Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package containerd for openSUSE:Factory checked in at 2021-11-22 23:03:44 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/containerd (Old) and /work/SRC/openSUSE:Factory/.containerd.new.1895 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "containerd" Mon Nov 22 23:03:44 2021 rev:46 rq:932376 version:1.4.12 Changes: -------- --- /work/SRC/openSUSE:Factory/containerd/containerd.changes 2021-10-20 20:24:38.737391457 +0200 +++ /work/SRC/openSUSE:Factory/.containerd.new.1895/containerd.changes 2021-11-22 23:03:51.417997889 +0100 @@ -1,0 +2,6 @@ +Fri Nov 19 00:01:23 UTC 2021 - Aleksa Sarai <asa...@suse.com> + +- Update to containerd v1.4.12 for Docker 20.10.11-ce. + bsc#1192814 CVE-2021-41190 + +------------------------------------------------------------------- Old: ---- containerd-1.4.11_5b46e404f6b9.tar.xz New: ---- containerd-1.4.12_7b11cfaabd73.tar.xz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ containerd.spec ++++++ --- /var/tmp/diff_new_pack.a4lB4I/_old 2021-11-22 23:03:52.081995661 +0100 +++ /var/tmp/diff_new_pack.a4lB4I/_new 2021-11-22 23:03:52.085995648 +0100 @@ -23,11 +23,11 @@ %endif # MANUAL: Update the git_version. -%define git_version 5b46e404f6b9f661a205e28d59c982d3634148f8 -%define git_short 5b46e404f6b9 +%define git_version 7b11cfaabd73bb80907dd23182b9347b4245eb5d +%define git_short 7b11cfaabd73 Name: containerd -Version: 1.4.11 +Version: 1.4.12 Release: 0 Summary: Standalone OCI Container Daemon License: Apache-2.0 ++++++ _service ++++++ --- /var/tmp/diff_new_pack.a4lB4I/_old 2021-11-22 23:03:52.113995554 +0100 +++ /var/tmp/diff_new_pack.a4lB4I/_new 2021-11-22 23:03:52.113995554 +0100 @@ -3,8 +3,8 @@ <param name="url">https://github.com/containerd/containerd.git</param> <param name="scm">git</param> <param name="filename">containerd</param> - <param name="versionformat">1.4.11_%h</param> - <param name="revision">v1.4.11</param> + <param name="versionformat">1.4.12_%h</param> + <param name="revision">v1.4.12</param> <param name="exclude">.git</param> </service> <service name="recompress" mode="disabled"> ++++++ containerd-1.4.11_5b46e404f6b9.tar.xz -> containerd-1.4.12_7b11cfaabd73.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/containerd-1.4.11_5b46e404f6b9/.github/workflows/ci.yml new/containerd-1.4.12_7b11cfaabd73/.github/workflows/ci.yml --- old/containerd-1.4.11_5b46e404f6b9/.github/workflows/ci.yml 2021-10-04 17:24:47.000000000 +0200 +++ new/containerd-1.4.12_7b11cfaabd73/.github/workflows/ci.yml 2021-11-17 20:52:12.000000000 +0100 @@ -26,7 +26,7 @@ - name: Install Go uses: actions/setup-go@v2 with: - go-version: '1.16.8' + go-version: '1.16.10' - name: Set env shell: bash @@ -82,7 +82,7 @@ steps: - uses: actions/setup-go@v2 with: - go-version: '1.16.8' + go-version: '1.16.10' - name: Set env shell: bash @@ -128,7 +128,7 @@ steps: - uses: actions/setup-go@v2 with: - go-version: '1.16.8' + go-version: '1.16.10' - name: Set env shell: bash @@ -166,7 +166,7 @@ steps: - uses: actions/setup-go@v2 with: - go-version: '1.16.8' + go-version: '1.16.10' - name: Set env shell: bash @@ -199,7 +199,7 @@ steps: - uses: actions/setup-go@v2 with: - go-version: '1.16.8' + go-version: '1.16.10' - name: Set env shell: bash @@ -285,7 +285,7 @@ steps: - uses: actions/setup-go@v2 with: - go-version: '1.16.8' + go-version: '1.16.10' - name: Set env shell: bash diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/containerd-1.4.11_5b46e404f6b9/.github/workflows/nightly.yml new/containerd-1.4.12_7b11cfaabd73/.github/workflows/nightly.yml --- old/containerd-1.4.11_5b46e404f6b9/.github/workflows/nightly.yml 2021-10-04 17:24:47.000000000 +0200 +++ new/containerd-1.4.12_7b11cfaabd73/.github/workflows/nightly.yml 2021-11-17 20:52:12.000000000 +0100 @@ -14,7 +14,7 @@ steps: - uses: actions/setup-go@v2 with: - go-version: '1.16.8' + go-version: '1.16.10' - name: Checkout uses: actions/checkout@v1 @@ -138,7 +138,7 @@ steps: - uses: actions/setup-go@v2 with: - go-version: '1.16.8' + go-version: '1.16.10' - name: Checkout uses: actions/checkout@v1 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/containerd-1.4.11_5b46e404f6b9/.github/workflows/release.yml new/containerd-1.4.12_7b11cfaabd73/.github/workflows/release.yml --- old/containerd-1.4.11_5b46e404f6b9/.github/workflows/release.yml 2021-10-04 17:24:47.000000000 +0200 +++ new/containerd-1.4.12_7b11cfaabd73/.github/workflows/release.yml 2021-11-17 20:52:12.000000000 +0100 @@ -62,7 +62,7 @@ - name: Install Go uses: actions/setup-go@v2 with: - go-version: '1.16.8' + go-version: '1.16.10' - name: Set env shell: bash diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/containerd-1.4.11_5b46e404f6b9/.travis.yml new/containerd-1.4.12_7b11cfaabd73/.travis.yml --- old/containerd-1.4.11_5b46e404f6b9/.travis.yml 2021-10-04 17:24:47.000000000 +0200 +++ new/containerd-1.4.12_7b11cfaabd73/.travis.yml 2021-11-17 20:52:12.000000000 +0100 @@ -15,7 +15,7 @@ - linux go: - - "1.16.8" + - "1.16.10" env: - TRAVIS_GOOS=linux TEST_RUNTIME=io.containerd.runc.v1 TRAVIS_CGO_ENABLED=1 TRAVIS_DISTRO=bionic GOPROXY=direct diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/containerd-1.4.11_5b46e404f6b9/.zuul/playbooks/containerd-build/run.yaml new/containerd-1.4.12_7b11cfaabd73/.zuul/playbooks/containerd-build/run.yaml --- old/containerd-1.4.11_5b46e404f6b9/.zuul/playbooks/containerd-build/run.yaml 2021-10-04 17:24:47.000000000 +0200 +++ new/containerd-1.4.12_7b11cfaabd73/.zuul/playbooks/containerd-build/run.yaml 2021-11-17 20:52:12.000000000 +0100 @@ -2,7 +2,7 @@ become: yes roles: - role: config-golang - go_version: '1.16.8' + go_version: '1.16.10' arch: arm64 tasks: - name: Build containerd diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/containerd-1.4.11_5b46e404f6b9/Vagrantfile new/containerd-1.4.12_7b11cfaabd73/Vagrantfile --- old/containerd-1.4.11_5b46e404f6b9/Vagrantfile 2021-10-04 17:24:47.000000000 +0200 +++ new/containerd-1.4.12_7b11cfaabd73/Vagrantfile 2021-11-17 20:52:12.000000000 +0100 @@ -77,7 +77,7 @@ config.vm.provision "install-golang", type: "shell", run: "once" do |sh| sh.upload_path = "/tmp/vagrant-install-golang" sh.env = { - 'GO_VERSION': ENV['GO_VERSION'] || "1.16.8", + 'GO_VERSION': ENV['GO_VERSION'] || "1.16.10", } sh.inline = <<~SHELL #!