summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMatthew Heon <mheon@redhat.com>2021-04-05 10:33:27 -0400
committerMatthew Heon <mheon@redhat.com>2021-04-05 10:33:27 -0400
commitab94827cbb35d3b25356800e349aae0146845bc9 (patch)
treeb7d62847e43dc0568138a8a03a0085d491253b46
parent1c8d3d0f6fb83b1e6c99dec759f4ae1c6b2e8f18 (diff)
downloadpodman-ab94827cbb35d3b25356800e349aae0146845bc9.tar.gz
podman-ab94827cbb35d3b25356800e349aae0146845bc9.tar.bz2
podman-ab94827cbb35d3b25356800e349aae0146845bc9.zip
Update release notes to indicate CVE fix
We didn't release this with the original release notes as the fix was still under embargo. Signed-off-by: Matthew Heon <mheon@redhat.com>
-rw-r--r--RELEASE_NOTES.md3
1 files changed, 3 insertions, 0 deletions
diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md
index 85daba722..5ba5e251b 100644
--- a/RELEASE_NOTES.md
+++ b/RELEASE_NOTES.md
@@ -17,6 +17,9 @@
- The `podman generate kube` command can now generate `PersistentVolumeClaim` YAML for Podman named volumes ([#5788](https://github.com/containers/podman/issues/5788)).
- The `podman generate kube` command can now generate YAML files containing multiple resources (pods or deployments) ([#9129](https://github.com/containers/podman/issues/9129)).
+### Security
+- This release resolves CVE-2021-20291, a deadlock vulnerability in the storage library caused by pulling a specially-crafted container image.
+
### Changes
- The Podman remote client's `podman build` command no longer allows the `-v` flag to be used. Volumes are not yet supported with remote Podman when the client and service are on different machines.
- The `podman kill` and `podman stop` commands now print the name given by the user for each container, instead of the full ID.