Go to file

Sebastiaan van Stijn a27466fb6f vendor: golang.org/x/net v0.17.0

full diff: https://github.com/golang/net/compare/v0.10.0...v0.17.0

This fixes the same CVE as go1.21.3 and go1.20.10;

- net/http: rapid stream resets can cause excessive work

  A malicious HTTP/2 client which rapidly creates requests and
  immediately resets them can cause excessive server resource consumption.
  While the total number of requests is bounded to the
  http2.Server.MaxConcurrentStreams setting, resetting an in-progress
  request allows the attacker to create a new request while the existing
  one is still executing.

  HTTP/2 servers now bound the number of simultaneously executing
  handler goroutines to the stream concurrency limit. New requests
  arriving when at the limit (which can only happen after the client
  has reset an existing, in-flight request) will be queued until a
  handler exits. If the request queue grows too large, the server
  will terminate the connection.

  This issue is also fixed in golang.org/x/net/http2 v0.17.0,
  for users manually configuring HTTP/2.

  The default stream concurrency limit is 250 streams (requests)
  per HTTP/2 connection. This value may be adjusted using the
  golang.org/x/net/http2 package; see the Server.MaxConcurrentStreams
  setting and the ConfigureServer function.

  This is CVE-2023-39325 and Go issue https://go.dev/issue/63417.
  This is also tracked by CVE-2023-44487.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>

2023-10-13 20:56:02 +02:00

.circleci

dummy circleci config

2022-02-25 21:15:39 +01:00

.github

update to go1.21.3

2023-10-11 20:02:33 +02:00

cli

mount: add bind-recursive=<bool|string> and deprecate bind-nonrecursive=<bool>

2023-10-01 02:58:17 +09:00

cli-plugins

cli: SetupRootCommand: remove redundant flags return

2023-06-28 16:26:50 +02:00

cmd/docker

appcontext: remove unused parts

2023-09-28 00:05:00 +02:00

contrib/completion

Stop slowing bash init by caching plugins path slowly

2023-08-23 13:40:29 +03:00

dockerfiles

update to go1.21.3

2023-10-11 20:02:33 +02:00

docs

docs: fix duplicate words in "docker tag" reference

2023-09-14 13:44:39 +02:00

e2e

update to go1.21.3

2023-10-11 20:02:33 +02:00

experimental

experimental: fix broken link to "checkpoint and restore" page

2021-09-07 13:30:48 +02:00

internal/test

e2e: Skip tests with platform-specific digests on other platforms

2023-04-27 10:57:56 +02:00

man

update go-md2man to v2.0.3

2023-10-11 18:26:14 +02:00

opts

mount: add bind-recursive=<bool|string> and deprecate bind-nonrecursive=<bool>

2023-10-01 02:58:17 +09:00

scripts

update go-md2man to v2.0.3

2023-10-11 18:26:14 +02:00

service/logs

service/logs: use strings.Cut

2022-12-29 15:19:31 +01:00

templates

staticcheck: ignore SA1019: strings.Title is deprecated

2022-03-28 17:23:06 +02:00

vendor

vendor: golang.org/x/net v0.17.0

2023-10-13 20:56:02 +02:00

.dockerignore

validate manpages target

2022-02-25 17:11:17 +01:00

.gitattributes

fix linguist with .gitattributes

2021-12-16 21:16:02 +01:00

.gitignore

validate manpages target

2022-02-25 17:11:17 +01:00

.golangci.yml

update golangci-lint to v1.54.2

2023-08-29 14:21:47 +02:00

.mailmap

Update mailmap and AUTHORS

2022-12-01 10:04:48 +01:00

AUTHORS

Update AUTHORS header to indicate it's generated

2022-12-01 10:05:22 +01:00

codecov.yml

Drop support for (archived) Compose-on-Kubernetes

2022-02-22 13:47:34 +01:00

CONTRIBUTING.md

CONTRIBUTING.md: update links

2023-08-25 14:09:07 +02:00

docker-bake.hcl

update to go1.21.3

2023-10-11 20:02:33 +02:00

docker.Makefile

docs: generate markdown

2023-01-06 22:36:47 +01:00

Dockerfile

update to go1.21.3

2023-10-11 20:02:33 +02:00

LICENSE

Add project files

2017-04-17 17:49:33 -04:00

MAINTAINERS

MAINTAINERS: add myself as curator

2023-02-07 10:13:53 -07:00

Makefile

docs: generate markdown

2023-01-06 22:36:47 +01:00

NOTICE

switch kr/pty to creack/pty v1.1.7

2019-07-29 16:45:41 -07:00

README.md

README: fix badges

2023-01-13 19:18:26 +01:00

TESTING.md

tweak description of login/logout

2022-04-04 10:44:11 +02:00

vendor.mod

vendor: golang.org/x/net v0.17.0

2023-10-13 20:56:02 +02:00

vendor.sum

vendor: golang.org/x/net v0.17.0

2023-10-13 20:56:02 +02:00

VERSION

Update version to v25.0.0-dev

2023-05-08 08:57:19 +02:00

README.md

Docker CLI

About

This repository is the home of the cli used in the Docker CE and Docker EE products.

Development

docker/cli is developed using Docker.

Build CLI from source:

docker buildx bake

Build binaries for all supported platforms:

docker buildx bake cross

Build for a specific platform:

docker buildx bake --set binary.platform=linux/arm64

Build dynamic binary for glibc or musl:

USE_GLIBC=1 docker buildx bake dynbinary

Run all linting:

docker buildx bake lint shellcheck

Run test:

docker buildx bake test

List all the available targets:

make help

In-container development environment

Start an interactive development environment:

make -f docker.Makefile shell

Legal

Brought to you courtesy of our legal counsel. For more context, please see the NOTICE document in this repo.

Use and transfer of Docker may be subject to certain restrictions by the United States and other governments.

It is your responsibility to ensure that your use and/or transfer does not violate applicable laws.

For more information, please see https://www.bis.doc.gov

Licensing

docker/cli is licensed under the Apache License, Version 2.0. See LICENSE for the full license text.

Languages

Go 92%

Shell 5.5%

Dockerfile 1.1%

Go-Checksums 0.9%

Makefile 0.3%

Other 0.2%