/usr/bin/env bash diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/containerd-1.4.11_5b46e404f6b9/contrib/Dockerfile.test new/containerd-1.4.12_7b11cfaabd73/contrib/Dockerfile.test --- old/containerd-1.4.11_5b46e404f6b9/contrib/Dockerfile.test 2021-10-04 17:24:47.000000000 +0200 +++ new/containerd-1.4.12_7b11cfaabd73/contrib/Dockerfile.test 2021-11-17 20:52:12.000000000 +0100 @@ -10,7 +10,7 @@ # # docker build -t containerd-test --build-arg RUNC_VERSION=v1.0.0-rc93 -f Dockerfile.test ../ -ARG GOLANG_VERSION=1.16.8 +ARG GOLANG_VERSION=1.16.10 FROM golang:${GOLANG_VERSION} AS golang-base RUN mkdir -p /go/src/github.com/containerd/containerd diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/containerd-1.4.11_5b46e404f6b9/images/image.go new/containerd-1.4.12_7b11cfaabd73/images/image.go --- old/containerd-1.4.11_5b46e404f6b9/images/image.go 2021-10-04 17:24:47.000000000 +0200 +++ new/containerd-1.4.12_7b11cfaabd73/images/image.go 2021-11-17 20:52:12.000000000 +0100 @@ -19,6 +19,7 @@ import ( "context" "encoding/json" + "fmt" "sort" "time" @@ -154,6 +155,10 @@ return nil, err } + if err := validateMediaType(p, desc.MediaType); err != nil { + return nil, errors.Wrapf(err, "manifest: invalid desc %s", desc.Digest) + } + var manifest ocispec.Manifest if err := json.Unmarshal(p, &manifest); err != nil { return nil, err @@ -194,6 +199,10 @@ return nil, err } + if err := validateMediaType(p, desc.MediaType); err != nil { + return nil, errors.Wrapf(err, "manifest: invalid desc %s", desc.Digest) + } + var idx ocispec.Index if err := json.Unmarshal(p, &idx); err != nil { return nil, err @@ -336,6 +345,10 @@ return nil, err } + if err := validateMediaType(p, desc.MediaType); err != nil { + return nil, errors.Wrapf(err, "children: invalid desc %s", desc.Digest) + } + // TODO(stevvooe): We just assume oci manifest, for now. There may be // subtle differences from the docker version. var manifest ocispec.Manifest @@ -351,6 +364,10 @@ return nil, err } + if err := validateMediaType(p, desc.MediaType); err != nil { + return nil, errors.Wrapf(err, "children: invalid desc %s", desc.Digest) + } + var index ocispec.Index if err := json.Unmarshal(p, &index); err != nil { return nil, err @@ -368,6 +385,44 @@ return descs, nil } +// unknownDocument represents a manifest, manifest list, or index that has not +// yet been validated. +type unknownDocument struct { + MediaType string `json:"mediaType,omitempty"` + Config json.RawMessage `json:"config,omitempty"` + Layers json.RawMessage `json:"layers,omitempty"` + Manifests json.RawMessage `json:"manifests,omitempty"` + FSLayers json.RawMessage `json:"fsLayers,omitempty"` // schema 1 +} + +// validateMediaType returns an error if the byte slice is invalid JSON or if +// the media type identifies the blob as one format but it contains elements of +// another format. +func validateMediaType(b []byte, mt string) error { + var doc unknownDocument + if err := json.Unmarshal(b, &doc); err != nil { + return err + } + if len(doc.FSLayers) != 0 { + return fmt.Errorf("media-type: schema 1 not supported") + } + switch mt { + case MediaTypeDockerSchema2Manifest, ocispec.MediaTypeImageManifest: + if len(doc.Manifests) != 0 || + doc.MediaType == MediaTypeDockerSchema2ManifestList || + doc.MediaType == ocispec.MediaTypeImageIndex { + return fmt.Errorf("media-type: expected manifest but found index (%s)", mt) + } + case MediaTypeDockerSchema2ManifestList, ocispec.MediaTypeImageIndex: + if len(doc.Config) != 0 || len(doc.Layers) != 0 || + doc.MediaType == MediaTypeDockerSchema2Manifest || + doc.MediaType == ocispec.MediaTypeImageManifest { + return fmt.Errorf("media-type: expected index but found manifest (%s)", mt) + } + } + return nil +} + // RootFS returns the unpacked diffids that make up and images rootfs. // // These are used to verify that a set of layers unpacked to the expected diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/containerd-1.4.11_5b46e404f6b9/images/image_test.go new/containerd-1.4.12_7b11cfaabd73/images/image_test.go --- old/containerd-1.4.11_5b46e404f6b9/images/image_test.go 1970-01-01 01:00:00.000000000 +0100 +++ new/containerd-1.4.12_7b11cfaabd73/images/image_test.go 2021-11-17 20:52:12.000000000 +0100 @@ -0,0 +1,150 @@ +/* + Copyright The containerd Authors. + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. +*/ + +package images + +import ( + "encoding/json" + "testing" + + ocispec "github.com/opencontainers/image-spec/specs-go/v1" +) + +func TestValidateMediaType(t *testing.T) { + docTests := []struct { + mt string + index bool + }{ + {MediaTypeDockerSchema2Manifest, false}, + {ocispec.MediaTypeImageManifest, false}, + {MediaTypeDockerSchema2ManifestList, true}, + {ocispec.MediaTypeImageIndex, true}, + } + for _, tc := range docTests { + t.Run("manifest-"+tc.mt, func(t *testing.T) { + manifest := ocispec.Manifest{ + Config: ocispec.Descriptor{Size: 1}, + Layers: []ocispec.Descriptor{{Size: 2}}, + } + b, err := json.Marshal(manifest) + if err != nil { + t.Fatal("failed to marshal manifest", err) + } + + err = validateMediaType(b, tc.mt) + if tc.index { + if err == nil { + t.Error("manifest should not be a valid index") + } + } else { + if err != nil { + t.Error("manifest should be valid") + } + } + }) + t.Run("index-"+tc.mt, func(t *testing.T) { + index := ocispec.Index{ + Manifests: []ocispec.Descriptor{{Size: 1}}, + } + b, err := json.Marshal(index) + if err != nil { + t.Fatal("failed to marshal index", err) + } + + err = validateMediaType(b, tc.mt) + if tc.index { + if err != nil { + t.Error("index should be valid") + } + } else { + if err == nil { + t.Error("index should not be a valid manifest") + } + } + }) + } + + mtTests := []struct { + mt string + valid []string + invalid []string + }{{ + MediaTypeDockerSchema2Manifest, + []string{MediaTypeDockerSchema2Manifest, ocispec.MediaTypeImageManifest}, + []string{MediaTypeDockerSchema2ManifestList, ocispec.MediaTypeImageIndex}, + }, { + ocispec.MediaTypeImageManifest, + []string{MediaTypeDockerSchema2Manifest, ocispec.MediaTypeImageManifest}, + []string{MediaTypeDockerSchema2ManifestList, ocispec.MediaTypeImageIndex}, + }, { + MediaTypeDockerSchema2ManifestList, + []string{MediaTypeDockerSchema2ManifestList, ocispec.MediaTypeImageIndex}, + []string{MediaTypeDockerSchema2Manifest, ocispec.MediaTypeImageManifest}, + }, { + ocispec.MediaTypeImageIndex, + []string{MediaTypeDockerSchema2ManifestList, ocispec.MediaTypeImageIndex}, + []string{MediaTypeDockerSchema2Manifest, ocispec.MediaTypeImageManifest}, + }} + for _, tc := range mtTests { + for _, v := range tc.valid { + t.Run("valid-"+tc.mt+"-"+v, func(t *testing.T) { + doc := struct { + MediaType string `json:"mediaType"` + }{MediaType: v} + b, err := json.Marshal(doc) + if err != nil { + t.Fatal("failed to marshal document", err) + } + + err = validateMediaType(b, tc.mt) + if err != nil { + t.Error("document should be valid", err) + } + }) + } + for _, iv := range tc.invalid { + t.Run("invalid-"+tc.mt+"-"+iv, func(t *testing.T) { + doc := struct { + MediaType string `json:"mediaType"` + }{MediaType: iv} + b, err := json.Marshal(doc) + if