[ubuntu/bionic-security] containerd 1.5.2-0ubuntu1~18.04.2 (Accepted)
Marc Deslauriers
marc.deslauriers at canonical.com
Tue Jul 20 10:47:02 UTC 2021
containerd (1.5.2-0ubuntu1~18.04.2) bionic-security; urgency=medium
* SECURITY UPDATE: unexpected host file permission changes
- debian/patches/1.5-Cleanup-lchmod-logic-in-archive.patch: cleanup
lchmod logic in archive in archive/tar.go, archive/tar_freebsd.go,
archive/tar_mostunix.go, archive/tar_test.go, archive/tar_unix.go,
archive/tar_windows.go.
- No CVE number yet
containerd (1.5.2-0ubuntu1~18.04.1) bionic; urgency=medium
* New upstream release, backport from Impish (LP: #1931464).
* d/p/skip-tests-with-privilege.patch: add a patch to skip tests which
require a certain level of privilege not achievable in the build
environment.
* d/rules: set GO111MODULE variable to off to avoid Internet connection.
containerd (1.4.4-0ubuntu1~18.04.2) bionic; urgency=medium
* d/control: Create transitional package golang-github-docker-containerd-dev
for golang-github-containerd-containerd-dev.
* d/golang-github-docker-containerd-dev.install: Remove file.
containerd (1.4.4-0ubuntu1~18.04.1) bionic; urgency=medium
* Backport version 1.4.4-0ubuntu1 from Hirsute (LP: #1919322).
- d/control: update Breaks docker.io version to match version in Bionic.
- d/control: do not b-d on libbtrfs-dev, it is not available in Bionic.
- d/control: b-d on golang-13-go instead of the default.
containerd (1.4.4-0ubuntu1) hirsute; urgency=medium
* New upstream release.
- It contains a fix for CVE-2021-21334 along with various other minor
issues.
* Refresh preserve-debug-info.patch
* d/rules: set GO111MODULE to auto. In Go 1.16, which is the default in
Hirsute now, the packages are built in module-aware mode. Since containerd
does not have a go.mod file in its source tree it FTBFS. Setting GO111MODULE
to auto we can have the previous behavior which is enable module-aware mode
only if the go.mod file exists.
containerd (1.4.3-0ubuntu1) hirsute; urgency=medium
* New upstream release.
* Drop patches applied by upstream.
- d/p/4134-update-etcd-bbolt.patch
- d/p/4277-fix-build-on-riscv64.patch
- d/p/e859b8a-gc-increase-sleep-time-in-test.patch
- d/p/CVE-2020-15257.patch
* Update the copyright file.
* Build depend on default Golang version in all architectures.
containerd (1.3.7-0ubuntu5) hirsute; urgency=medium
* d/control: add a Breaks for docker.io lower than 19.03.13-0ubuntu4.
See LP #1870514. The previous versions stop the docker daemon when a
containerd update is performed, this Breaks statement will make sure we
have a newer version which has the appropriate fix.
containerd (1.3.7-0ubuntu4) hirsute; urgency=medium
* SECURITY UPDATE: Elevation of privilege vulnerability
- debian/patches/CVE-2020-15257.patch: Use path based unix socket for shims
and use path-based unix socket for containerd-shim.
- CVE-2020-15257
containerd (1.3.7-0ubuntu3) groovy; urgency=medium
* Build with Go 1.14 on riscv64 as 1.13 does not exist here. Adventurous
riscv64 users can deal with any breakage :)
containerd (1.3.7-0ubuntu2) groovy; urgency=medium
[ Tianon Gravi ]
* Build using Go 1.13 (per upstream)
* Use dh-golang to generate appropriate Built-Using
containerd (1.3.7-0ubuntu1) groovy; urgency=medium
* New upstream release.
containerd (1.3.6-0ubuntu1) groovy; urgency=medium
* New upstream release.
* d/rules: remove vendor directory from the library package
containerd (1.3.4-0ubuntu6) groovy; urgency=medium
* d/control: remove the golang-race-detector-runtime build dependency as the
package is no longer built from source with latest golang.
containerd (1.3.4-0ubuntu5) groovy; urgency=medium
* Rename install file to match the new binary package name
containerd (1.3.4-0ubuntu4) groovy; urgency=medium
* d/control: rename binary package with dev files and update
XS-Go-Import-Path. Now it is called
golang-github-containerd-containerd-dev instead of
golang-github-docker-containerd-dev.
containerd (1.3.4-0ubuntu3) groovy; urgency=medium
* Add a patch to fix the gc/scheduler flaky test on riscv64
containerd (1.3.4-0ubuntu2) groovy; urgency=medium
* Add a patch to not use -buildmode=pie on riscv64
* d/rules: check for DEB_BUILD_ARCH to set variables to build on riscv64
containerd (1.3.4-0ubuntu1) groovy; urgency=medium
* New upstream release.
* d/p/0001-Improve-host-fallback-behaviour-in-docker-remote.patch: drop
patch applied by upstream.
* debian/control: update Vcs-{Git,Broswer} to point to the Github repository.
* d/p/update_go.etcd.io_bbolt_to_v1.3.4.patch: update go.etcd.io/bbolt to
version 1.3.4 to fix a FTBFS against Go 1.14.
* d/rules: disable btrfs plugin on riscv64, it needs cgo and riscv64 doesn't
support.
containerd (1.3.3-0ubuntu2) focal; urgency=high
* d/p/0001-Improve-host-fallback-behaviour-in-docker-remote.patch:
Fixes regression introduced in 1.3.3 update, LP: #1867398.
containerd (1.3.3-0ubuntu1) focal; urgency=medium
* New upstream version.
containerd (1.3.2-0ubuntu1) focal; urgency=medium
[ Tianon Gravi ]
* Use "sed" to adjust upstream's service file ExecStart value
* Update to 1.3.2 upstream release
[ Michael Hudson-Doyle ]
* d/patches/preserve-debug-info.patch: generate binaries with debug info in
them so we still get ddebs.
containerd (1.3.1-0ubuntu1) focal; urgency=medium
* Update to 1.3.1 upstream release (LP: #1854841)
containerd (1.2.10-0ubuntu1) eoan; urgency=medium
* New upstream release.
containerd (1.2.9-0ubuntu1) eoan; urgency=medium
* New upstream release.
* Set GOCACHE to a safely-writeable directory during build.
containerd (1.2.6-0ubuntu1) disco; urgency=medium
* New upstream release.
Date: 2021-07-13 17:59:09.416892+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
https://launchpad.net/ubuntu/+source/containerd/1.5.2-0ubuntu1~18.04.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Bionic-changes
mailing list