From 97972dac5f1cb3532be5801e846629b607a6824c Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Fri, 21 Jan 2022 16:21:43 +0900 Subject: [PATCH 1/6] update runc binary to v1.1.0 Signed-off-by: Akihiro Suda (cherry picked from commit c55eb6b824368afb9634542a5a692ac24edea8f5) Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/runc.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/runc.installer b/hack/dockerfile/install/runc.installer index bd07d74e82..9de2ac614c 100755 --- a/hack/dockerfile/install/runc.installer +++ b/hack/dockerfile/install/runc.installer @@ -9,7 +9,7 @@ set -e # the containerd project first, and update both after that is merged. # # When updating RUNC_VERSION, consider updating runc in vendor.conf accordingly -: "${RUNC_VERSION:=v1.0.3}" +: "${RUNC_VERSION:=v1.1.0}" install_runc() { RUNC_BUILDTAGS="${RUNC_BUILDTAGS:-"seccomp"}" From 961b9a78d5d0e38976c66986f3b93a1c1e6a4780 Mon Sep 17 00:00:00 2001 From: Akihiro Suda Date: Fri, 1 Apr 2022 15:24:13 +0900 Subject: [PATCH 2/6] update runc binary to v1.1.1 Signed-off-by: Akihiro Suda (cherry picked from commit ffc903d7a61afb1657c10bbf8cfed96cfc106024) Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/runc.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/runc.installer b/hack/dockerfile/install/runc.installer index 9de2ac614c..498fb58b34 100755 --- a/hack/dockerfile/install/runc.installer +++ b/hack/dockerfile/install/runc.installer @@ -9,7 +9,7 @@ set -e # the containerd project first, and update both after that is merged. # # When updating RUNC_VERSION, consider updating runc in vendor.conf accordingly -: "${RUNC_VERSION:=v1.1.0}" +: "${RUNC_VERSION:=v1.1.1}" install_runc() { RUNC_BUILDTAGS="${RUNC_BUILDTAGS:-"seccomp"}" From 53ae17008eeff7f1cd856a7a3bdea417eefb074d Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Mon, 28 Mar 2022 01:05:06 +0200 Subject: [PATCH 3/6] Revert "[20.10] update containerd binary to 1.5.11" This reverts commit 7dfe7a17521e775dffd473e38df8c0a3ec4ccbeb. Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/containerd.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer index 830ce67eac..cc0a51115a 100755 --- a/hack/dockerfile/install/containerd.installer +++ b/hack/dockerfile/install/containerd.installer @@ -15,7 +15,7 @@ set -e # the binary version you may also need to update the vendor version to pick up # bug fixes or new APIs, however, usually the Go packages are built from a # commit from the master branch. -: "${CONTAINERD_VERSION:=v1.5.11}" +: "${CONTAINERD_VERSION:=v1.5.10}" install_containerd() ( echo "Install containerd version $CONTAINERD_VERSION" From 91708bf704faa6da840f572a98279c6803c17324 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Fri, 15 Oct 2021 19:33:06 +0200 Subject: [PATCH 4/6] update containerd binary to v1.6.1 Signed-off-by: Sebastiaan van Stijn (cherry picked from commit 06abe8dd2d6f783df28849148a1143598b67e78f) Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/containerd.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer index cc0a51115a..9ec3308c58 100755 --- a/hack/dockerfile/install/containerd.installer +++ b/hack/dockerfile/install/containerd.installer @@ -15,7 +15,7 @@ set -e # the binary version you may also need to update the vendor version to pick up # bug fixes or new APIs, however, usually the Go packages are built from a # commit from the master branch. -: "${CONTAINERD_VERSION:=v1.5.10}" +: "${CONTAINERD_VERSION:=v1.6.1}" install_containerd() ( echo "Install containerd version $CONTAINERD_VERSION" From 6d7c2b2d2657ce409863fbd66355898145219b5d Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Thu, 24 Mar 2022 02:50:51 +0100 Subject: [PATCH 5/6] update containerd binary to v1.6.2 The second patch release for containerd 1.6 includes a fix for [CVE-2022-24769](https://github.com/containerd/containerd/security/advisories/GHSA-c9cp-9c75-9v8c). Notable Updates - **Fix the inheritable capability defaults** ([GHSA-c9cp-9c75-9v8c](https://github.com/containerd/containerd/security/advisories/GHSA-c9cp-9c75-9v8c)) Signed-off-by: Sebastiaan van Stijn (cherry picked from commit e69529c94a2624c46dd64e58fd634e1bb8a8bc9d) Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/containerd.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer index 9ec3308c58..46d33bae6d 100755 --- a/hack/dockerfile/install/containerd.installer +++ b/hack/dockerfile/install/containerd.installer @@ -15,7 +15,7 @@ set -e # the binary version you may also need to update the vendor version to pick up # bug fixes or new APIs, however, usually the Go packages are built from a # commit from the master branch. -: "${CONTAINERD_VERSION:=v1.6.1}" +: "${CONTAINERD_VERSION:=v1.6.2}" install_containerd() ( echo "Install containerd version $CONTAINERD_VERSION" From 47b6a924b6475a093fe226e7bf5fa6a4f59bbe78 Mon Sep 17 00:00:00 2001 From: Sebastiaan van Stijn Date: Wed, 27 Apr 2022 09:55:12 +0200 Subject: [PATCH 6/6] update containerd binary to v1.6.3 Release notes: Welcome to the v1.6.3 release of containerd! The third patch release for containerd 1.6 includes various fixes and updates. Notable Updates - Fix panic when configuring tracing plugin - Improve image pull performance in CRI plugin - Check for duplicate nspath - Fix deadlock in cgroup metrics collector - Mount devmapper xfs file system with "nouuid" option - Make the temp mount as ready only in container WithVolumes - Fix deadlock from leaving transaction open in native snapshotter - Monitor OOMKill events to prevent missing container events Signed-off-by: Sebastiaan van Stijn (cherry picked from commit a9be008f0010fc6e207848c616b7ab060da24e9d) Signed-off-by: Sebastiaan van Stijn --- hack/dockerfile/install/containerd.installer | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/hack/dockerfile/install/containerd.installer b/hack/dockerfile/install/containerd.installer index 46d33bae6d..afad76975e 100755 --- a/hack/dockerfile/install/containerd.installer +++ b/hack/dockerfile/install/containerd.installer @@ -15,7 +15,7 @@ set -e # the binary version you may also need to update the vendor version to pick up # bug fixes or new APIs, however, usually the Go packages are built from a # commit from the master branch. -: "${CONTAINERD_VERSION:=v1.6.2}" +: "${CONTAINERD_VERSION:=v1.6.3}" install_containerd() ( echo "Install containerd version $CONTAINERD_VERSION"