Skip to content

Bumps containerd to v1.5.9 #612

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Jan 6, 2022
Merged

Bumps containerd to v1.5.9 #612

merged 1 commit into from
Jan 6, 2022

Conversation

@jrussett
Copy link
Contributor

@jrussett jrussett commented Jan 6, 2022
edited
Loading

Addresses CVE-2021-43816

On installations ... with containerd since v1.5.0-beta.0 as the backing container runtime interface (CRI),
an unprivileged pod scheduled to the node may bind mount, via hostPath volume, any privileged,
regular file on disk for complete read/write access (sans delete).

Thank you for submitting a pull request to the diego-release repository. We appreciate the contribution. To help us with getting better context for the pull request please follow these guidelines:

Please make sure to complete the following steps

  • Before PR Submission, Submit an issue for either an Enhancement or Bug
  • Check the Contributing document on how to sign the CLA and run tests in diego-release.
  • Make sure a pull request is done against the develop branch.

Issue Link

#613

Thank you!

@jrussett
Bumps containerd to v1.5.9 (#613)
2727d57 
Addresses [CVE-2021-43816](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43816)

> On installations ... with containerd since v1.5.0-beta.0 as the backing container runtime interface (CRI),
> an unprivileged pod scheduled to the node may bind mount, via hostPath volume, any privileged,
> regular file on disk for complete read/write access (sans delete).

[#180828310](https://www.pivotaltracker.com/story/show/180828310)
@jrussett jrussett force-pushed the bump-containerd-to-v1.5.9 branch from 7246695 to 2727d57 Compare January 6, 2022 19:13
@jrussett jrussett changed the title Bumps containerd to v1.5.9 Bumps containerd to v1.5.9 (#613) Jan 6, 2022
@jrussett jrussett changed the title Bumps containerd to v1.5.9 (#613) Bumps containerd to v1.5.9 Jan 6, 2022
@jrussett jrussett merged commit 36cf346 into develop Jan 6, 2022
@geofffranks geofffranks deleted the bump-containerd-to-v1.5.9 branch March 16, 2022 14:22
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jrussett