SEARCH
NEW RPMS
DIRECTORIES
ABOUT
FAQ
VARIOUS
BLOG

 
 
Changelog for cri-o-1.10.6-6.2.x86_64.rpm :
Tue Dec 18 13:00:00 2018 jmassaguerplaAATTsuse.com
- Update go requirements to >= go1.10.6 to fix

* bsc#1118897 CVE-2018-16873
go#29230 cmd/go: remote command execution during \"go get -u\"

* bsc#1118898 CVE-2018-16874
go#29231 cmd/go: directory traversal in \"go get\" via curly braces in import paths

* bsc#1118899 CVE-2018-16875
go#29233 crypto/x509: CPU denial of service

Wed Nov 7 13:00:00 2018 Valentin Rothberg
- Set NOFILE and NPROC limit to 1048576 to align with Docker/containerd
and the upstream unit file.
Fix bsc#1112980

Tue Jul 10 14:00:00 2018 vrothbergAATTsuse.com
- Update cri-o to v1.10.6:

* mask /proc/{acpi,keys}
bsc#1100838

* fix race between container create and cadvisor asking for info

Mon Jul 2 14:00:00 2018 vrothbergAATTsuse.com
- Update cri-o to v1.10.5:

* Reduce amount of logs being printed by default

* Update to latest ocicni

Wed Jun 27 14:00:00 2018 vrothbergAATTsuse.com
- Update cri-o to v1.10.4:

* network: Fix manage NetworkNS lifecycle

* sandbox_run: fix selinux relabel sharing

* container_create: more selinux relabel fixes

* container_create: correctly relabel mounts when asked

Mon Jun 18 14:00:00 2018 vrothbergAATTsuse.com
- Update cri-o to v1.10.3:

* container_portforward: add support for short pod IDs

* container_create: no privileged container if not privileged sandbox

* container_create: always mount sysfs as rw for privileged containers

* container_create: set rw for privileged containers

* conmon: on a flush error discard the iov buffer

Fri Jun 15 14:00:00 2018 vrothbergAATTsuse.com
- Update cri-o to v1.10.2:

* various improvements to conmon

* oci: avoid race on container stop

* image: Let size be calculated dynamically

* Add support for short IDs for exec and attach

* Make network namespace lifecycle management optional

* container_exec: Fix terminal setting for exec

* oci: Force kill the container process only if nothing else worked

* Add extra info to verbose requests to PodSandboxStatus

* Make conmon and crio share the same constants

* conmon: catch SIGTERM, SIGINT and SIQUIT

* Invalidate cache by building fresh one and replacing previous all at once

* Enable per pod PID namespace setting

* Make the /opt/cni mount rw

* conmon: add new option --version

* oci: Copy-edits for waitContainerStop chControl comment

* system container: add /var/tmp as RW

* container_status: expose LogPath as requested by the CRI

* container_create: only bind mount /etc/hosts if not provided by k8s

* kubernetes: Simplify and freshen the required-files table

* Report an warning when no stages are defined for a hook

Mon Jun 11 14:00:00 2018 vrothbergAATTsuse.com
- Use actual tag for v1.9.13. Upstream missed to set a tag and the
last revision mistakenly set it to v1.9.14-dev instead of v1.9.13.

Thu Jun 7 14:00:00 2018 vrothbergAATTsuse.com
- Update cri-o to v1.9.13:

* runtime_status: report correct network status

* container_status: expose LogPath as requested by the CRI
bsc#1095154

Tue Jun 5 14:00:00 2018 dcassanyAATTsuse.com
- Refactor %license usage to a simpler form

Mon Jun 4 14:00:00 2018 dcassanyAATTsuse.com
- Make use of %license macro

Fri May 4 14:00:00 2018 ndasAATTsuse.de
- use correct path for runc

Thu Apr 12 14:00:00 2018 fcastelliAATTsuse.com
- Put cri-o deamon under the podruntime slice. This the recommended
deployment to allow fine resource control on Kubernetes.
bsc#1086185

Wed Apr 11 14:00:00 2018 vrothbergAATTsuse.com
- Update cri-o to v1.9.11:

* oci: avoid race on container stop

* server/sandbox_stop: Pass context through StopAllPodSandboxes

* conmon: Add container ID to syslog

* Add logging support for base condition in debug

* Simplify filter block

* Specifying a filter with no filtering expressions is now idempotent

* Add methods for listing and fetching container stats

* Implement the stats for the image_fs_info command

* Return error for container exec

Thu Mar 15 13:00:00 2018 vrothbergAATTsuse.com
- Require cni and cni-plugins to enable container networking.
feature#crio

Thu Mar 15 13:00:00 2018 vrothbergAATTsuse.com
- Update cri-o to v1.9.10:

* conmon: Avoid strlen in logging path

* conmon: Remove info logs

* container_exec: Fix terminal setting for exec

Mon Mar 12 13:00:00 2018 vrothbergAATTsuse.com
- Update cri-o to v1.9.9:

* sandbox_stop: Call CNI stop before stopping pod infra container

Thu Mar 8 13:00:00 2018 vrothbergAATTsuse.com
- Remove the crio-shutdown.service. It does not have any effect when
shutting down crio and also isn\'t shipped on Fedora.
- crio-shutdown.service

Mon Mar 5 13:00:00 2018 vrothbergAATTsuse.com
- crio.conf: update default socket to /var/run/crio/crio.sock as suggested
by upstream.

