Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CVE-2024-41110 #167

Closed
euDominic opened this issue Jul 24, 2024 · 0 comments · Fixed by #178
Closed

CVE-2024-41110 #167

euDominic opened this issue Jul 24, 2024 · 0 comments · Fixed by #178
Assignees
@locnnil

Comments

@euDominic
Copy link

Hello.

Are there already efforts to release a new version that fixes the problem?

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41110
GHSA-v23v-6jw2-98fq
https://docs.docker.com/engine/extend/plugins_authorization/

Docker has fixed it with version 27.1.1 (2024-07-23)
https://docs.docker.com/engine/release-notes/27.1/
locnnil added a commit to locnnil/docker-snap that referenced this issue Aug 30, 2024
@locnnil
Update to version 27.2.0
de50fef 
- Rewrote the snappy-apparmor-tweaks patch to ensure it applies correctly.
- Rewrote the snappy-buildkit-git-environ patch to ensure it applies correctly.
- Updated Go from version 1.20 to 1.21.
- Updated Moby from version v24.0.5 to v27.2.0.
- Updated containerd from version v1.6.21 to v1.7.21.
- Updated runc from version v1.1.12 to v1.1.13.
- Solves canonical#167.

Signed-off-by: Lincoln Wallace <lincoln.wallace@canonical.com>
@locnnil locnnil mentioned this issue Aug 30, 2024
Merged
@locnnil locnnil self-assigned this Aug 30, 2024
locnnil added a commit to locnnil/docker-snap that referenced this issue Sep 3, 2024
@locnnil
Update to version 27.2.0
90399e1 
- Rewrote the snappy-apparmor-tweaks patch to ensure it applies correctly.
- Rewrote the snappy-buildkit-git-environ patch to ensure it applies correctly.
- Updated Go from version 1.20 to 1.21.
- Updated Moby from version v24.0.5 to v27.2.0.
- Updated containerd from version v1.6.21 to v1.7.21.
- Updated runc from version v1.1.12 to v1.1.13.
- Solves canonical#167.

Signed-off-by: Lincoln Wallace <lincoln.wallace@canonical.com>
locnnil added a commit that referenced this issue Sep 6, 2024
@locnnil
Update to version 27.2.0 (#178)
e0a4df5 
* Update to version 27.2.0

- Rewrote the snappy-apparmor-tweaks patch to ensure it applies correctly.
- Rewrote the snappy-buildkit-git-environ patch to ensure it applies correctly.
- Updated Go from version 1.20 to 1.21.
- Updated Moby from version v24.0.5 to v27.2.0.
- Updated containerd from version v1.6.21 to v1.7.21.
- Updated runc from version v1.1.12 to v1.1.13.
- Solves #167.

Signed-off-by: Lincoln Wallace <lincoln.wallace@canonical.com>

* fix: justify buildx version based on Dockerfile

Signed-off-by: Lincoln Wallace <lincoln.wallace@canonical.com>

* refact: adulterate patch for identation

Signed-off-by: Lincoln Wallace <lincoln.wallace@canonical.com>

---------

Signed-off-by: Lincoln Wallace <lincoln.wallace@canonical.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@locnnil locnnil

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Update to version 27.2.0 locnnil/docker-snap
2 participants
@locnnil @euDominic