github.com/demonoid81/containerd@v1.3.4/releases/v1.3.3.toml (about) 1 # commit to be tagged for new release 2 commit = "HEAD" 3 4 project_name = "containerd" 5 github_repo = "containerd/containerd" 6 match_deps = "^github.com/(containerd/[a-zA-Z0-9-]+)$" 7 8 # previous release 9 previous = "v1.3.2" 10 11 pre_release = false 12 13 preface = """\ 14 The third patch release for `containerd` 1.3 includes a few runtime fixes and 15 important dependency updates. 16 17 ### Runtime 18 19 * Close platform in runc's shim Shutdown method [containerd/containerd#3907](https://github.com/containerd/containerd/pull/3907) 20 * Fix eventfd leak [containerd/containerd#3961](https://github.com/containerd/containerd/pull/3961) 21 22 ### API 23 24 * Fix API filters to properly handle and return parse errors [containerd/containerd#3950](https://github.com/containerd/containerd/pull/3950) 25 26 ### Other Updates 27 28 * Update the runc vendor to v1.0.0-rc10 which includes a mitigation for [CVE-2019-19921](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19921). 29 * Update the opencontainers/selinux which includes a mitigation for [CVE-2019-16884](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16884). 30 * Update Golang runtime to 1.12.16, mitigating the [CVE-2020-0601](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0601) certificate verification bypass on Windows, and [CVE-2020-7919](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-7919), which only affects 32-bit architectures. 31 * Update Golang runtime to 1.12.15, which includes a fix to the runtime (Go 1.12.14, Go 1.12.15) and and the `net/http` package (Go 1.12.15) 32 * Update the `gopkg.in/yaml.v2` vendor to v2.2.8 with a mitigation for [CVE-2019-11253](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11253) 33 """ 34 35 # notable prs to include in the release notes, 1234 is the pr number 36 [notes] 37 38 [breaking]