deps: bump github.com/docker/docker from 26.0.0+incompatible to 26.0.2+incompatible in the go_modules group #306

dependabot · 2024-04-24T04:13:46Z

Bumps the go_modules group with 1 update: github.com/docker/docker.

Updates github.com/docker/docker from 26.0.0+incompatible to 26.0.2+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v26.0.2

26.0.2

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

docker/cli, 26.0.2 milestone

moby/moby, 26.0.2 milestone

Deprecated and removed features, see Deprecated Features.

Changes to the Engine API, see API version history.

Security

This release contains a security fix for CVE-2024-32473, an unexpected configuration of IPv6 on IPv4-only interfaces.

Bug fixes and enhancements

CVE-2024-32473: Ensure IPv6 is disabled on interfaces only allocated an IPv4 address by the engine. moby#GHSA-x84c-p2g9-rqv9

v26.0.1

26.0.1

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

docker/cli, 26.0.1 milestone

moby/moby, 26.0.1 milestone

Deprecated and removed features, see Deprecated Features.

Changes to the Engine API, see API version history.

Bug fixes and enhancements

Fix a regression that meant network interface specific --sysctl options prevented container startup. moby/moby#47646

Remove erroneous platform from image config OCI descriptor in docker save output. moby/moby#47694

containerd image store: OCI archives produced by docker save will now have a non-empty mediaType field in index.json moby/moby#47701

Fix a regression that prevented the internal resolver from forwarding requests from IPvlan L3 networks to external resolvers. moby/moby#47705

Prevent the use of external resolvers in IPvlan and Macvlan networks created with no parent interface specified. moby/moby#47705

Packaging updates

Update Go runtime to 1.21.9 moby/moby#47671, docker/cli#4987

Update Compose to v1.26.1 , docker/docker-ce-packaging#1009

Update containerd to v1.7.15 (static binaries only) moby/moby#47692

Commits

7cef0d9 Merge pull request from GHSA-x84c-p2g9-rqv9
841c4c8 Disable IPv6 for endpoints in '--ipv6=false' networks.
60b9add Merge pull request #47705 from robmry/backport-26.0/47662_ipvlan_l3_dns
8ad7f86 Run ipvlan tests even if 'modprobe ipvlan' fails
dc27552 Stop macvlan with no parent from using ext-dns
7b570f0 Enable DNS proxying for ipvlan-l3
8cdcc4f Move dummy DNS server to integration/internal/network
ed752f6 Merge pull request #47701 from vvoland/v26.0-47691
9db1b6f Merge pull request #47702 from vvoland/v26.0-47647
6261281 Merge pull request #47700 from vvoland/v26.0-47673
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions
You can disable automated security fix PRs for this repo from the Security Alerts page.

Bumps the go_modules group with 1 update: [github.com/docker/docker](https://github.com/docker/docker). Updates `github.com/docker/docker` from 26.0.0+incompatible to 26.0.2+incompatible - [Release notes](https://github.com/docker/docker/releases) - [Commits](moby/moby@v26.0.0...v26.0.2) --- updated-dependencies: - dependency-name: github.com/docker/docker dependency-type: indirect dependency-group: go_modules ... Signed-off-by: dependabot[bot] <[email protected]>

