- CRI-O v1.24.1
- Downloads
- Changelog since v1.24.0
- Changes by Kind
- Bug or Regression
- Changes by Kind
- Dependencies
- Added
- Changed
- Removed
CRI-O v1.24.1
This release fixes CVE-2022-1708
The release notes have been generated for the commit range
v1.24.0...v1.24.1 on Mon, 06 Jun 2022 14:35:29 EDT.
Downloads
Download one of our static release bundles via our Google Cloud Bucket:
- cri-o.amd64.v1.24.1.tar.gz
- cri-o.amd64.v1.24.1.tar.gz.sha256sum
- cri-o.arm64.v1.24.1.tar.gz
- cri-o.arm64.v1.24.1.tar.gz.sha256sum
Changelog since v1.24.0
Changes by Kind
Bug or Regression
- Add
monitor_exec_cgroupto the configuration's runtime handler struct. This allows an admin to specify which cgroup the monitor for exec sync requests runs in (defaults to that of CRI-O). (#5837, @donpenney) - Fix a bug where ExecSync requests (exec probes) could use an arbitrary amount of memory and disk. Output from ExecSync requests is now limited to 16MB (the amount that exec output was limited to in the dockershim). Disk limiting requires conmon 2.1.2 to work. See GHSA-fcm2-6c3h-pg6j and CVE-2022-1708 for more information. (#5935, @haircommander)
Dependencies
Added
Nothing has changed.
Changed
- golang.org/x/crypto: 089bfa5 → 2c7772b
Removed
Nothing has changed.