Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
10773: chore(deps): bump github.com/moby/moby from 20.10.14+incompatible to 20.10.18+incompatible in /pkg r=AaronFriel a=dependabot[bot] Bumps [github.com/moby/moby](https://github.com/moby/moby) from 20.10.14+incompatible to 20.10.18+incompatible. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/moby/moby/releases">github.com/moby/moby's releases</a>.</em></p> <blockquote> <h2>v20.10.18</h2> <p>This release of Docker Engine comes with a fix for a low-severity security issue, some minor bug fixes, and updated versions of Docker Compose, Docker Buildx, <code>containerd</code>, and <code>runc</code>.</p> <h3>Client</h3> <ul> <li>Add Bash completion for Docker Compose <a href="https://github-redirect.dependabot.com/docker/cli/pull/3752">docker/cli#3752</a>.</li> </ul> <h3>Builder</h3> <ul> <li>Fix an issue where file-capabilities were not preserved during build <a href="https://github-redirect.dependabot.com/moby/moby/pull/43876">moby/moby#43876</a>.</li> <li>Fix an issue that could result in a panic caused by a concurrent map read and map write <a href="https://github-redirect.dependabot.com/moby/moby/pull/44067">moby/moby#44067</a></li> </ul> <h3>Daemon</h3> <ul> <li>Fix a security vulnerability relating to supplementary group permissions, which could allow a container process to bypass primary group restrictions within the container <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36109">CVE-2022-36109</a>, <a href="https://github.com/moby/moby/security/advisories/GHSA-rc4r-wh2q-q6c4">GHSA-rc4r-wh2q-q6c4</a>.</li> <li>seccomp: add support for Landlock syscalls in default policy <a href="https://github-redirect.dependabot.com/moby/moby/pull/43991">moby/moby#43991</a>.</li> <li>seccomp: update default policy to support new syscalls introduced in kernel 5.12 - 5.16 <a href="https://github-redirect.dependabot.com/moby/moby/pull/43991">moby/moby#43991</a>.</li> <li>Fix an issue where cache lookup for image manifests would fail, resulting in a redundant round-trip to the image registry <a href="https://github-redirect.dependabot.com/moby/moby/pull/44109">moby/moby#44109</a>.</li> <li>Fix an issue where <code>exec</code> processes and healthchecks were not terminated when they timed out <a href="https://github-redirect.dependabot.com/moby/moby/pull/44018">moby/moby#44018</a>.</li> </ul> <h3>Packaging</h3> <ul> <li>Update Docker Buildx to <a href="https://github.com/docker/buildx/releases/tag/v0.9.1">v0.9.1</a>.</li> <li>Update Docker Compose to <a href="https://github.com/docker/compose/releases/tag/v2.10.2">v2.10.2</a>.</li> <li>Update containerd (<code>containerd.io</code> package) to <a href="https://github.com/containerd/containerd/releases/tag/v1.6.8">v1.6.8</a>.</li> <li>Update runc to <a href="https://github.com/opencontainers/runc/releases/tag/v1.1.4">v1.1.4</a>.</li> <li>Update Go runtime to <a href="https://go.dev/doc/devel/release#go1.18.minor">1.18.6</a>, which contains fixes for <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664">CVE-2022-27664</a> and <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32190">CVE-2022-32190</a>.</li> </ul> <h2>v20.10.17</h2> <p>This release of Docker Engine comes with updated versions of the <code>compose</code>, <code>containerd</code>, and <code>runc</code> components, as well as some minor bug fixes.</p> <h3>Client</h3> <ul> <li>Remove asterisk from docker commands in zsh completion script <a href="https://github-redirect.dependabot.com/docker/cli/pull/3648">docker/cli#3648</a>.</li> </ul> <h3>Networking</h3> <ul> <li>Fix Windows port conflict with published ports in host mode for overlay <a href="https://github-redirect.dependabot.com/moby/moby/pull/43644">moby/moby#43644</a>.</li> <li>Ensure performance tuning is always applied to libnetwork sandboxes <a href="https://github-redirect.dependabot.com/moby/moby/pull/43683">moby/moby#43683</a>.</li> </ul> <h3>Packaging</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/moby/moby/commit/e42327a6d3c55ceda3bd5475be7aae6036d02db3"><code>e42327a</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/moby/moby/issues/44120">#44120</a> from thaJeztah/20.10_backport_update_tests</li> <li><a href="https://github.com/moby/moby/commit/fcd4df906bb1002e9cdeaff8b727c09400e75747"><code>fcd4df9</code></a> Update some tests for supplementary group permissions</li> <li><a href="https://github.com/moby/moby/commit/bb0197c829c58929d79f3a9b67f2c111bb751455"><code>bb0197c</code></a> Merge pull request from GHSA-rc4r-wh2q-q6c4</li> <li><a href="https://github.com/moby/moby/commit/d348775bd5bbfa1d9daf8a12b0314eb68c933446"><code>d348775</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/moby/moby/issues/44109">#44109</a> from rumpl/20.10-fix-local-context</li> <li><a href="https://github.com/moby/moby/commit/6a0186b3576c2b40ad7111bb883db6e60aaf9e80"><code>6a0186b</code></a> Wrap local calls to the content and lease service</li> <li><a href="https://github.com/moby/moby/commit/b73e9c2c8ace71a33575e9a5d6f3eb34389465e6"><code>b73e9c2</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/moby/moby/issues/44098">#44098</a> from thaJeztah/20.10_backport_swagger_updates</li> <li><a href="https://github.com/moby/moby/commit/4855c28780fc930bd405f5e40a5357d7594c1803"><code>4855c28</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/moby/moby/issues/44101">#44101</a> from thaJeztah/20.10_backport_bump_golang_1.18.6</li> <li><a href="https://github.com/moby/moby/commit/3d4616f943b38d6b19300a9b151f735b4ad2c32f"><code>3d4616f</code></a> Update to go 1.18.6 to address CVE-2022-27664, CVE-2022-32190</li> <li><a href="https://github.com/moby/moby/commit/d56101e0d20a3e4a3fe608933c86baa3fa4b8e08"><code>d56101e</code></a> Merge pull request <a href="https://github-redirect.dependabot.com/moby/moby/issues/44093">#44093</a> from thaJeztah/20.10_backport_remove_tereshkova</li> <li><a href="https://github.com/moby/moby/commit/23c7d84b8444ce5adafd128e93ab220db726fc6c"><code>23c7d84</code></a> docs: api: adjust ContainerWaitResponse error as optional</li> <li>Additional commits viewable in <a href="https://github.com/moby/moby/compare/v20.10.14...v20.10.18">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/moby/moby&package-manager=go_modules&previous-version=20.10.14+incompatible&new-version=20.10.18+incompatible)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting ``@dependabot` rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - ``@dependabot` rebase` will rebase this PR - ``@dependabot` recreate` will recreate this PR, overwriting any edits that have been made to it - ``@dependabot` merge` will merge this PR after your CI passes on it - ``@dependabot` squash and merge` will squash and merge this PR after your CI passes on it - ``@dependabot` cancel merge` will cancel a previously requested merge and block automerging - ``@dependabot` reopen` will reopen this PR if it is closed - ``@dependabot` close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - ``@dependabot` ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - ``@dependabot` use these labels` will set the current labels as the default for future PRs for this repo and language - ``@dependabot` use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - ``@dependabot` use these assignees` will set the current assignees as the default for future PRs for this repo and language - ``@dependabot` use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/pulumi/pulumi/network/alerts). </details> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
- Loading branch information