containerd 1.5.9
Welcome to the v1.5.9 release of containerd!
The ninth patch release for containerd 1.5 is a security release to fix CVE-2021-43816.
Notable Updates
- Fix unprivileged pod using 'hostPath' bypassing SELinux labels (GHSA-mvff-h3cj-wj9c)
- Fix setting the "container_kvm_t" SELinux label (#6381)
See the changelog for complete list of changes
Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.
Contributors
- Derek McGowan
- Sebastiaan van Stijn
- Michael Crosby
- Phil Estes
- Akihiro Suda
- Fabiano Fidêncio
- Samuel Karp
- Wei Fu
Changes
13 commits
- Github Security Advisory GHSA-mvff-h3cj-wj9c
- [release/1.5] seutil: Fix setting the "container_kvm_t" label (#6381)
da5749b67
seutil: Fix setting the "container_kvm_t" label
- [release/1.5] Update Go to 1.16.12 (#6367)
8c24a6199
[release/1.5] Update Go to 1.16.12
- [release/1.5] go.mod github.com/opencontainers/image-spec v1.0.2 (#6264)
7ab52528b
[release/1.5] go.mod github.com/opencontainers/image-spec v1.0.2
- [release/1.5] update runc binary to v1.0.3 (#6343)
16b5aa2c8
update runc binary to v1.0.3
- [release/1.5] Update Go to 1.16.11 (#6334)
3ff8be2d9
[release/1.5] Update Go to 1.16.11
Dependency Changes
- github.com/opencontainers/image-spec v1.0.1 -> v1.0.2
Previous release can be found at v1.5.8