UbuntuUpdates.org

Package "containerd-app"

Name: containerd-app

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • daemon to control runC
Latest version: 1.7.28-0ubuntu1~24.04.2
Release: noble (24.04)
Level: updates
Repository: main

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "containerd-app" in Noble

Repository Area Version
base main 1.7.12-0ubuntu4
security main 1.7.28-0ubuntu1~24.04.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 1.7.28-0ubuntu1~24.04.2 2026-01-29 12:46:14 UTC

  containerd-app (1.7.28-0ubuntu1~24.04.2) noble-security; urgency=medium

  * SECURITY UPDATE: local priv escalation vulnerability
    - debian/patches/CVE-2024-25621.patch: Fix directory permissions
    - CVE-2024-25621
  * SECURITY UPDATE: denial of service
    - debian/patches/CVE-2025-64329.patch: fix goroutine leak of container
      attach
    - CVE-2025-64329

 -- Nishit Majithia <email address hidden> Wed, 28 Jan 2026 10:37:51 +0530
Source diff to previous version
CVE-2024-25621 containerd is an open-source container runtime. Versions 0.1.0 through 1.7.28, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4 and 2.2.0-beta.
CVE-2025-64329 containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 t

Version: 1.7.28-0ubuntu1~24.04.1 2025-10-07 12:07:07 UTC

  containerd-app (1.7.28-0ubuntu1~24.04.1) noble; urgency=medium

  * New upstream version 1.7.28 (LP: #2112523)
  * Build with Go 1.23.
    - d/control: b-d on golang-1.23-go instead of golang-1.22-go
    - d/rules: add Go 1.23 to $PATH

 -- Athos Ribeiro <email address hidden> Thu, 11 Sep 2025 13:55:37 -0300
Source diff to previous version

Version: 1.7.27-0ubuntu1~24.04.1 2025-05-29 20:09:01 UTC

  containerd-app (1.7.27-0ubuntu1~24.04.1) noble; urgency=medium

  * New upstream version 1.7.27. (LP: #2085187)
  * d/p/CVE-2024-40635.patch: drop patch applied upstream

 -- Athos Ribeiro <email address hidden> Thu, 03 Apr 2025 13:12:09 -0300
Source diff to previous version
CVE-2024-40635 containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers launched w

Version: 1.7.24-0ubuntu1~24.04.2 2025-03-27 00:07:04 UTC

  containerd-app (1.7.24-0ubuntu1~24.04.2) noble-security; urgency=medium

  * SECURITY UPDATE: Integer overflow.
    - debian/patches/CVE-2024-40635.patch: Add maxUserID and maxGroupID with
      limitations in ./oci/spec_opts.go.
    - CVE-2024-40635

 -- Hlib Korzhynskyy <email address hidden> Mon, 24 Mar 2025 14:34:54 -0230
Source diff to previous version
CVE-2024-40635 containerd is an open-source container runtime. A bug was found in containerd prior to versions 1.6.38, 1.7.27, and 2.0.4 where containers launched w

Version: 1.7.24-0ubuntu1~24.04.1 2025-01-27 22:06:59 UTC

  containerd-app (1.7.24-0ubuntu1~24.04.1) noble; urgency=medium

  * Backport version 1.7.19-0ubuntu3 from plucky to noble. (LP: #2040461)
  * New 1.7.24 upstream version. (LP #2089704)
  * d/containerd.postinst: notify that a reboot is required to reload the
    AppArmor profile. (LP #2065423)
  * d/p/{0001-...,0002-...}: restore the version of these patches which
    applies to 1.7.x.
  * d/rules: revert path of containerd commands

 -- Athos Ribeiro <email address hidden> Fri, 11 Oct 2024 16:19:07 -0300
2089704 Incorrect version packaged
2065423 Update AppArmor template to allow confined runc to kill containers


About   -   Send Feedback to @ubuntu_updates