Welcome to the v1.3.1 release of containerd!

The first patch release for containerd 1.3 includes a fix hang on pull when
there is a registry error and important vendor updates.

Notable Updates

• Fix deadlock on image pull and unpack after a registry error containerd/containerd#3816.

• Update the runc vendor to v1.0.0-rc9 which includes an additional mitigation for CVE-2019-16884.

  • More details on the runc CVE in opencontainers/runc#2128, and the additional mitigations in opencontainers/runc#2130.

• Add local-fs.target to service file to fix corrupt image after unexpected host reboot. Reported in containerd/containerd#3671, and fixed by containerd/containerd#3745.

• Fix large output of processes with TTY getting occasionally truncated. Reported in containerd/containerd#3738 and fixed by containerd/containerd#3754.

• Fix direct unpack when running in user namespace. Reported in containerd/containerd#3762, and fixed by containerd/containerd#3779.

• Update Golang runtime to 1.12.13, which includes security fixes to the crypto/dsa package made in Go 1.12.11 (CVE-2019-17596), and fixes to the go command, runtime, syscall and net packages (Go 1.12.12).

• Add Windows process shim installer containerd/containerd#3792

• CRI fixes:

  • Fix shim delete error code to avoid unnecessary retries in the CRI plugin. Discovered in containerd/cri#1309, and fixed by containerd/containerd#3733 and containerd/containerd#3740.

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

• Michael Crosby
• Sebastiaan van Stijn
• Derek McGowan
• Phil Estes
• Lantao Liu
• Wei Fu
• Akihiro Suda
• Ameya Gawde
• Eli Uriegas
• Maksym Pavlenko

Changes

• 7fb78c1f2f Update notes for unpack error
• d512382924 Prepare v1.3.1 release
• 89d3753aa3 Merge pull request #3834 from Random-Liu/cherrypick-#3825-1.3
• a18acaf2cf Avoid deadlock in unpacker.
• b5ede206a4 Merge pull request #3822 from fuweid/cherry-pick-3819-1.3
• 780b5d5fc2 Merge pull request #3807 from thaJeztah/1.3_backport_limit_travis_release
• e19c621d0d snapshots: return error if readSnapshot fails
• 54658b8831 Merge pull request #3808 from thaJeztah/1.3_backport_bump_golang_1.12.13
• f7e59ae1a3 Update to Golang 1.12.13
• 9488dd85ee Revert "[release/1.3] pin travis to go 1.12.12"
• e70ee589e4 Limit travis release script to a single build
• 0aeaac0331 Merge pull request #3792 from ameyag/windows-shim-backport
• 067be94641 windows process shim installer
• d6f0c29b1b Merge pull request #3779 from AkihiroSuda/disable-mknod00-in-userns-1.3
• f3c48daf71 apply: use naive applier when running in UserNS
• 7af311b420 Merge pull request #3769 from thaJeztah/1.3_backport_bump_golang_1.12.x
• c345050705 Merge pull request #3772 from estesp/update-vndr-1.3
• 033612194b Catch up vndr with state of vendor/ dir
• 7f6f2c7d4f [release/1.3] pin travis to go 1.12.12
• 23b0ca70fe Update Golang 1.12.12 (CVE-2019-17596)
• aa98dc6e4d Merge pull request #3754 from estesp/cp-1.3-3743
• 0f6aab184a Handle large output in v2 shim with TTY
• 7aaa8fc685 Merge pull request #3751 from AkihiroSuda/native-copydir-allow-xattr-errors-1.3
• 1c3929e594 Merge pull request #3748 from seemethere/fix_man_1_3
• f6a32a79e1 snapshots/native: ignore xattr errors during CopyDir
• 3866900d62 Merge pull request #3745 from crosbymichael/localfs3
• ffb05aeb1f build: Fix manpage generation
• d168e8ebeb Add local-fs.target to service file
• 0b43a3115a Merge pull request #3740 from estesp/cp-1.3-3736
• b3e9ded8ce Fix delete error code on the containerd daemon side.
• ea86733a56 Merge pull request #3733 from Random-Liu/cherrypick-#3730-release-1.3
• 6746ae3e0a Fix shim delete error code.
• efd38f483c Merge pull request #3724 from thaJeztah/1.3_backport_bump_runc_1.0.0-rc9
• 6cbad87819 bump runc v1.0.0-rc9
• dfc256fcc7 Bump runc to 1b8a1eeec3f337ab5d94f28980

Dependency Changes

Previous release can be found at v1.3.0

• github.com/opencontainers/runc 3e425f80a8c931f88e6d94a8c831b9d5aa481657 -> d736ef14f0288d6993a1845745d6756cfc9ddd5a