Releases: containers/buildah
Releases · containers/buildah
v1.35.5
What's Changed
- [release-1.35] Address CVE-2024-3727 by @TomSweeneyRedHat in #5521
- [release-1.35] Cross-build on Fedora by @openshift-cherrypick-robot in #5578
- [release-1.35] integration tests: switch some base images by @nalind in #5814
- Fix GHSA-5vpc-35f4-r8w6 (CVE-2024-11218)
Full Changelog: v1.35.4...v1.35.5
Contributors
nalind, TomSweeneyRedHat, and openshift-cherrypick-robot
Assets 2
v1.37.6
What's Changed
Notable changes
- [release-1.37][CI:DOCS] touchup changelog by @TomSweeneyRedHat in #5793
- [release-1.37][CI:DOCS] Touch up changelogs by @TomSweeneyRedHat in #5910
- Fix GHSA-5vpc-35f4-r8w6 (CVE-2024-11218)
Full Changelog: v1.37.5...v1.37.6
Contributors
TomSweeneyRedHat
Assets 2
v1.38.1
What's Changed
Notable changes
- [release-1.38] tag v1.38.1 by @nalind in #5918 (Addresses CVE-2024-11218)
- [release-1.38] Bump c/storage v1.56.1, c/image v5.33.1, c/common v0.61.1 by @TomSweeneyRedHat in #5911
Full Changelog: v1.38.0...v1.38.1
Contributors
nalind and TomSweeneyRedHat
Assets 2
v1.33.12
What's Changed
- [release-1.33] Bump c/storage to v1.51.2, fixes CVE-2024-9676 by @TomSweeneyRedHat in #5799
- [release-1.33] integration tests: switch some base images by @nalind in #5816
- Fix GHSA-5vpc-35f4-r8w6 (CVE-2024-11218)
- [release-1.33] tag v1.33.12 by @nalind in #5921
Full Changelog: v1.33.11...v1.33.12
Contributors
nalind and TomSweeneyRedHat
Assets 2
v1.38.0
What's Changed
Notable changes
- Bump to Buildah v1.37.0 by @TomSweeneyRedHat in #5651
- AddAndCopyOptions: add CertPath, InsecureSkipTLSVerify, Retry fields by @nalind in #5646
- Add PrependedLinkedLayers/AppendedLinkedLayers to CommitOptions by @nalind in #5647
- Use Epoch: 2 and respect the epoch in dependencies. by @jnovy in #5654
- fix(deps): fix test/tools ginkgo typo by @Asutorufa in #5455
make vendor-in-container: use the caller's Go cache if it exists by @nalind in #5667- install: On Debian/Ubuntu, add installation of libbtrfs-dev and libdevmapper-dev by @jelmer in #5541
- Drop the e2e test suite by @nalind in #5668
- [CI:DOCS] Update tutorials to keep up with API changes in storage by @nalind in #5665
- Update containerd by @nalind in #5666
- conformance tests: use mirror.gcr.io for most images by @nalind in #5673
- Add(): re-escape any globbed items that included escapes by @nalind in #5676
- unit tests: use test-specific policy.json and registries.conf by @nalind in #5672
- gofix, gofmt the code, add gofmt linter by @kolyshkin in #5680
- conformance: move weirdly-named files out of the repository by @nalind in #5684
- Commit(): retry committing to local storage on storage.LayerUnknown by @nalind in #5686
- CI: enable the gofumpt and whitespace linters by @nalind in #5689
- run: fix a nil pointer dereference on FreeBSD by @dfr in #5694
- [CI:DOCS] buildah-build.1.md: expand the --layer-label description by @nalind in #5701
- [CI:DOCS] update some godocs, use 0o to prefix an octal in a comment by @nalind in #5702
- New VMs by @edsantiago in #5703
- Add a validation script for Makefile $(SOURCES) by @nalind in #5704
- imagebuildah: make scratch config handling toggleable by @nalind in #5690
- copier: handle globbing with "**" path components by @nalind in #5688
- Vendor
c/common:9d025e4cb348by @Honny1 in #5710 - Update to go 1.22 by @Luap99 in #5715
- make use of new pasta option from c/common by @Luap99 in #5724
- add: add support for git sources by @danishprakash in #5438
manifest add --artifact: handle multiple values by @nalind in #5728- build: fall back to parsing a TARGETPLATFORM build-arg by @nalind in #5731
- [skip-ci] Packit: Enable sidetags for bodhi updates by @lsm5 in #5730
- imagebuildah.StageExecutor: clean up volumes/volumeCache by @nalind in #5729
- In a container, try to register binfmt_misc by @nalind in #5732
- Do not error on trying to write IMA xattr as rootless by @mheon in #5741
- fix: remove duplicate conditions by @cuishuang in #5745
- [CI:DOCS] Document how entrypoint is configured in buildah config by @rhatdan in #5734
- buildah-manifest-create.1: Fix manpage section by @siretart in #5757
- Document that zstd:chunked is downgraded to zstd when encrypting by @mtrmac in #5759
- CVE-2024-9407: validate "bind-propagation" flag settings by @nalind in #5761
- tests: add quotes to names by @Luap99 in #5765
- Don't set ambient caps; switch to moby/sys/capability by @kolyshkin in #5754
- vendor: update c/common to latest by @Luap99 in #5763
- Make
buildah manifest push --alltrue by default by @k9withabone in #5755 - Audit and tidy OWNERS by @baude in #5770
- [skip-ci] Packit: constrain koji job to fedora package to avoid dupes by @lsm5 in #5774
- Properly validate cache IDs and sources by @mheon in #5778
- Add support for COPY --exclude and ADD --exclude options by @rhatdan in #5733
- Document more buildah build --secret options by @nalind in #5784
