chore(deps): bump github.com/docker/docker from 20.10.8+incompatible to 20.10.9+incompatible

[dependabot]

Bumps github.com/docker/docker from 20.10.8+incompatible to 20.10.9+incompatible.

Release notes

Sourced from github.com/docker/docker's releases.

v20.10.9

This release is a security release with security fixes in the CLI, runtime, as well as updated versions of the containerd.io package and the Go runtime.

Client

• CVE-2021-41092 Ensure default auth config has address field set, to prevent credentials being sent to the default registry.

Runtime

• CVE-2021-41089 Create parent directories inside a chroot during docker cp to prevent a specially crafted container from changing permissions of existing files in the host’s filesystem.
• CVE-2021-41091 Lock down file permissions to prevent unprivileged users from discovering and executing programs in /var/lib/docker.

Packaging

• Update Golang runtime to Go 1.16.8, which contains fixes for CVE-2021-36221 and CVE-2021-39293
• Update static binaries and containerd.io rpm and deb packages to containerd v1.4.11 and runc v1.0.2 to address CVE-2021-41103.
• Update the bundled buildx version to v0.6.3 for rpm and deb packages.

Commits

• 79ea9d3 Merge pull request #5 from moby/20.10_bump_go_1.16.8
• fa78afe Update Go to 1.16.8
• bce32e5 Merge pull request #4 from moby/20.10-GHSA-v994-f8vw-g7j4-chroot-mkdir
• f0ab919 Merge pull request #2 from moby/20.10-GHSA-3fwx-pjgw-3558_0701-perms
• 80f1169 chrootarchive: don't create parent dirs outside of chroot
• 93ac040 Lock down docker root dir perms.
• d24c6dc Merge pull request #42721 from thaJeztah/20.10_backport_bump_go_1.16.7
• decb56a Update Go to 1.16.7
• See full diff in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov]

Codecov Report

Merging #364 (9a345e3) into master (a8ca295) will increase coverage by 0.19%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##           master     #364      +/-   ##
==========================================
+ Coverage   61.91%   62.11%   +0.19%     
==========================================
  Files          15       15              
  Lines        1011     1011              
==========================================
+ Hits          626      628       +2     
+ Misses        288      286       -2     
  Partials       97       97              

Impacted Files	Coverage Δ
docker.go	65.13% <0.00%> (+0.41%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update a5a9803...9a345e3. Read the comment docs.