• CRI-O v1.24.3
  • Downloads
  • Changelog since v1.24.2
    • Changes by Kind
      • Feature
      • Bug or Regression
      • Uncategorized
  • Dependencies
    • Added
    • Changed
    • Removed

CRI-O v1.24.3

The release notes have been generated for the commit range v1.24.2…ae53655 on Mon, 05 Dec 2022 20:04:48 UTC.

Downloads

Download one of our static release bundles via our Google Cloud Bucket:

• cri-o.amd64.ae536552832f83b4d47a8ffe7f2f7f9ab7cd567c.tar.gz
• cri-o.amd64.ae536552832f83b4d47a8ffe7f2f7f9ab7cd567c.tar.gz.sha256sum
• cri-o.arm64.ae536552832f83b4d47a8ffe7f2f7f9ab7cd567c.tar.gz
• cri-o.arm64.ae536552832f83b4d47a8ffe7f2f7f9ab7cd567c.tar.gz.sha256sum

Changelog since v1.24.2

Changes by Kind

Feature

• Add an option “add_inheritable_capabilities” which adds added capabilities to the inheritable list as well. As of CRI-O 1.25.1, CRI-O drops the inheritable capabilities to fix CVE-2022-27652 . However, this can cause regressions in workloads that attempt to pass capabilities to non-root users through inheritable capabilities. It defaults to true. (#6260, @haircommander)
• CRI-O now logs the stage of container or pod creation under system load. This allows users to find why their creation requests are stalling. (#6263, @haircommander)

Bug or Regression

• Fix a bug by re-adding the inheritable capabilities when adding capabilities. While it fixes an atypical unix environment, it causes a regression with non-root users using capabilities. (#6240, @haircommander)
• Fixed bug to restore /var/lib/containers/storage/overlay/backingFsBlockDev on XFS file systems. (#6389, @saschagrunert)

Uncategorized

• Fix a bug where a container is stuck in INIT because CRI-O believes it to be paused, and never updates the state (#6129, @openshift-cherrypick-robot)
• Fix a bug where exit files were never cleaned up from /run/crio/exits (#6149, @openshift-cherrypick-robot)

Dependencies

Added

Nothing has changed.

Changed

• github.com/containers/storage: v1.37.0 → v1.37.3

Removed

Nothing has changed.