This release contains a security fix for [CVE-2024-29018], a potential data exfiltration from 'internal' networks via authoritative DNS servers.
New
Add Subpath field to the VolumeOptions making it possible to mount a subpath of a volume. moby/moby#45687
Add volume-subpath support to the mount flag (--mount type=volume,...,volume-subpath=<subpath>). docker/cli#4331
Accept = separators and [ipv6] in compose files for docker stack deploy. docker/cli#4860
rootless: Add support for enabling host loopback by setting the DOCKERD_ROOTLESS_ROOTLESSKIT_DISABLE_HOST_LOOPBACK environment variable to false (defaults to true). This lets containers connect to the host by using IP address 10.0.2.2. moby/moby#47352
containerd image store: docker image ls no longer creates duplicates entries for multi-platform images. moby/moby#45967
[CVE-2024-29018]: Do not forward requests to external DNS servers for a container that is only connected to an 'internal' network. Previously, requests were forwarded if the host's DNS server was running on a loopback address, like systemd's 127.0.0.53. moby/moby#47589
Ensure that a generated MAC address is not restored when a container is restarted, but a configured MAC address is preserved. moby/moby#47233
[!WARNING]
Containers created using Docker Engine 25.0.0 may have duplicate MAC addresses, they must be re-created.
Containers created using version 25.0.0 or 25.0.1 with user-defined MAC addresses will get generated MAC addresses when they are started using 25.0.2. They must also be re-created.
Always attempt to enable IPv6 on a container's loopback interface, and only include IPv6 in /etc/hosts if successful. moby/moby#47062
[!NOTE]
By default, IPv6 will remain enabled on a container's loopback interface when the container is not connected to an IPv6-enabled network.
For example, containers that are only connected to an IPv4-only network now have the ::1 address on their loopback interface.
To disable IPv6 in a container,
use option --sysctl net.ipv6.conf.all.disable_ipv6=1 in the create or run command,
or the equivalent sysctls option in the service configuration section of a Compose file.
If IPv6 is not available in a container because it has been explicitly disabled for the container,
or the host's networking stack does not have IPv6 enabled (or for any other reason)
the container's /etc/hosts file will not include IPv6 entries.
Fix ADD Dockerfile instruction failing with lsetxattr <file>: operation not supported when unpacking archive with xattrs onto a filesystem that doesn't support them. moby/moby#47175
Fix docker container start failing when used with --checkpoint. moby/moby#47456
... (truncated)
Commits
8b79278 Merge pull request #47599 from neersighted/short_id_aliases_removal
22726fb api: document changed behavior of the Aliases field in v1.45
963e1f3 Merge pull request #47597 from vvoland/c8d-list-fix-shared-size
3312b82 c8d/list: Add a test case for images sharing a top layer
ad8a5a5 c8d/list: Fix diffIDs being outputted instead of chainIDs
0c2d83b c8d/list: Handle unpacked layers when calculating shared size
330d777 Merge pull request #47591 from vvoland/api-1.45
Use spaces instead of parentheses for SQL sanitization.
This still solves the problem of negative numbers creating a line comment, but this avoids breaking edge cases such as
set foo to $1 where the substitution is taking place in a location where an arbitrary expression is not allowed.
