Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Release v1.1.15 #4422

Open
wants to merge 3 commits into
base: release-1.1
Choose a base branch
from
+22 −4
Open

Release v1.1.15 #4422

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
2790485
CHANGELOG: Remove empty changed line
rata Oct 2, 2024
bc20cb4
VERSION: release 1.1.15
rata Oct 2, 2024
9f4baaa
VERSION: back to development
rata Oct 2, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 21 additions & 3 deletions CHANGELOG.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -6,12 +6,31 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0

## [Unreleased 1.1.z]

## [1.1.15] - 2024-10-07
kolyshkin marked this conversation as resolved.
Show resolved Hide resolved

> How, dear sir, did you cross the flood? By not stopping, friend, and by not
> straining I crossed the flood.

### Fixed

* The `-ENOSYS` seccomp stub is now always generated for the native
architecture that `runc` is running on. This is needed to work around some
arguably specification-incompliant behaviour from Docker on architectures
such as ppc64le, where the allowed architecture list is set to `null`. This
ensures that we always generate at least one `-ENOSYS` stub for the native
architecture even with these weird configs. (#4391)
* On a system with older kernel, reading `/proc/self/mountinfo` may skip some
entries, as a consequence runc may not properly set mount propagation,
causing container mounts leak onto the host mount namespace. (#2404, #4425)

### Removed

* In order to fix performance issues in the "lightweight" bindfd protection
against [CVE-2019-5736], the temporary `ro` bind-mount of `/proc/self/exe`
has been removed. runc now creates a binary copy in all cases. (#4392, #2532)

[CVE-2019-5736]: https://www.openwall.com/lists/oss-security/2019/02/11/2

## [1.1.14] - 2024-09-03

> 年を取っていいことは、驚かなくなることね。
Expand All @@ -34,8 +53,6 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
(#4370, #4382)
* rootfs: consolidate mountpoint creation logic. (#4359)

### Changed

## [1.1.13] - 2024-06-13

> There is no certainty in the world. This is the only certainty I have.
Expand Down Expand Up @@ -568,7 +585,8 @@ implementation (libcontainer) is *not* covered by this policy.
[1.0.1]: https://github.com/opencontainers/runc/compare/v1.0.0...v1.0.1

<!-- 1.1.z patch releases -->
[Unreleased 1.1.z]: https://github.com/opencontainers/runc/compare/v1.1.14...release-1.1
[Unreleased 1.1.z]: https://github.com/opencontainers/runc/compare/v1.1.15...release-1.1
[1.1.15]: https://github.com/opencontainers/runc/compare/v1.1.14...v1.1.15
[1.1.14]: https://github.com/opencontainers/runc/compare/v1.1.13...v1.1.14
[1.1.13]: https://github.com/opencontainers/runc/compare/v1.1.12...v1.1.13
[1.1.12]: https://github.com/opencontainers/runc/compare/v1.1.11...v1.1.12
Expand Down
2 changes: 1 addition & 1 deletion VERSION
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1 +1 @@
1.1.14+dev
1.1.15+dev
Loading