qdm12 / deunhealth

Binary program to restart unhealthy Docker containers
MIT License
124 stars 8 forks source link

Build(deps): bump github.com/docker/docker from 20.10.9+incompatible to 20.10.14+incompatible #32

Closed dependabot[bot] closed 2 years ago

dependabot[bot] commented 2 years ago

Bumps github.com/docker/docker from 20.10.9+incompatible to 20.10.14+incompatible.

Release notes

Sourced from github.com/docker/docker's releases.

v20.10.14

This release of Docker Engine updates the default inheritable capabilities for containers to address CVE-2022-24769, a new version of the containerd.io runtime is also included to address the same issue.

Daemon

  • Update the default inheritable capabilities.

Builder

  • Update the default inheritable capabilities for containers used during build.

Packaging

  • Update containerd (containerd.io package) to v1.5.11.
  • Update docker buildx to v0.8.1.

v20.10.13

This release of Docker Engine contains some bug-fixes and packaging changes, updates to the docker scan and docker buildx commands, an updated version of the Go runtime, and new versions of the containerd.io runtime. Together with this release, we now also provide .deb and .rpm packages of Docker Compose V2, which can be installed using the (optional) docker-compose-plugin package.

Builder

  • Updated the bundled version of buildx to v0.8.0.

Daemon

  • Fix a race condition when updating the container's state moby/moby#43166.
  • Update the etcd dependency to prevent the daemon from incorrectly holding file locks moby/moby#43259
  • Fix detection of user-namespaces when configuring the default net.ipv4.ping_group_range sysctl moby/moby#43084.

Distribution

  • Retry downloading image-manifests if a connection failure happens during image pull moby/moby#43333.

Documentation

  • Various fixes in command-line reference and API documentation.

Logging

  • Prevent an OOM when using the "local" logging driver with containers that produce a large amount of log messages moby/moby#43165.

... (truncated)

Commits
  • 87a90dc Merge pull request #43417 from thaJeztah/20.10_update_containerd_binary_1.5.11
  • 7dfe7a1 [20.10] update containerd binary to 1.5.11
  • 7f375bc Merge pull request from GHSA-2mm7-x5h6-5pvq
  • cf0abad Merge pull request #43416 from thaJeztah/20.10_update_containerd2
  • af953d2 [20.10] vendor: containerd 7cfa023d95d37076d5ab035003d4839f4b6ba791
  • dd38613 oci: inheritable capability set should be empty
  • 906f57f Merge pull request #43333 from pete-woods/20.10-backport-43291-schema-downloa...
  • ce3b6d1 distribution: retry downloading schema config on retryable error
  • c3dec60 Merge pull request #43329 from thaJeztah/20.10_backport_update_containerd_bin...
  • 180f3b9 update containerd binary to v1.5.10
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 2 years ago

Superseded by #42.