Bump github.com/NVIDIA/nvidia-container-toolkit from 1.16.1 to 1.16.2

[dependabot]

Bumps github.com/NVIDIA/nvidia-container-toolkit from 1.16.1 to 1.16.2.

Release notes

Sourced from github.com/NVIDIA/nvidia-container-toolkit's releases.

v1.16.2

This release provides critical security updates and is recommended for all users.

It includes updates for:

• NVIDIA CVE-2024-0132
• NVIDIA CVE-2024-0133

To view any published security bulletins for NVIDIA products, see the NVIDIA product security page (https://www.nvidia.com/en-us/security/)

For more information regarding NVIDIA's security vulnerability remediation policies, see (https://www.nvidia.com/en-us/security/psirt-policies/)

---

NOTE: This release is a unified release of the NVIDIA Container Toolkit that consists of the following packages:

• libnvidia-container 1.16.2
• nvidia-container-toolkit 1.16.2

The packages for this release are published to the libnvidia-container package repositories.

What's Changed

• Exclude libnvidia-allocator from graphics mounts. This fixes a bug that leaks mounts when a container is started with bi-directional mount propagation.
• Use empty string for default runtime-config-override. This removes a redundant warning for runtimes (e.g. Docker) where this is not applicable.

Changes in the Toolkit Container

• Bump CUDA base image version to 12.6.0

Changes in libnvidia-container

• Add no-gsp-firmware command line option
• Add no-fabricmanager command line option
• Add no-persistenced command line option
• Skip directories and symlinks when mounting libraries

Full Changelog: NVIDIA/nvidia-container-toolkit@v1.16.1...v1.16.2

Changelog

Sourced from github.com/NVIDIA/nvidia-container-toolkit's changelog.

v1.16.2

• Exclude libnvidia-allocator from graphics mounts. This fixes a bug that leaks mounts when a container is started with bi-directional mount propagation.
• Use empty string for default runtime-config-override. This removes a redundant warning for runtimes (e.g. Docker) where this is not applicable.

Changes in the Toolkit Container

• Bump CUDA base image version to 12.6.0

Changes in libnvidia-container

• Add no-gsp-firmware command line option
• Add no-fabricmanager command line option
• Add no-persistenced command line option
• Skip directories and symlinks when mounting libraries.

Commits

• a5a5833 Merge pull request #710 from elezar/update-changelog
• 8e07d90 Update CHANGELOG.md for v1.16.2 release
• 2aadbbf Merge pull request #709 from elezar/bump-version-v1.16.2
• 88f9414 Bump version to v1.16.2
• 53c2dc6 Merge pull request #705 from elezar/remove-libnvidia-contianer-update-check
• 3121663 Merge pull request #708 from elezar/revert-check-symlink-resolution
• 4b6de80 Merge pull request #707 from elezar/revert-no-persistenced-flag-by-default
• dc2ccdd Revert "Merge pull request #696 from elezar/check-link-resolution"
• 5145b0a Revert "Merge pull request #694 from elezar/add-opt-in-to-sockets"
• a819cfd Revert "Merge pull request #703 from elezar/fix-no-persistenced-flag"
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
  You can disable automated security fix PRs for this repo from the Security Alerts page.