Welcome to the v1.2.14 release of containerd!
The fourteenth patch release for containerd 1.2 is a security release to fix CVE-2020-15157.
Security Fixes
- Fix bug which allowed manifests to coerce containerd clients into leaking registry credentials GHSA-742w-89gc-8m9c
Included Changes
- Fix regression pushing manifests as octet stream #4268
- Update golang version
Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.
Contributors
- Sebastiaan van Stijn
- Michael Crosby
- Phil Estes
- Maksym Pavlenko
- Akihiro Suda
- Derek McGowan
- Wei Fu
- Chris C
- Davanum Srinivas
- Erik Sipsma
- Sergey Kanzhelev
- Ted Yu
- Tobias Klauser
- Ulysses Souza
- Zhiyu Li
Changes
48 commits
f8777f130 Add release notes for v1.2.14
abbb17959 Add comment clarifying fix for security issue
1ead8d9de treat manifest provided URLs differently
7f1f9b1cb Merge pull request #4464 from thaJeztah/1.2_backport_bump_golang_1.13.15
f52fbb8a9 Bump Golang 1.13.15
0732aa7a6 Bump Golang 1.13.14
f6b342959 Bump Go 1.13.13
0a454c2f7 Merge pull request #4339 from AkihiroSuda/golang-1.13.12-containerd1.2
2f4dfde54 Bump Golang 1.13.12
48cc59890 Merge pull request #4319 from hakman/runc-selinux-1.2
cbdfca815 Build runc with selinux support
3b72766af Merge pull request #4268 from dmcgowan/1.2-fix-bad-backport-push-octet-stream
f8ae16778 Fix incorrect backport of setting octet-stream
d4242f0d3 Merge pull request #4270 from estesp/travis-ci-fixes
17a506c94 golangci-lint update and fix
05bf3d63a Merge pull request #4173 from thaJeztah/1.2_backport_bump_golang_1.13
4f6dc01a8 Bump Golang 1.13.10
493665bd5 Bump Golang 1.13.9
edc830f98 Merge pull request #4149 from thaJeztah/1.2_backport_bump_console
053f4d6fd Update containerd/console vendor for fix
e72c2b5b1 Bump containerd console for os.File changes
8810a1387 bump containerd/console 0650fd9eeb50bab4fc99dceb9f2e14cf58f36e7f
b3b1ef317 Merge pull request #4121 from payall4u/hotfix-delete-container-error
f8be3cf7f when kill container, check if container has been deleted
8403abc6f Merge pull request #4060 from thaJeztah/1.2_backport_bump_golang_1.13
35a174382 Update Golang 1.13.8
305703670 Update Golang 1.13.7 (CVE-2020-0601, CVE-2020-7919)
1591eb809 Update Golang 1.13.6
fc95ae8ed Update Golang 1.13.5
77499e24e Update to Golang 1.13.4
2adf308a2 Revert "Update Golang 1.12.14"
9d53ba930 Revert "Update Golang 1.12.15"
c5843f944 Revert "Update Golang 1.12.16 (CVE-2020-0601, CVE-2020-7919)"
012c4c0af Revert "Update Golang 1.12.17"
30267a8da platforms: update known OS and arch values
591f6f491 Move flag.Parse in tests to TestMain
e7583ca96 Merge pull request #4064 from thaJeztah/1.2_backport_namespace_path
80914476e Merge pull request #4061 from thaJeztah/1.2_backport_golang_ci_lint
469320d92 Merge pull request #4067 from thaJeztah/1.2_backport_content_close
598f7a7b5 Try set GOGC for golint
dfff5b146 Switch to golangci-lint
a18c08347 fix additional linting failures
c1ceae579 Update timestamp atomic write
82ddedea2 Ensure close in content test
961c23a57 fix killall when use pidnamespace
a386eb648 Fix linter errors
4fcbc810e Merge pull request #4055 from fuweid/cp12-4048
971ad613c bugfix: cleanup dangling shim by brand new context
Changes from containerd/console
10 commits
8375c34 Merge pull request #34 from sipsma/close-once
38c5469 Only close epoller FD at most once.
02ecf6a Merge pull request #33 from ulyssessouza/add-file-interface
f652dc3 Add File interface instead of using os.File
53a0f1d Merge pull request #32 from estesp/check-vendor
6214f20 Add vendor check now that content is vendored
4b1ac2b Merge pull request #31 from TwinProduction/master
55928bd Enable vendoring
0650fd9 Merge pull request #30 from estesp/common-project-content
0b9f189 Add common project repo checks/README references
Dependency Changes
- github.com/containerd/console c12b1e7919c1 -> 8375c3424e4d
Previous release can be found at v1.2.13