Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[release/2.8 backport] Dockerfile: update xx to v1.2.1 #3907

Merged
merged 1 commit into from
May 9, 2023
Merged

[release/2.8 backport] Dockerfile: update xx to v1.2.1 #3907

merged 1 commit into from
May 9, 2023

Conversation

thaJeztah
Copy link
Member

full diff: tonistiigi/xx@v1.1.1...v1.2.1

(cherry picked from commit 8c4d2b9)

@thaJeztah
Dockerfile: update xx to v1.2.1
3d8f3cc 
full diff: tonistiigi/xx@v1.1.1...v1.2.1

Signed-off-by: Sebastiaan van Stijn <[email protected]>
(cherry picked from commit 8c4d2b9)
Signed-off-by: Sebastiaan van Stijn <[email protected]>
@thaJeztah
Copy link
Member Author

@milosgajdos @crazy-max @justincormack ptal

@milosgajdos milosgajdos merged commit b791fdc into distribution:release/2.8 May 9, 2023
@thaJeztah thaJeztah deleted the 2.8_backport_update_xx branch May 9, 2023 15:01
thaJeztah added a commit to thaJeztah/docker that referenced this pull request May 11, 2023
@thaJeztah
vendor: github.com/docker/distribution v2.8.2
7821d2d 
CI

- Dockerfile: fix filenames of artifacts

Bugfixes

-  Fix panic in inmemory driver
-  Add code to handle pagination of parts. Fixes max layer size of 10GB bug
-  Parse http forbidden as denied
-  Revert "registry/client: set Accept: identity header when getting layers

Runtime

- Update to go1.19.9
- Dockerfile: update xx to v1.2.1 ([moby#3907](distribution/distribution#3907))

Security

- Fix [CVE-2022-28391](https://www.cve.org/CVERecord?id=CVE-2022-28391) by bumping alpine from 3.14 to 3.16
- Fix [CVE-2023-2253](https://www.cve.org/CVERecord?id=CVE-2023-2253) runaway allocation on /v2/_catalog [`521ea3d9`](distribution/distribution@521ea3d)

full diff: distribution/distribution@v2.8.1...v2.8.2

Signed-off-by: Sebastiaan van Stijn <[email protected]>

bump to release/2.8

Signed-off-by: Sebastiaan van Stijn <[email protected]>
@thaJeztah thaJeztah mentioned this pull request May 11, 2023
Merged
thaJeztah added a commit to thaJeztah/docker that referenced this pull request May 11, 2023
@thaJeztah
vendor: github.com/docker/distribution v2.8.2
e94c22c 
CI

- Dockerfile: fix filenames of artifacts

Bugfixes

-  Fix panic in inmemory driver
-  Add code to handle pagination of parts. Fixes max layer size of 10GB bug
-  Parse http forbidden as denied
-  Revert "registry/client: set Accept: identity header when getting layers

Runtime

- Update to go1.19.9
- Dockerfile: update xx to v1.2.1 ([moby#3907](distribution/distribution#3907))

Security

- Fix [CVE-2022-28391](https://www.cve.org/CVERecord?id=CVE-2022-28391) by bumping alpine from 3.14 to 3.16
- Fix [CVE-2023-2253](https://www.cve.org/CVERecord?id=CVE-2023-2253) runaway allocation on /v2/_catalog [`521ea3d9`](distribution/distribution@521ea3d)

full diff: distribution/distribution@v2.8.1...v2.8.2

Signed-off-by: Sebastiaan van Stijn <[email protected]>

bump to release/2.8

Signed-off-by: Sebastiaan van Stijn <[email protected]>
(cherry picked from commit 7821d2d)
Signed-off-by: Sebastiaan van Stijn <[email protected]>
thaJeztah added a commit to thaJeztah/docker that referenced this pull request May 11, 2023
@thaJeztah
vendor: github.com/docker/distribution v2.8.2
ecbc27a 
CI

- Dockerfile: fix filenames of artifacts

Bugfixes

-  Fix panic in inmemory driver
-  Add code to handle pagination of parts. Fixes max layer size of 10GB bug
-  Parse http forbidden as denied
-  Revert "registry/client: set Accept: identity header when getting layers

