Overview All releases

Version History

v1.29.3 v1.29.2 v1.29.1 v1.29.0 v1.28.5 v1.28.4 v1.28.3 v1.28.2 v1.28.1

v1.28.0

v1.27.5 v1.27.4 v1.27.3 v1.27.2 v1.27.1 v1.27.0 v1.26.4 v1.26.3 v1.26.2 v1.26.1 v1.26.0 v1.25.4 v1.25.3 v1.25.2 v1.25.1 v1.25.0 v1.24.6 v1.24.5 v1.24.4 v1.24.3 v1.24.2 v1.24.1 v1.24.0 v1.23.5 v1.23.4 v1.23.3 v1.23.2 v1.23.1

v1.23.0

v1.22.5 v1.22.4 v1.22.3 v1.22.2

v1.22.1

v1.22.0

v1.21.7 v1.21.6 v1.21.5

v1.21.4

v1.21.3

v1.21.2

v1.21.0

v1.20.9 v1.20.7

v1.20.6

v1.20.5

v1.20.3

v1.20.2

v1.20.1

v1.20.0

v1.20.0-rc.1

v1.19.6 v1.19.5

v1.19.4

v1.19.2

v1.19.1

v1.19.0

v1.19.0-rc.1

v1.18.6

v1.18.5

v1.18.4

v1.18.3

v1.18.2

v1.18.1

v1.18.0

v1.18.0-rc1

v1.17.5

v1.17.4

v1.17.3

v1.17.2

v1.17.1

v1.17.0

v1.16.6

v1.16.5

v1.16.4

v1.16.3

v1.16.2

v1.16.1

v1.16.0

v1.15.4

v1.15.3

v1.15.2

v1.15.1

v1.15.0

v1.14.12

v1.14.11

v1.14.10

v1.14.9

v1.14.8

v1.14.7

v1.14.6

v1.14.5

v1.14.4

v1.14.3

v1.14.2

v1.14.1

v1.14.0

v1.13.12

v1.13.11

v1.13.10

v1.13.9

v1.13.8

v1.13.7

v1.13.6

v1.13.5

v1.13.4

v1.13.3

v1.13.2

v1.13.1

v1.13.0

v1.12.10

v1.12.9

v1.12.8

v1.12.7

v1.12.6

v1.12.5

v1.12.4

v1.12.3

v1.12.2

v1.12.1

v1.12.0

v1.11.15

v1.11.14

v1.11.13

v1.11.12

v1.11.11

v1.11.10

v1.11.9

v1.11.8

v1.11.7

v1.11.6

v1.11.5

v1.11.4

v1.11.3

v1.11.2

v1.11.1

v1.11.0

v1.10.6

v1.10.5

v1.10.4

v1.10.3

v1.10.2

v1.10.1

v1.10.0

v1.10.0-beta.1

v1.9.16

v1.9.14

v1.9.13

v1.9.12

v1.9.11

v1.9.9

v1.9.8

v1.9.7

v1.9.6

v1.9.5

v1.9.4

v1.9.3

v1.9.2

v1.9.1

v1.9.0

v1.9.0-beta.2

v1.9.0-beta.1

v1.8.5

v1.8.4

v1.8.3

v1.8.2

v1.8.1

v1.8.0

v1.0.9

v1.0.8

v1.0.7

v1.0.6

v1.0.5

v1.0.4

v1.0.3

v1.0.2

v1.0.1

v1.0.0

v1.0.0-rc3

v1.0.0-rc2

v1.0.0-rc1

v1.0.0-beta.0

v1.0.0-alpha.0

v0.3

v0.2

v0.1

CRI-O - v1.28.0

Security

CRI-O v1.28.0
Downloads
Changelog since v1.27.0
Dependencies
- Added
- Changed
- Removed

CRI-O v1.28.0

The release notes have been generated for the commit range
v1.27.0...v1.28.0 on Wed, 23 Aug 2023 16:11:56 UTC.

Downloads

Download one of our static release bundles via our Google Cloud Bucket:

To verify the artifact signatures via cosign, run:

> export COSIGN_EXPERIMENTAL=1
> cosign verify-blob cri-o.amd64.v1.28.0.tar.gz \
    --certificate-identity https://github.com/cri-o/cri-o/.github/workflows/test.yml@refs/tags/v1.28.0 \
    --certificate-oidc-issuer https://token.actions.githubusercontent.com \
    --certificate-github-workflow-repository cri-o/cri-o \
    --certificate-github-workflow-ref refs/tags/v1.28.0 \
    --signature cri-o.amd64.v1.28.0.tar.gz.sig \
    --certificate cri-o.amd64.v1.28.0.tar.gz.cert

To verify the bill of materials (SBOM) in SPDX format using the bom tool, run:

> tar xfz cri-o.amd64.v1.28.0.tar.gz
> bom validate -e cri-o.amd64.v1.28.0.tar.gz.spdx -d cri-o

Changelog since v1.27.0

Changes by Kind

Dependency-Change

Added conmon to ppc64le static bundle, updated it to v2.1.7. (#7229, @saschagrunert)
Updated CNI plugins to v1.3.0. (#6912, @saschagrunert)
Updated crun to v1.8.5. (#6951, @saschagrunert)
Updated runc to v1.1.8. (#7151, @saschagrunert)
Updated runc to v1.1.9. (#7201, @saschagrunert)

Other

Add support for CDI device resolution and injection using the dedicated CRI ContainerConfig.CDIDevices field. (#6944, @klihub)
Cri-o now sets the cgroupPath CNI capability arg. (#6879, @squeed)

Deprecation

Migrate image registries to registry.k8s.io. (#6742, @ArkaSaha30)