chore(deps): bump google.golang.org/grpc from 1.61.1 to 1.62.0 in /modules/qdrant (#2281) @dependabot
chore(deps): bump github.com/ClickHouse/clickhouse-go/v2 from 2.18.0 to 2.20.0 in /modules/clickhouse (#2290) @dependabot
chore(deps): bump github.com/Shopify/toxiproxy/v2 from 2.7.0 to 2.8.0 in /examples/toxiproxy (#2282) @dependabot
chore(deps): bump github.com/neo4j/neo4j-go-driver/v5 from 5.16.0 to 5.18.0 in /modules/neo4j (#2278) @dependabot
chore(deps): bump github.com/minio/minio-go/v7 from 7.0.66 to 7.0.68 in /modules/minio (#2304) @dependabot
chore(deps): bump github.com/tmc/langchaingo from 0.1.4 to 0.1.5 in /modules/ollama (#2318) @dependabot
chore(deps): bump github.com/elastic/go-elasticsearch/v8 from 8.11.1 to 8.12.1 in /modules/elasticsearch (#2303) @dependabot
chore(deps): bump google.golang.org/api from 0.167.0 to 0.168.0 in /modules/gcloud (#2317) @dependabot
chore(deps): bump github.com/aws/aws-sdk-go-v2/credentials from 1.16.14 to 1.17.5 in /modules/localstack, github.com/aws/aws-sdk-go-v2 from 1.24.1 to 1.25.2 in /modules/localstack (#2320) @mdelapenya
chore(deps): bump github.com/twmb/franz-go from 1.15.4 to 1.16.1 in /modules/redpanda, github.com/twmb/franz-go/pkg/kadm from 1.10.0 to 1.11.0 in /modules/redpanda (#2322) @mdelapenya
chore(deps): bump github.com/hashicorp/vault-client-go from 0.3.3 to 0.4.3 in /modules/vault, github.com/tidwall/gjson from 1.17.0 to 1.17.1 in /modules/vault (#2321) @mdelapenya
chore(deps): bump github.com/jackc/pgx/v5 from 5.5.3 to 5.5.4 in /modules/postgres, github.com/jackc/pgx/v5 from 5.5.3 to 5.5.4 in /modules/cockroachdb (#2323) @mdelapenya
chore(deps): bump golang.org/x/mod from 0.12.0 to 0.16.0 (#2316) @mdelapenya
chore(deps): bump github.com/stretchr/testify from 1.8.4 to 1.9.0 in /modulegen (#2298) @dependabot
chore(deps): bump github.com/docker/docker from 25.0.2+incompatible to 25.0.3+incompatible (#2296) @mdelapenya
chore(deps): bump github.com/couchbase/gocb/v2 from 2.7.1 to 2.7.2 in /modules/couchbase, github.com/tidwall/gjson from 1.17.0 to 1.17.1 in /modules/couchbase (#2297) @mdelapenya
... (truncated)
Commits
08c2385 chore: use new version (v0.29.1) in modules and examples
Add client metric support to go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp. (#4707)
Add peer attributes to spans recorded by NewClientHandler, NewServerHandler in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc. (#4873)
Add support for cloud.account.id, cloud.availability_zone and cloud.region in the AWS ECS detector. (#4860)
Changed
The fallback options in go.opentelemetry.io/contrib/exporters/autoexport now accept factory functions. (#4891)
WithFallbackMetricReader(metric.Reader) MetricOption is replaced with func WithFallbackMetricReader(func(context.Context) (metric.Reader, error)) MetricOption.
WithFallbackSpanExporter(trace.SpanExporter) SpanOption is replaced with WithFallbackSpanExporter(func(context.Context) (trace.SpanExporter, error)) SpanOption.
