Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
[19.03] Update containerd binary to v1.2.12
full diff: containerd/containerd@v1.2.11...v1.2.12 Welcome to the v1.2.12 release of containerd! The twelfth patch release for containerd 1.2 includes an updated runc with a fix for CVE-2019-19921, an updated version of the opencontainers/selinux dependency, which includes a fix for CVE-2019-16884, an updated version of the gopkg.in/yaml.v2 dependency to address CVE-2019-11253, and a Golang update. Notable Updates - Update the runc vendor to v1.0.0-rc10 which includes a mitigation for CVE-2019-19921. - Update the opencontainers/selinux which includes a mitigation for CVE-2019-16884. - Update Golang runtime to 1.12.16, mitigating the CVE-2020-0601 certificate verification bypass on Windows, and CVE-2020-7919, which only affects 32-bit architectures. - Update Golang runtime to 1.12.15, which includes a fix to the runtime (Go 1.12.14, Go 1.12.15) and and the net/http package (Go 1.12.15) - A fix to prevent SIGSEGV when starting containerd-shim containerd/containerd#3960 - Fixes to exec containerd/containerd#3755 - Prevent docker exec hanging if an earlier docker exec left a zombie process - Prevent High system load/CPU utilization with liveness and readiness probes - Prevent Docker healthcheck causing high CPU utilization CRI fixes: - Update the gopkg.in/yaml.v2 vendor to v2.2.8 with a mitigation for CVE-2019-11253 API - Fix API filters to properly handle and return parse errors containerd/containerd#3950 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
- Loading branch information