containerd

Author	SHA1	Message	Date
Sebastiaan van Stijn	e0a6f9c7d0	update to go 1.16.15, 1.17.8 to address CVE-2022-24921 Addresses [CVE-2022-24921](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24921) go 1.16.15 -------------------- go1.16.15 (released 2022-03-03) includes a security fix to the regexp/syntax package, as well as bug fixes to the compiler, runtime, the go command, and to the net package. See the Go 1.16.15 milestone on the issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.16.15+label%3ACherryPickApproved full diff: https://github.com/golang/go/compare/go1.16.14...go1.16.15 go 1.17.8 -------------------- go1.17.8 (released 2022-03-03) includes a security fix to the regexp/syntax package, as well as bug fixes to the compiler, runtime, the go command, and the crypto/x509, and net packages. See the Go 1.17.8 milestone on the issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.17.8+label%3ACherryPickApproved full diff: https://github.com/golang/go/compare/go1.17.7...go1.17.8 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2022-03-04 16:53:51 +01:00
Sebastiaan van Stijn	f261498e0e	Update Go to 1.16.14, 1.17.7 Includes security fixes for crypto/elliptic (CVE-2022-23806), math/big (CVE-2022-23772), and cmd/go (CVE-2022-23773). go1.17.7 (released 2022-02-10) includes security fixes to the crypto/elliptic, math/big packages and to the go command, as well as bug fixes to the compiler, linker, runtime, the go command, and the debug/macho, debug/pe, and net/http/httptest packages. See the Go 1.17.7 milestone on our issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.17.7+label%3ACherryPickApproved full diff: https://github.com/golang/go/compare/go1.17.6...go1.17.7 Update Go to 1.17.6 go1.17.6 (released 2022-01-06) includes fixes to the compiler, linker, runtime, and the crypto/x509, net/http, and reflect packages. See the Go 1.17.6 milestone on our issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.17.6+label%3ACherryPickApproved Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2022-02-15 16:28:23 +01:00
Sebastiaan van Stijn	0e472420bf	Update Go to 1.17.5 go1.17.5 (released 2021-12-09) includes security fixes to the syscall and net/http packages. See the Go 1.17.5 milestone on the issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.17.5+label%3ACherryPickApproved Update Go to 1.17.4 -------------------- go1.17.4 (released 2021-12-02) includes fixes to the compiler, linker, runtime, and the go/types, net/http, and time packages. See the Go 1.17.4 milestone on the issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.17.4+label%3ACherryPickApproved Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2021-12-12 01:25:02 +01:00
Derek McGowan	5df9ec3665	Update release name to use consistent format Signed-off-by: Derek McGowan <derek@mcg.dev>	2021-11-18 13:48:47 -08:00
Brian Goff	be84932e11	Rename release dockerfile to omit distro name Signed-off-by: Brian Goff <cpuguy83@gmail.com>	2021-11-11 20:06:49 +00:00
Brian Goff	27d7c50384	Add arm64 to releases This moves all the release builds into a Dockerfile which is a bit cleaner for setting up our build environment. Non-linux/amd64 builds are cross-compiled. Currently onlinux linux/amd64, linux/arm64, and windows/amd64 are supported, but is easy to add more, provided their is a cross-compile toolchain available for it. Signed-off-by: Brian Goff <cpuguy83@gmail.com>	2021-11-11 20:00:34 +00:00
Sebastiaan van Stijn	869ccc01c1	Update Go to 1.17.3 go1.17.3 (released 2021-11-04) includes security fixes to the archive/zip and debug/macho packages, as well as bug fixes to the compiler, linker, runtime, the go command, the misc/wasm directory, and to the net/http and syscall packages. See the Go 1.17.3 milestone on our issue tracker for details. From the announcement e-mail: [security] Go 1.17.3 and Go 1.16.10 are released We have just released Go versions 1.17.3 and 1.16.10, minor point releases. These minor releases include two security fixes following the security policy: - archive/zip: don't panic on (*Reader).Open Reader.Open (the API implementing io/fs.FS introduced in Go 1.16) can be made to panic by an attacker providing either a crafted ZIP archive containing completely invalid names or an empty filename argument. Thank you to Colin Arnott, SiteHost and Noah Santschi-Cooney, Sourcegraph Code Intelligence Team for reporting this issue. This is CVE-2021-41772 and Go issue golang.org/issue/48085. - debug/macho: invalid dynamic symbol table command can cause panic Malformed binaries parsed using Open or OpenFat can cause a panic when calling ImportedSymbols, due to an out-of-bounds slice operation. Thanks to Burak Çarıkçı - Yunus Yıldırım (CT-Zer0 Crypttech) for reporting this issue. This is CVE-2021-41771 and Go issue golang.org/issue/48990. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2021-11-05 12:46:33 +01:00