The http.server.request_content_length metric in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is changed to http.server.request.size.(#4707)
The http.server.response_content_length metric in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is changed to http.server.response.size.(#4707)
Deprecated
The RequestCount, RequestContentLength, ResponseContentLength, ServerLatency constants in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp are deprecated. (#4707)
Add support for Summary metrics to go.opentelemetry.io/contrib/bridges/prometheus. (#5089)
Add support for Exponential (native) Histograms in go.opentelemetry.io/contrib/bridges/prometheus. (#5093)
Implemented setting the cloud.resource_id resource attribute in go.opentelemetry.io/detectors/aws/ecs based on the ECS Metadata v4 endpoint. (#5091)
Removed
The deprecated RequestCount constant in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is removed. (#4894)
The deprecated RequestContentLength constant in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is removed. (#4894)
The deprecated ResponseContentLength constant in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is removed. (#4894)
The deprecated ServerLatency constant in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp is removed. (#4894)
Fixed
Retrieving the body bytes count in go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp does not cause a data race anymore. (#5080)
[1.23.0/0.48.0/0.17.0/0.3.0] - 2024-02-06
Added
Add client metric support to go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp. (#4707)
Add peer attributes to spans recorded by NewClientHandler, NewServerHandler in go.opentelemetry.io/contrib/instrumentation/google.golang.org/grpc/otelgrpc. (
Bumps the production-dependencies group with 33 updates:
2.3.62.3.71.11.11.11.23.9.03.10.025.0.3+incompatible26.0.0+incompatible1.5.01.7.10.2.01.1.12.1.12.1.25.5.45.5.51.8.41.9.00.28.00.29.10.2.30.2.40.46.10.49.01.22.01.24.01.22.01.24.01.21.01.24.01.22.01.24.01.22.01.24.01.26.01.27.00.21.00.22.00.17.00.18.00.17.00.18.00.17.00.18.01.5.41.5.71.5.41.5.51.25.51.25.80.29.20.29.30.29.20.29.30.29.10.29.31.58.01.62.00.61.00.62.11.0.01.0.1-0.20181226105442-5d4384ee4fb20.19.00.21.01.61.11.62.0Updates
github.com/cockroachdb/cockroach-go/v2from 2.3.6 to 2.3.7Commits
32a6d65Add option to configure cache sizeUpdates
github.com/coredns/corednsfrom 1.11.1 to 1.11.2Commits
Updates
github.com/coreos/go-oidc/v3from 3.9.0 to 3.10.0Release notes
Sourced from github.com/coreos/go-oidc/v3's releases.
Commits
22dfdcaupdate go-jose to v4375c370add staticcheck to github actions0963f39updated github actions65ac180fix minor typoUpdates
github.com/docker/dockerfrom 25.0.3+incompatible to 26.0.0+incompatibleRelease notes
Sourced from github.com/docker/docker's releases.
... (truncated)
Commits
8b79278Merge pull request #47599 from neersighted/short_id_aliases_removal22726fbapi: document changed behavior of theAliasesfield in v1.45963e1f3Merge pull request #47597 from vvoland/c8d-list-fix-shared-size3312b82c8d/list: Add a test case for images sharing a top layerad8a5a5c8d/list: Fix diffIDs being outputted instead of chainIDs0c2d83bc8d/list: Handle unpacked layers when calculating shared size330d777Merge pull request #47591 from vvoland/api-1.453d2a56edocs/api: add documentation for API v1.454531a37Merge pull request #47580 from vvoland/c8d-list-slow731a640c8d/list: Generate image summary concurrentlyUpdates
github.com/gin-contrib/corsfrom 1.5.0 to 1.7.1Release notes
Sourced from github.com/gin-contrib/cors's releases.
Commits
71a48a2chore: update third-party dependencies to latest versions88cbcd0ci: update GitHub Actions workflows for Go projects84d0919test: refactor CORS tests and expand coverage4447aebrefactor: refactor request handling and improve CORS checks9d49f16chore(cors): Allow a custom validation function which receives the full gin c...7f30a1ffix: improve error handling and test robustness90a7c66test(cors): enhance CORS wildcard handling tests (#145)d5002f2test: refactor tests and update CI configurationseac6c48feat(schema): allow usage of custom schemas (#139)27b723afixe(domain): wildcard parse bug (#106)Updates
github.com/gin-contrib/zapfrom 0.2.0 to 1.1.1Release notes
Sourced from github.com/gin-contrib/zap's releases.
Commits
173fe6cchore: update third-party dependencies to latest versionsca35b5fdocs: improve documentation and add example code5b62309feat: implement skip path regexps feature in zap package (#72)0abce4adocs: implement custom skipper function in READMEd5accecrefactor: refactor file paths to use constants372417fchore: refactor error handling and linter configurations58dd173feat: consolidate code examples into new filea9803c5refactor: refactor testing functions in zap_test filed4400a8feat(func): implement Skipper functionality for logging configuration (#71)6ad826ebuild: update minimum Go version to 1.19Updates
github.com/go-gormigrate/gormigrate/v2from 2.1.1 to 2.1.2Release notes
Sourced from github.com/go-gormigrate/gormigrate/v2's releases.
