Welcome to the v2.1.1 release of containerd!

The first patch release for containerd 2.1 fixes a critical vulnernability (CVE-2025-47290)
which was first introduced in 2.1.0. See the Github Advisory
for more details. This release also contains a few smaller updates and bux fixes.

Highlights

Image Storage

• Fix erofs media type handling (#11855)

Runtime

• Reduce shim cleanup log level and add more context (#11831)

Deprecations

• Update removal version for deprecated registry config fields (#11835)

Please try out the release binaries and report any issues at
https://github.com/containerd/containerd/issues.

Contributors

• Akihiro Suda
• Samuel Karp
• Derek McGowan
• Gao Xiang
• Akhil Mohan
• Chris Henzie
• Phil Estes
• Sebastiaan van Stijn
• ningmingxiao

Changes

Dependency Changes

• github.com/Microsoft/hcsshim v0.13.0-rc.3 -> v0.13.0

Previous release can be found at v2.1.0

Which file should I download?

• containerd-<VERSION>-<OS>-<ARCH>.tar.gz: ✅Recommended. Dynamically linked with glibc 2.35 (Ubuntu 22.04).
• containerd-static-<VERSION>-<OS>-<ARCH>.tar.gz: Statically linked. Expected to be used on Linux distributions that do not use glibc >= 2.35. Not position-independent.

In addition to containerd, typically you will have to install runc
and CNI plugins from their official sites too.

See also the Getting Started documentation.