Feature

Add DisableHostportMapping option to configuration, allowing users to disable hostport mapping for pods,
which can be useful when other services provide it other than kube-proxy (like Cillium) (#6589, @hasan4791)
Add a new metric resources_stalled_at_stage to show when pods and containers are stuck at different stages of creation. (#6923, @haircommander)
Add containers_events_dropped_total metric (#7210, @surik)
Add platform_runtime_paths option to the runtime handler structure, which allows admins to define specific runtime paths based on different platforms. (#7180, @sohankunkerkar)
Add support for io.kubernetes.cri-o.LinkLogs annotation, which allows a pod's logs to be mounted into a specified empty-dir for inspection by a log aggregator (#6990, @haircommander)
Add support for pinned_images in crio configuration
With this change, users can indicate to the kubelet not to perform garbage collection on certain images. (#6862, @sohankunkerkar)
Add version bump automation script (#7173, @anshgoyalevil)
Added support for namespaced signature policies via --signature-policy-dir / signature_policy_dir. See crio.conf.5.md for more details. (#7016, @saschagrunert)
Attempt to call c/storage Check() and Repair() when an unclean shutdown is detected (#7190, @MdSahil-oss)
Changes crio-status to be a sub command of crio. Example: crio status (#6557, @navisidhu)
Namespace for metrics exporter made configurable (#6891, @amarlearning)
Store PodLinuxOverhead and PodLinuxResources CRI fields received in RunPodSandbox() and then later pass them to NRI plugins so that the plugins do not need to cache the values. (#6913, @jukkar)
Support RegistryUnavailable error on container image pull. (#6842, @saschagrunert)
Support image policy verification error through the CRI. (#6918, @saschagrunert)
This PR extends the existing cpu-c-states.crio.io annotation in a backwards compatible manner, by adding a new max_latency option. The cpu-c-states.crio.io annotation now supports these values:
enable: enable all c-states (cpu-c-states.crio.io: "enable")
disable: disable all c-states (cpu-c-states.crio.io: "disable")
max_latency: enable c-states with a maximum latency in microseconds (for example, cpu-c-states.crio.io: "max_latency:10") (#6718, @bartwensley)
WIP: The user of Kubernetes v1.28 or later can omit the configuration of the kubelet cgroupDriver option if the Kubernetes KubeletCgroupDriverFromCRI feature flag in kubelet has been enabled. (#7079, @marquiz)

Bug or Regression

Failure in a PostStop hook does not prevent proper termination of a container anymore. (#7032, @MarSik)
Fix a bug where network metrics collection is broken with systemd cgroup driver and dropped infra containers. (#6856, @haircommander)
Fix a bug where sending information to cadvisor is stalled on taking the container's state lock (#6925, @haircommander)
Fix a bug where the PostStop runtime handler hooks weren't being called when a container exited gracefully (#7058, @haircommander)
Fix a bug where the cpu-quota.crio.io annotation was not propagated to the pod cgroup, meaning cpu quota was not disabled for the container (#6917, @haircommander)
Fix a bug with cpu quota annotation that manifests like:
pod with cpu-quota.crio.io: disable fails with error: set CPU CFS quota: invalid slice name: /kubepods.slice
Fix a bug where stopped containers break cpu load balancing being disabled (#7000, @haircommander)
Fix a segfault when a user namespace is requested but no OCI ID mappings are present (#6834, @haircommander)
Fix a very rare panic from a double closed channel in container stop (#7129, @haircommander)
Fixed an issue preventing the use of block devices with kata containers (#7142, @littlejawa)
Fixed bug where CRI-O runs with umask of 0. (#6843, @saschagrunert)
Fixed bug where ImageRef refers to a digest rather than an image ID, which negatively impacted kubelets garbage collection. (#7149, @saschagrunert)
Set mount type HostToContainer for mounts that include container storage root (#7076, @harche)

Other (Cleanup or Flake)

Add sandbox/pause image to the list of pinned_images if configured by the user. (#6903, @sohankunkerkar)
Adds debug log to identify when a relabel was not requested (#6494, @mrunalp)
Deprecate config migration support (will be removed in v1.29.0) (#6886, @jbpratt)
Dropped support for annotation based seccomp profiles, Kubernetes uses a native field since many releases. (#7006, @saschagrunert)
Updated cri-tools to v1.28.0. (#7211, @saschagrunert)
Updated static binary dependencies to their latest version in nixpkgs. (#7215, @saschagrunert)

Uncategorized

Fix a segfault when a user namespace is requested (#6844, @Syquel)
Revert kata containers block devices fix because it prevents non-root users from accessing block devices (where they were previously able to) (#7192, @davidvossel)

