CRI-O v1.30.7

CRI-O v1.30.7

The release notes have been generated for the commit range v1.30.6…2391edc on Fri, 01 Nov 2024 10:20:34 UTC.

Downloads

Download one of our static release bundles via our Google Cloud Bucket:

To verify the artifact signatures via cosign, run:

> export COSIGN_EXPERIMENTAL=1
> cosign verify-blob cri-o.amd64.2391edcb98c15a5557fa899a143501d2608dc044.tar.gz \
    --certificate-identity https://github.com/cri-o/cri-o/.github/workflows/test.yml@refs/tags/2391edcb98c15a5557fa899a143501d2608dc044 \
    --certificate-oidc-issuer https://token.actions.githubusercontent.com \
    --certificate-github-workflow-repository cri-o/cri-o \
    --certificate-github-workflow-ref refs/tags/2391edcb98c15a5557fa899a143501d2608dc044 \
    --signature cri-o.amd64.2391edcb98c15a5557fa899a143501d2608dc044.tar.gz.sig \
    --certificate cri-o.amd64.2391edcb98c15a5557fa899a143501d2608dc044.tar.gz.cert

To verify the bill of materials (SBOM) in SPDX format using the bom tool, run:

> tar xfz cri-o.amd64.2391edcb98c15a5557fa899a143501d2608dc044.tar.gz
> bom validate -e cri-o.amd64.2391edcb98c15a5557fa899a143501d2608dc044.tar.gz.spdx -d cri-o

Changelog since v1.30.6

Changes by Kind

Uncategorized

Fix a bug where an allowed_annotation specified twice (in either a workload or runtime) couldn’t be used (#8712, @openshift-cherrypick-robot)

Dependencies

Added

Nothing has changed.

Changed

github.com/containers/storage: v1.51.0 → dfcc633
github.com/cyphar/filepath-securejoin: v0.2.4 → v0.3.1
golang.org/x/sys: v0.18.0 → v0.21.0

Removed

Nothing has changed.