This release contains a security fix for [CVE-2024-29018], a potential data exfiltration from 'internal' networks via authoritative DNS servers.
New
Add Subpath field to the VolumeOptions making it possible to mount a subpath of a volume. moby/moby#45687
Add volume-subpath support to the mount flag (--mount type=volume,...,volume-subpath=<subpath>). docker/cli#4331
Accept = separators and [ipv6] in compose files for docker stack deploy. docker/cli#4860
rootless: Add support for enabling host loopback by setting the DOCKERD_ROOTLESS_ROOTLESSKIT_DISABLE_HOST_LOOPBACK environment variable to false (defaults to true). This lets containers connect to the host by using IP address 10.0.2.2. moby/moby#47352
containerd image store: docker image ls no longer creates duplicates entries for multi-platform images. moby/moby#45967
[CVE-2024-29018]: Do not forward requests to external DNS servers for a container that is only connected to an 'internal' network. Previously, requests were forwarded if the host's DNS server was running on a loopback address, like systemd's 127.0.0.53. moby/moby#47589
Ensure that a generated MAC address is not restored when a container is restarted, but a configured MAC address is preserved. moby/moby#47233
[!WARNING]
Containers created using Docker Engine 25.0.0 may have duplicate MAC addresses, they must be re-created.
Containers created using version 25.0.0 or 25.0.1 with user-defined MAC addresses will get generated MAC addresses when they are started using 25.0.2. They must also be re-created.
Always attempt to enable IPv6 on a container's loopback interface, and only include IPv6 in /etc/hosts if successful. moby/moby#47062
[!NOTE]
By default, IPv6 will remain enabled on a container's loopback interface when the container is not connected to an IPv6-enabled network.
For example, containers that are only connected to an IPv4-only network now have the ::1 address on their loopback interface.
To disable IPv6 in a container,
use option --sysctl net.ipv6.conf.all.disable_ipv6=1 in the create or run command,
or the equivalent sysctls option in the service configuration section of a Compose file.
If IPv6 is not available in a container because it has been explicitly disabled for the container,
or the host's networking stack does not have IPv6 enabled (or for any other reason)
the container's /etc/hosts file will not include IPv6 entries.
Fix ADD Dockerfile instruction failing with lsetxattr <file>: operation not supported when unpacking archive with xattrs onto a filesystem that doesn't support them. moby/moby#47175
Fix docker container start failing when used with --checkpoint. moby/moby#47456
... (truncated)
Commits
8b79278 Merge pull request #47599 from neersighted/short_id_aliases_removal
22726fb api: document changed behavior of the Aliases field in v1.45
963e1f3 Merge pull request #47597 from vvoland/c8d-list-fix-shared-size
3312b82 c8d/list: Add a test case for images sharing a top layer
ad8a5a5 c8d/list: Fix diffIDs being outputted instead of chainIDs
0c2d83b c8d/list: Handle unpacked layers when calculating shared size
330d777 Merge pull request #47591 from vvoland/api-1.45
Use spaces instead of parentheses for SQL sanitization.
This still solves the problem of negative numbers creating a line comment, but this avoids breaking edge cases such as
set foo to $1 where the substitution is taking place in a location where an arbitrary expression is not allowed.