Sebastiaan van Stijn	de1a39bf32	Update Go to 1.17.2 go1.17.2 (released 2021-10-07) includes a security fix to the linker and misc/wasm directory, as well as bug fixes to the compiler, the runtime, the go command, and to the time and text/template packages. See the Go 1.17.2 milestone on our issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.17.2+label%3ACherryPickApproved Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2021-10-08 15:26:34 +02:00
Phil Estes	73dbbf5bfa	Update to Go 1.17.1 Signed-off-by: Phil Estes <estesp@amazon.com>	2021-09-14 09:12:00 -04:00
Phil Estes	f8602c3725	Update to Go 1.17 Signed-off-by: Phil Estes <estesp@amazon.com>	2021-08-17 12:27:39 -04:00
Sebastiaan van Stijn	42a28ad2ca	Update Go to 1.16.7 go1.16.7 (released 2021-08-05) includes a security fix to the net/http/httputil package, as well as bug fixes to the compiler, the linker, the runtime, the go command, and the net/http package. See the Go 1.16.7 milestone on the issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.16.7+label%3ACherryPickApproved Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2021-08-07 18:07:50 +02:00
Sunghoon Kang	d62d6c11dc	Split release steps into multiple tasks Signed-off-by: Sunghoon Kang <hoon@linecorp.com>	2021-07-28 18:42:54 +09:00
Sunghoon Kang	b4807122d2	Update release workflow to upload binary without CNI Unlike [containerd/cri](https://github.com/containerd/cri) releases (https://storage.googleapis.com/cri-containerd-release), current release workflow doesn't publish binaries without CNI. Signed-off-by: Sunghoon Kang <hoon@linecorp.com>	2021-07-28 16:56:37 +09:00
Akihiro Suda	e72046f86b	Update Go to 1.16.6 Release notes: https://golang.org/doc/devel/release#go1.16 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2021-07-13 14:05:37 +09:00
Kazuyoshi Kato	4c6e4a06ff	gha: make release workflow work in forks Fixes #5098. Signed-off-by: Kazuyoshi Kato <katokazu@amazon.com>	2021-07-02 16:16:02 -07:00
Jintao Zhang	79d800b9b0	Update Go to 1.16.4 fix [#45710](https://github.com/golang/go/issues/45710) and CVE-2021-31525. Signed-off-by: Jintao Zhang <zhangjintao9020@gmail.com>	2021-05-07 07:07:09 +08:00
Mike Brown	b56527cb7e	update seccomp version Signed-off-by: Mike Brown <brownwm@us.ibm.com>	2021-05-03 19:36:16 -05:00
Derek McGowan	5d2e8e86d7	Revert "Release artifacts for Linux ARM64" This reverts commit `cdd0758534`. Signed-off-by: Derek McGowan <derek@mcg.dev>	2021-04-29 15:05:59 -07:00
Derek McGowan	7942ae68b1	Revert "Specify seccomp target arch for CC" This reverts commit `969ec89493`. Signed-off-by: Derek McGowan <derek@mcg.dev>	2021-04-29 15:05:54 -07:00
Brian Goff	969ec89493	Specify seccomp target arch for CC seccomp's build scripts require setting the target arch that will be built when cross compiling. Signed-off-by: Brian Goff <cpuguy83@gmail.com>	2021-04-28 17:07:44 +00:00
Ciprian Hacman	cdd0758534	Release artifacts for Linux ARM64 Signed-off-by: Ciprian Hacman <ciprian@hakman.dev>	2021-04-22 06:50:22 +03:00
Phil Estes	56512cca7b	Merge pull request #4741 from thaJeztah/kudo_sudo gha: use sudo -E in some places to prevent dropping env-vars	2021-04-19 10:55:03 -04:00
Sebastiaan van Stijn	fbe1e140f2	Update Go to 1.16.3 go1.16.3 (released 2021/04/01) includes fixes to the compiler, linker, runtime, the go command, and the testing and time packages. See the Go 1.16.3 milestone on our issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.16.3+label%3ACherryPickApproved full diff: https://github.com/golang/go/compare/go1.16.2...go1.16.3 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2021-04-19 13:10:18 +02:00
Sebastiaan van Stijn	c1d1edbad9	gha: use sudo -E in some places to prevent dropping env-vars Using `-E` preserves environment variables, except for PATH, so PATH has to be manually set to match the current environment. I removed env-vars that were redundant (such as `GOPATH=$GOPATH`), which should be handled by `-E`. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2021-04-19 13:04:43 +02:00
Phil Estes	8cbef0fade	Update to Go 1.16.2 Signed-off-by: Phil Estes <estesp@amazon.com>	2021-03-12 09:59:01 -05:00
Phil Estes	c55492f8de	Update to Go 1.16.1 Signed-off-by: Phil Estes <estesp@amazon.com>	2021-03-11 09:03:09 -05:00
Akihiro Suda	d05f7bdf02	Merge pull request #5011 from thaJeztah/setup_go_v2	2021-02-06 00:39:31 +09:00
Sebastiaan van Stijn	129c67dc85	GHA: use setup-go@v2 https://github.com/actions/setup-go/tree/v2.1.3#v2 The V2 offers: - Adds GOBIN to the PATH - Proxy Support - stable input - Bug Fixes (including issues around version matching and semver) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2021-02-05 15:39:07 +01:00