Changelog
Sourced from github.com/go-gormigrate/gormigrate/v2's changelog.
Commits
db7575cMerge pull request #218 from go-gormigrate/update-depse2a0213Release 2.1.268141c7Fix LastInsertId error in postgres driver, closes #21700412f7Bump go deps3ae8ad4readme: add mariadb alongside mysql238380dintegration-test: cleanupe033684integration-test: bump postgres image 14 => 1682b4678integration-test: bump mariadb image 10 => 11, add missing mysql 8943719bci: remove go matrix from integration-test, use version from go.mod instead2533ee1integration-test: bump go to latest 1.22Updates
github.com/jackc/pgx/v5from 5.5.4 to 5.5.5Changelog
Sourced from github.com/jackc/pgx/v5's changelog.
Commits
78a0a2bFix spelling in changeloga17f064Update changelog49b6aadUse spaces instead of parentheses for SQL sanitization0cc4c14Add test to validate CollectRows for empty RowsUpdates
github.com/stretchr/testifyfrom 1.8.4 to 1.9.0Release notes
Sourced from github.com/stretchr/testify's releases.
... (truncated)
Commits
bb548d0Merge pull request #1552 from stretchr/dependabot/go_modules/github.com/stret...814075fbuild(deps): bump github.com/stretchr/objx from 0.5.1 to 0.5.2e045612Merge pull request #1339 from bogdandrutu/uintptr5b6926dMerge pull request #1385 from hslatman/not-implements9f97d67Merge pull request #1550 from stretchr/release-notesbcb0d3fInclude the auto-release notes in releasesfb770f8Merge pull request #1247 from ccoVeille/typos85d8bb6fix typos in comments, tests and github templatese2741faMerge pull request #1548 from arjunmahishi/msgAndArgs6e59f20http_assertions: assert that the msgAndArgs actually works in testsUpdates
github.com/testcontainers/testcontainers-gofrom 0.28.0 to 0.29.1Release notes
Sourced from github.com/testcontainers/testcontainers-go's releases.
... (truncated)
Commits
08c2385chore: use new version (v0.29.1) in modules and examples4d7a27efix: incorrect versione48323cchore: prepare for next minor development cycle ()c17ba62chore: use new version (v0.29.0) in modules and examples12f23f8generic.go: GenericContainer(): clearer error message (#2327)cfd60e9chore: confirm support for new mongo images (#2326)85361feAdd k3s WithManifest option (#1920)755bbb8chore(deps): bump google.golang.org/grpc in /modules/qdrant (#2281)ba92e0echore(deps): bump github.com/ClickHouse/clickhouse-go/v2 (#2290)245c8b0chore(deps): bump github.com/Shopify/toxiproxy/v2 in /examples/toxiproxy (#2282)Updates
github.com/uptrace/opentelemetry-go-extra/otelgormfrom 0.2.3 to 0.2.4Release notes
Sourced from github.com/uptrace/opentelemetry-go-extra/otelgorm's releases.
Changelog
Sourced from github.com/uptrace/opentelemetry-go-extra/otelgorm's changelog.
Commits
31fd20cMerge pull request #122 from uptrace/release/v0.2.43519d4bchore: release v0.2.4 (release.sh)266ee28chore: bump go5665e97chore: remove deprecated jaeger exporter40adaaachore: go mod tidy0c6a105chore: bump go version3728837chore: go mod tidy8494afeMerge pull request #114 from empire/patch-2caa310eMerge branch 'uptrace:main' into patch-2ca9be5fMerge pull request #116 from mat007/patch-1Updates
go.opentelemetry.io/contrib/instrumentation/github.com/gin-gonic/gin/otelginfrom 0.46.1 to 0.49.0Release notes
Sourced from go.opentelemetry.io/contrib/instrumentation/github.com/gin-gonic/gin/otelgin's releases.
... (truncated)
Changelog
Sourced from go.opentelemetry.io/contrib/instrumentation/github.com/gin-gonic/gin/otelgin's changelog.
Looks like these dependencies are updatable in another way, so this is no longer needed.