Thanks to visit codestin.com
Credit goes to github.com

Skip to content

v1.34.3

Latest
Latest

Choose a tag to compare

View all tags
@github-actions github-actions released this 02 Dec 00:28
· 208 commits to main since this release
v1.34.3
067a88a
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

CRI-O v1.34.3

The release notes have been generated for the commit range
v1.34.2...v1.34.3 on Tue, 02 Dec 2025 00:25:30 UTC.

Downloads

Download one of our static release bundles via our Google Cloud Bucket:

To verify the artifact signatures via cosign, run:

> export COSIGN_EXPERIMENTAL=1
> cosign verify-blob cri-o.amd64.v1.34.3.tar.gz \
    --certificate-identity https://github.com/cri-o/packaging/.github/workflows/obs.yml@refs/heads/main \
    --certificate-oidc-issuer https://token.actions.githubusercontent.com \
    --certificate-github-workflow-repository cri-o/packaging \
    --certificate-github-workflow-ref refs/heads/main \
    --signature cri-o.amd64.v1.34.3.tar.gz.sig \
    --certificate cri-o.amd64.v1.34.3.tar.gz.cert

To verify the bill of materials (SBOM) in SPDX format using the bom tool, run:

> tar xfz cri-o.amd64.v1.34.3.tar.gz
> bom validate -e cri-o.amd64.v1.34.3.tar.gz.spdx -d cri-o

Changelog since v1.34.2

Changes by Kind

Feature

Bug or Regression

  • Fixed CVE-2025-58183: Updated tar-split to v0.12.2 to fix unbounded memory allocation vulnerability when parsing malicious container images with GNU sparse tar files. (#9590, @saschagrunert)

Uncategorized

  • This commit introduces a new housekeeping value for the irq-load-balancing.crio.io annotation.

When housekeeping is set:

  • The housekeeping CPU set is injected into the container's environment variables as OPENSHIFT_HOUSEKEEPING_CPUS
  • IRQ SMP affinity bits are not disabled on the housekeeping CPUs when adding a new container
  • The housekeeping CPUs are chosen as the first CPU within each container plus its thread siblings (#9564, @openshift-cherrypick-robot)

Dependencies

Added

  • github.com/cri-o/crio-credential-provider: v0.1.1
  • github.com/joho/godotenv: v1.5.1
  • go.podman.io/image/v5: v5.37.0
  • go.podman.io/storage: v1.60.0

Changed

  • github.com/containers/storage: v1.59.1 → 606f1e4
  • github.com/golang-jwt/jwt/v5: v5.2.2 → v5.3.0
  • github.com/vbatts/tar-split: v0.12.1 → v0.12.2
  • k8s.io/api: v0.34.0 → v0.34.1
  • k8s.io/apimachinery: v0.34.0 → v0.34.1
  • k8s.io/apiserver: v0.34.0 → v0.34.1
  • k8s.io/client-go: v0.34.0 → v0.34.1
  • k8s.io/component-base: v0.34.0 → v0.34.1
  • k8s.io/cri-api: v0.34.0 → v0.34.1
  • k8s.io/kms: v0.34.0 → v0.34.1
  • k8s.io/kubelet: v0.34.0 → v0.34.1

Removed

Nothing has changed.

Contributors

saschagrunert and openshift-cherrypick-robot
Assets 2
Loading