From URL: "Fix a bug where ExecSync requests (exec probes) could use an arbitrary amount of memory and disk. Output from ExecSync requests is now limited to 16MB (the amount that exec output was limited to in the dockershim). Disk limiting requires conmon 2.1.2 to work. See GHSA-fcm2-6c3h-pg6j and CVE-2022-1708 for more information. (#5935, @haircommander)". Fix is in 1.24.1, please bump
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5370c8b0c9b23b96c21ffdf052e606eaa4b10244 commit 5370c8b0c9b23b96c21ffdf052e606eaa4b10244 Author: Zac Medico <zmedico@gentoo.org> AuthorDate: 2022-06-07 00:57:13 +0000 Commit: Zac Medico <zmedico@gentoo.org> CommitDate: 2022-06-07 00:57:25 +0000 app-containers/cri-o: drop 1.24.0 Bug: https://bugs.gentoo.org/850142 Signed-off-by: Zac Medico <zmedico@gentoo.org> app-containers/cri-o/Manifest | 1 - app-containers/cri-o/cri-o-1.24.0.ebuild | 101 ------------------------------- 2 files changed, 102 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4577c52fcc7430d6bb7132f8fa1665e4775722cc commit 4577c52fcc7430d6bb7132f8fa1665e4775722cc Author: Zac Medico <zmedico@gentoo.org> AuthorDate: 2022-06-07 00:55:59 +0000 Commit: Zac Medico <zmedico@gentoo.org> CommitDate: 2022-06-07 00:56:34 +0000 app-containers/cri-o: add 1.24.1 Bug: https://bugs.gentoo.org/850142 Signed-off-by: Zac Medico <zmedico@gentoo.org> app-containers/cri-o/Manifest | 1 + app-containers/cri-o/cri-o-1.24.1.ebuild | 101 +++++++++++++++++++++++++++++++ 2 files changed, 102 insertions(+)
Thanks! All done.
