- CRI-O v1.30.2
- Downloads
- Changelog since v1.30.1
- Changes by Kind
- Uncategorized
- Changes by Kind
- Dependencies
- Added
- Changed
- Removed
CRI-O v1.30.2
The release notes have been generated for the commit range
v1.30.1...v1.30.2 on Mon, 03 Jun 2024 12:47:13 UTC.
Downloads
Download one of our static release bundles via our Google Cloud Bucket:
- cri-o.amd64.v1.30.2.tar.gz
- cri-o.arm64.v1.30.2.tar.gz
- cri-o.ppc64le.v1.30.2.tar.gz
- cri-o.s390x.v1.30.2.tar.gz
To verify the artifact signatures via cosign, run:
> export COSIGN_EXPERIMENTAL=1
> cosign verify-blob cri-o.amd64.v1.30.2.tar.gz \
--certificate-identity https://github.com/cri-o/cri-o/.github/workflows/test.yml@refs/tags/v1.30.2 \
--certificate-oidc-issuer https://token.actions.githubusercontent.com \
--certificate-github-workflow-repository cri-o/cri-o \
--certificate-github-workflow-ref refs/tags/v1.30.2 \
--signature cri-o.amd64.v1.30.2.tar.gz.sig \
--certificate cri-o.amd64.v1.30.2.tar.gz.cert
To verify the bill of materials (SBOM) in SPDX format using the bom tool, run:
> tar xfz cri-o.amd64.v1.30.2.tar.gz
> bom validate -e cri-o.amd64.v1.30.2.tar.gz.spdx -d cri-o
Changelog since v1.30.1
Changes by Kind
Uncategorized
- Fix CVE-2024-5154 where a malicious container image could make a symlink of
/proc/mounts
on the host, out of the container's rootfs (#8231, @openshift-cherrypick-robot) - Fix memory leakage when sending a failing port-forward request (#8206, @openshift-cherrypick-robot)
- Fix the bug that cri-o stops watching container exits after it gets an fsnotify error (#8209, @openshift-cherrypick-robot)
Dependencies
Added
Nothing has changed.
Changed
- github.com/containers/image/v5: ea4fcca → f8d6234
Removed
Nothing has changed.