err != nil { + t.Fatal("failed to marshal document", err) + } + + err = validateMediaType(b, tc.mt) + if err == nil { + t.Error("document should not be valid") + } + }) + } + } + t.Run("schema1", func(t *testing.T) { + doc := struct { + FSLayers []string `json:"fsLayers"` + }{FSLayers: []string{"1"}} + b, err := json.Marshal(doc) + if err != nil { + t.Fatal("failed to marshal document", err) + } + + err = validateMediaType(b, "") + if err == nil { + t.Error("document should not be valid") + } + + }) +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/containerd-1.4.11_5b46e404f6b9/releases/v1.4.12.toml new/containerd-1.4.12_7b11cfaabd73/releases/v1.4.12.toml --- old/containerd-1.4.11_5b46e404f6b9/releases/v1.4.12.toml 1970-01-01 01:00:00.000000000 +0100 +++ new/containerd-1.4.12_7b11cfaabd73/releases/v1.4.12.toml 2021-11-17 20:52:12.000000000 +0100 @@ -0,0 +1,23 @@ +# commit to be tagged for new release +commit = "HEAD" + +project_name = "containerd" +github_repo = "containerd/containerd" +match_deps = "^github.com/(containerd/[a-zA-Z0-9-]+)$" + +# previous release +previous = "v1.4.11" + +pre_release = false + +preface = """\ +The twelfth patch release for containerd 1.4 contains a few minor bug fixes +and an update to mitigate [CVE-2021-41190](https://github.com/opencontainers/distribution-spec/security/advisories/GHSA-mc8v-mgrf-8f4m). + +### Notable Updates + +* **Handle ambiguous OCI manifest parsing** ([GHSA-5j5w-g665-5m35](https://github.com/containerd/containerd/security/advisories/GHSA-5j5w-g665-5m35)) +* **Update pull to try next mirror for non-404 errors** ([#5275](https://github.com/containerd/containerd/pull/5275)) +* **Update pull to handle of non-https urls in descriptors** ([#6221](https://github.com/containerd/containerd/pull/6221)) + +See the changelog for complete list of changes""" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/containerd-1.4.11_5b46e404f6b9/remotes/docker/fetcher.go new/containerd-1.4.12_7b11cfaabd73/remotes/docker/fetcher.go --- old/containerd-1.4.11_5b46e404f6b9/remotes/docker/fetcher.go 2021-10-04 17:24:47.000000000 +0200 +++ new/containerd-1.4.12_7b11cfaabd73/remotes/docker/fetcher.go 2021-11-17 20:52:12.000000000 +0100 @@ -60,6 +60,10 @@ log.G(ctx).WithError(err).Debug("failed to parse") continue } + if u.Scheme != "http" && u.Scheme != "https" { + log.G(ctx).Debug("non-http(s) alternative url is unsupported") + continue + } log.G(ctx).Debug("trying alternative url") // Try this first, parse it diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/containerd-1.4.11_5b46e404f6b9/remotes/docker/resolver.go new/containerd-1.4.12_7b11cfaabd73/remotes/docker/resolver.go --- old/containerd-1.4.11_5b46e404f6b9/remotes/docker/resolver.go 2021-10-04 17:24:47.000000000 +0200 +++ new/containerd-1.4.12_7b11cfaabd73/remotes/docker/resolver.go 2021-11-17 20:52:12.000000000 +0100 @@ -238,10 +238,10 @@ } var ( - lastErr error - paths [][]string - dgst = refspec.Digest() - caps = HostCapabilityPull + firstErr error + paths [][]string + dgst = refspec.Digest() + caps = HostCapabilityPull ) if dgst != "" { @@ -292,8 +292,8 @@ err = errors.Wrapf(err, "pull access denied, repository does not exist or may require authorization") } // Store the error for referencing later - if lastErr == nil { - lastErr = err + if firstErr == nil { + firstErr = err } log.G(ctx).WithError(err).Info("trying next host") continue // try another host @@ -305,7 +305,14 @@ log.G(ctx).Info("trying next host - response was http.StatusNotFound") continue } - return "", ocispec.Descriptor{}, errors.Errorf("unexpected status code %v: %v", u, resp.Status) + if resp.StatusCode > 399 { + // Set firstErr when encountering the first non-404 status code. + if firstErr == nil { + firstErr = errors.Errorf("pulling from host %s failed with status code %v: %v", host.Host, u, resp.Status) + } + continue // try another host + } + return "", ocispec.Descriptor{}, errors.Errorf("pulling from host %s failed with unexpected status code %v: %v", host.Host, u, resp.Status) } size := resp.ContentLength contentType := getManifestMediaType(resp) @@ -368,8 +375,8 @@ } // Prevent resolving to excessively large manifests if size > MaxManifestSize { - if lastErr == nil { - lastErr = errors.Wrapf(errdefs.ErrNotFound, "rejecting %d byte manifest for %s", size, ref) + if firstErr == nil { + firstErr = errors.Wrapf(errdefs.ErrNotFound, "rejecting %d byte manifest for %s", size, ref) } continue } @@ -385,11 +392,15 @@ } } - if lastErr == nil { - lastErr = errors.Wrap(errdefs.ErrNotFound, ref) + // If above loop terminates without return, then there was an error. + // "firstErr" contains the first non-404 error. That is, "firstErr == nil" + // means that either no registries were given or each registry returned 404. + + if firstErr == nil { + firstErr = errors.Wrap(errdefs.ErrNotFound, ref) } - return "", ocispec.Descriptor{}, lastErr + return "", ocispec.Descriptor{}, firstErr } func (r *dockerResolver) Fetcher(ctx context.Context, ref string) (remotes.Fetcher, error) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/containerd-1.4.11_5b46e404f6b9/remotes/docker/schema1/converter.go new/containerd-1.4.12_7b11cfaabd73/remotes/docker/schema1/converter.go --- old/containerd-1.4.11_5b46e404f6b9/remotes/docker/schema1/converter.go 2021-10-04 17:24:47.000000000 +0200 +++ new/containerd-1.4.12_7b11cfaabd73/remotes/docker/schema1/converter.go 2021-11-17 20:52:12.000000000 +0100 @@ -256,6 +256,9 @@ if err := json.Unmarshal(b, &m); err != nil { return err } + if len(m.Manifests) != 0 || len(m.Layers) != 0 { + return errors.New("converter: expected schema1 document but found extra keys") + } c.pulledManifest = &m return nil @@ -472,8 +475,10 @@ } type manifest struct { - FSLayers []fsLayer `json:"fsLayers"` - History []history `json:"history"` + FSLayers []fsLayer `json:"fsLayers"` + History []history `json:"history"` + Layers json.RawMessage `json:"layers,omitempty"` // OCI manifest + Manifests json.RawMessage `json:"manifests,omitempty"` // OCI index } type v1History struct { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/containerd-1.4.11_5b46e404f6b9/version/version.go new/containerd-1.4.12_7b11cfaabd73/version/version.go --- old/containerd-1.4.11_5b46e404f6b9/version/version.go 2021-10-04 17:24:47.000000000 +0200 +++ new/containerd-1.4.12_7b11cfaabd73/version/version.go 2021-11-17 20:52:12.000000000 +0100 @@ -23,7 +23,7 @@ Package = "github.com/containerd/containerd" // Version holds the complete version number. Filled in at linking time. - Version = "1.4.11+unknown" + Version = "1.4.12+unknown" // Revision is filled with the VCS (e.g. git) revision being used to build // the program at linking time.