \
    --certificate cri-o.amd64.v1.29.1.tar.gz.cert

To verify the bill of materials (SBOM) in SPDX format using the bom tool, run:

> tar xfz cri-o.amd64.v1.29.1.tar.gz
> bom validate -e cri-o.amd64.v1.29.1.tar.gz.spdx -d cri-o

Changelog since v1.29.0

Changes by Kind

Bug or Regression

API Change

  • Added more file system information in ImageFsInfo as part of the garbage collection KEP. (#7269, @kannon92)

Uncategorized

  • Update linked logs to drop an intermediate directory and append .log to the container symlink (#7653, @haircommander)

Dependencies

Added

Nothing has changed.

Changed

  • golang.org/x/crypto: v0.17.0 → v0.16.0

Removed

  • github.com/google/go-github/v50: v50.2.0

Contributors

kannon92 and haircommander
Assets 2