chore(deps): bump google.golang.org/grpc from 1.61.1 to 1.62.0 in /modules/qdrant (#2281) @dependabot
chore(deps): bump github.com/ClickHouse/clickhouse-go/v2 from 2.18.0 to 2.20.0 in /modules/clickhouse (#2290) @dependabot
chore(deps): bump github.com/Shopify/toxiproxy/v2 from 2.7.0 to 2.8.0 in /examples/toxiproxy (#2282) @dependabot
chore(deps): bump github.com/neo4j/neo4j-go-driver/v5 from 5.16.0 to 5.18.0 in /modules/neo4j (#2278) @dependabot
chore(deps): bump github.com/minio/minio-go/v7 from 7.0.66 to 7.0.68 in /modules/minio (#2304) @dependabot
chore(deps): bump github.com/tmc/langchaingo from 0.1.4 to 0.1.5 in /modules/ollama (#2318) @dependabot
chore(deps): bump github.com/elastic/go-elasticsearch/v8 from 8.11.1 to 8.12.1 in /modules/elasticsearch (#2303) @dependabot
chore(deps): bump google.golang.org/api from 0.167.0 to 0.168.0 in /modules/gcloud (#2317) @dependabot
chore(deps): bump github.com/aws/aws-sdk-go-v2/credentials from 1.16.14 to 1.17.5 in /modules/localstack, github.com/aws/aws-sdk-go-v2 from 1.24.1 to 1.25.2 in /modules/localstack (#2320) @mdelapenya
chore(deps): bump github.com/twmb/franz-go from 1.15.4 to 1.16.1 in /modules/redpanda, github.com/twmb/franz-go/pkg/kadm from 1.10.0 to 1.11.0 in /modules/redpanda (#2322) @mdelapenya
chore(deps): bump github.com/hashicorp/vault-client-go from 0.3.3 to 0.4.3 in /modules/vault, github.com/tidwall/gjson from 1.17.0 to 1.17.1 in /modules/vault (#2321) @mdelapenya
chore(deps): bump github.com/jackc/pgx/v5 from 5.5.3 to 5.5.4 in /modules/postgres, github.com/jackc/pgx/v5 from 5.5.3 to 5.5.4 in /modules/cockroachdb (#2323) @mdelapenya
chore(deps): bump golang.org/x/mod from 0.12.0 to 0.16.0 (#2316) @mdelapenya
chore(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 in /modulegen (#2298) @dependabot
chore(deps): bump github.com/docker/docker from 25.0.2+incompatible to 25.0.3+incompatible (#2296) @mdelapenya
chore(deps): bump github.com/couchbase/gocb/v2 from 2.7.1 to 2.7.2 in /modules/couchbase, github.com/tidwall/gjson from 1.17.0 to 1.17.1 in /modules/couchbase (#2297) @mdelapenya
... (truncated)
Commits
08c2385 chore: use new version (v0.29.1) in modules and examples
Add client metric support to go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp. (#4707)
Add peer attributes to spans recorded by NewClientHandler, NewServerHandler in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc. (#4873)
Add support for cloud.account.id, cloud.availability_zone and cloud.region in the AWS ECS detector. (#4860)
Changed
The fallback options in go.opentelemetry.io/contrib/exporters/autoexport now accept factory functions. (#4891)
WithFallbackMetricReader(metric.Reader) MetricOption is replaced with func WithFallbackMetricReader(func(context.Context) (metric.Reader, error)) MetricOption.
WithFallbackSpanExporter(trace.SpanExporter) SpanOption is replaced with WithFallbackSpanExporter(func(context.Context) (trace.SpanExporter, error)) SpanOption.
The http.server.request_content_length metric in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is changed to http.server.request.size.(#4707)
The http.server.response_content_length metric in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is changed to http.server.response.size.(#4707)
Deprecated
The RequestCount, RequestContentLength, ResponseContentLength, ServerLatency constants in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp are deprecated. (#4707)
Add support for Summary metrics to go.opentelemetry.io/contrib/bridges/prometheus. (#5089)
Add support for Exponential (native) Histograms in go.opentelemetry.io/contrib/bridges/prometheus. (#5093)
Implemented setting the cloud.resource_id resource attribute in go.opentelemetry.io/detectors/aws/ecs based on the ECS Metadata v4 endpoint. (#5091)
Removed
The deprecated RequestCount constant in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is removed. (#4894)
The deprecated RequestContentLength constant in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is removed. (#4894)