Dependencies

Added

cloud.google.com/go/recaptchaenterprise: v1.3.1
cloud.google.com/go/vision: v1.2.0
dario.cat/mergo: v1.0.0
gioui.org: 57750fc
git.sr.ht/~sbinet/gg: v0.3.1
github.com/AdamKorcz/go-fuzz-headers-1: e936619
github.com/Azure/azure-sdk-for-go/sdk/azcore: v1.6.1
github.com/Azure/azure-sdk-for-go/sdk/azidentity: v1.3.0
github.com/Azure/azure-sdk-for-go/sdk/internal: v1.3.0
github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/azkeys: v0.12.0
github.com/Azure/azure-sdk-for-go/sdk/security/keyvault/internal: v0.8.0
github.com/AzureAD/microsoft-authentication-library-for-go: v1.0.0
github.com/JohnCGriffin/overflow: 46fa312
github.com/Microsoft/cosesign1go: v0.0.1
github.com/Microsoft/didx509go: v0.0.2
github.com/ajstarks/deck/generate: c3f852c
github.com/ajstarks/deck: 30c9fc6
github.com/ajstarks/svgo: 1546f12
github.com/akavel/rsrc: v0.10.2
github.com/alessio/shellescape: v1.4.1
github.com/antlr/antlr4/runtime/Go/antlr/v4: 8188dc5
github.com/apache/arrow/go/v10: v10.0.1
github.com/apache/arrow/go/v11: v11.0.0
github.com/apache/thrift: v0.16.0
github.com/boombuler/barcode: v1.0.1
github.com/buildkite/agent/v3: v3.49.0
github.com/checkpoint-restore/go-criu/v4: v4.1.0
github.com/containerd/protobuild: v0.3.0
github.com/crc-org/vfkit: 3d57f09
github.com/digitorus/pkcs7: 001c36b
github.com/digitorus/timestamp: ef3b63b
github.com/elazarl/goproxy: a0805db
github.com/fogleman/gg: v1.3.0
github.com/gabriel-vasile/mimetype: v1.4.2
github.com/go-chi/chi/v5: v5.0.10
github.com/go-fonts/dejavu: v0.1.0
github.com/go-fonts/latin-modern: v0.2.0
github.com/go-fonts/liberation: v0.2.0
github.com/go-fonts/stix: v0.1.0
github.com/go-latex/latex: c0d11ff
github.com/go-pdf/fpdf: v0.6.0
github.com/go-redis/redismock/v9: v9.0.3
github.com/golang/freetype: e2365df
github.com/google/gnostic-models: v0.6.8
github.com/google/go-github/v53: v53.2.0
github.com/google/s2a-go: v0.1.4
github.com/googleapis/go-type-adapters: v1.0.0
github.com/iancoleman/strcase: v0.2.0
github.com/josephspurrier/goversioninfo: v1.4.0
github.com/jung-kurt/gofpdf: 24315ac
github.com/kballard/go-shellquote: 95032a8
github.com/klauspost/asmfmt: v1.3.2
github.com/lyft/protoc-gen-star: v0.6.1
github.com/minio/asm2plan9s: cdd7644
github.com/minio/c2goasm: 36a3d3b
github.com/pborman/uuid: v1.2.1
github.com/phpdave11/gofpdf: v1.4.2
github.com/phpdave11/gofpdi: v1.0.13
github.com/redis/go-redis/v9: v9.0.5
github.com/remyoudompheng/bigfft: eec4a21
github.com/ruudk/golang-pdf417: a7e3863
github.com/sassoftware/relic/v7: v7.5.5
github.com/sigstore/cosign/v2: v2.1.1
github.com/sigstore/protobuf-specs: v0.1.0
github.com/sigstore/sigstore/pkg/signature/kms/aws: v1.7.1
github.com/sigstore/sigstore/pkg/signature/kms/azure: v1.7.1
github.com/sigstore/sigstore/pkg/signature/kms/gcp: v1.7.1
github.com/sigstore/sigstore/pkg/signature/kms/hashivault: v1.7.1
github.com/sigstore/timestamp-authority: v1.1.1
github.com/uwu-tools/magex: v0.10.0
github.com/xhit/go-str2duration/v2: v2.1.0
github.com/ysmood/fetchup: v0.2.3
github.com/ysmood/got: v0.34.1
github.com/zeebo/assert: v1.3.0
github.com/zeebo/xxh3: v1.0.2
go.uber.org/mock: v0.2.0
gonum.org/v1/gonum: v0.11.0
gonum.org/v1/netlib: 8cb4219
gonum.org/v1/plot: v0.10.1
google.golang.org/genproto/googleapis/api: e85fd2c
google.golang.org/genproto/googleapis/rpc: e449d1e
k8s.io/kubernetes/staging/src/k8s.io/endpointslice: 855e7c4
lukechampine.com/uint128: v1.2.0
modernc.org/cc/v3: v3.36.3
modernc.org/ccgo/v3: v3.16.9
modernc.org/ccorpus: v1.11.6
modernc.org/httpfs: v1.0.6
modernc.org/libc: v1.17.1
modernc.org/mathutil: v1.5.0
modernc.org/memory: v1.2.1
modernc.org/opt: v0.1.3
modernc.org/sqlite: v1.18.1
modernc.org/strutil: v1.1.3
modernc.org/tcl: v1.13.1
modernc.org/token: v1.0.0
modernc.org/z: v1.5.1
software.sslmate.com/src/go-pkcs12: v0.2.0

