fleet/test
dependabot[bot] 23a2964eef
Bump github.com/docker/docker from 20.10.23+incompatible to 23.0.4+incompatible (#11259)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from
20.10.23+incompatible to 23.0.4+incompatible.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/docker/releases">github.com/docker/docker's
releases</a>.</em></p>
<blockquote>
<h2>v23.0.4</h2>
<h2>23.0.4</h2>
<p>For a full list of pull requests and changes in this release, refer
to the relevant GitHub milestones:</p>
<ul>
<li><a
href="https://github.com/docker/cli/milestone/77?closed=1">docker/cli,
23.0.4 milestone</a></li>
<li><a
href="https://github.com/moby/moby/milestone/117?closed=1">moby/moby,
23.0.4 milestone</a></li>
</ul>
<h3>Bug fixes and enhancements</h3>
<ul>
<li>Fix a performance regression in Docker CLI 23.0.0 <a
href="https://redirect.github.com/docker/cli/pull/4141">docker/cli#4141</a>.</li>
<li>Fix progress indicator on <code>docker cp</code> not functioning as
intended <a
href="https://redirect.github.com/docker/cli/pull/4157">docker/cli#4157</a>.</li>
<li>Fix shell completion for <code>docker compose --file</code> <a
href="https://redirect.github.com/docker/cli/pull/4177">docker/cli#4177</a>.</li>
<li>Fix an error caused by incorrect handling of
&quot;default-address-pools&quot; in <code>daemon.json</code> <a
href="https://redirect.github.com/moby/moby/pull/45246">moby/moby#45246</a>.</li>
</ul>
<h3>Packaging Updates</h3>
<ul>
<li>Fix missing packages for CentOS 9 Stream.</li>
<li>Upgrade Go to <code>1.19.8</code>. <a
href="https://redirect.github.com/docker/docker-ce-packaging/pull/878">docker/docker-ce-packaging#878</a>,
<a
href="https://redirect.github.com/docker/cli/pull/4164">docker/cli#4164</a>,
<a
href="https://redirect.github.com/moby/moby/pull/45277">moby/moby#45277</a>,
which contains fixes for <a
href="https://github.com/advisories/GHSA-fp86-2355-v99r">CVE-2023-24537</a>,
<a
href="https://github.com/advisories/GHSA-v4m2-x4rp-hv22">CVE-2023-24538</a>,
<a
href="https://github.com/advisories/GHSA-8v5j-pwr7-w5f8">CVE-2023-24534</a>,
and <a
href="https://github.com/advisories/GHSA-9f7g-gqwh-jpf5">CVE-2023-24536</a></li>
</ul>
<h2>v23.0.3</h2>
<h2>23.0.3</h2>
<blockquote>
<p><strong>Note</strong></p>
<p>Due to an issue with CentOS 9 Stream's package repositories, packages
for
CentOS 9 are currently unavailable. Packages for CentOS 9 may be added
later,
or as part of the next (23.0.4) patch release.</p>
</blockquote>
<h3>Bug fixes and enhancements</h3>
<ul>
<li>Fixed a number of issues that can cause Swarm encrypted overlay
networks
to fail to uphold their guarantees, addressing <a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28841">CVE-2023-28841</a>,
<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28840">CVE-2023-28840</a>,
and
<a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28842">CVE-2023-28842</a>.
<ul>
<li>A lack of kernel support for encrypted overlay networks now reports
as an error.</li>
<li>Encrypted overlay networks are eagerly set up, rather than waiting
for
multiple nodes to attach.</li>
<li>Encrypted overlay networks are now usable on Red Hat Enterprise
Linux 9
through the use of the <code>xt_bpf</code> kernel module.</li>
<li>Users of Swarm overlay networks should review <a
href="https://github.com/moby/moby/security/advisories/GHSA-vwm3-crmr-xfxw">GHSA-vwm3-crmr-xfxw</a>
to ensure that unintentional exposure has not occurred.</li>
</ul>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="cbce331930"><code>cbce331</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/45330">#45330</a>
from kevingentile/buildkit-3770</li>
<li><a
href="5f684cb072"><code>5f684cb</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/45331">#45331</a>
from thaJeztah/23.0_backport_rootless_script_bugs</li>
<li><a
href="3731ce10d4"><code>3731ce1</code></a>
Fix argument quoting bugs in dockerd-rootless.sh</li>
<li><a
href="23774ada04"><code>23774ad</code></a>
vendor: github.com/moby/buildkit
v0.10.7-0.20230412161310-d52b2d584242</li>
<li><a
href="90e8a0bbf5"><code>90e8a0b</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/45323">#45323</a>
from thaJeztah/23.0_backport_vendor_sctp</li>
<li><a
href="9277e64444"><code>9277e64</code></a>
vendor: github.com/ishidawataru/sctp
v0.0.0-20230406120618-7ff4192f6ff2</li>
<li><a
href="cdb6200887"><code>cdb6200</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/45293">#45293</a>
from AkihiroSuda/backport-45283-23</li>
<li><a
href="09fbbd5677"><code>09fbbd5</code></a>
docker-rootless-setuptools.sh: improve readability of messages</li>
<li><a
href="4ca4705bf7"><code>4ca4705</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/45277">#45277</a>
from thaJeztah/23.0_bump_go1.19.8</li>
<li><a
href="d3e52936c3"><code>d3e5293</code></a>
[23.0] update go to go1.19.8</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/docker/compare/v20.10.23...v23.0.4">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/docker/docker&package-manager=go_modules&previous-version=20.10.23+incompatible&new-version=23.0.4+incompatible)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

</details>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Zach Wasserman <zach@fleetdm.com>
2023-04-21 14:53:55 -07:00
..
upgrade Bump github.com/docker/docker from 20.10.23+incompatible to 23.0.4+incompatible (#11259) 2023-04-21 14:53:55 -07:00