The deprecated ResponseContentLength constant in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is removed. (#4894)
The deprecated ServerLatency constant in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is removed. (#4894)
Fixed
Retrieving the body bytes count in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp does not cause a data race anymore. (#5080)
[1.23.0/0.48.0/0.17.0/0.3.0] - 2024-02-06
Added
Add client metric support to go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp. (#4707)
Add peer attributes to spans recorded by NewClientHandler, NewServerHandler in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc. (
Bumps the production-dependencies group with 33 updates:
2.3.6
2.3.7
1.11.1
1.11.2
3.9.0
3.10.0
25.0.3+incompatible
26.0.0+incompatible
1.5.0
1.7.1
0.2.0
1.1.1
2.1.1
2.1.2
5.5.4
5.5.5
1.8.4
1.9.0
0.28.0
0.29.1
0.2.3
0.2.4
0.46.1
0.49.0
1.22.0
1.24.0
1.22.0
1.24.0
1.21.0
1.24.0
1.22.0
1.24.0
1.22.0
1.24.0
1.26.0
1.27.0
0.21.0
0.22.0
0.17.0
0.18.0
0.17.0
0.18.0
0.17.0
0.18.0
1.5.4
1.5.7
1.5.4
1.5.5
1.25.5
1.25.8
0.29.2
0.29.3
0.29.2
0.29.3
0.29.1
0.29.3
1.58.0
1.62.0
0.61.0
0.62.1
1.0.0
1.0.1-0.20181226105442-5d4384ee4fb2
0.19.0
0.21.0
1.61.1
1.62.0
Updates
github.com/cockroachdb/cockroach-go/v2
from 2.3.6 to 2.3.7Commits
32a6d65
Add option to configure cache sizeUpdates
github.com/coredns/coredns
from 1.11.1 to 1.11.2Commits
Updates
github.com/coreos/go-oidc/v3
from 3.9.0 to 3.10.0Release notes
Sourced from github.com/coreos/go-oidc/v3's releases.
Commits
22dfdca
update go-jose to v4375c370
add staticcheck to github actions0963f39
updated github actions65ac180
fix minor typoUpdates
github.com/docker/docker
from 25.0.3+incompatible to 26.0.0+incompatibleRelease notes
Sourced from github.com/docker/docker's releases.
... (truncated)
Commits
8b79278
Merge pull request #47599 from neersighted/short_id_aliases_removal22726fb
api: document changed behavior of theAliases
field in v1.45963e1f3
Merge pull request #47597 from vvoland/c8d-list-fix-shared-size3312b82
c8d/list: Add a test case for images sharing a top layerad8a5a5
c8d/list: Fix diffIDs being outputted instead of chainIDs0c2d83b
c8d/list: Handle unpacked layers when calculating shared size330d777
Merge pull request #47591 from vvoland/api-1.453d2a56e
docs/api: add documentation for API v1.454531a37
Merge pull request #47580 from vvoland/c8d-list-slow731a640
c8d/list: Generate image summary concurrentlyUpdates
github.com/gin-contrib/cors
from 1.5.0 to 1.7.1Release notes
Sourced from github.com/gin-contrib/cors's releases.
Commits
71a48a2
chore: update third-party dependencies to latest versions88cbcd0
ci: update GitHub Actions workflows for Go projects84d0919
test: refactor CORS tests and expand coverage4447aeb
refactor: refactor request handling and improve CORS checks9d49f16
chore(cors): Allow a custom validation function which receives the full gin c...7f30a1f
fix: improve error handling and test robustness90a7c66
test(cors): enhance CORS wildcard handling tests (#145)d5002f2
test: refactor tests and update CI configurationseac6c48
feat(schema): allow usage of custom schemas (#139)27b723a
fixe(domain): wildcard parse bug (#106)Updates
github.com/gin-contrib/zap
from 0.2.0 to 1.1.1Release notes
Sourced from github.com/gin-contrib/zap's releases.
Commits
173fe6c
chore: update third-party dependencies to latest versionsca35b5f
docs: improve documentation and add example code5b62309
feat: implement skip path regexps feature in zap package (#72)0abce4a
docs: implement custom skipper function in READMEd5accec
refactor: refactor file paths to use constants372417f
chore: refactor error handling and linter configurations58dd173
feat: consolidate code examples into new filea9803c5
refactor: refactor testing functions in zap_test filed4400a8
feat(func): implement Skipper functionality for logging configuration (#71)6ad826e
build: update minimum Go version to 1.19Updates
github.com/go-gormigrate/gormigrate/v2
from 2.1.1 to 2.1.2Release notes
Sourced from github.com/go-gormigrate/gormigrate/v2's releases.
