diff options
| author | Matthew Heon <mheon@redhat.com> | 2021-12-06 13:54:06 -0500 |
|---|---|---|
| committer | Matthew Heon <mheon@redhat.com> | 2021-12-06 13:54:06 -0500 |
| commit | 274a76e06864d33470152cad42b81f8501f56b8c (patch) | |
| tree | f0da9655bac277caa1b1f76c428737e55cf79b1a | |
| parent | 1aeb61cf5cfb0155ebcff3b449c5ea4bf8f15dc1 (diff) | |
| download | podman-274a76e06864d33470152cad42b81f8501f56b8c.tar.gz podman-274a76e06864d33470152cad42b81f8501f56b8c.tar.bz2 podman-274a76e06864d33470152cad42b81f8501f56b8c.zip | |
Update release notes for changes already in branch
Signed-off-by: Matthew Heon <mheon@redhat.com>
| -rw-r--r-- | RELEASE_NOTES.md | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md index 110de4376..b33101515 100644 --- a/RELEASE_NOTES.md +++ b/RELEASE_NOTES.md @@ -1,5 +1,22 @@ # Release Notes +## 3.4.3 +### Security +- This release addresses CVE-2021-4024, where the `podman machine` command opened the `gvproxy` API (used to forward ports to `podman machine` VMs) to the public internet on port 7777. +- This release addresses CVE-2021-41190, where incomplete specification of behavior regarding image manifests could lead to inconsistent decoding on different clients. + +### Bugfixes +- Fixed a bug where rootless Podman would occasionally print warning messages about failing to move the pause process to a new cgroup ([#12065](https://github.com/containers/podman/issues/12065)). +- Fixed a bug where the `podman run` and `podman create` commands would, when pulling images, still require TLS even with registries set to Insecure via config file ([#11933](https://github.com/containers/podman/issues/11933)). +- Fixed a bug where the `podman generate systemd` command generated units that depended on `multi-user.target`, which has been removed from some distributions ([#12438](https://github.com/containers/podman/issues/12438)). +- Fixed a bug where, in containers on VMs created by `podman machine`, the `host.containers.internal` name pointed to the VM, not the host system ([#11642](https://github.com/containers/podman/issues/11642)). + +### API +- The Libpod Play Kube endpoint now also accepts `ConfigMap` YAML as part of its payload, and will use provided any `ConfigMap` to configure provided pods and services. + +### Misc +- Podman now builds by default with cgo enabled on OS X, resolving some issues with SSH ([#10737](https://github.com/containers/podman/issues/10737)). + ## 3.4.2 ### Bugfixes - Fixed a bug where `podman tag` could not tag manifest lists ([#12046](https://github.com/containers/podman/issues/12046)). |