-
Notifications
You must be signed in to change notification settings - Fork 3.3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[release/1.6] Prepare release notes for v1.6.18 #8118
Conversation
Signed-off-by: Derek McGowan <derek@mcg.dev>
@@ -23,7 +23,7 @@ var ( | |||
Package = "github.com/containerd/containerd" | |||
|
|||
// Version holds the complete version number. Filled in at linking time. | |||
Version = "1.6.17+unknown" | |||
Version = "1.6.18+unknown" |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Oh! I keep forgetting to ask; is there a reason we always use "+unknown" for the actual released tag? Should it be without (and the +unknown added back after that?)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I always assumed this was to clearly show a binary that was built outside the Makefile
process (e.g. go install
?) so that you can differentiate it from an official build via the Makefile
; if you build via the Makefile
then this whole string is replaced with:
VERSION ?= $(shell git describe --match 'v[0-9]*' --dirty='.m' --always)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I wasn't sure what the reason was; I know runc uses +dev after releasing (release PR contains 2 commits, and the first one is tagged).
Currently, I think code using containerd as a dependency gets the +unknown (which made me look a few times if I was actually using the tagged relese), which also is included in the user agent (as default, that is)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM
containerd 1.6.18 Welcome to the v1.6.18 release of containerd! The eighteenth patch release for containerd 1.6 includes fixes for CVE-2023-25153 and CVE-2023-25173 along with a security update for Go. * **Fix OCI image importer memory exhaustion** ([GHSA-259w-8hf6-59c2](GHSA-259w-8hf6-59c2)) * **Fix supplementary groups not being set up properly** ([GHSA-hmfx-3pcx-653p](GHSA-hmfx-3pcx-653p)) * **Revert removal of `/sbin/apparmor_parser` check** ([#8087](containerd/containerd#8087)) * **Update Go to 1.19.6** ([#8111](containerd/containerd#8111)) See the changelog for complete list of changes Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues. * Akihiro Suda * Derek McGowan * Ye Sijun * Samuel Karp * Bjorn Neergaard * Wei Fu * Brian Goff * Iceber Gu * Kazuyoshi Kato * Phil Estes * Swagat Bora <details><summary>24 commits</summary> <p> * [release/1.6] Prepare release notes for v1.6.18 ([#8118](containerd/containerd#8118)) * [`44e61d764`](containerd/containerd@44e61d7) Add release notes for v1.6.18 * Github Security Advisory [GHSA-hmfx-3pcx-653p](GHSA-hmfx-3pcx-653p) * [`286a01f35`](containerd/containerd@286a01f) oci: fix additional GIDs * [`301823453`](containerd/containerd@3018234) oci: fix loop iterator aliasing * [`0070ab70f`](containerd/containerd@0070ab7) oci: skip checking gid for WithAppendAdditionalGroups * [`16d52de64`](containerd/containerd@16d52de) refactor: reduce duplicate code * [`b45e30292`](containerd/containerd@b45e302) add WithAdditionalGIDs test * [`0a06c284a`](containerd/containerd@0a06c28) add WithAppendAdditionalGroups helper * Github Security Advisory [GHSA-259w-8hf6-59c2](GHSA-259w-8hf6-59c2) * [`84936fd1f`](containerd/containerd@84936fd) importer: stream oci-layout and manifest.json * [1.6] Add fallback for windows platforms without osversion ([#8106](containerd/containerd#8106)) * [`b327af6a4`](containerd/containerd@b327af6) Add fallback for windows platforms without osversion * [release/1.6] Go 1.19.6 ([#8111](containerd/containerd#8111)) * [`54ead5b7b`](containerd/containerd@54ead5b) Go 1.19.6 * [release/1.6] ctr/run: flags --detach and --rm cannot be specified together ([#8094](containerd/containerd#8094)) * [`2b4b35ab4`](containerd/containerd@2b4b35a) ctr/run: flags --detach and --rm cannot be specified together * [release/1.6] Fix retry logic within devmapper device deactivation ([#8088](containerd/containerd#8088)) * [`d5284157b`](containerd/containerd@d528415) Fix retry logic within devmapper device deactivation * [release/1.6 backport] Revert `apparmor_parser` regression ([#8087](containerd/containerd#8087)) * [`624ff636b`](containerd/containerd@624ff63) pkg/apparmor: clarify Godoc * [`3a0a35b36`](containerd/containerd@3a0a35b) Revert "Don't check for apparmor_parser to be present" * [release/1.6] CI: skip some jobs when `repo != containerd/containerd` ([#8083](containerd/containerd#8083)) * [`664a938a3`](containerd/containerd@664a938) CI: skip some jobs when `repo != containerd/containerd` </p> </details> This release has no dependency changes Previous release can be found at [v1.6.17](https://github.com/containerd/containerd/releases/tag/v1.6.17)
Generated release notes
containerd 1.6.18
Welcome to the v1.6.18 release of containerd!
The eighteenth patch release for containerd 1.6 includes fixes for CVE-2023-25153 and CVE-2023-25173
along with a security update for Go.
Notable Updates
/sbin/apparmor_parser
check (#8087)See the changelog for complete list of changes
Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.
Contributors
Changes
23 commits
44e61d764
Add release notes for v1.6.18286a01f35
oci: fix additional GIDs301823453
oci: fix loop iterator aliasing0070ab70f
oci: skip checking gid for WithAppendAdditionalGroups16d52de64
refactor: reduce duplicate codeb45e30292
add WithAdditionalGIDs test0a06c284a
add WithAppendAdditionalGroups helper84936fd1f
importer: stream oci-layout and manifest.jsonb327af6a4
Add fallback for windows platforms without osversion54ead5b7b
Go 1.19.62b4b35ab4
ctr/run: flags --detach and --rm cannot be specified togetherd5284157b
Fix retry logic within devmapper device deactivationapparmor_parser
regression (#8087)624ff636b
pkg/apparmor: clarify Godoc3a0a35b36
Revert "Don't check for apparmor_parser to be present"repo != containerd/containerd
(#8083)664a938a3
CI: skip some jobs whenrepo != containerd/containerd
Dependency Changes
This release has no dependency changes
Previous release can be found at v1.6.17