p4u1/docker-cli
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
v20.10.24
docker-cli/dockerfiles/Dockerfile.e2e
Sebastiaan van Stijn 39a0de9a45 update to go1.19.7 
Includes a security fix for crypto/elliptic (CVE-2023-24532).

> go1.19.7 (released 2023-03-07) includes a security fix to the crypto/elliptic
> package, as well as bug fixes to the linker, the runtime, and the crypto/x509
> and syscall packages. See the Go 1.19.7 milestone on our issue tracker for
> details.

https://go.dev/doc/devel/release#go1.19.minor

From the announcement:

> We have just released Go versions 1.20.2 and 1.19.7, minor point releases.
>
> These minor releases include 1 security fixes following the security policy:
>
> - crypto/elliptic: incorrect P-256 ScalarMult and ScalarBaseMult results
    >
    >   The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an
    >   incorrect result if called with some specific unreduced scalars (a scalar larger
    >   than the order of the curve).
    >
    >   This does not impact usages of crypto/ecdsa or crypto/ecdh.
>
> This is CVE-2023-24532 and Go issue https://go.dev/issue/58647.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 23da1cec6c)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2023-03-28 19:58:03 +02:00

46 lines
1.5 KiB
Docker
Raw Permalink Blame History

ARG GO_VERSION=1.19.7
# Use Debian based image as docker-compose requires glibc.
FROM golang:${GO_VERSION}-buster
RUN apt-get update && apt-get install -y \
build-essential \
curl \
openssl \
openssh-client \
&& rm -rf /var/lib/apt/lists/*
ARG COMPOSE_VERSION=1.29.2
RUN curl -fsSL https://github.com/docker/compose/releases/download/${COMPOSE_VERSION}/docker-compose-`uname -s`-`uname -m` -o /usr/local/bin/docker-compose \
&& chmod +x /usr/local/bin/docker-compose
ARG NOTARY_VERSION=v0.6.1
RUN curl -fsSL https://github.com/theupdateframework/notary/releases/download/${NOTARY_VERSION}/notary-Linux-amd64 -o /usr/local/bin/notary \
&& chmod +x /usr/local/bin/notary
ARG GOTESTSUM_VERSION=1.8.2
RUN curl -fsSL https://github.com/gotestyourself/gotestsum/releases/download/v${GOTESTSUM_VERSION}/gotestsum_${GOTESTSUM_VERSION}_linux_amd64.tar.gz -o gotestsum.tar.gz \
&& tar -xf gotestsum.tar.gz gotestsum \
&& mv gotestsum /usr/local/bin/gotestsum \
&& rm gotestsum.tar.gz
ENV CGO_ENABLED=0 \
DISABLE_WARN_OUTSIDE_CONTAINER=1 \
PATH=/go/src/github.com/docker/cli/build:$PATH
WORKDIR /go/src/github.com/docker/cli
# Trust notary CA cert.
COPY e2e/testdata/notary/root-ca.cert /usr/share/ca-certificates/notary.cert
RUN echo 'notary.cert' >> /etc/ca-certificates.conf && update-ca-certificates
COPY . .
ARG VERSION
ARG GITCOMMIT
ENV VERSION=${VERSION}
ENV GITCOMMIT=${GITCOMMIT}
ENV DOCKER_BUILDKIT=1
RUN ./scripts/build/binary
RUN ./scripts/build/plugins e2e/cli-plugins/plugins/*
CMD ./scripts/test/e2e/entry
Reference in New Issue View Git Blame Copy Permalink