Overview All releases

Version History

v1.29.3 v1.29.2 v1.29.1 v1.29.0 v1.28.5 v1.28.4 v1.28.3 v1.28.2 v1.28.1 v1.28.0 v1.27.5 v1.27.4 v1.27.3 v1.27.2 v1.27.1 v1.27.0 v1.26.4 v1.26.3 v1.26.2 v1.26.1 v1.26.0 v1.25.4 v1.25.3 v1.25.2 v1.25.1 v1.25.0 v1.24.6 v1.24.5 v1.24.4 v1.24.3 v1.24.2 v1.24.1 v1.24.0 v1.23.5

v1.23.4

v1.23.3 v1.23.2 v1.23.1

v1.23.0

v1.22.5 v1.22.4 v1.22.3 v1.22.2

v1.22.1

v1.22.0

v1.21.7 v1.21.6 v1.21.5

v1.21.4

v1.21.3

v1.21.2

v1.21.0

v1.20.9 v1.20.7

v1.20.6

v1.20.5

v1.20.3

v1.20.2

v1.20.1

v1.20.0

v1.20.0-rc.1

v1.19.6 v1.19.5

v1.19.4

v1.19.2

v1.19.1

v1.19.0

v1.19.0-rc.1

v1.18.6

v1.18.5

v1.18.4

v1.18.3

v1.18.2

v1.18.1

v1.18.0

v1.18.0-rc1

v1.17.5

v1.17.4

v1.17.3

v1.17.2

v1.17.1

v1.17.0

v1.16.6

v1.16.5

v1.16.4

v1.16.3

v1.16.2

v1.16.1

v1.16.0

v1.15.4

v1.15.3

v1.15.2

v1.15.1

v1.15.0

v1.14.12

v1.14.11

v1.14.10

v1.14.9

v1.14.8

v1.14.7

v1.14.6

v1.14.5

v1.14.4

v1.14.3

v1.14.2

v1.14.1

v1.14.0

v1.13.12

v1.13.11

v1.13.10

v1.13.9

v1.13.8

v1.13.7

v1.13.6

v1.13.5

v1.13.4

v1.13.3

v1.13.2

v1.13.1

v1.13.0

v1.12.10

v1.12.9

v1.12.8

v1.12.7

v1.12.6

v1.12.5

v1.12.4

v1.12.3

v1.12.2

v1.12.1

v1.12.0

v1.11.15

v1.11.14

v1.11.13

v1.11.12

v1.11.11

v1.11.10

v1.11.9

v1.11.8

v1.11.7

v1.11.6

v1.11.5

v1.11.4

v1.11.3

v1.11.2

v1.11.1

v1.11.0

v1.10.6

v1.10.5

v1.10.4

v1.10.3

v1.10.2

v1.10.1

v1.10.0

v1.10.0-beta.1

v1.9.16

v1.9.14

v1.9.13

v1.9.12

v1.9.11

v1.9.9

v1.9.8

v1.9.7

v1.9.6

v1.9.5

v1.9.4

v1.9.3

v1.9.2

v1.9.1

v1.9.0

v1.9.0-beta.2

v1.9.0-beta.1

v1.8.5

v1.8.4

v1.8.3

v1.8.2

v1.8.1

v1.8.0

v1.0.9

v1.0.8

v1.0.7

v1.0.6

v1.0.5

v1.0.4

v1.0.3

v1.0.2

v1.0.1

v1.0.0

v1.0.0-rc3

v1.0.0-rc2

v1.0.0-rc1

v1.0.0-beta.0

v1.0.0-alpha.0

v0.3

v0.2

v0.1

CRI-O - v1.23.4

Security

CRI-O v1.23.4
Downloads
Changelog since v1.23.3
Dependencies
- Added
- Changed
- Removed

CRI-O v1.23.4

The release notes have been generated for the commit range
v1.23.3...a6a1e6e on Fri, 21 Oct 2022 11:17:29 EDT.

Downloads

Download one of our static release bundles via our Google Cloud Bucket:

Changelog since v1.23.3

Changes by Kind

Feature

CRI-O now logs the stage of container or pod creation under system load. This allows users to find why their creation requests are stalling. (#6303, @haircommander)

Bug or Regression

Fix CVE-2022-27652 by dropping and refusing to add any inheritable capabilities (#5770, @haircommander)
Fix a bug where ExecSync requests (exec probes) could use an arbitrary amount of memory and disk. Output from ExecSync requests is now limited to 16MB (the amount that exec output was limited to in the dockershim). Disk limiting requires conmon 2.1.2 to work. See https://github.com/cri-o/cri-o/security/advisories/GHSA-fcm2-6c3h-pg6j and CVE-2022-1708 for more information. (#5937, @haircommander)
Fix a bug where child processes of containers in the host's PID namespace appear to leak after the child exits (#5977, @haircommander)
Fix a panic caused by using the improper Result structure version when setting up CNI plugins (#6320, @juanfresia)
Revert fix for CVE-2022-27652 by re-adding inheritable capabilities. While there is a workaround, we believe this causes regression mid cycle with is contrary to CRI-O's backporting policy. The risk of the CVE is low, and so there is little risk in reverting here. (#6168, @haircommander)
Update cni_default_network to not be commented by default in the output of crio config (#5566, @haircommander)

Uncategorized

Fix a bug where a container is stuck in INIT because CRI-O believes it to be paused, and never updates the state (#6143, @openshift-cherrypick-robot)
Fix a bug where exit files were never cleaned up from /run/crio/exits (#6171, @openshift-cherrypick-robot)
Fix a rare deadlock while communicating to systemd (RHBZ 2082344) (#5961, @openshift-cherrypick-robot)
Use default umask 0o022 if CRI-O runs under a different umask value. (#6053, @openshift-cherrypick-robot)

Dependencies

Added

github.com/networkplumbing/go-nft: v0.2.0
github.com/onsi/ginkgo/v2: v2.1.4

Changed

github.com/containernetworking/cni: v1.0.1 → v1.1.1
github.com/containernetworking/plugins: v1.0.1 → v1.1.1
github.com/containers/storage: v1.37.0 → v1.37.2
github.com/cri-o/ocicni: b388448 → v0.4.0
github.com/fsnotify/fsnotify: v1.5.1 → v1.5.4
github.com/google/pprof: cbba55b → 94a9f03
github.com/onsi/gomega: v1.17.0 → v1.19.0
github.com/yuin/goldmark: v1.4.0 → v1.4.1
golang.org/x/crypto: 32db794 → 089bfa5
golang.org/x/mod: v0.4.2 → 9b9b3d8
golang.org/x/net: d4b1ae0 → 27dd868
golang.org/x/sys: 2c5d950 → 33da011
golang.org/x/term: 6886f2d → 03fcf44
golang.org/x/tools: d4cc65f → v0.1.10

Removed

Nothing has changed.

Security

Details

date

Oct. 21, 2022, 2:15 p.m.

name

v1.23.4

type

Patch

official page

https://github.com/cri-o/cri-o/releases/tag/v1.23.4

👇

🔍View and search all CRI-O releases.
🛠️Create and share lists to track your tools.
🚨Setup notifications for major, security, feature or patch updates.
🚀Much more coming soon!

Continue with GitHub

Continue with Google

Username

Password

Password (again)

leave this field blank to prove your humanity