Mon Mar 5 13:00:00 2018 vrothbergAATTsuse.com
- Update cri-o to v1.9.8:

* system_containers: Update mounts

* execsync: Set terminal to true when we pass -t to conmon

* Make network namespace pinning optional

* Add context to net ns symlink removal errors

* Make the /opt/cni mount rw

* sandbox_stop: close/remove the netns _after_ stopping the containers

* sandbox net: set netns closed after actaully closing it

Mon Mar 5 13:00:00 2018 vrothbergAATTsuse.com
- Configuration files should generally be tagged as %config(noreplace) in order
to keep the modified config files and to avoid losing data when the package
is being updated.

Sat Mar 3 13:00:00 2018 vrothbergAATTsuse.com
- Remove empty filter rule from cri-o-rpmlintrc, which was mistakenly
masking a few warnings, some of which have been fixed, others need
to be filtered. conmon and pause are not compiled with -fpie anymore
to align with what upstream does; linking fails when done properly.

Fri Mar 2 13:00:00 2018 fcastelliAATTsuse.com
- Update minimum version of the Go compiler required

Fri Mar 2 13:00:00 2018 fcastelliAATTsuse.com
- Add missing runtime dependencies: socat, iptables, iproute

Wed Feb 28 13:00:00 2018 vrothbergAATTsuse.com
- Change the installation path of conmon and pause from
/usr/lib/crio to /usr/lib/crio/bin in order to align with upstream
requirements.
- Update crio.conf to the reflect the new path of conmon and set the correct
path of CNI plugins (i.e., /usr/lib/cni).

Tue Feb 20 13:00:00 2018 vrothbergAATTsuse.com
- Update cri-o to v1.9.6:

* vendor: update c/image to handle text/plain from registries
Fixes cases where text/plain s1 schemes are mistakenly converted
to MIME.

Sun Feb 18 13:00:00 2018 jengelhAATTinai.de
- Let description say what the package really does.

Fri Feb 16 13:00:00 2018 vrothbergAATTsuse.com
- Update cri-o to v1.9.5:

* system container: add /var/tmp as RW

* container_create: correctly set user

* imageService: cache information about images

* image: Add lock around image cache access

Fri Feb 16 13:00:00 2018 vrothbergAATTsuse.com
- Cleanup version-update related changelogs to only keep log entries of
changes that are visible and important to the user, and the project.

Mon Feb 12 13:00:00 2018 vrothbergAATTsuse.com
- Add requirements to libcontainers-{common,image,storage}.
- Run spec-cleaner on cri-o.spec.

Mon Feb 12 13:00:00 2018 vrothbergAATTsuse.com
- Update cri-o to v1.9.3:

* Be more diligent about cleaning up failed-to-create containers

* Use crictl instead of crioctl in image integration tests

* Handle truncated IDs in imageService.ResolveNames()

* Switch to ImageServer.UntagImage in RemoveImage handler

* Return image references from the storage package

* storage: API fixups

Fri Feb 9 13:00:00 2018 vrothbergAATTsuse.com
- Use golang-packaging macro for binary stripping.
- Use -buildmode=pie for compilation.
- The update to 1.9.0+ removes the crioctl binary. The crictl binary from
cri-tools should be used instead.
- Update cri-o to v1.9.2:

* sandbox: fix sandbox logPath when crio restarts

* Adapt to recent containers/image API updates

* container_create: only bind mount /etc/hosts if not provided by k8s

* container_attach: Ensure ctl file is closed

* lib,oci: drop stateLock when possible

* container_exec: fix terminal true process json

* container_create: fix apparmor from container config

* container_create: correctly set image and kube envs

* oci: do not append conmon env to container process

* container_exec: use process file with runc exec

* drop crioctl source code

* conmon: Add support for partial/newline log tags

* image_pull: fix image resolver

* Add /proc/scsi to masked paths

* replace crioctl with crictl

* replace crioctl in e2e with crictl

* Move crio default sock to /var/run/crio/crio.sock

* container_create: set the seccomp profile in the container object

Mon Feb 5 13:00:00 2018 vrothbergAATTsuse.com
- Fix libostree-devel %if condition for TW, Leap 15+ and SLES 15+.

Thu Feb 1 13:00:00 2018 vrothbergAATTsuse.com
- Use `%fdupes %buildroot/%_prefix` since `fdupes %buildroot` is not allowedv
because you cannot make hardlinks between certain partitions.

Wed Jan 31 13:00:00 2018 vrothbergAATTsuse.com
- Source the cri-o-rpmlintrc the spec file.

Tue Jan 30 13:00:00 2018 vrothbergAATTsuse.com
- Add cri-o package: CRI-O is meant to provide an integration path between OCI
conformant runtimes and the kubelet. Specifically, it implements the Kubelet
Container Runtime Interface (CRI) using OCI conformant runtimes. The scope of
CRI-O is tied to the scope of the CRI.


 
ICM