-
Notifications
You must be signed in to change notification settings - Fork 2.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bump Containerd and Runc to fix remaining CVEs #7330
Comments
We should be able to fix that on our containerd fork, no? |
##Environment Details Infrastructure
Node(s) CPU architecture, OS, and version: 1 server node
Cluster Configuration:
Config.yaml:
Initial Versions to compare
Results: $ kgn -o wide
$ /var/lib/rancher/k3s/data/current/bin/runc --version
Versions in use after upgrading to COMMITValidation Steps
Results: $ kgn -o wide
$ /var/lib/rancher/k3s/data/current/bin/runc --version
Additional context / logs: $ sudo INSTALL_K3S_COMMIT=132b41c3bf9ab059e5e0ffcbcc2600b08b640b8f INSTALL_K3S_EXEC=server ./install-k3s.sh $ kgn -o wide
$ /var/lib/rancher/k3s/data/current/bin/runc --version
|
Is your feature request related to a problem? Please describe.
Current trivy CVEs:
Describe the solution you'd like
Bump runc to v1.1.6
Bump containerd to v1.6.20
No major CVEs should exist in k3s binary
Describe alternatives you've considered
Continue to field questions on why we have CVEs in our images.
Additional context
The text was updated successfully, but these errors were encountered: