Containerd - v1.5.9
Welcome to the v1.5.9 release of containerd!
The ninth patch release for containerd 1.5 is a security release to fix CVE-2021-43816.
Notable Updates
- Fix unprivileged pod using 'hostPath' bypassing SELinux labels (GHSA-mvff-h3cj-wj9c)
- Fix setting the "container_kvm_t" SELinux label (#6381)
See the changelog for complete list of changes
Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.
Contributors
- Derek McGowan
- Sebastiaan van Stijn
- Michael Crosby
- Phil Estes
- Akihiro Suda
- Fabiano Fidรชncio
- Samuel Karp
- Wei Fu
Changes
13 commits
* Github Security Advisory [GHSA-mvff-h3cj-wj9c](https://github.com/containerd/containerd/security/advisories/GHSA-mvff-h3cj-wj9c) * [`e4b62aaa5`](https://github.com/containerd/containerd/commit/e4b62aaa50d95213c5ea11be1fae24ede7077dcc) Prepare release notes for v1.5.9 * [`a41213fed`](https://github.com/containerd/containerd/commit/a41213fedbbf6436e8c2b647e72b3c2fc33f53b7) only relabel cri managed host mounts * [release/1.5] seutil: Fix setting the "container_kvm_t" label ([#6381](https://github.com/containerd/containerd/pull/6381)) * [`da5749b67`](https://github.com/containerd/containerd/commit/da5749b670823abd3fa03298c2e89cd22c8bfb6d) seutil: Fix setting the "container_kvm_t" label * [release/1.5] Update Go to 1.16.12 ([#6367](https://github.com/containerd/containerd/pull/6367)) * [`8c24a6199`](https://github.com/containerd/containerd/commit/8c24a619938d0060e1e64d5c7258ac2765e7d384) [release/1.5] Update Go to 1.16.12 * [release/1.5] go.mod github.com/opencontainers/image-spec v1.0.2 ([#6264](https://github.com/containerd/containerd/pull/6264)) * [`7ab52528b`](https://github.com/containerd/containerd/commit/7ab52528b41e57e7f1f2b3a69f599cb13d566a5e) [release/1.5] go.mod github.com/opencontainers/image-spec v1.0.2 * [release/1.5] update runc binary to v1.0.3 ([#6343](https://github.com/containerd/containerd/pull/6343)) * [`16b5aa2c8`](https://github.com/containerd/containerd/commit/16b5aa2c812208af1db6115b9a84482f0ab7a5ae) update runc binary to v1.0.3 * [release/1.5] Update Go to 1.16.11 ([#6334](https://github.com/containerd/containerd/pull/6334)) * [`3ff8be2d9`](https://github.com/containerd/containerd/commit/3ff8be2d9875d5bae92a98beabc909e833d619f8) [release/1.5] Update Go to 1.16.11
Dependency Changes
- github.com/opencontainers/image-spec v1.0.1 -> v1.0.2
Previous release can be found at v1.5.8
Security
Details
- ๐View and search all Containerd releases.
- ๐ ๏ธCreate and share lists to track your tools.
- ๐จSetup notifications for major, security, feature or patch updates.
- ๐Much more coming soon!