Runtime

- Update to go1.19.9
- Dockerfile: update xx to v1.2.1 ([moby#3907](distribution/distribution#3907))

Security

- Fix [CVE-2022-28391](https://www.cve.org/CVERecord?id=CVE-2022-28391) by bumping alpine from 3.14 to 3.16
- Fix [CVE-2023-2253](https://www.cve.org/CVERecord?id=CVE-2023-2253) runaway allocation on /v2/_catalog [`521ea3d9`](distribution/distribution@521ea3d)

full diff: distribution/distribution@v2.8.1...v2.8.2

Signed-off-by: Sebastiaan van Stijn <[email protected]>

bump to release/2.8

Signed-off-by: Sebastiaan van Stijn <[email protected]>
(cherry picked from commit 7821d2d)
Signed-off-by: Sebastiaan van Stijn <[email protected]>
This was referenced May 11, 2023
Merged
Merged
thaJeztah added a commit to thaJeztah/buildx that referenced this pull request May 11, 2023
@thaJeztah
vendor: github.com/docker/distribution v2.8.2
1cd4b54 
CI

- Dockerfile: fix filenames of artifacts

Bugfixes

-  Fix panic in inmemory driver
-  Add code to handle pagination of parts. Fixes max layer size of 10GB bug
-  Parse http forbidden as denied
-  Revert "registry/client: set Accept: identity header when getting layers

Runtime

- Update to go1.19.9
- Dockerfile: update xx to v1.2.1 ([#3907](distribution/distribution#3907))

Security

- Fix [CVE-2022-28391](https://www.cve.org/CVERecord?id=CVE-2022-28391) by bumping alpine from 3.14 to 3.16
- Fix [CVE-2023-2253](https://www.cve.org/CVERecord?id=CVE-2023-2253) runaway allocation on /v2/_catalog [`521ea3d9`](distribution/distribution@521ea3d)

full diff: distribution/distribution@v2.8.1...v2.8.2-beta.2

Signed-off-by: Sebastiaan van Stijn <[email protected]>
@thaJeztah thaJeztah mentioned this pull request May 11, 2023
Merged
thaJeztah added a commit to thaJeztah/cli that referenced this pull request May 11, 2023
@thaJeztah
vendor: github.com/docker/distribution v2.8.2
353e0a9 
CI

- Dockerfile: fix filenames of artifacts

Bugfixes

-  Fix panic in inmemory driver
-  Add code to handle pagination of parts. Fixes max layer size of 10GB bug
-  Parse http forbidden as denied
-  Revert "registry/client: set Accept: identity header when getting layers

Runtime

- Update to go1.19.9
- Dockerfile: update xx to v1.2.1 ([docker#3907](distribution/distribution#3907))

Security

- Fix [CVE-2022-28391](https://www.cve.org/CVERecord?id=CVE-2022-28391) by bumping alpine from 3.14 to 3.16
- Fix [CVE-2023-2253](https://www.cve.org/CVERecord?id=CVE-2023-2253) runaway allocation on /v2/_catalog [`521ea3d9`](distribution/distribution@521ea3d)

full diff: distribution/distribution@v2.8.1...v2.8.2-beta.2

Signed-off-by: Sebastiaan van Stijn <[email protected]>
thaJeztah added a commit to thaJeztah/cli that referenced this pull request May 11, 2023
@thaJeztah
vendor: github.com/docker/distribution v2.8.2
de93c9b 
CI

- Dockerfile: fix filenames of artifacts

Bugfixes

-  Fix panic in inmemory driver
-  Add code to handle pagination of parts. Fixes max layer size of 10GB bug
-  Parse http forbidden as denied
-  Revert "registry/client: set Accept: identity header when getting layers

Runtime

- Update to go1.19.9
- Dockerfile: update xx to v1.2.1 ([docker#3907](distribution/distribution#3907))