…2+incompatible in the go_modules group (#306) Bumps the go_modules group with 1 update: [github.com/docker/docker](https://github.com/docker/docker). Updates `github.com/docker/docker` from 26.0.0+incompatible to 26.0.2+incompatible <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/docker/releases">github.com/docker/docker's releases</a>.</em></p> <blockquote> <h2>v26.0.2</h2> <h2>26.0.2</h2> <p>For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:</p> <ul> <li><a href="https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A26.0.2">docker/cli, 26.0.2 milestone</a></li> <li><a href="https://github.com/moby/moby/issues?q=is%3Aclosed+milestone%3A26.0.2">moby/moby, 26.0.2 milestone</a></li> <li>Deprecated and removed features, see <a href="https://github.com/docker/cli/blob/v26.0.2/docs/deprecated.md">Deprecated Features</a>.</li> <li>Changes to the Engine API, see <a href="https://github.com/moby/moby/blob/v26.0.2/docs/api/version-history.md">API version history</a>.</li> </ul> <h3>Security</h3> <p>This release contains a security fix for <a href="https://github.com/moby/moby/security/advisories/GHSA-x84c-p2g9-rqv9">CVE-2024-32473</a>, an unexpected configuration of IPv6 on IPv4-only interfaces.</p> <h3>Bug fixes and enhancements</h3> <ul> <li><a href="https://github.com/moby/moby/security/advisories/GHSA-x84c-p2g9-rqv9">CVE-2024-32473</a>: Ensure IPv6 is disabled on interfaces only allocated an IPv4 address by the engine. <a href="https://github.com/moby/moby/security/advisories/GHSA-x84c-p2g9-rqv9">moby#GHSA-x84c-p2g9-rqv9</a></li> </ul> <h2>v26.0.1</h2> <h2>26.0.1</h2> <p>For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:</p> <ul> <li><a href="https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A26.0.1">docker/cli, 26.0.1 milestone</a></li> <li><a href="https://github.com/moby/moby/issues?q=is%3Aclosed+milestone%3A26.0.1">moby/moby, 26.0.1 milestone</a></li> <li>Deprecated and removed features, see <a href="https://github.com/docker/cli/blob/v26.0.1/docs/deprecated.md">Deprecated Features</a>.</li> <li>Changes to the Engine API, see <a href="https://github.com/moby/moby/blob/v26.0.1/docs/api/version-history.md">API version history</a>.</li> </ul> <h3>Bug fixes and enhancements</h3> <ul> <li>Fix a regression that meant network interface specific <code>--sysctl</code> options prevented container startup. <a href="https://redirect.github.com/moby/moby/pull/47646">moby/moby#47646</a></li> <li>Remove erroneous <code>platform</code> from image <code>config</code> OCI descriptor in <code>docker save</code> output. <a href="https://redirect.github.com/moby/moby/pull/47694">moby/moby#47694</a></li> <li>containerd image store: OCI archives produced by <code>docker save</code> will now have a non-empty <code>mediaType</code> field in <code>index.json</code> <a href="https://redirect.github.com/moby/moby/pull/47701">moby/moby#47701</a></li> <li>Fix a regression that prevented the internal resolver from forwarding requests from IPvlan L3 networks to external resolvers. <a href="https://redirect.github.com/moby/moby/pull/47705">moby/moby#47705</a></li> <li>Prevent the use of external resolvers in IPvlan and Macvlan networks created with no parent interface specified. <a href="https://redirect.github.com/moby/moby/pull/47705">moby/moby#47705</a></li> </ul> <h3>Packaging updates</h3> <ul> <li>Update Go runtime to 1.21.9 <a href="https://redirect.github.com/moby/moby/pull/47671">moby/moby#47671</a>, <a href="https://redirect.github.com/docker/cli/pull/4987">docker/cli#4987</a></li> <li>Update Compose to <a href="https://github.com/docker/compose/releases/tag/v2.26.1">v1.26.1 </a>, <a href="https://redirect.github.com/docker/docker-ce-packaging/pull/1009">docker/docker-ce-packaging#1009</a></li> <li>Update containerd to <a href="https://github.com/containerd/containerd/releases/tag/v1.7.15">v1.7.15</a> (static binaries only) <a href="https://redirect.github.com/moby/moby/pull/47692">moby/moby#47692</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/moby/moby/commit/7cef0d9cd1cf221d8c0b7b7aeda69552649e0642"><code>7cef0d9</code></a> Merge pull request from GHSA-x84c-p2g9-rqv9</li> <li><a href="https://github.com/moby/moby/commit/841c4c8057bcf5317d6565875595a3f0c046e3fa"><code>841c4c8</code></a> Disable IPv6 for endpoints in '--ipv6=false' networks.</li> <li><a href="https://github.com/moby/moby/commit/60b9add796ae6bcd25accbb36dc1394eac973ec9"><code>60b9add</code></a> Merge pull request <a href="https://redirect.github.com/docker/docker/issues/47705">#47705</a> from robmry/backport-26.0/47662_ipvlan_l3_dns</li> <li><a href="https://github.com/moby/moby/commit/8ad7f863b3baf05f05a123a140b50415c6496fa9"><code>8ad7f86</code></a> Run ipvlan tests even if 'modprobe ipvlan' fails</li> <li><a href="https://github.com/moby/moby/commit/dc2755273e748e0330527fb560530af456424da5"><code>dc27552</code></a> Stop macvlan with no parent from using ext-dns</li> <li><a href="https://github.com/moby/moby/commit/7b570f00bad249de01eea626bebe3b01012fa79e"><code>7b570f0</code></a> Enable DNS proxying for ipvlan-l3</li> <li><a href="https://github.com/moby/moby/commit/8cdcc4f3c7bfd31c3c4664787c5794e34aa75546"><code>8cdcc4f</code></a> Move dummy DNS server to integration/internal/network</li> <li><a href="https://github.com/moby/moby/commit/ed752f6544fc9892a4b08fec424548e972ab80b3"><code>ed752f6</code></a> Merge pull request <a href="https://redirect.github.com/docker/docker/issues/47701">#47701</a> from vvoland/v26.0-47691</li> <li><a href="https://github.com/moby/moby/commit/9db1b6f28ca58f5b901e3e150400ddaea93ac9ae"><code>9db1b6f</code></a> Merge pull request <a href="https://redirect.github.com/docker/docker/issues/47702">#47702</a> from vvoland/v26.0-47647</li> <li><a href="https://github.com/moby/moby/commit/62612812474f5a4cc5c67f94b2099e73df9fae64"><code>6261281</code></a> Merge pull request <a href="https://redirect.github.com/docker/docker/issues/47700">#47700</a> from vvoland/v26.0-47673</li> <li>Additional commits viewable in <a href="https://github.com/docker/docker/compare/v26.0.0...v26.0.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/docker/docker&package-manager=go_modules&previous-version=26.0.0+incompatible&new-version=26.0.2+incompatible)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/microsoft/retina/network/alerts). </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

