Go to file

Sebastiaan van Stijn 6a0099bc8a cmd/docker-trust: bump golang.org/x/crypto v0.45.0

Hello gophers,

We have tagged version v0.45.0 of golang.org/x/crypto in order to address two
security issues.

This version fixes a vulnerability in the golang.org/x/crypto/ssh package and a
vulnerability in the golang.org/x/crypto/ssh/agent package which could cause
programs to consume unbounded memory or panic respectively.

SSH servers parsing GSSAPI authentication requests don't validate the number of
mechanisms specified in the request, allowing an attacker to cause unbounded
memory consumption.

Thanks to Jakub Ciolek for reporting this issue.

This is CVE-2025-58181 and Go issue https://go.dev/issue/76363.

SSH Agent servers do not validate the size of messages when processing new
identity requests, which may cause the program to panic if the message is
malformed due to an out of bounds read.

Thanks to Jakub Ciolek for reporting this issue.

This is CVE-2025-47914 and Go issue https://go.dev/issue/76364.

Cheers, Go Security team

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

2025-11-27 14:38:30 +01:00

.github

build(deps): bump actions/checkout from 5 to 6

2025-11-21 08:04:55 +00:00

cli

image/tree: Allow image names to overflow instead of truncating

2025-11-24 22:12:37 +01:00

cli-plugins

update minimum go version to go1.24

2025-11-05 08:24:06 +01:00

cmd

cmd/docker-trust: bump golang.org/x/crypto v0.45.0

2025-11-27 14:38:30 +01:00

contrib

completion/zsh: Allow multiple volumes of 'volume rm'

2025-11-04 09:36:42 +01:00

dockerfiles

Merge pull request #6121 from thaJeztah/trust_plugin

2025-11-06 20:29:58 +01:00

docs

chore: update link/linktext to dockerd proxy config

2025-11-17 11:00:04 +01:00

e2e

e2e: add docker v29-rc

2025-10-31 17:56:37 +01:00

experimental

deprecate experimental graphdriver plugins

2024-06-18 16:47:00 +02:00

internal

image/tree: Respect NO_COLOR env variable

2025-11-13 14:56:27 +01:00

man

docs: update some versions in examples

2025-10-10 21:23:30 +02:00

opts

opts: FilterOpt: show empty string if no values are set

2025-10-13 12:09:26 +02:00

pkg/kvfile

move parsing key-value files to a separate package

2024-10-04 12:27:10 +02:00

scripts

scripts/build/binary: remove pkcs11 build tag

2025-11-06 15:24:49 +01:00

templates

update minimum go version to go1.24

2025-11-05 08:24:06 +01:00

vendor

Merge pull request #6643 from thaJeztah/bump_modules2

2025-11-10 22:04:44 +01:00

.codecov.yml

rename codecov.yml to .codecov.yml

2025-07-01 16:20:54 +02:00

.dockerignore

move winresources into cmd/docker

2025-03-08 22:20:09 +01:00

.gitattributes

fix: binary file line endings

2024-09-06 10:23:23 +02:00

.gitignore

move winresources into cmd/docker

2025-03-08 22:20:09 +01:00

.golangci.yml

update to go1.25.4

2025-11-06 14:24:03 +01:00

.mailmap

update mailmap and authors

2025-09-06 00:06:56 +02:00

AUTHORS

update mailmap and authors

2025-09-06 00:06:56 +02:00

CONTRIBUTING.md

chore: update commit guidelines in CONTRIBUTING.md

2024-11-26 12:38:28 +01:00

docker-bake.hcl

update to go1.25.4

2025-11-06 14:24:03 +01:00

docker.Makefile

workflow/e2e: only run experimental daemon

2025-03-10 12:26:20 +01:00

Dockerfile

Merge pull request #6121 from thaJeztah/trust_plugin

2025-11-06 20:29:58 +01:00

LICENSE

Add project files

2017-04-17 17:49:33 -04:00

MAINTAINERS

not actually a maintainer

2023-11-10 21:35:15 +01:00

Makefile

make trust-plugin a separate module

2025-11-06 15:24:48 +01:00

NOTICE

Removed all mentions of "please" from docs and messages

2024-06-11 16:53:40 +02:00

README.md

README: update pkg.go.dev badge, add OpenSSF scorecard

2024-10-12 22:12:38 +02:00

SECURITY.md

add security policy

2024-08-05 11:58:34 +02:00

TESTING.md

tweak description of login/logout

2022-04-04 10:44:11 +02:00

vendor.mod

Merge pull request #6643 from thaJeztah/bump_modules2

2025-11-10 22:04:44 +01:00

vendor.sum

Merge pull request #6643 from thaJeztah/bump_modules2

2025-11-10 22:04:44 +01:00

VERSION

bump version to v29.0.0-dev

2025-07-31 18:17:29 +02:00

README.md

Docker CLI

About

This repository is the home of the Docker CLI.

Development

docker/cli is developed using Docker.

Build CLI from source:

docker buildx bake

Build binaries for all supported platforms:

docker buildx bake cross

Build for a specific platform:

docker buildx bake --set binary.platform=linux/arm64

Build dynamic binary for glibc or musl:

USE_GLIBC=1 docker buildx bake dynbinary

Run all linting:

docker buildx bake lint shellcheck

Run test:

docker buildx bake test

List all the available targets:

make help

In-container development environment

Start an interactive development environment:

make -f docker.Makefile shell

Legal

Brought to you courtesy of our legal counsel. For more context, see the NOTICE document in this repo.

Use and transfer of Docker may be subject to certain restrictions by the United States and other governments.

It is your responsibility to ensure that your use and/or transfer does not violate applicable laws.

For more information, see https://www.bis.doc.gov

Licensing

docker/cli is licensed under the Apache License, Version 2.0. See LICENSE for the full license text.

Languages

Go 92%

Shell 5.5%

Dockerfile 1.1%

Go-Checksums 0.9%

Makefile 0.3%

Other 0.2%