full diff: 0ec596719c...d3ef23f19f
- fs: support for OpenBSD
- sysx/xattr: fix and improve
- remove Windows' Readlink fork
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
- Remove dependency on libcontainer/system
- Get rid of socat for port forwarding
- Roll docker/distribution back to latest (v2.7.1) release
Now that 901bcb2231 was merged in containerd,
we no longer depend on the ParseDockerRef utility from docker/distribution,
so we can safely roll back to the latest release for this dependency.
- vendor: kubernetes v1.18.2
Fix client watch reestablishment handling of client-side timeouts
- Add config flag to default empty seccomp profile
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Now that 901bcb2231 was merged in containerd,
we no longer depend on the ParseDockerRef utility from docker/distribution,
so we can safely roll back to the latest release for this dependency.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Reverts change from tagged versions to sha.
Removes tag ambiguity on what version a sha points to when multiple tags available.
Makes comparing versions from previous releases more straight forward, without parsing potentially incorrect comment.
Fixes sync issue between tag in comment and sha, the selinux comment was incorrect here.
Updates reflect2 library to correctly tagged version, includes global variable fix.
Signed-off-by: Derek McGowan <derek@mcg.dev>
full diff: https://github.com/sirupsen/logrus/compare/v1.5.0...v1.6.0
- Add flag to disable quotes in TextFormatter
- Revert "fix race conditions on entry"
- fixes Deadlock during Entry.Infof after upgrade to v1.5.0
- fixes Deadlock when using WithField inside of hook
- fixes Overly-aggressive mutex locks
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
- relates to moby/buildkit 1111
- relates to moby/buildkit 1079
- relates to docker/buildx 129
full diff: 9461782956...e31b211e4f
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
full diff: https://github.com/go-yaml/yaml/compare/v2.2.4...v2.2.8
includes:
- go-yaml/yaml@f90ceb4 Fix check for non-map alias merging in v2
- fix for "yaml.Unmarshal crashes on "assignment to entry in nil map""
- go-yaml/yaml 543 Port stale simple_keys fix to v2
- go-yaml/yaml@1f64d61 Fix issue in simple_keys improvements
- fixes "Invalid simple_keys now cause panics later in decode"
- go-yaml/yaml 555 Optimize cases with long potential simple_keys
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
full diff: 60c769a6c5...69ecbb4d6d
Includes 69ecbb4d6d
(forward-port of 8b5121be2f),
to address CVE-2020-7919:
Panic in crypto/x509 certificate parsing and golang.org/x/crypto/cryptobyte
On 32-bit architectures, a malformed input to crypto/x509 or the ASN.1 parsing
functions of golang.org/x/crypto/cryptobyte can lead to a panic.
The malformed certificate can be delivered via a crypto/tls connection to a
client, or to a server that accepts client certificates. net/http clients can
be made to crash by an HTTPS server, while net/http servers that accept client
certificates will recover the panic and are unaffected.
Thanks to Project Wycheproof for providing the test cases that led to the
discovery of this issue. The issue is CVE-2020-7919 and Go issue golang.org/issue/36837.
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
