containerd 1.1.6

Welcome to the v1.1.6 release of containerd!

This is the sixth patch release for the containerd 1.1 release. This
release specifically re-vendors runc to capture the fix for the critical
CVE-2019-5736 container escape. Several CRI fixes were also included in
this release and are listed below.

Runtime

Update runc to 6635b4f0c6af3810594d2770f662f34ddc15b40d to fix CVE-2019-5736

CRI

containerd/cri#984 filter events for non k8s.io namespaces (resolves firecracker-microvm/firecracker-containerd#35)
containerd/cri#991 Remove container lifecycle image dependency (fixes containerd/cri#990)
containerd/cri#1016 Specify platform for image pull (fixes containerd/cri#1015)
containerd/cri#1027 Fix the log ending newline handling (fixes containerd/cri#1026)
containerd/cri#1042 Set /etc/hostname (fixes containerd/cri#1041)
containerd/cri#1045 Fix env performance issue (fixes containerd/cri#1044)
Update cri to f0b5665a959119b6a6234001e6d55206d9200e95

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

Lantao Liu
Phil Estes
Michael Crosby
Sebastiaan van Stijn
Akihiro Suda
Derek McGowan
Lifubang
Mike Brown
Wei Fu
Ace-Tang
Mike Brown

Changes

0ad902c05b Merge pull request #3003 from estesp/prepare-v1.1.6-release
ed854e3ca1 Prepare v1.1.6 release
a79c691e0f Merge pull request #3015 from thaJeztah/1.1_bump_cri
38bf6c598a [release/1.1] update containerd/cri to f0b5665a959119b6a6234001e6d55206d9200e95
878924b9b5 Merge pull request #2999 from thaJeztah/1.1_backport_bump_runc_cve_2019-5736
3177b4b96e Update runc to 6635b4f0c6af3810594d2770f662f34ddc15b40d (CVE-2019-5736)
80c3f1a3e4 Merge pull request #2966 from fuweid/remove-noop-1-1
3e6d7f678d metadata/gc: remove the noop-loop for snapshot reference
813e5f6765 Merge pull request #2954 from thaJeztah/1.1_backport_fix_xattr
b48afb426e fix: SCHILY.xattrs should be SCHILY.xattr
9979a1a936 Merge pull request #2951 from crosbymichael/lint-relase11
ff8a80e4c1 [release/1.1] fix: linter issue
6b15143e8d Merge pull request #2933 from AkihiroSuda/runc20190115-1.1
acd495de00 bump up runc
b55cf2cc05 Merge pull request #2892 from thaJeztah/1.1_revert_temp_golang_fix
0e93a1e41f Revert "Fix CI due to Golang 1.10.6 / 1.11.3 regressions (workaround)"
02e398d93e Merge pull request #2880 from thaJeztah/1.1_backport_fix_ci_golang_1.11
66a3eeb5b7 Fix CI due to Golang 1.10.6 / 1.11.3 regressions (workaround)
3c89a5e3f1 Merge pull request #2833 from acmcodercom/pidreuseattack
0bb672dc2b Merge pull request #2864 from thaJeztah/1.1_backport_runc-kill-paused
a1bfd3a2ed Update runc to 96ec2177ae841256168fcf76954f7177af
dbf186d970 Merge pull request #2848 from thaJeztah/1.1_backport_mask_asound
3d313382ca Add /proc/asound to masked paths
6bb83f2195 Merge pull request #2834 from acmcodercom/execrace
190c910435 fix pid reuse attack when kill a exec process
33c860f31d fix race in exec delete and start

Changes from containerd/cri

f0b5665a Merge pull request #1048 from Random-Liu/cherrypick-#1045-release-1.0
5edec1d8 Include default envs from containerd.
03cd5a31 Add env cache.
eedb9f81 Merge pull request #1047 from Random-Liu/cherrypick-#1042-release-1.0
b33f16e1 Don't log config at info level.
3c7c404d Set /etc/hostname.
71909a1a Merge pull request #1031 from Random-Liu/cherrypick-#1027-release-1.0
dd55db0a Add integration test.
b9cb0b21 Fix lint error.
0e24a83a Fix the log ending newline handling.
562eefa9 Merge pull request #1016 from Random-Liu/specify-platform-release-1.0
3a10f4e6 Specify platform for image pull.
12b411e8 Merge pull request #1008 from Random-Liu/revert-#998-release-1.0
1347be5a Revert "Temporary fix for golang regression #29241."
685bd043 Merge pull request #1006 from Random-Liu/cherrypick-#1004-release-1.0
9d3f7085 Install libseccomp2 package based on debian version.
5766ef2d Merge pull request #995 from Random-Liu/cherrypick-#991-release-1.0
a8b85255 Merge pull request #998 from Random-Liu/cherrypick-#997-release-1.0
2b2ca4c4 Temporary fix for golang regression #29241.
0ac83633 Add integration test.
5e759f5c Remove container lifecycle image ref dependency.
89aaac88 Merge pull request #988 from mikebrow/cherrypick-#984-release-1.0
2f5d677a filter namespace

Dependency Changes

Previous release can be found at v1.1.5

github.com/containerd/cri bad0ae1102e1bf9e53876f75eacc42bc97cfb557 -> f0b5665a959119b6a6234001e6d55206d9200e95
github.com/opencontainers/runc 10d38b660a77168360df3522881e2dc2be5056bd -> 6635b4f0c6af3810594d2770f662f34ddc15b40d
golang.org/x/sys 1b2967e3c290b7c545b3db0deeda16e9be4f98a2 -> 41f3e6584952bb034a481797859f6ab34b6803bd

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

containerd 1.1.6

Choose a tag to compare

Sorry, something went wrong.