update containerd binary to v1.4.4
full diff: https://github.com/containerd/containerd/compare/v1.4.3...v1.4.4
Release notes:
The fourth patch release for `containerd` 1.4 contains a fix for CVE-2021-21334
along with various other minor issues.
See [GHSA-36xw-fx78-c5r4](https://github.com/containerd/containerd/security/advisories/GHSA-36xw-fx78-c5r4)
for more details related to CVE-2021-21334.
Notable Updates
- Fix container create in CRI to prevent possible environment variable leak between containers
- Update shim server to return grpc NotFound error
- Add bounds on max `oom_score_adj` value for shim's AdjustOOMScore
- Update task manager to use fresh context when calling shim shutdown
- Update Docker resolver to avoid possible concurrent map access panic
- Update shim's log file open flags to avoid containerd hang on syscall open
- Fix incorrect usage calculation
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 1a493934033919b91c4e471638ac1a8bbc5792c5)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Sebastiaan van Stijn authored on 2021/03/08 23:27:26Showing 1 changed files
| ... | ... |
@@ -4,7 +4,7 @@ set -e |
| 4 | 4 |
# containerd is also pinned in vendor.conf. When updating the binary |
| 5 | 5 |
# version you may also need to update the vendor version to pick up bug |
| 6 | 6 |
# fixes or new APIs. |
| 7 |
-: "${CONTAINERD_COMMIT:=269548fa27e0089a8b8278fc4fc781d7f65a939b}" # v1.4.3
|
|
| 7 |
+: "${CONTAINERD_COMMIT:=05f951a3781f4f2c1911b05e61c160e9c30eaa8e}" # v1.4.4
|
|
| 8 | 8 |
|
| 9 | 9 |
install_containerd() ( |
| 10 | 10 |
echo "Install containerd version $CONTAINERD_COMMIT" |