search

Vanilla-OS / ABRoot

ABRoot is a utility that provides full immutability and atomicity to a Linux system, by transacting between two root filesystems. Updates are performed using OCI images, to ensure that the system is always in a consistent state.
http://abroot.vanillaos.org/
GNU General Public License v3.0
309 stars 24 forks source link

build(deps): bump github.com/containers/buildah from 1.35.1 to 1.35.4 #289

Closed dependabot[bot] closed 4 months ago

dependabot[bot] commented 5 months ago

Bumps github.com/containers/buildah from 1.35.1 to 1.35.4.

Release notes

Sourced from github.com/containers/buildah's releases.

v1.35.4

What's Changed

Full Changelog: https://github.com/containers/buildah/compare/v1.35.3...v1.35.4

v1.35.3

What's Changed

Full Changelog: https://github.com/containers/buildah/compare/v1.35.2...v1.35.3

v1.35.2

What's Changed

Full Changelog: https://github.com/containers/buildah/compare/v1.35.1...v1.35.2

Changelog

Sourced from github.com/containers/buildah's changelog.

v1.35.4 (2024-05-09)

[release-1.35] CVE-2024-3727 updates
integration test: handle new labels in "bud and test --unsetlabel"
[release-1.35] Bump go-jose CVE-2024-28180
[release-1.35] Bump ocicrypt and go-jose CVE-2024-28180

v1.35.3 (2024-03-28)

[release-1.35] Bump c/common to v0.58.1

v1.35.2 (2024-03-22)

[release-1.35] CVE-2024-24786 protobuf to 1.33
[release-1.35] Bump to v1.35.2-dev
Commits
  • c2926ea [release-1.35] Bump to Buildah v1.35.4
  • f905965 [release-1.35] CVE-2024-3727 updates
  • d1d1b54 Merge pull request #5503 from openshift-cherrypick-robot/cherry-pick-5487-to-...
  • a676663 integration test: handle new labels in "bud and test --unsetlabel"
  • e20b67d Merge pull request #5481 from TomSweeneyRedHat/dev/tsweeney/cve-jose-1.35-pt2
  • 820caaf [release-1.35] Bump go-jose CVE-2024-28180
  • 0b93c87 Merge pull request #5467 from TomSweeneyRedHat/dev/tsweeney/cve-jose-1.35
  • c7296dd [release-1.35] Bump ocicrypt and go-jose CVE-2024-28180
  • e7f6ef5 Merge pull request #5441 from TomSweeneyRedHat/dev/tsweeney/1.35_common_0.58.1
  • 9f0251c [release-1.35] Bump to Buildah v1.35.3
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 4 months ago

Superseded by #298.