Sebastiaan van Stijn	ec7d905f4e	Update to go 1.15.8 go1.15.8 (released 2021/02/04) includes fixes to the compiler, linker, runtime, the go command, and the net/http package. See the Go 1.15.8 milestone on the issue tracker for details. https://github.com/golang/go/issues?q=milestone%3AGo1.15.8+label%3ACherryPickApproved full diff: https://github.com/golang/go/compare/go1.15.7...go1.15.8 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2021-02-05 12:53:25 +01:00
Akihiro Suda	45265febd3	Bump Golang 1.15.7 Changes: https://golang.org/doc/devel/release.html#go1.15.minor Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2021-01-22 20:54:54 +09:00
Davanum Srinivas	b72534967e	Bump Golang 1.15.6 Changes: https://golang.org/doc/devel/release.html#go1.15 Signed-off-by: Davanum Srinivas <davanum@gmail.com>	2021-01-12 16:44:36 -05:00
Shengjing Zhu	819ac05f34	Fix hcsshim commit detection Hack with space in grep, so it won't match github.com/Microsoft/hcsshim/test Signed-off-by: Shengjing Zhu <zhsj@debian.org>	2020-12-01 01:34:14 +08:00
Phil Estes	159fb2e7e2	Update other actions for env/path CVE fix Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>	2020-11-17 14:20:48 -05:00
Akihiro Suda	af0a20a4d5	Bump Golang 1.15.5 Changes: https://golang.org/doc/devel/release.html#go1.15 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2020-11-16 14:36:35 +09:00
Derek McGowan	241be70250	Move github releases to use Makefile for cri release Signed-off-by: Derek McGowan <derek@mcg.dev>	2020-09-23 14:10:27 -07:00
Sebastiaan van Stijn	d1c8d98658	update to golang 1.15.2 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2020-09-11 09:21:25 +02:00
Derek McGowan	d2472ecc59	Add CRI release build Add installation scripts needed to generate CRI + CNI tar package on release. Update Github action release script to generate CRI release tarballs for Linux and Windows. Signed-off-by: Derek McGowan <derek@mcg.dev>	2020-08-11 09:16:38 -07:00
Sebastiaan van Stijn	55c9eade39	Bump Golang 1.13.15 full diff: https://github.com/golang/go/compare/go1.13.14...go1.13.15 go1.13.15 (released 2020/08/06) includes security fixes to the encoding/binary package. See the Go 1.13.15 milestone on the issue tracker for details. https://github.com/golang/go/issues?q=milestone%3AGo1.13.15+label%3ACherryPickApproved Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2020-08-08 15:07:28 +02:00
Phil Estes	5a190c7077	Remove seccomp/Linux deps steps in GH Actions Recent changes removed the need for libseccomp-dev when building containerd. The btrfs tools package is already installed on GH Actions runners and was already a no-op so the whole step can be removed. Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>	2020-07-31 11:25:26 -04:00
Sebastiaan van Stijn	089672fff4	Bump Golang 1.13.14 full diff: https://github.com/golang/go/compare/go1.13.13...go1.13.14 go1.13.14 (released 2020/07/16) includes fixes to the compiler, vet, and the database/sql, net/http, and reflect packages. See the Go 1.13.14 milestone on the issue tracker for details: https://github.com/golang/go/issues?q=milestone%3AGo1.13.14+label%3ACherryPickApproved Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2020-07-17 15:37:52 +02:00
Akihiro Suda	c520f819a2	Bump Go 1.13.13 Includes security fixes to the `crypto/x509` and `net/http` packages. https://github.com/golang/go/issues?q=milestone%3AGo1.13.13+label%3ACherryPickApproved Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2020-07-15 14:24:48 +09:00
Phil Estes	57a9f0b50d	Minor actions fixes/updates - always apt-get update before installing packages - move to tagged official create_release action The official GH create_release action now has support for body text from file. Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>	2020-07-01 14:27:10 -04:00
Akihiro Suda	1a83f9a638	Bump Golang 1.13.12 Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp>	2020-06-22 16:49:31 +09:00
Phil Estes	8fcd5a1f28	Streamline hcs shim release flow Improvements to acquire/build hcsshim from source in the release workflow. Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>	2020-06-04 12:23:50 -04:00
Phil Estes	8f959d569a	Merge pull request #4292 from cpuguy83/add_hcsshim_to_release_tar Add windows hcsshim to release pipeline	2020-06-04 08:56:09 -04:00
Brian Goff	2be80f9997	Add windows hcsshim to release pipeline Signed-off-by: Brian Goff <cpuguy83@gmail.com>	2020-06-03 11:10:33 -07:00
Phil Estes	2bc4e90f6f	Don't inadvertently clip release notes Specify a much larger linecount for extracting tag annotation from git. Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>	2020-05-28 17:54:08 -04:00
Phil Estes	bb2b2825b6	Add release GH Action triggered by signed tag This will check that the tag is signed and then checkout the tag, build official binaries, sha256sum the tarball, and upload those assets to the release, officially generating a release in GitHub from the signed tag. Signed-off-by: Phil Estes <estesp@linux.vnet.ibm.com>	2020-05-27 16:56:13 -04:00

48 Commits