Security

- Fix [CVE-2022-28391](https://www.cve.org/CVERecord?id=CVE-2022-28391) by bumping alpine from 3.14 to 3.16
- Fix [CVE-2023-2253](https://www.cve.org/CVERecord?id=CVE-2023-2253) runaway allocation on /v2/_catalog [`521ea3d9`](distribution/distribution@521ea3d)

full diff: distribution/distribution@v2.8.1...v2.8.2-beta.2

Signed-off-by: Sebastiaan van Stijn <[email protected]>
(cherry picked from commit 353e0a9)
Signed-off-by: Sebastiaan van Stijn <[email protected]>
thaJeztah added a commit to thaJeztah/cli that referenced this pull request May 11, 2023
@thaJeztah
vendor: github.com/docker/distribution v2.8.2
a98af2b 
CI

- Dockerfile: fix filenames of artifacts

Bugfixes

-  Fix panic in inmemory driver
-  Add code to handle pagination of parts. Fixes max layer size of 10GB bug
-  Parse http forbidden as denied
-  Revert "registry/client: set Accept: identity header when getting layers

Runtime

- Update to go1.19.9
- Dockerfile: update xx to v1.2.1 ([docker#3907](distribution/distribution#3907))

Security

- Fix [CVE-2022-28391](https://www.cve.org/CVERecord?id=CVE-2022-28391) by bumping alpine from 3.14 to 3.16
- Fix [CVE-2023-2253](https://www.cve.org/CVERecord?id=CVE-2023-2253) runaway allocation on /v2/_catalog [`521ea3d9`](distribution/distribution@521ea3d)

full diff: distribution/distribution@v2.8.1...v2.8.2-beta.2

Signed-off-by: Sebastiaan van Stijn <[email protected]>
(cherry picked from commit 353e0a9)
Signed-off-by: Sebastiaan van Stijn <[email protected]>
This was referenced May 11, 2023
Merged
Merged
Merged
thaJeztah added a commit to thaJeztah/buildkit that referenced this pull request May 12, 2023
@thaJeztah
vendor: github.com/docker/distribution v2.8.2
6ae9665 
CI

- Dockerfile: fix filenames of artifacts

Bugfixes

-  Fix panic in inmemory driver
-  Add code to handle pagination of parts. Fixes max layer size of 10GB bug
-  Parse http forbidden as denied
-  Revert "registry/client: set Accept: identity header when getting layers

Runtime

- Update to go1.19.9
- Dockerfile: update xx to v1.2.1 ([moby#3907](distribution/distribution#3907))

Security

- Fix [CVE-2022-28391](https://www.cve.org/CVERecord?id=CVE-2022-28391) by bumping alpine from 3.14 to 3.16
- Fix [CVE-2023-2253](https://www.cve.org/CVERecord?id=CVE-2023-2253) runaway allocation on /v2/_catalog [`521ea3d9`](distribution/distribution@521ea3d)

full diff: distribution/distribution@v2.8.1...v2.8.2-beta.2

Signed-off-by: Sebastiaan van Stijn <[email protected]>
@renovate renovate bot mentioned this pull request May 22, 2023
Merged
1 task
frikke pushed a commit to frikke/cli-2 that referenced this pull request Jun 15, 2023
@thaJeztah @frikke
vendor: github.com/docker/distribution v2.8.2
9a164ba 
CI

- Dockerfile: fix filenames of artifacts

Bugfixes

-  Fix panic in inmemory driver
-  Add code to handle pagination of parts. Fixes max layer size of 10GB bug
-  Parse http forbidden as denied
-  Revert "registry/client: set Accept: identity header when getting layers

Runtime

- Update to go1.19.9
- Dockerfile: update xx to v1.2.1 ([docker#3907](distribution/distribution#3907))

Security

- Fix [CVE-2022-28391](https://www.cve.org/CVERecord?id=CVE-2022-28391) by bumping alpine from 3.14 to 3.16
- Fix [CVE-2023-2253](https://www.cve.org/CVERecord?id=CVE-2023-2253) runaway allocation on /v2/_catalog [`521ea3d9`](distribution/distribution@521ea3d)

full diff: distribution/distribution@v2.8.1...v2.8.2-beta.2

Signed-off-by: Sebastiaan van Stijn <[email protected]>
thaJeztah added a commit to thaJeztah/docker that referenced this pull request Jul 15, 2023
@thaJeztah
vendor: github.com/docker/distribution v2.8.2
1bd0805 
CI

- Dockerfile: fix filenames of artifacts

Bugfixes

-  Fix panic in inmemory driver
-  Add code to handle pagination of parts. Fixes max layer size of 10GB bug
-  Parse http forbidden as denied
-  Revert "registry/client: set Accept: identity header when getting layers

Runtime

- Update to go1.19.9
- Dockerfile: update xx to v1.2.1 ([moby#3907](distribution/distribution#3907))

Security

- Fix [CVE-2022-28391](https://www.cve.org/CVERecord?id=CVE-2022-28391) by bumping alpine from 3.14 to 3.16
- Fix [CVE-2023-2253](https://www.cve.org/CVERecord?id=CVE-2023-2253) runaway allocation on /v2/_catalog [`521ea3d9`](distribution/distribution@521ea3d)

full diff: distribution/distribution@v2.8.1...v2.8.2

Signed-off-by: Sebastiaan van Stijn <[email protected]>

bump to release/2.8

Signed-off-by: Sebastiaan van Stijn <[email protected]>
(cherry picked from commit 7821d2d)
Signed-off-by: Sebastiaan van Stijn <[email protected]>
@thaJeztah thaJeztah mentioned this pull request Jul 15, 2023
Merged
thaJeztah added a commit to thaJeztah/cli that referenced this pull request Jul 17, 2023
@thaJeztah
vendor: github.com/docker/distribution v2.8.2
df65083 
CI

- Dockerfile: fix filenames of artifacts

Bugfixes

-  Fix panic in inmemory driver
-  Add code to handle pagination of parts. Fixes max layer size of 10GB bug
-  Parse http forbidden as denied
-  Revert "registry/client: set Accept: identity header when getting layers

Runtime

- Update to go1.19.9
- Dockerfile: update xx to v1.2.1 ([docker#3907](distribution/distribution#3907))

Security

- Fix [CVE-2022-28391](https://www.cve.org/CVERecord?id=CVE-2022-28391) by bumping alpine from 3.14 to 3.16
- Fix [CVE-2023-2253](https://www.cve.org/CVERecord?id=CVE-2023-2253) runaway allocation on /v2/_catalog [`521ea3d9`](distribution/distribution@521ea3d)

full diff: distribution/distribution@v2.8.1...v2.8.2-beta.2

Signed-off-by: Sebastiaan van Stijn <[email protected]>
(cherry picked from commit 353e0a9)
Signed-off-by: Sebastiaan van Stijn <[email protected]>
thaJeztah added a commit to thaJeztah/cli that referenced this pull request Jul 17, 2023
@thaJeztah
vendor: github.com/docker/distribution v2.8.2
ce8241b 
CI

- Dockerfile: fix filenames of artifacts

Bugfixes

-  Fix panic in inmemory driver
-  Add code to handle pagination of parts. Fixes max layer size of 10GB bug
-  Parse http forbidden as denied
-  Revert "registry/client: set Accept: identity header when getting layers

Runtime

- Update to go1.19.9
- Dockerfile: update xx to v1.2.1 ([docker#3907](distribution/distribution#3907))

Security

- Fix [CVE-2022-28391](https://www.cve.org/CVERecord?id=CVE-2022-28391) by bumping alpine from 3.14 to 3.16
- Fix [CVE-2023-2253](https://www.cve.org/CVERecord?id=CVE-2023-2253) runaway allocation on /v2/_catalog [`521ea3d9`](distribution/distribution@521ea3d)

full diff: distribution/distribution@v2.8.1...v2.8.2-beta.2

Signed-off-by: Sebastiaan van Stijn <[email protected]>
(cherry picked from commit 353e0a9)
Signed-off-by: Sebastiaan van Stijn <[email protected]>
nrdufour added a commit to nrdufour/home-ops that referenced this pull request Jul 29, 2023
@nrdufour
chore(deps): update registry docker tag to v2.8.2 (#20)
fa04a41 
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [registry](https://github.com/distribution/distribution) | patch | `2.8.1` -> `2.8.2` |

---

### Release Notes

<details>
<summary>distribution/distribution (registry)</summary>

### [`v2.8.2`](https://github.com/distribution/distribution/releases/tag/v2.8.2)

[Compare Source](distribution/distribution@v2.8.1...v2.8.2)

##### What's Changed

-   Revert registry/client: set `Accept: identity` header when getting layers by [@&#8203;ndeloof](https://github.com/ndeloof) in distribution/distribution#3783
-   Parse `http` forbidden as denied by [@&#8203;vvoland](https://github.com/vvoland) in distribution/distribution#3914
-   Fix [CVE-2022-28391](https://www.cve.org/CVERecord?id=CVE-2022-28391) by bumping alpine from 3.14 to 3.16 by [@&#8203;thaJeztah](https://github.com/thaJeztah) ([#&#8203;3650](distribution/distribution#3650))
-   Fix [CVE-2023-2253](https://www.cve.org/CVERecord?id=CVE-2023-2253) runaway allocation on /v2/\_catalog  by [@&#8203;josegomezr](https://github.com/josegomezr) [`521ea3d9`](distribution/distribution@521ea3d)
-   Fix panic in inmemory driver by [@&#8203;wy65701436](https://github.com/wy65701436) in distribution/distribution#3815
-   bump up golang version (alternative) by [@&#8203;thaJeztah](https://github.com/thaJeztah) in distribution/distribution#3903
-   Dockerfile: update xx to v1.2.1 by [@&#8203;thaJeztah](https://github.com/thaJeztah) in distribution/distribution#3907
-   update to go1.19.9 by [@&#8203;thaJeztah](https://github.com/thaJeztah) in distribution/distribution#3908
-   Add code to handle pagination of parts. Fixes max layer size of 10GB bug by [@&#8203;DavidSpek](https://github.com/DavidSpek) in distribution/distribution#3893
-   Dockerfile: fix filenames of artifacts by [@&#8203;thaJeztah](https://github.com/thaJeztah) in distribution/distribution#3911

**Full Changelog**: distribution/distribution@v2.8.1...v2.8.2

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about these updates again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNi4yMy4yIiwidXBkYXRlZEluVmVyIjoiMzYuMjMuMiIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->

Reviewed-on: https://git.home/nrdufour/home-ops/pulls/20
Co-authored-by: Renovate <[email protected]>
Co-committed-by: Renovate <[email protected]>
Jeyanthinath pushed a commit to Jeyanthinath/moby that referenced this pull request Oct 20, 2023
@thaJeztah @Jeyanthinath
vendor: github.com/docker/distribution v2.8.2
65f0cc6 
CI

- Dockerfile: fix filenames of artifacts

Bugfixes

-  Fix panic in inmemory driver
-  Add code to handle pagination of parts. Fixes max layer size of 10GB bug
-  Parse http forbidden as denied
-  Revert "registry/client: set Accept: identity header when getting layers

Runtime

- Update to go1.19.9
- Dockerfile: update xx to v1.2.1 ([moby#3907](distribution/distribution#3907))

Security

- Fix [CVE-2022-28391](https://www.cve.org/CVERecord?id=CVE-2022-28391) by bumping alpine from 3.14 to 3.16
- Fix [CVE-2023-2253](https://www.cve.org/CVERecord?id=CVE-2023-2253) runaway allocation on /v2/_catalog [`521ea3d9`](distribution/distribution@521ea3d)

full diff: distribution/distribution@v2.8.1...v2.8.2

Signed-off-by: Sebastiaan van Stijn <[email protected]>

bump to release/2.8

Signed-off-by: Sebastiaan van Stijn <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@crazy-max crazy-max crazy-max approved these changes

@milosgajdos milosgajdos milosgajdos approved these changes

@justincormack justincormack justincormack approved these changes

@deleteriousEffect deleteriousEffect Awaiting requested review from deleteriousEffect

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@thaJeztah @justincormack @milosgajdos @crazy-max