Merge containerd from Debian unstable for noble
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| containerd (Ubuntu) |
Fix Released
|
Undecided
|
Lucas Kanashiro | ||
Bug Description
Upstream: tbd
Debian: 1.6.20~ds1-2 1.6.20~ds1-2
Ubuntu: 1.6.20~ds1-1ubuntu2
Debian new has 1.6.20~ds1-2, which may be available for merge soon.
If it turns out this needs a sync rather than a merge, please change the tag 'needs-merge' to 'needs-sync', and (optionally) update the title as desired.
### New Debian Changes ###
containerd (1.6.20~ds1-2) unstable; urgency=medium
* Backport patch for Go1.21
* Skip test adjusting oom score when initial is negative
* Add pkg.containerd.
To reduce delta with Ubuntu
-- Shengjing Zhu <email address hidden> Wed, 23 Aug 2023 13:48:17 +0800
containerd (1.6.20~ds1-1) unstable; urgency=medium
* New upstream version 1.6.20~ds1
* Bump golang-
* Bump golang-
-- Shengjing Zhu <email address hidden> Sat, 01 Apr 2023 01:27:11 +0800
containerd (1.6.18~ds1-1) unstable; urgency=medium
* New upstream version 1.6.18~ds1
+ CVE-2023-25153: OCI image importer memory exhaustion
+ CVE-2023-25173: Supplementary groups are not set up properly
* Install cni-bridge-fp to /usr/lib/cni in autopkgtest
-- Shengjing Zhu <email address hidden> Thu, 16 Feb 2023 07:16:20 +0800
containerd (1.6.17~ds1-1) unstable; urgency=medium
* New upstream version 1.6.17~ds1
* Add missing failpoint binaries in cri-integration autopkgtest
-- Shengjing Zhu <email address hidden> Sat, 11 Feb 2023 02:01:05 +0800
containerd (1.6.16~ds1-1) unstable; urgency=medium
* New upstream version 1.6.16~ds1
* Only track 1.6 LTS version in uscan watch file
* Drop 'Skip failed TestUpdateOCILi
https:/
-- Shengjing Zhu <email address hidden> Sun, 29 Jan 2023 03:07:20 +0800
containerd (1.6.14~ds1-1) unstable; urgency=medium
* New upstream version 1.6.14~ds1
* Update Standards-Version to 4.6.2 (no changes)
* Skip failed TestUpdateOCILi
-- Shengjing Zhu <email address hidden> Tue, 20 Dec 2022 10:30:50 +0800
containerd (1.6.13~ds1-1) unstable; urgency=medium
[ Benjamin Drung ]
* Bump golang-
* Let the dev package depend on golang-
`pkg/
therefore golang-
golang-
[ Shengjing Zhu ]
* New upstream version 1.6.13~ds1
-- Shengjing Zhu <email address hidden> Fri, 16 Dec 2022 02:42:08 +0800
containerd (1.6.12~ds1-1) unstable; urgency=medium
* New upstream version 1.6.12~ds1
+ CVE-2022-23471: CRI plugin: Fix goroutine leak during Exec
-- Shengjing Zhu <email address hidden> Thu, 08 Dec 2022 10:02:21 +0800
containerd (1.6.11~ds1-1) unstable; urgency=medium
* New upstream version 1.6.11~ds1
-- Shengjing Zhu <email address hidden> Wed, 07 Dec 2022 10:24:32 +0800
containerd (1.6.9~ds1-1) unstable; urgency=medium
* New upstream version 1.6.9~ds1
* Unvendor klog and go-logr
* Add golang-k8s-klog-dev to Build-Depends
-- Shengjing Zhu <email address hidden> Tue, 25 Oct 2022 02:52:23 +0800
containerd (1.6.8~ds1-1) unstable; urgency=medium
* New upstream version 1.6.8~ds1 (Closes: #1017917)
* Remove compatibility patch for
golang-
-- Shengjing Zhu <email address hidden> Tue, 23 Aug 2022 00:33:54 +0800
containerd (1.6.6~ds1-1) unstable; urgency=medium
* New upstream version 1.6.6~ds1
CVE-2022-31030: CRI plugin: Host memory exhaustion through ExecSync
* Update Standards-Version to 4.6.1 (no changes)
-- Shengjing Zhu <email address hidden> Tue, 07 Jun 2022 02:13:49 +0800
### Old Ubuntu Delta ###
containerd (1.6.20~
* d/p/0009-
-- Lucas Kanashiro <email address hidden> Wed, 21 Jun 2023 23:07:52 -0300
containerd (1.6.20~
* Merge from Debian unstable (LP: #2022390). Make src:containerd
follow Debian and src:containerd-app is going to ship the application with
vendorized dependencies so we can keep updating just the application across
all supported releases.
* Added changes:
- d/control: remove the binary paragraph for containerd.
- d/containerd.*: remove all packaging related files associated to the
containerd binary package.
- d/tests/
containerd binary package which is not provided by this source package
anymore.
- d/rules: remove execute_
content in the containerd binary package. Also avoid installing binaries
in the library package.
- d/golang-
is causing a FTBFS, no need to have it in place, the library files are
already installed correctly without it.
- d/golang-
be compliant with the Apache 2 license.
-- Lucas Kanashiro <email address hidden> Wed, 21 Jun 2023 11:53:33 -0300
Related branches
- git-ubuntu bot: Approve
- Athos Ribeiro (community): Approve
- Canonical Server Reporter: Pending requested
-
Diff: 350 lines (+57/-80)6 files modifieddebian/changelog (+53/-0)
debian/control (+2/-22)
debian/golang-github-containerd-containerd-dev.docs (+0/-2)
debian/rules (+2/-18)
debian/tests/control (+0/-20)
dev/null (+0/-18)
| Changed in containerd (Ubuntu): | |
| milestone: | none → ubuntu-23.12 |
| Changed in containerd (Ubuntu): | |
| assignee: | nobody → Lucas Kanashiro (lucaskanashiro) |
| Christian Ehrhardt (paelzer) wrote | #1 |
| Christian Ehrhardt (paelzer) wrote | #2 |
| Changed in containerd (Ubuntu): | |
| milestone: | ubuntu-23.12 → ubuntu-24.01 |
| Lucas Kanashiro (lucaskanashiro) wrote | #3 |
| Changed in containerd (Ubuntu): | |
| status: | New → In Progress |
| Launchpad Janitor (janitor) wrote | #4 |
| Changed in containerd (Ubuntu): | |
| status: | In Progress → Fix Released |
We are ahead anyway
containerd | 1.7.2-0ubuntu2 | noble | amd64, arm64, armhf, ppc64el, riscv64, s390x
Plus having backported that to Focal and later.
But FYI CPC had an interest in 1.7.11 or later (released in December 2023) - if that seems doable I'm sure they' appreciate.