[0.10 backport] docker v20.10.3-0.20220831131523-b5a0d7a188ac (22.06-dev) #3172
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com> (cherry picked from commit 60addc4) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
full diff: golang/crypto@5770296...3147a52 This version contains a fix for CVE-2022-27191 (not sure if it affects us). From the golang mailing list: Hello gophers, Version v0.0.0-20220315160706-3147a52a75dd of golang.org/x/crypto/ssh implements client authentication support for signature algorithms based on SHA-2 for use with existing RSA keys. Previously, a client would fail to authenticate with RSA keys to servers that reject signature algorithms based on SHA-1. This includes OpenSSH 8.8 by default and—starting today March 15, 2022 for recently uploaded keys. We are providing this announcement as the error (“ssh: unable to authenticate”) might otherwise be difficult to troubleshoot. Version v0.0.0-20220314234659-1baeb1ce4c0b (included in the version above) also fixes a potential security issue where an attacker could cause a crash in a golang.org/x/crypto/ssh server under these conditions: - The server has been configured by passing a Signer to ServerConfig.AddHostKey. - The Signer passed to AddHostKey does not also implement AlgorithmSigner. - The Signer passed to AddHostKey does return a key of type “ssh-rsa” from its PublicKey method. Servers that only use Signer implementations provided by the ssh package are unaffected. This is CVE-2022-27191. Alla prossima, Filippo for the Go Security team Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit e5d9783) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> (cherry picked from commit 3fa0007) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> (cherry picked from commit 9c9081f) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> (cherry picked from commit ada831d) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
full diff: containerd/containerd@v1.6.3...v1.6.4 Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit b6f21f0) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Sascha Schwarze <schwarzs@de.ibm.com> (cherry picked from commit 09cd371) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
full diff: containerd/containerd@v1.6.4...v1.6.6 Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> (cherry picked from commit 7f56413) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> (cherry picked from commit 54ff58c) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> (cherry picked from commit 7a3f679) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: CrazyMax <crazy-max@users.noreply.github.com> (cherry picked from commit 4acf75d) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Signed-off-by: Kohei Tokunaga <ktokunaga.mail@gmail.com> (cherry picked from commit 170b2b0) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This tag contains some fixes for hostprocess containers, mainly around fixing task stats which regressed from a change in v0.9.3. https://github.com/microsoft/hcsshim/releases/tag/v0.9.4 full diff: microsoft/hcsshim@v0.9.3...v0.9.4 Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit 431c554) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Relevant changes:
- Fix WWW-Authenticate parsing
- fixes "Failed to parse Www-Authenticate if auth-param has empty value"
full diff: containerd/containerd@v1.6.6...v1.6.8
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 47627f9)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
- size_test: add tests for 0.3 + suffix - size_test: add parseSize benchmark - size_test: add t.Helper annotations - size_test: add more tests - size: stop using regexp full diff: docker/go-units@v0.4.0...v0.5.0 Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit bc7383c) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
no changes in vendored code full diff: hashicorp/golang-lru@v0.5.3...v0.5.4 Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit bc838a3) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Add lcow supported signals to windows signal map full diff: moby/sys@signal/v0.6.0...signal/v0.7.0 Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit c90880d) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
…02efb9a75ee1 Define "Data" field on descriptors This should contain an embedded representation of the referenced content, which is useful for avoiding extra hops to access small pieces of content. full diff: opencontainers/image-spec@c5a74bc...02efb9a Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit af731fa) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
full diff: golang/sys@bc2c85a...3c1f352 Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit 8362bfc) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
full diff: moby/moby@61404de...b5a0d7a Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit a0ae3cb) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
backports #3075, and dependency updates from: