** Description changed: [Impact] In order to follow our policy [1] on keeping the container stack (docker.io-app, containerd-app, runc, runc-app, docker-buildx, and docker-compose-v2) up-to-date in our supported releases, we will backport docker.io-app, docker-buildx, and docker-compose-v2 from questing to plucky, noble, and jammy. We will also update containerd-app to the newest version of the 1.7.x series to to avoid major disruptions as covered by the process described in [1]. Finally, for runc-app we considered following the same conservative approach as the one for containerd-app, however, as described in the 1.3.0 release notes [2], there are no breaking changes other than an improvement on the mount-related error output. Therefore, we will also backport 1.3.0 in questing to all supported Ubuntu series. + + CVEs: + + - docker-buildx is fixing CVE-2025-0495 and therefore it should be + pushed through the security pocket. [Test Plan] As described in [1], our test case is the autopkgtests. All packages were built in https://launchpad.net/~athos- ribeiro/+archive/ubuntu/container-stack-qq/+packages. containerd-app, runc-app, and docker.io-app autopkgtests ran successfully for all supported architectures (but riscv64) in the PPA linked above. docker-buildx and docker-compose-v2 are failing their autopkgtest runs in our infrastructure due to the dockerhub pull rate limits. For those, we ran the autopkgtest suite locally. All tests are passing. [Where problems could occur] As usual, we deliver most benefit to our users by delivering an upstream experience. A risk of regressions is part of that. [Past MREs] - https://bugs.launchpad.net/ubuntu/+source/docker.io-app/+bug/2040461 - https://bugs.launchpad.net/ubuntu/+source/docker.io-app/+bug/2040460 - https://bugs.launchpad.net/ubuntu/+source/docker.io-app/+bug/2085187 [ References ] [1] https://documentation.ubuntu.com/sru/en/latest/reference/exception-Docker-Updates/ [2] https://github.com/opencontainers/runc/releases/tag/v1.3.0
-- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2112523 Title: Backport of container-stack from questing To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/containerd-app/+bug/2112523/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
