Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update containerd to 1.5.8 to mitigate CVEs #12988

Closed
spowelljr opened this issue Nov 19, 2021 · 2 comments · Fixed by #13105
Closed

Update containerd to 1.5.8 to mitigate CVEs #12988

spowelljr opened this issue Nov 19, 2021 · 2 comments · Fixed by #13105
Assignees
@klaases
Labels
kind/security security issues priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release.
Milestone
1.25.0

Comments

@spowelljr
Copy link
Member

We're currently using containerd v1.5.2 in minikube, which is vulnerable to CVE-2021-41190 & CVE-2021-41103, updating to v1.5.8 will mitigate those.
@spowelljr spowelljr added priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release. kind/security security issues labels Nov 19, 2021
@spowelljr spowelljr added this to the 1.25.0 milestone Nov 19, 2021
@afbjorklund
Copy link
Collaborator

afbjorklund commented Nov 19, 2021
edited
Loading

Should be a matching 1.4.x as well, if we want to upgrade the docker-containerd.

https://docs.docker.com/engine/release-notes/

20.10.11

@klaases
Copy link
Contributor

klaases commented Nov 19, 2021

/assign

@klaases klaases mentioned this issue Dec 6, 2021
Merged
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@klaases klaases

Labels
kind/security security issues priority/important-soon Must be staffed and worked on either currently, or very soon, ideally in time for the next release.
Projects
None yet
Milestone
1.25.0
Development

Successfully merging a pull request may close this issue.

Update containerd to v1.5.8 klaases/minikube
3 participants
@afbjorklund @spowelljr @klaases