CRI-O - v1.25.1
Security
CRI-O v1.25.1
The release notes have been generated for the commit range
v1.25.0...v1.25.1 on Fri, 07 Oct 2022 16:17:20 UTC.
Downloads
Download one of our static release bundles via our Google Cloud Bucket:
- cri-o.amd64.v1.25.1.tar.gz
- cri-o.amd64.v1.25.1.tar.gz.sha256sum
- cri-o.amd64.v1.25.1.tar.gz.sig
- cri-o.amd64.v1.25.1.tar.gz.cert
- cri-o.amd64.v1.25.1.tar.gz.spdx
- cri-o.arm64.v1.25.1.tar.gz
- cri-o.arm64.v1.25.1.tar.gz.sha256sum
- cri-o.arm64.v1.25.1.tar.gz.sig
- cri-o.arm64.v1.25.1.tar.gz.cert
- cri-o.arm64.v1.25.1.tar.gz.spdx
To verify the artifact signatures via cosign, run:
> export COSIGN_EXPERIMENTAL=1
> cosign verify-blob cri-o.amd64.v1.25.1.tar.gz \
--signature cri-o.amd64.v1.25.1.tar.gz.sig \
--certificate cri-o.amd64.v1.25.1.tar.gz.cert
To verify the bill of materials (SBOM) in SPDX format using the bom tool, run:
> tar xfz cri-o.amd64.v1.25.1.tar.gz
> bom validate -e cri-o.amd64.v1.25.1.tar.gz.spdx -d cri-o
Changelog since v1.25.0
Changes by Kind
Feature
- Add an option "add_inheritable_capabilities" which adds added capabilities to the inheritable list as well. As of CRI-O 1.24.0, CRI-O drops the inheritable capabilities to fix CVE-2022-27652 . However, this can cause regressions in workloads that attempt to pass capabilities to non-root users through inheritable capabilities. (#6236, @haircommander)
- Allow
crio.runtime.runtimes
configuration to be updated on reload. (#6248, @elezar) - Allow for a reload to add additional runtimes and change the default runtime (#6056, @elezar)
- CRI-O now logs the stage of container or pod creation under system load. This allows users to find why their creation requests are stalling. (#5683, @haircommander)
Bug or Regression
- Fix a bug where
conmon_cgroup
andmonitor_path
became out of sync (#6255, @haircommander) - Fix a bug where static pods cannot be created because they've already been created. (#6123, @haircommander)
- Fix a bug where updating
default_runtime
would cause therunc
entry in the runtimes table to be deleted (#6257, @haircommander)
Other (Cleanup or Flake)
- Fix some inconsistencies in the help text (#6217, @haircommander)
Dependencies
Added
Nothing has changed.
Changed
Nothing has changed.
Removed
Nothing has changed.
Security
Details
date
Oct. 7, 2022, 4:25 p.m.
name
v1.25.1
type
Patch
official page
👇
Register or login to:
- 🔍View and search all CRI-O releases.
- 🛠️Create and share lists to track your tools.
- 🚨Setup notifications for major, security, feature or patch updates.
- 🚀Much more coming soon!