Changed

chainguard.dev/go-grpc-kit: v0.15.0 → v0.16.0
cloud.google.com/go/accesscontextmanager: v1.6.0 → v1.7.0
cloud.google.com/go/aiplatform: v1.35.0 → v1.37.0
cloud.google.com/go/analytics: v0.18.0 → v0.19.0
cloud.google.com/go/apigeeregistry: v0.5.0 → v0.6.0
cloud.google.com/go/apikeys: v0.5.0 → v0.6.0
cloud.google.com/go/appengine: v1.6.0 → v1.7.1
cloud.google.com/go/artifactregistry: v1.11.2 → v1.13.0
cloud.google.com/go/asset: v1.11.1 → v1.13.0
cloud.google.com/go/beyondcorp: v0.4.0 → v0.5.0
cloud.google.com/go/bigquery: v1.48.0 → v1.50.0
cloud.google.com/go/billing: v1.12.0 → v1.13.0
cloud.google.com/go/channel: v1.11.0 → v1.12.0
cloud.google.com/go/cloudbuild: v1.7.0 → v1.9.0
cloud.google.com/go/cloudtasks: v1.9.0 → v1.10.0
cloud.google.com/go/compute: v1.18.0 → v1.20.1
cloud.google.com/go/container: v1.13.1 → v1.15.0
cloud.google.com/go/containeranalysis: v0.7.0 → v0.9.0
cloud.google.com/go/datacatalog: v1.12.0 → v1.13.0
cloud.google.com/go/dataform: v0.6.0 → v0.7.0
cloud.google.com/go/dataplex: v1.5.2 → v1.6.0
cloud.google.com/go/datastore: v1.10.0 → v1.11.0
cloud.google.com/go/datastream: v1.6.0 → v1.7.0
cloud.google.com/go/deploy: v1.6.0 → v1.8.0
cloud.google.com/go/dialogflow: v1.31.0 → v1.32.0
cloud.google.com/go/documentai: v1.16.0 → v1.18.0
cloud.google.com/go/edgecontainer: v0.3.0 → v1.0.0
cloud.google.com/go/eventarc: v1.10.0 → v1.11.0
cloud.google.com/go/filestore: v1.5.0 → v1.6.0
cloud.google.com/go/functions: v1.10.0 → v1.13.0
cloud.google.com/go/gkehub: v0.11.0 → v0.12.0
cloud.google.com/go/iam: v0.12.0 → v1.1.0
cloud.google.com/go/iap: v1.6.0 → v1.7.1
cloud.google.com/go/iot: v1.5.0 → v1.6.0
cloud.google.com/go/kms: v1.10.0 → v1.12.1
cloud.google.com/go/maps: v0.6.0 → v0.7.0
cloud.google.com/go/monitoring: v1.12.0 → v1.13.0
cloud.google.com/go/networkconnectivity: v1.10.0 → v1.11.0
cloud.google.com/go/networksecurity: v0.7.0 → v0.8.0
cloud.google.com/go/notebooks: v1.7.0 → v1.8.0
cloud.google.com/go/policytroubleshooter: v1.5.0 → v1.6.0
cloud.google.com/go/privatecatalog: v0.7.0 → v0.8.0
cloud.google.com/go/pubsub: v1.28.0 → v1.30.0
cloud.google.com/go/pubsublite: v1.6.0 → v1.7.0
cloud.google.com/go/recaptchaenterprise/v2: v2.6.0 → v2.7.0
cloud.google.com/go/resourcemanager: v1.5.0 → v1.7.0
cloud.google.com/go/run: v0.8.0 → v0.9.0
cloud.google.com/go/scheduler: v1.8.0 → v1.9.0
cloud.google.com/go/security: v1.13.0 → v1.14.0
cloud.google.com/go/securitycenter: v1.18.1 → v1.19.0
cloud.google.com/go/servicecontrol: v1.11.0 → v1.11.1
cloud.google.com/go/servicedirectory: v1.8.0 → v1.9.0
cloud.google.com/go/servicemanagement: v1.6.0 → v1.8.0
cloud.google.com/go/serviceusage: v1.5.0 → v1.6.0
cloud.google.com/go/spanner: v1.44.0 → v1.45.0
cloud.google.com/go/speech: v1.14.1 → v1.15.0
cloud.google.com/go/storage: v1.29.0 → v1.30.1
cloud.google.com/go/storagetransfer: v1.7.0 → v1.8.0
cloud.google.com/go/trace: v1.8.0 → v1.9.0
cloud.google.com/go/translate: v1.6.0 → v1.7.0
cloud.google.com/go/video: v1.13.0 → v1.15.0
cloud.google.com/go/vision/v2: v2.6.0 → v2.7.0
cloud.google.com/go/vmmigration: v1.5.0 → v1.6.0
cloud.google.com/go/vmwareengine: v0.2.2 → v0.3.0
cloud.google.com/go: v0.110.0 → v0.110.2
cuelang.org/go: v0.4.3 → v0.5.0
github.com/Azure/go-ansiterm: d185dfc → 306776e
github.com/Azure/go-autorest/autorest/adal: v0.9.21 → v0.9.23
github.com/Azure/go-autorest/autorest: v0.11.28 → v0.11.29
github.com/BurntSushi/toml: v1.2.1 → v1.3.2
github.com/Masterminds/semver/v3: v3.1.1 → v3.2.1
github.com/Microsoft/go-winio: v0.6.0 → v0.6.1
github.com/Microsoft/hcsshim: v0.10.0-rc.7 → v0.10.0
github.com/ProtonMail/go-crypto: 7d5c6f0 → 6f98819
github.com/alecthomas/kingpin/v2: v2.3.1 → v2.3.2
github.com/andybalholm/brotli: v1.0.3 → v1.0.4
github.com/armon/go-metrics: v0.4.1 → f0300d1
github.com/armon/go-radix: v1.0.0 → 7fddfc3
github.com/aws/aws-sdk-go-v2/config: v1.18.15 → v1.18.27
github.com/aws/aws-sdk-go-v2/credentials: v1.13.15 → v1.13.26
github.com/aws/aws-sdk-go-v2/feature/ec2/imds: v1.12.23 → v1.13.4
github.com/aws/aws-sdk-go-v2/internal/configsources: v1.1.29 → v1.1.34
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2: v2.4.23 → v2.4.28
github.com/aws/aws-sdk-go-v2/internal/ini: v1.3.30 → v1.3.35
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url: v1.9.23 → v1.9.28
github.com/aws/aws-sdk-go-v2/service/kms: v1.20.5 → v1.22.2
github.com/aws/aws-sdk-go-v2/service/sso: v1.12.4 → v1.12.12
github.com/aws/aws-sdk-go-v2/service/ssooidc: v1.14.4 → v1.14.12
github.com/aws/aws-sdk-go-v2/service/sts: v1.18.5 → v1.19.2
github.com/aws/aws-sdk-go-v2: v1.17.5 → v1.18.1
github.com/aws/aws-sdk-go: v1.44.225 → v1.44.248
github.com/bwesterb/go-ristretto: v1.2.0 → v1.2.3
github.com/cenkalti/backoff/v4: v4.2.0 → v4.2.1
github.com/cloudflare/circl: v1.1.0 → v1.3.3
github.com/cncf/xds/go: 06c439d → e9ce688
github.com/cockroachdb/apd/v2: v2.0.1 → v2.0.2
github.com/cockroachdb/datadriven: bf6692d → v1.0.2
github.com/container-orchestrated-devices/container-device-interface: v0.5.4 → v0.6.0
github.com/container-storage-interface/spec: v1.7.0 → v1.8.0
github.com/containerd/cgroups/v3: v3.0.1 → v3.0.2
github.com/containerd/containerd: v1.7.0 → v1.7.2
github.com/containerd/continuity: v0.3.0 → v0.4.1
github.com/containerd/nri: v0.3.0 → 9418541
github.com/containerd/ttrpc: v1.2.1 → v1.2.2
github.com/containerd/typeurl/v2: v2.1.0 → v2.1.1
github.com/containernetworking/plugins: v1.2.0 → v1.3.0
github.com/containers/buildah: v1.30.0 → v1.31.2
github.com/containers/common: v0.52.0 → v0.55.3
github.com/containers/conmon-rs: v0.5.0 → v0.5.1
github.com/containers/image/v5: v5.25.0 → v5.27.0
github.com/containers/libhvee: v0.0.2 → v0.0.5
github.com/containers/ocicrypt: v1.1.7 → v1.1.8
github.com/containers/podman/v4: v4.5.0 → v4.6.1
github.com/containers/storage: v1.46.1 → v1.49.0
github.com/coredns/caddy: v1.1.0 → v1.1.1
github.com/coreos/go-oidc/v3: v3.5.0 → v3.6.0
github.com/coreos/go-oidc: v2.1.0+incompatible → v2.2.1+incompatible
github.com/coreos/go-semver: v0.3.0 → v0.3.1
github.com/coreos/stream-metadata-go: v0.4.1 → v0.4.2
github.com/cri-o/ocicni: v0.4.0 → ad62f4e
github.com/cyberphone/json-canonicalization: 57a0ce2 → 504adb8
github.com/decred/dcrd/dcrec/secp256k1/v4: 5444fa5 → v4.2.0
github.com/digitalocean/go-libvirt: e2a69bc → 8648fbd
github.com/digitalocean/go-qemu: ac9e0b6 → f035778
github.com/docker/cli: v23.0.1+incompatible → v23.0.5+incompatible
github.com/docker/distribution: v2.8.1+incompatible → v2.8.2+incompatible
github.com/docker/docker: v23.0.3+incompatible → v24.0.2+incompatible
github.com/emicklei/go-restful: v2.16.0+incompatible → v2.9.5+incompatible
github.com/emicklei/proto: v1.6.15 → v1.10.0
github.com/envoyproxy/go-control-plane: v0.10.3 → 9239064
github.com/envoyproxy/protoc-gen-validate: v0.9.1 → v0.10.1
github.com/fatih/color: v1.13.0 → v1.15.0
github.com/frankban/quicktest: v1.14.4 → v1.14.0
github.com/fvbommel/sortorder: v1.0.1 → v1.1.0
github.com/go-git/gcfg: v1.5.0 → 3a3c614
github.com/go-git/go-git-fixtures/v4: v4.3.1 → 0c11038
github.com/go-git/go-git/v5: v5.6.1 → v5.7.0
github.com/go-ini/ini: v1.67.0 → v1.25.4
github.com/go-logr/logr: v1.2.3 → v1.2.4
github.com/go-openapi/errors: v0.20.3 → v0.20.4
github.com/go-openapi/jsonreference: v0.20.1 → v0.20.2
github.com/go-openapi/runtime: v0.25.0 → v0.26.0
github.com/go-openapi/spec: v0.20.8 → v0.20.9
github.com/go-openapi/swag: v0.22.3 → v0.22.4
github.com/go-piv/piv-go: v1.10.0 → v1.11.0
github.com/go-playground/validator/v10: v10.12.0 → v10.14.1
github.com/go-rod/rod: v0.112.6 → v0.113.3
github.com/go-stack/stack: v1.8.1 → v1.8.0
github.com/goccy/go-json: v0.9.7 → v0.10.2
github.com/godbus/dbus/v5: 4b691ce → 7623695
github.com/gofrs/uuid: v4.0.0+incompatible → v4.4.0+incompatible
github.com/golang/glog: v1.0.0 → v1.1.0
github.com/google/btree: v1.1.2 → v1.0.1
github.com/google/cadvisor: v0.47.1 → v0.47.3
github.com/google/cel-go: v0.12.6 → v0.16.0
github.com/google/certificate-transparency-go: v1.1.4 → v1.1.6
github.com/google/flatbuffers: v1.12.1 → v2.0.8+incompatible
github.com/google/go-containerregistry: v0.14.0 → v0.15.2
