CRI-O - v1.25.3
Security
CRI-O v1.25.3
The release notes have been generated for the commit range
v1.25.2...v1.25.3 on Tue, 04 Apr 2023 14:40:44 UTC.
Downloads
Download one of our static release bundles via our Google Cloud Bucket:
- cri-o.amd64.v1.25.3.tar.gz
- cri-o.amd64.v1.25.3.tar.gz.sha256sum
- cri-o.amd64.v1.25.3.tar.gz.sig
- cri-o.amd64.v1.25.3.tar.gz.cert
- cri-o.amd64.v1.25.3.tar.gz.spdx
- cri-o.arm64.v1.25.3.tar.gz
- cri-o.arm64.v1.25.3.tar.gz.sha256sum
- cri-o.arm64.v1.25.3.tar.gz.sig
- cri-o.arm64.v1.25.3.tar.gz.cert
- cri-o.arm64.v1.25.3.tar.gz.spdx
To verify the artifact signatures via cosign, run:
> export COSIGN_EXPERIMENTAL=1
> cosign verify-blob cri-o.amd64.v1.25.3.tar.gz \
--signature cri-o.amd64.v1.25.3.tar.gz.sig \
--certificate cri-o.amd64.v1.25.3.tar.gz.cert
To verify the bill of materials (SBOM) in SPDX format using the bom tool, run:
> tar xfz cri-o.amd64.v1.25.3.tar.gz
> bom validate -e cri-o.amd64.v1.25.3.tar.gz.spdx -d cri-o
Changelog since v1.25.2
Changes by Kind
Dependency-Change
- '/dev' is now mounted again without the 'noexec' flag. (#6646, @haircommander)
Uncategorized
- Fix CVE-2022-4318 by failing to create container if it's passed a HOME environment variable with a newline (#6524, @openshift-cherrypick-robot)
- Fix a bug where
internal/resourcestore.(*ResourceStore).SetStageForResource
leaks memory (#6529, @openshift-cherrypick-robot) - Update systemd unit restart policy to be
on-failure
(#6671, @openshift-cherrypick-robot)
Dependencies
Added
Nothing has changed.
Changed
- github.com/containerd/stargz-snapshotter/estargz: v0.12.1 → v0.13.0
- github.com/containers/storage: v1.44.0 → a747b27
- github.com/klauspost/compress: v1.15.12 → v1.15.13
- github.com/opencontainers/runtime-tools: 58c91d6 → a6a0738
- github.com/ulikunitz/xz: v0.5.10 → v0.5.11
Removed
Nothing has changed.
Security
Details
date
April 4, 2023, 2:48 p.m.
name
v1.25.3
type
Patch
official page
👇
Register or login to:
- 🔍View and search all CRI-O releases.
- 🛠️Create and share lists to track your tools.
- 🚨Setup notifications for major, security, feature or patch updates.
- 🚀Much more coming soon!