- go.mod: remove unnecessary replace by @Luap99 in #5791
- Integration tests: run git daemon on a random-but-bind()able port by @nalind in #5783
- chroot: add newlines at the end of printed error messages by @nalind in #5753
- deps: bump runc to v1.2.0 by @kolyshkin in #5796
- tests: mkcw: bug fixes, refactor by @edsantiago in #5802
- tests: sbom: never write to cwd by @edsantiago in #5803
- tests: blobcache: use unique image name by @edsantiago in #5801
- Handle RUN --mount with relative targets and no configured workdir by @nalind in #5798
- tests: bud: make parallel-safe by @edsantiago in #5804
- tests/tools: update golangci-lint to v1.61.0 by @Luap99 in #5821
- CI VMs: bump f40 -> f41 by @edsantiago in #5820
Dependency updates
- fix(deps): update golang.org/x/exp digest to 8a7402a by @renovate in #5660
- fix(deps): update module github.com/onsi/ginkgo/v2 to v2.19.1 by @renovate in #5652
- fix(deps): update module golang.org/x/sys to v0.23.0 by @renovate in #5663
- fix(deps): update module github.com/fsouza/go-dockerclient to v1.11.2 by @renovate in #5658
- fix(deps): update github.com/containers/luksy digest to 1f482a9 by @renovate in #5659
- fix(deps): update module github.com/onsi/gomega to v1.34.1 by @renovate in #5650
- fix(deps): update module golang.org/x/crypto to v0.26.0 by @renovate in #5670
- fix(deps): update module golang.org/x/sys to v0.24.0 by @renovate in #5677
- fix(deps): update module github.com/containers/image/v5 to v5.32.1 by @renovate in #5679
- fix(deps): update module github.com/containers/common to v0.60.1 by @renovate in #5682
- fix(deps): update module github.com/docker/docker to v27.1.2+incompatible by @renovate in #5683
- fix(deps): update module github.com/containers/common to v0.60.2 by @renovate in #5697
- fix(deps): update module github.com/openshift/imagebuilder to v1.2.15 by @renovate in #5700
- fix(deps): update module github.com/docker/docker to v27.2.0+incompatible by @renovate in #5708
- fix(deps): update github.com/containers/luksy digest to 2e7307c by @renovate in #5711
- fix(deps): update golang.org/x/exp digest to 9b4947d by @renovate in #5712
- fix(deps): update module golang.org/x/term to v0.24.0 by @renovate in #5719
- fix(deps): update module github.com/docker/docker to v27.2.1+incompatible by @renovate in #5726
- fix(deps): update module github.com/fsouza/go-dockerclient to v1.12.0 by @renovate in #5687
- fix(deps): update module github.com/cyphar/filepath-securejoin to v0.3.2 by @renovate in #5736
- fix(deps): update module github.com/moby/buildkit to v0.16.0 by @renovate in #5383
- chore(deps): update dependency ubuntu to v24 by @renovate in #5756
- fix(deps): update module github.com/cyphar/filepath-securejoin to v0.3.3 by @renovate in #5758
- fix(deps): update module golang.org/x/crypto to v0.28.0 by @renovate in #5771
- chore(deps): update dependency containers/a...
Contributors
jelmer, jnovy, and 18 other contributors
Assets 2
v1.33.11
What's Changed
- release-1.33] Bump c/storage to v1.51.2, fixes CVE-2024-9676 by @TomSweeneyRedHat in #5799
- [release-1.33] Address CVE-2024-9675, bump Buildah to v1.33.10 by @TomSweeneyRedHat in #5790
Full Changelog: v1.33.10...v1.33.11
Contributors
TomSweeneyRedHat
Assets 2
v1.27.5
What's Changed
- [release-1.27] Properly validate cache IDs and sources - (CVE-2024-9675) by @dashea in #5797
- [release-1.27] Adresses CVE-2024-1753 and CVE-2024-24786, bump to V1.27.4 by @TomSweeneyRedHat in #5435
Full Changelog: v1.27.4...v1.27.5
Contributors
dashea and TomSweeneyRedHat
Assets 2
v1.26.8
What's Changed
- [release-1.26] CVE-2024-1753, Bump to Buildah v1.26.7 by @TomSweeneyRedHat in #5450
- [release-1.26] Properly validate cache IDs and sources by @dashea in #5794
Full Changelog: v1.26.7...v1.26.8
Contributors
dashea and TomSweeneyRedHat
Assets 2
v1.33.10
What's Changed
- [release-1.33] Bump to Buildah v1.33.8, CVE-2024-3727 by @TomSweeneyRedHat in #5533
- [release-1.33] Cross-build on Fedora by @openshift-cherrypick-robot in #5577
- [release-1.33] Fixes Listing tags in JFrog Artifactory may fail by @TomSweeneyRedHat in #5631
- [release-1.33] vendor: update c/common to v0.57.7 by @Luap99 in #5766
Full Changelog: v1.33.8...v1.33.10
Contributors
TomSweeneyRedHat, openshift-cherrypick-robot, and Luap99
Assets 2
v1.37.5
What's Changed
Notable changes
- [release-1.37] Bump Buildah to v1.37.5 by @TomSweeneyRedHat
- [release-1.37] [skip-ci] Packit: constrain koji job to fedora package to avoid dupes by @openshift-cherrypick-robot in #5775
- [release-1.37] Properly validate cache IDs and sources - Resolves CVE-2024-9675 by @openshift-cherrypick-robot in #5780
- [release-1.37] Bump the containers/storage library to v1.55.1 - Resolves CVE-2024-9676 by @mheon in #5786
Full Changelog: v1.37.4...v1.37.5
Contributors
mheon, TomSweeneyRedHat, and openshift-cherrypick-robot