github.com/google/pprof: 4bb14d4 → 91b7bce
github.com/google/trillian: v1.5.1 → v1.5.2
github.com/googleapis/enterprise-certificate-proxy: v0.2.3 → v0.2.5
github.com/googleapis/gax-go/v2: v2.8.0 → v2.11.0
github.com/gopherjs/gopherjs: fce0ec3 → 0766667
github.com/gregjones/httpcache: 901d907 → 9cad4c3
github.com/hashicorp/consul/api: v1.18.0 → v1.1.0
github.com/hashicorp/go-immutable-radix: v1.3.1 → v1.0.0
github.com/hashicorp/go-retryablehttp: v0.7.2 → v0.7.4
github.com/hashicorp/go-uuid: v1.0.3 → v1.0.1
github.com/hashicorp/serf: v0.10.1 → v0.8.2
github.com/hashicorp/vault/api: v1.9.0 → v1.9.2
github.com/howeyc/gopass: 7cb4b85 → c8aef6f
github.com/ianlancetaylor/demangle: 28f6c0f → eabc099
github.com/in-toto/in-toto-golang: v0.7.0 → v0.9.0
github.com/intel/goresctrl: v0.3.0 → v0.4.0
github.com/jonboulle/clockwork: v0.3.0 → v0.2.2
github.com/klauspost/compress: v1.16.4 → v1.16.7
github.com/klauspost/cpuid/v2: v2.0.4 → v2.0.9
github.com/klauspost/pgzip: 17e8dac → v1.2.6
github.com/leodido/go-urn: v1.2.2 → v1.2.4
github.com/lestrrat-go/blackmagic: v1.0.0 → v1.0.1
github.com/lestrrat-go/iter: v1.0.1 → v1.0.2
github.com/lestrrat-go/jwx: v1.2.25 → v1.2.26
github.com/lestrrat-go/option: v1.0.0 → v1.0.1
github.com/magefile/mage: v1.14.0 → v1.15.0
github.com/mattn/go-sqlite3: v1.14.16 → v1.14.17
github.com/maxbrunsfeld/counterfeiter/v6: v6.6.1 → v6.6.2
github.com/mistifyio/go-zfs/v3: v3.0.0 → v3.0.1
github.com/mitchellh/go-testing-interface: v1.14.1 → v1.0.0
github.com/mitchellh/go-wordwrap: v1.0.0 → v1.0.1
github.com/moby/term: 1aeaba8 → v0.5.0
github.com/networkplumbing/go-nft: v0.2.0 → v0.3.0
github.com/onsi/ginkgo/v2: v2.9.2 → v2.11.0
github.com/onsi/gomega: v1.27.6 → v1.27.10
github.com/open-policy-agent/opa: v0.45.0 → v0.52.0
github.com/opencontainers/image-spec: 3a7f492 → v1.1.0-rc4
github.com/opencontainers/runc: 8b9452f → v1.1.9
github.com/opencontainers/runtime-spec: v1.1.0-rc.1 → v1.1.0
github.com/openshift/imagebuilder: v1.2.4 → v1.2.5
github.com/pelletier/go-toml/v2: v2.0.6 → v2.0.8
github.com/pierrec/lz4/v4: v4.1.2 → v4.1.15
github.com/prometheus/client_golang: v1.14.0 → v1.16.0
github.com/prometheus/client_model: v0.3.0 → v0.4.0
github.com/prometheus/common: v0.42.0 → v0.44.0
github.com/prometheus/procfs: v0.9.0 → v0.10.1
github.com/protocolbuffers/txtpbfmt: f6a6b3f → 74888fd
github.com/rootless-containers/rootlesskit: v1.1.0 → v1.1.1
github.com/rs/cors: v1.8.3 → v1.9.0
github.com/safchain/ethtool: v0.2.0 → v0.3.0
github.com/secure-systems-lab/go-securesystemslib: v0.5.0 → v0.6.0
github.com/sergi/go-diff: v1.2.0 → v1.3.1
github.com/sigstore/fulcio: v1.2.0 → v1.3.1
github.com/sigstore/rekor: v1.1.0 → v1.2.2
github.com/sigstore/sigstore: v1.6.0 → v1.7.1
github.com/sirupsen/logrus: v1.9.0 → v1.9.3
github.com/skeema/knownhosts: v1.1.0 → v1.1.1
github.com/smartystreets/assertions: v1.1.0 → b2de0cb
github.com/spf13/afero: v1.9.3 → v1.9.5
github.com/spf13/cast: v1.5.0 → v1.5.1
github.com/spf13/viper: v1.15.0 → v1.16.0
github.com/spiffe/go-spiffe/v2: v2.1.3 → v2.1.6
github.com/stretchr/testify: v1.8.2 → v1.8.4
github.com/sylabs/sif/v2: v2.11.1 → v2.11.5
github.com/transparency-dev/merkle: v0.0.1 → v0.0.2
github.com/uptrace/opentelemetry-go-extra/otellogrus: v0.1.21 → v0.2.2
github.com/uptrace/opentelemetry-go-extra/otelutil: v0.1.21 → v0.2.2
github.com/urfave/cli/v2: v2.25.1 → v2.25.7
github.com/urfave/cli: v1.22.12 → v1.22.14
github.com/vbatts/tar-split: v0.11.3 → v0.11.5
github.com/vbauerster/mpb/v8: v8.3.0 → v8.4.0
github.com/veraison/go-cose: v1.0.0 → v1.1.0
github.com/vishvananda/netns: v0.0.2 → v0.0.4
github.com/xanzy/go-gitlab: v0.73.1 → v0.86.0
github.com/xlab/treeprint: v1.1.0 → v1.2.0
github.com/yuin/goldmark: v1.5.3 → v1.4.13
github.com/zalando/go-keyring: v0.1.1 → v0.2.2
go.etcd.io/etcd/api/v3: v3.6.0-alpha.0 → v3.5.9
go.etcd.io/etcd/client/pkg/v3: v3.6.0-alpha.0 → v3.5.9
go.etcd.io/etcd/client/v2: v2.306.0-alpha.0 → v2.305.9
go.etcd.io/etcd/client/v3: v3.6.0-alpha.0 → v3.5.9
go.etcd.io/etcd/pkg/v3: v3.6.0-alpha.0 → v3.5.9
