Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[20.10 backport] update containerd binary to v1.5.10 #43329

Merged
merged 1 commit into from Mar 4, 2022
Merged

[20.10 backport] update containerd binary to v1.5.10 #43329

merged 1 commit into from Mar 4, 2022

Conversation

thaJeztah
Copy link
Member

(partial) cherry-pick of #43327 (windows dockerfile doesn't have containerd yet in the 20.10 branch)

Welcome to the v1.5.10 release of containerd!

The tenth patch release for containerd 1.5 includes a fix for CVE-2022-23648
and other issues.

Notable Updates

  • Use fs.RootPath when mounting volumes (GHSA-crp2-qrr5-8pq7)
  • Return init pid when clean dead shim in runc.v1/v2 shims
  • Handle sigint/sigterm in shimv2
  • Use readonly mount to read user/group info

- Description for the changelog

- A picture of a cute animal (not mandatory but encouraged)

@thaJeztah thaJeztah added this to the 20.10.13 milestone Mar 4, 2022
@thaJeztah thaJeztah requested a review from tianon as a code owner March 4, 2022 17:12
@thaJeztah
Copy link
Member Author

ah... crap; merge conflict in master (in Dockerfile.windows), due to the golang change; I'll fix that one, and cherry-pick again to at least have the correct commit

@thaJeztah thaJeztah marked this pull request as draft March 4, 2022 18:31
@thaJeztah
update containerd binary to v1.5.10
180f3b9 
Welcome to the v1.5.10 release of containerd!

The tenth patch release for containerd 1.5 includes a fix for [CVE-2022-23648][1]
and other issues.

Notable Updates

- Use fs.RootPath when mounting volumes (GHSA-crp2-qrr5-8pq7)
- Return init pid when clean dead shim in runc.v1/v2 shims
- Handle sigint/sigterm in shimv2
- Use readonly mount to read user/group info

[1]: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23648
[2]: GHSA-crp2-qrr5-8pq7

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 2c8f0a0)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
@thaJeztah thaJeztah force-pushed the 20.10_backport_update_containerd_binary_1.5.10 branch from e7d75d0 to 180f3b9 Compare March 4, 2022 18:36
@thaJeztah thaJeztah marked this pull request as ready for review March 4, 2022 18:36
@thaJeztah
Copy link
Member Author

thaJeztah commented Mar 4, 2022
edited

alrighty; fixed that (temporarily moved back to 'draft' to make sure master gets merged first)

@thaJeztah thaJeztah marked this pull request as draft March 4, 2022 18:50
@thaJeztah thaJeztah marked this pull request as ready for review March 4, 2022 20:16
@thaJeztah
Copy link
Member Author

master went green and is merged; merging this one as well

@thaJeztah thaJeztah merged commit c3dec60 into moby:20.10 Mar 4, 2022
@thaJeztah thaJeztah deleted the 20.10_backport_update_containerd_binary_1.5.10 branch March 4, 2022 20:17
@pete-woods pete-woods mentioned this pull request Mar 5, 2022
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ndeloof ndeloof ndeloof approved these changes

@tianon tianon tianon approved these changes

@samuelkarp samuelkarp samuelkarp approved these changes

Assignees
No one assigned
Labels
area/packaging area/runtime impact/changelog status/4-merge
Projects
None yet
Milestone
20.10.13
Development

Successfully merging this pull request may close these issues.

None yet
4 participants
@thaJeztah @ndeloof @tianon @samuelkarp