Thanks to visit codestin.com
Credit goes to github.com

Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: cri-o/cri-o
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v1.32.10
Choose a base ref
...
head repository: cri-o/cri-o
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v1.32.11
Choose a head ref
  • 6 commits
  • 10 files changed
  • 4 contributors

Commits on Nov 13, 2025

  1. Fix CVE-2025-58183: Update tar-split to v0.12.2 

    CVE-2025-58183 is an unbounded allocation vulnerability in archive/tar
when parsing GNU sparse map files. tar.Reader does not set a maximum
size on the number of sparse region data blocks in GNU tar pax 1.0
sparse files.

This update brings tar-split to v0.12.2 which includes the fix that
caps sparse block data to 1 MiB (same limit as PAX headers).

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=2407258
CVE: CVE-2025-58183
Signed-off-by: Sascha Grunert <[email protected]>
    @saschagrunert
    saschagrunert committed Nov 13, 2025
    Configuration menu
    Copy the full SHA
    19757e5 View commit details
    Browse the repository at this point in the history

Commits on Nov 18, 2025

  1. Merge pull request #9592 from saschagrunert/fix-cve-2025-58183-releas… 

    …e-1.32

[release-1.32] OCPBUGS-63772: Fix CVE-2025-58183: Update tar-split to v0.12.2
    @openshift-merge-bot
    openshift-merge-bot[bot] authored Nov 18, 2025
    Configuration menu
    Copy the full SHA
    aadeb7d View commit details
    Browse the repository at this point in the history

Commits on Nov 24, 2025

  1. server: Fix network cleanup failures when NetNS path is empty 

    Fixes an issue where empty network namespace paths cause CNI teardown
failures, preventing pod deletion and creating stuck pods. This happens when
infra containers die, leaving NetNsPath() returning empty strings that CNI
plugins cannot handle.

The failure cascade: dead infra container → empty NetNS → CNI failure →
StopPodSandbox failure → stuck pod → systemd cgroup conflicts → new pod
creation failures. Observed in MicroShift environments.

Signed-off-by: Sohan Kunkerkar <[email protected]>
    @sohankunkerkar
    sohankunkerkar authored and openshift-cherrypick-robot committed Nov 24, 2025
    Configuration menu
    Copy the full SHA
    ede4cf7 View commit details
    Browse the repository at this point in the history

Commits on Nov 25, 2025

  1. Merge pull request #9617 from openshift-cherrypick-robot/cherry-pick-… 

    …9472-to-release-1.32

[release-1.32] OCPBUGS-63432: server: Fix network cleanup failures when NetNS path is empty
    @openshift-merge-bot
    openshift-merge-bot[bot] authored Nov 25, 2025
    Configuration menu
    Copy the full SHA
    e325ed0 View commit details
    Browse the repository at this point in the history

Commits on Dec 1, 2025

  1. version: bump to 1.32.11 

    Signed-off-by: Kubernetes Release Robot <[email protected]>
    @k8s-release-robot
    k8s-release-robot committed Dec 1, 2025
    Configuration menu
    Copy the full SHA
    706274e View commit details
    Browse the repository at this point in the history

  2. Merge pull request #9625 from cri-o/release-1.32.11 

    Bump version to 1.32.11
    @openshift-merge-bot
    openshift-merge-bot[bot] authored Dec 1, 2025
    Configuration menu
    Copy the full SHA
    bcf9e19 View commit details
    Browse the repository at this point in the history
Loading