-
Notifications
You must be signed in to change notification settings - Fork 38.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
bump runc to v1.1.10 #121739
bump runc to v1.1.10 #121739
Conversation
Signed-off-by: tao.yang <[email protected]>
/sig node |
/sig architecture |
@ty-dc please, provide release notes, thanks |
LGTM label has been added. Git tree hash: efebc97c9543fcfceb26a1e00c801f9a988e298c
|
assigning node folks for a first pass it's not clear (to me) what the priority and risk level is here, if this should go in for 1.29 or wait for master to reopen for 1.30 |
#120813 this may be fixed by this upgrade. @SergeyKanzhelev may know the context. |
This was discussed among SIG Node leads and we believe this is low risk, but important fix and we want to get an exception to take it for 1.29 /milestone 1.29 Applying critical-urgent to indicate we want it for 1.29 release. |
@SergeyKanzhelev: The provided milestone is not valid for this repository. Milestones in this repository: [ Use In response to this:
Instructions for interacting with me using PR comments are available here. If you have questions or suggestions related to my behavior, please file an issue against the kubernetes/test-infra repository. |
/milestone v1.29 |
/approve |
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: dims, mrunalp, ty-dc The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
/unhold |
Release note suggestion: -Update runc to 1.1.10
+Updated `runc` (used as a Go library) to 1.1.10 |
What type of PR is this?
/kind cleanup
What this PR does / why we need it:
In the changelog for runc v1.1.10, the following is mentioned:
This is the tenth (and most likely final) patch release in the 1.1.z
release branch of runc. It mainly fixes a few issues in cgroups, and a
umask-related issue in tmpcopyup.
Fixes the issue of postres failing when hugepage limits are set.
(Support rsvd hugetlb cgroup opencontainers/runc#3859, [1.1] libct/cg: support hugetlb rsvd opencontainers/runc#4077)
of umask in tmpcopyup feature implementation. (Wrong directory permissions when using tmpcopyup because of umask opencontainers/runc#3991, [1.1] Fix directory perms vs umask for tmpcopyup opencontainers/runc#4060)
(fixes the compatibility with Linux kernel 6.1+). ([1.1 backport] Handle kmem.limit_in_bytes removal opencontainers/runc#4028)
configuration. This issue is not a security issue because it requires a
malicious config.json, which is outside of our threat model. (semi-arbitrary cgroup resource write with malicious hugetlb configuration opencontainers/runc#4103)
So, this PR is for updating github.com/opencontainers/runc to v1.1.10.
Which issue(s) this PR fixes:
Fixes # None
Special notes for your reviewer: