Message ID | 20240331074614.17359-1-christian@aperture.us |
---|---|
State | Accepted |
Headers | show |
Series | [v1,1/2] package/docker-engine: security bump to version v26.0.0 | expand |
Christian, All, On 2024-03-31 00:46 -0700, Christian Stewart via buildroot spake thusly: > Update to the latest major release of docker-engine. > > Fixes CVE-2024-29018: potential data exfiltration from 'internal' networks via authoritative DNS servers. > Do not forward requests to external DNS servers for a container that is only connected to an 'internal' network. Please wrap your commit logs to the "standard" ~72 chars width. > https://github.com/moby/moby/releases/tag/v26.0.0 > > Signed-off-by: Christian Stewart <christian@aperture.us> Applied to master, thanks. Regards, Yann E. MORIN. > --- > package/docker-engine/docker-engine.hash | 2 +- > package/docker-engine/docker-engine.mk | 2 +- > 2 files changed, 2 insertions(+), 2 deletions(-) > > diff --git a/package/docker-engine/docker-engine.hash b/package/docker-engine/docker-engine.hash > index 931d6529e1..5c76b99af3 100644 > --- a/package/docker-engine/docker-engine.hash > +++ b/package/docker-engine/docker-engine.hash > @@ -1,3 +1,3 @@ > # Locally calculated > -sha256 16a2cb4cf4d314a070085e0df06e3a6bd9ec678d28715b64060af694fc9051d5 docker-engine-24.0.7.tar.gz > +sha256 fae1aabb63ed5cf6d302a5f4266ed092716b1cea9a974a9d61154ef31b03c302 docker-engine-26.0.0.tar.gz > sha256 7c87873291f289713ac5df48b1f2010eb6963752bbd6b530416ab99fc37914a8 LICENSE > diff --git a/package/docker-engine/docker-engine.mk b/package/docker-engine/docker-engine.mk > index 05bf23ad3d..86106d3ccb 100644 > --- a/package/docker-engine/docker-engine.mk > +++ b/package/docker-engine/docker-engine.mk > @@ -4,7 +4,7 @@ > # > ################################################################################ > > -DOCKER_ENGINE_VERSION = 24.0.7 > +DOCKER_ENGINE_VERSION = 26.0.0 > DOCKER_ENGINE_SITE = $(call github,moby,moby,v$(DOCKER_ENGINE_VERSION)) > > DOCKER_ENGINE_LICENSE = Apache-2.0 > -- > 2.43.0 > > _______________________________________________ > buildroot mailing list > buildroot@buildroot.org > https://lists.buildroot.org/mailman/listinfo/buildroot
>>>>> "Yann" == Yann E MORIN <yann.morin.1998@free.fr> writes: > Christian, All, > On 2024-03-31 00:46 -0700, Christian Stewart via buildroot spake thusly: >> Update to the latest major release of docker-engine. >> >> Fixes CVE-2024-29018: potential data exfiltration from 'internal' networks via authoritative DNS servers. >> Do not forward requests to external DNS servers for a container that is only connected to an 'internal' network. > Please wrap your commit logs to the "standard" ~72 chars width. >> https://github.com/moby/moby/releases/tag/v26.0.0 >> >> Signed-off-by: Christian Stewart <christian@aperture.us> > Applied to master, thanks. Committed to 2024.02.x, thanks.
diff --git a/package/docker-engine/docker-engine.hash b/package/docker-engine/docker-engine.hash index 931d6529e1..5c76b99af3 100644 --- a/package/docker-engine/docker-engine.hash +++ b/package/docker-engine/docker-engine.hash @@ -1,3 +1,3 @@ # Locally calculated -sha256 16a2cb4cf4d314a070085e0df06e3a6bd9ec678d28715b64060af694fc9051d5 docker-engine-24.0.7.tar.gz +sha256 fae1aabb63ed5cf6d302a5f4266ed092716b1cea9a974a9d61154ef31b03c302 docker-engine-26.0.0.tar.gz sha256 7c87873291f289713ac5df48b1f2010eb6963752bbd6b530416ab99fc37914a8 LICENSE diff --git a/package/docker-engine/docker-engine.mk b/package/docker-engine/docker-engine.mk index 05bf23ad3d..86106d3ccb 100644 --- a/package/docker-engine/docker-engine.mk +++ b/package/docker-engine/docker-engine.mk @@ -4,7 +4,7 @@ # ################################################################################ -DOCKER_ENGINE_VERSION = 24.0.7 +DOCKER_ENGINE_VERSION = 26.0.0 DOCKER_ENGINE_SITE = $(call github,moby,moby,v$(DOCKER_ENGINE_VERSION)) DOCKER_ENGINE_LICENSE = Apache-2.0
Update to the latest major release of docker-engine. Fixes CVE-2024-29018: potential data exfiltration from 'internal' networks via authoritative DNS servers. Do not forward requests to external DNS servers for a container that is only connected to an 'internal' network. https://github.com/moby/moby/releases/tag/v26.0.0 Signed-off-by: Christian Stewart <christian@aperture.us> --- package/docker-engine/docker-engine.hash | 2 +- package/docker-engine/docker-engine.mk | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-)