aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorOpenShift Merge Robot <openshift-merge-robot@users.noreply.github.com>2021-04-05 21:40:16 +0200
committerGitHub <noreply@github.com>2021-04-05 21:40:16 +0200
commit626b7ebd74dbd2614c4e6e9f99514404c50e806a (patch)
tree166823938089c628f59da9fc4b11772142d9d4ba
parent4f57a103441ede86431839ece0de9e8c1e1dfbca (diff)
parentab94827cbb35d3b25356800e349aae0146845bc9 (diff)
downloadpodman-626b7ebd74dbd2614c4e6e9f99514404c50e806a.tar.gz
podman-626b7ebd74dbd2614c4e6e9f99514404c50e806a.tar.bz2
podman-626b7ebd74dbd2614c4e6e9f99514404c50e806a.zip
Merge pull request #9939 from mheon/release_notes_cve
[ci:docs] Update release notes to indicate CVE fix
-rw-r--r--RELEASE_NOTES.md3
1 files changed, 3 insertions, 0 deletions
diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md
index 85daba722..5ba5e251b 100644
--- a/RELEASE_NOTES.md
+++ b/RELEASE_NOTES.md
@@ -17,6 +17,9 @@
- The `podman generate kube` command can now generate `PersistentVolumeClaim` YAML for Podman named volumes ([#5788](https://github.com/containers/podman/issues/5788)).
- The `podman generate kube` command can now generate YAML files containing multiple resources (pods or deployments) ([#9129](https://github.com/containers/podman/issues/9129)).
+### Security
+- This release resolves CVE-2021-20291, a deadlock vulnerability in the storage library caused by pulling a specially-crafted container image.
+
### Changes
- The Podman remote client's `podman build` command no longer allows the `-v` flag to be used. Volumes are not yet supported with remote Podman when the client and service are on different machines.
- The `podman kill` and `podman stop` commands now print the name given by the user for each container, instead of the full ID.