dependabot bot requested a review from a team as a code owner April 24, 2024 04:13

dependabot bot added area/dependencies Pull requests that update a dependency file lang/go The Go Programming Language labels Apr 24, 2024

dependabot bot requested review from jimassa and spencermckee April 24, 2024 04:13

rbtr enabled auto-merge April 24, 2024 16:37

rbtr approved these changes Apr 24, 2024

View reviewed changes

rbtr added this pull request to the merge queue Apr 24, 2024

Merged via the queue into main with commit 1492419 Apr 24, 2024
21 checks passed

rbtr deleted the dependabot/go_modules/go_modules-f84a496521 branch April 24, 2024 17:19

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

deps: bump github.com/docker/docker from 26.0.0+incompatible to 26.0.2+incompatible in the go_modules group #306

deps: bump github.com/docker/docker from 26.0.0+incompatible to 26.0.2+incompatible in the go_modules group #306

dependabot bot commented on behalf of github Apr 24, 2024

deps: bump github.com/docker/docker from 26.0.0+incompatible to 26.0.2+incompatible in the go_modules group #306

deps: bump github.com/docker/docker from 26.0.0+incompatible to 26.0.2+incompatible in the go_modules group #306

Conversation

dependabot bot commented on behalf of github Apr 24, 2024

v26.0.2

26.0.2

Security

Bug fixes and enhancements

v26.0.1

26.0.1

Bug fixes and enhancements

Packaging updates