go.etcd.io/etcd/raft/v3: v3.6.0-alpha.0 → v3.5.9
go.etcd.io/etcd/server/v3: v3.6.0-alpha.0 → v3.5.9
go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc: v0.40.0 → v0.42.0
go.opentelemetry.io/otel/exporters/otlp/internal/retry: v1.14.0 → v1.16.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace/otlptracegrpc: v1.14.0 → v1.16.0
go.opentelemetry.io/otel/exporters/otlp/otlptrace: v1.14.0 → v1.16.0
go.opentelemetry.io/otel/metric: v0.37.0 → v1.16.0
go.opentelemetry.io/otel/sdk: v1.14.0 → v1.16.0
go.opentelemetry.io/otel/trace: v1.14.0 → v1.16.0
go.opentelemetry.io/otel: v1.14.0 → v1.16.0
go.starlark.net: 8dd3e2e → a134d8f
go.step.sm/crypto: v0.28.0 → v0.32.2
go.uber.org/atomic: v1.10.0 → v1.11.0
go.uber.org/multierr: v1.9.0 → v1.11.0
gocloud.dev: v0.29.0 → v0.30.0
golang.org/x/crypto: v0.8.0 → v0.11.0
golang.org/x/exp: 10a5072 → 2e198f4
golang.org/x/image: cff245a → 723b81c
golang.org/x/mod: v0.9.0 → v0.11.0
golang.org/x/net: v0.9.0 → v0.13.0
golang.org/x/oauth2: v0.6.0 → v0.10.0
golang.org/x/sync: v0.1.0 → v0.3.0
golang.org/x/sys: v0.7.0 → v0.11.0
golang.org/x/term: v0.7.0 → v0.10.0
golang.org/x/text: v0.9.0 → v0.11.0
golang.org/x/time: v0.2.0 → v0.3.0
golang.org/x/tools: v0.7.0 → v0.10.0
google.golang.org/api: v0.114.0 → v0.128.0
google.golang.org/genproto: 7f2fa6f → e85fd2c
google.golang.org/grpc/cmd/protoc-gen-go-grpc: v1.2.0 → v1.3.0
google.golang.org/grpc: v1.54.0 → v1.57.0
google.golang.org/protobuf: v1.30.0 → v1.31.0
gopkg.in/gcfg.v1: v1.2.0 → v1.2.3
gopkg.in/natefinch/lumberjack.v2: v2.0.0 → v2.2.1
honnef.co/go/tools: v0.0.1-2020.1.5 → v0.1.3
k8s.io/klog/v2: v2.90.1 → v2.100.1
k8s.io/kube-openapi: 15aac26 → 2695361
k8s.io/kubernetes/staging/src/k8s.io/api: 1b4df30 → 855e7c4
k8s.io/kubernetes/staging/src/k8s.io/apiextensions-apiserver: 1b4df30 → 855e7c4
k8s.io/kubernetes/staging/src/k8s.io/apimachinery: 1b4df30 → 855e7c4
k8s.io/kubernetes/staging/src/k8s.io/apiserver: 1b4df30 → 855e7c4
k8s.io/kubernetes/staging/src/k8s.io/cli-runtime: 1b4df30 → 855e7c4
k8s.io/kubernetes/staging/src/k8s.io/client-go: 1b4df30 → 855e7c4
k8s.io/kubernetes/staging/src/k8s.io/cloud-provider: 1b4df30 → 855e7c4
k8s.io/kubernetes/staging/src/k8s.io/cluster-bootstrap: 1b4df30 → 855e7c4
k8s.io/kubernetes/staging/src/k8s.io/code-generator: 1b4df30 → 855e7c4
k8s.io/kubernetes/staging/src/k8s.io/component-base: 1b4df30 → 855e7c4
k8s.io/kubernetes/staging/src/k8s.io/component-helpers: 1b4df30 → 855e7c4
k8s.io/kubernetes/staging/src/k8s.io/controller-manager: 1b4df30 → 855e7c4
k8s.io/kubernetes/staging/src/k8s.io/cri-api: 1b4df30 → 855e7c4
k8s.io/kubernetes/staging/src/k8s.io/csi-translation-lib: 1b4df30 → 855e7c4
k8s.io/kubernetes/staging/src/k8s.io/dynamic-resource-allocation: 1b4df30 → 855e7c4
k8s.io/kubernetes/staging/src/k8s.io/kms: 1b4df30 → 855e7c4
k8s.io/kubernetes/staging/src/k8s.io/kube-aggregator: 1b4df30 → 855e7c4
k8s.io/kubernetes/staging/src/k8s.io/kube-controller-manager: 1b4df30 → 855e7c4
k8s.io/kubernetes/staging/src/k8s.io/kube-proxy: 1b4df30 → 855e7c4
k8s.io/kubernetes/staging/src/k8s.io/kube-scheduler: 1b4df30 → 855e7c4
k8s.io/kubernetes/staging/src/k8s.io/kubectl: 1b4df30 → 855e7c4
k8s.io/kubernetes/staging/src/k8s.io/kubelet: 1b4df30 → 855e7c4
k8s.io/kubernetes/staging/src/k8s.io/legacy-cloud-providers: 1b4df30 → 855e7c4
k8s.io/kubernetes/staging/src/k8s.io/metrics: 1b4df30 → 855e7c4
k8s.io/kubernetes/staging/src/k8s.io/mount-utils: 1b4df30 → 855e7c4
k8s.io/kubernetes/staging/src/k8s.io/pod-security-admission: 1b4df30 → 855e7c4
k8s.io/kubernetes/staging/src/k8s.io/sample-apiserver: 1b4df30 → 855e7c4
k8s.io/kubernetes: v1.27.0 → v1.28.0
k8s.io/utils: a5ecb01 → 9f67429
knative.dev/pkg: 408ad07 → ee73c93
sigs.k8s.io/apiserver-network-proxy/konnectivity-client: v0.1.1 → v0.1.2
sigs.k8s.io/kustomize/api: v0.13.2 → 6ce0bf3
sigs.k8s.io/kustomize/cmd/config: v0.11.1 → v0.11.2
sigs.k8s.io/kustomize/kustomize/v5: v5.0.1 → 6ce0bf3
sigs.k8s.io/kustomize/kyaml: v0.14.1 → 6ce0bf3
sigs.k8s.io/release-sdk: v0.10.0 → v0.10.3
sigs.k8s.io/release-utils: v0.7.3 → 1bf6b4c

Removed

bitbucket.org/creachadair/shell: v0.0.7
contrib.go.opencensus.io/exporter/stackdriver: v0.13.12
github.com/GoogleCloudPlatform/testgrid: v0.0.38
github.com/Masterminds/goutils: v1.1.1
github.com/Masterminds/semver: v1.5.0
github.com/Masterminds/sprig: v2.22.0+incompatible
github.com/alibabacloud-go/darabonba-string: v1.0.0
github.com/andreyvit/diff: c7f18ee
github.com/antlr/antlr4/runtime/Go/antlr: v1.4.10
github.com/apache/beam/sdks/v2: ef43645
github.com/arbovm/levenshtein: 48b4e1c
github.com/bytecodealliance/wasmtime-go: v1.0.0
github.com/carolynvs/magex: v0.9.0
github.com/certifi/gocertifi: 2c3bb06
github.com/cheggaaa/pb/v3: v3.1.0
github.com/cockroachdb/apd: v1.1.0
github.com/cockroachdb/cockroach-go/v2: v2.2.19
github.com/cockroachdb/errors: v1.2.4
github.com/cockroachdb/logtags: eb05cc2
github.com/codahale/rfc6979: 6a90f24
github.com/depcheck-test/depcheck-test: 199033a
github.com/dgraph-io/badger/v3: v3.2103.2
github.com/dgraph-io/ristretto: v0.1.0
github.com/dgryski/go-farm: a6ae236
github.com/dgryski/trifles: dd97f9a
github.com/form3tech-oss/jwt-go: v3.2.5+incompatible
github.com/fortytw2/leaktest: v1.3.0
github.com/foxcpp/go-mockdns: fb145fc
github.com/fullstorydev/grpcurl: v1.8.7
github.com/getsentry/raven-go: v0.2.0
github.com/go-playground/assert/v2: v2.2.0
github.com/go-redis/redis: v6.15.9+incompatible
github.com/go-zoo/bone: v1.3.0
github.com/goark/errs: v1.1.0
github.com/goark/go-cvss: v1.3.0
github.com/gofrs/flock: v0.8.1
github.com/golang-jwt/jwt: v3.2.2+incompatible
github.com/gomarkdown/markdown: 3b9f472
github.com/google/go-github/v45: v45.2.0
github.com/google/go-github/v47: v47.1.0
github.com/google/go-github/v48: v48.2.0
github.com/google/go-licenses: ce1d916
github.com/google/licenseclassifier/v2: v2.0.0
github.com/google/licenseclassifier: bb04aff
github.com/google/renameio/v2: v2.0.0
github.com/googleapis/gnostic: v0.5.5
github.com/hashicorp/go-hclog: v1.3.1
github.com/hashicorp/go-plugin: v1.4.5
github.com/hashicorp/go-secure-stdlib/mlock: v0.1.2
github.com/hashicorp/go-version: v1.6.0
github.com/hashicorp/vault/sdk: v0.6.0
github.com/hashicorp/yamux: v0.1.1
github.com/huandu/xstrings: v1.2.0
github.com/jackc/chunkreader/v2: v2.0.1
github.com/jackc/pgconn: v1.12.1
github.com/jackc/pgio: v1.0.0
github.com/jackc/pgpassfile: v1.0.0
github.com/jackc/pgproto3/v2: v2.3.0
github.com/jackc/pgservicefile: 2b9c447
github.com/jackc/pgtype: v1.11.0
github.com/jackc/pgx/v4: v4.16.1
github.com/jellydator/ttlcache/v2: v2.11.1
github.com/jhump/protoreflect: v1.14.0
github.com/kelseyhightower/envconfig: v1.4.0
github.com/lib/pq: v1.10.7
github.com/lufia/plan9stats: 39d0f17
github.com/mediocregopher/radix/v4: v4.1.2
github.com/mitchellh/copystructure: v1.2.0
github.com/mitchellh/reflectwalk: v1.0.2
github.com/mmarkdown/mmark: v2.0.40+incompatible
github.com/mwitkow/go-proto-validators: v0.2.0
github.com/oklog/run: v1.1.0
github.com/otiai10/copy: v1.2.0
github.com/package-url/packageurl-go: d704593
github.com/peterh/liner: bf27d3b
github.com/pierrec/lz4: v2.6.1+incompatible
github.com/power-devops/perfstat: 5aafc22
github.com/prometheus/prometheus: v2.5.0+incompatible
github.com/psampaz/go-mod-outdated: v0.9.0
github.com/pseudomuto/protoc-gen-doc: v1.5.1
github.com/pseudomuto/protokit: v0.2.0
github.com/rwtodd/Go.Sed: 5546468
github.com/sagikazarmark/crypt: v0.9.0
github.com/saschagrunert/ccli: b68f755
github.com/saschagrunert/go-modiff: v1.3.1
github.com/sendgrid/rest: v2.6.9+incompatible
github.com/sendgrid/sendgrid-go: v3.12.0+incompatible
github.com/shirou/gopsutil/v3: v3.22.12
github.com/shurcooL/githubv4: a14260e
github.com/shurcooL/graphql: 18c5c31
github.com/sigstore/cosign: v1.13.1
github.com/src-d/gcfg: v1.4.0
github.com/tent/canonical-json-go: 96e4ba3
github.com/tilinna/clock: v1.1.0
github.com/tj/go-spin: v1.1.0
github.com/tklauser/go-sysconf: v0.3.11
github.com/tklauser/numcpus: v0.6.0
github.com/tomasen/realip: f0c99a9
github.com/uber/jaeger-client-go: v2.30.0+incompatible
github.com/withfig/autocomplete-tools/integrations/cobra: v1.2.1
github.com/yusufpapurcu/wmi: v1.2.2
go.etcd.io/etcd/etcdctl/v3: v3.6.0-alpha.0
go.etcd.io/etcd/etcdutl/v3: v3.6.0-alpha.0
go.etcd.io/etcd/tests/v3: v3.6.0-alpha.0
go.etcd.io/etcd/v3: v3.6.0-alpha.0
go.uber.org/automaxprocs: v1.5.1
golang.org/dl: 82a15e2
golang.org/x/arch: v0.1.0
google.golang.org/grpc/examples: 3775f63
gopkg.in/cheggaaa/pb.v1: v1.0.28
gopkg.in/src-d/go-billy.v4: v4.3.2
gopkg.in/src-d/go-git.v4: v4.13.1
helm.sh/helm/v3: v3.10.3
k8s.io/release: v0.15.0
mvdan.cc/editorconfig: v0.2.0
mvdan.cc/sh/v3: v3.6.0
oras.land/oras-go: v1.2.0
sigs.k8s.io/bom: v0.4.1
sigs.k8s.io/mdtoc: v1.1.0
sigs.k8s.io/promo-tools/v3: v3.4.11
sigs.k8s.io/zeitgeist: v0.3.5

Security

Security wording was detected, but no CVEs were found.

Details

date

Aug. 23, 2023, 4:21 p.m.

name

v1.28.0

type

Minor

official page

https://github.com/cri-o/cri-o/releases/tag/v1.28.0

👇

🔍View and search all CRI-O releases.
🛠️Create and share lists to track your tools.
🚨Setup notifications for major, security, feature or patch updates.
🚀Much more coming soon!

Continue with GitHub

Continue with Google

Username

Password

Password (again)

leave this field blank to prove your humanity