Changelog
Sourced from github.com/go-gormigrate/gormigrate/v2's changelog.
Commits
db7575c
Merge pull request #218 from go-gormigrate/update-depse2a0213
Release 2.1.268141c7
Fix LastInsertId error in postgres driver, closes #21700412f7
Bump go deps3ae8ad4
readme: add mariadb alongside mysql238380d
integration-test: cleanupe033684
integration-test: bump postgres image 14 => 1682b4678
integration-test: bump mariadb image 10 => 11, add missing mysql 8943719b
ci: remove go matrix from integration-test, use version from go.mod instead2533ee1
integration-test: bump go to latest 1.22Updates
github.com/jackc/pgx/v5
from 5.5.4 to 5.5.5Changelog
Sourced from github.com/jackc/pgx/v5's changelog.
Commits
78a0a2b
Fix spelling in changeloga17f064
Update changelog49b6aad
Use spaces instead of parentheses for SQL sanitization0cc4c14
Add test to validate CollectRows for empty RowsUpdates
github.com/stretchr/testify
from 1.8.4 to 1.9.0Release notes
Sourced from github.com/stretchr/testify's releases.
... (truncated)
Commits
bb548d0
Merge pull request #1552 from stretchr/dependabot/go_modules/github.com/stret...814075f
build(deps): bump github.com/stretchr/objx from 0.5.1 to 0.5.2e045612
Merge pull request #1339 from bogdandrutu/uintptr5b6926d
Merge pull request #1385 from hslatman/not-implements9f97d67
Merge pull request #1550 from stretchr/release-notesbcb0d3f
Include the auto-release notes in releasesfb770f8
Merge pull request #1247 from ccoVeille/typos85d8bb6
fix typos in comments, tests and github templatese2741fa
Merge pull request #1548 from arjunmahishi/msgAndArgs6e59f20
http_assertions: assert that the msgAndArgs actually works in testsUpdates
github.com/testcontainers/testcontainers-go
from 0.28.0 to 0.29.1Release notes
Sourced from github.com/testcontainers/testcontainers-go's releases.
... (truncated)
Commits
08c2385
chore: use new version (v0.29.1) in modules and examples4d7a27e
fix: incorrect versione48323c
chore: prepare for next minor development cycle ()c17ba62
chore: use new version (v0.29.0) in modules and examples12f23f8
generic.go: GenericContainer(): clearer error message (#2327)cfd60e9
chore: confirm support for new mongo images (#2326)85361fe
Add k3s WithManifest option (#1920)755bbb8
chore(deps): bump google.golang.org/grpc in /modules/qdrant (#2281)ba92e0e
chore(deps): bump github.com/ClickHouse/clickhouse-go/v2 (#2290)245c8b0
chore(deps): bump github.com/Shopify/toxiproxy/v2 in /examples/toxiproxy (#2282)Updates
github.com/uptrace/opentelemetry-go-extra/otelgorm
from 0.2.3 to 0.2.4Release notes
Sourced from github.com/uptrace/opentelemetry-go-extra/otelgorm's releases.
Changelog
Sourced from github.com/uptrace/opentelemetry-go-extra/otelgorm's changelog.
Commits
31fd20c
Merge pull request #122 from uptrace/release/v0.2.43519d4b
chore: release v0.2.4 (release.sh)266ee28
chore: bump go5665e97
chore: remove deprecated jaeger exporter40adaaa
chore: go mod tidy0c6a105
chore: bump go version3728837
chore: go mod tidy8494afe
Merge pull request #114 from empire/patch-2caa310e
Merge branch 'uptrace:main' into patch-2ca9be5f
Merge pull request #116 from mat007/patch-1Updates
go.opentelemetry.io/contrib/instrumentation/github.com/gin-gonic/gin/otelgin
from 0.46.1 to 0.49.0Release notes
Sourced from go.opentelemetry.io/contrib/instrumentation/github.com/gin-gonic/gin/otelgin's releases.
... (truncated)
Changelog
Sourced from go.opentelemetry.io/contrib/instrumentation/github.com/gin-gonic/gin/otelgin's changelog.
Looks like these dependencies are updatable in another way, so this is no longer needed.