0ct0pu5/moby
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

[23.0] update containerd binary to v1.6.18

Browse source 
update containerd binary to v1.6.18, which includes fixes for CVE-2023-25153
and CVE-2023-25173.

1.6.18 release notes: https://github.com/containerd/containerd/releases/tag/v1.6.18

> - Fix OCI image importer memory exhaustion (GHSA-259w-8hf6-59c2)
> - Fix supplementary groups not being set up properly (GHSA-hmfx-3pcx-653p)
> - Revert removal of /sbin/apparmor_parser check
> - Update Go to 1.19.6

full diff: https://github.com/containerd/containerd/compare/v1.6.17...v1.6.18

1.6.17 release notes: https://github.com/containerd/containerd/releases/tag/v1.6.17

> - Add network plugin metrics
> - Update mkdir permission on /etc/cni to 0755 instead of 0700
> - Export remote snapshotter label handler
> - Add support for default hosts.toml configuration

full diff: https://github.com/containerd/containerd/compare/v1.6.16...v1.6.17

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
Sebastiaan van Stijn 2023-02-17 01:22:44 +01:00
parent 6bf50c09a4
commit 52d667794f
No known key found for this signature in database
GPG key ID: 76698F39D527CE8C
3 changed files with 3 additions and 3 deletions

2
Dockerfile
View file

@ -192,7 +192,7 @@ RUN git init . && git remote add origin "https://github.com/containerd/container
# When updating the binary version you may also need to update the vendor
# version to pick up bug fixes or new APIs, however, usually the Go packages
# are built from a commit from the master branch.
ARG CONTAINERD_VERSION=v1.6.16
ARG CONTAINERD_VERSION=v1.6.18
RUN git fetch -q --depth 1 origin "${CONTAINERD_VERSION}" +refs/tags/*:refs/tags/* && git checkout -q FETCH_HEAD
FROM base AS containerd-build

2
Dockerfile.windows
View file

@ -168,7 +168,7 @@ SHELL ["powershell", "-Command", "$ErrorActionPreference = 'Stop'; $ProgressPref
ARG GO_VERSION=1.19.5
ARG GOTESTSUM_VERSION=v1.8.2
ARG GOWINRES_VERSION=v0.3.0
ARG CONTAINERD_VERSION=v1.6.16
ARG CONTAINERD_VERSION=v1.6.18
# Environment variable notes:
# - GO_VERSION must be consistent with 'Dockerfile' used by Linux.

2
hack/dockerfile/install/containerd.installer
View file

@ -15,7 +15,7 @@ set -e
# the binary version you may also need to update the vendor version to pick up
# bug fixes or new APIs, however, usually the Go packages are built from a
# commit from the master branch.
: "${CONTAINERD_VERSION:=v1.6.16}"
: "${CONTAINERD_VERSION:=v1.6.18}"
install_containerd() (
echo "Install containerd version $CONTAINERD_VERSION"