beenull/moby

Author	SHA1	Message	Date
Sebastiaan van Stijn	b4ca19a992	vendor: docker/libnetwork 026aabaa659832804b01754aaadd2c0f420c68b6 (bump_19.03 branch) full diff: `153d0769a1...026aabaa65` - Fix 'failed to get network during CreateEndpoint' - log error instead if disabling IPv6 router advertisement failed Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2020-06-17 15:59:05 +02:00
Tibor Vass	77e06fda0c	vendor libnetwork to 153d0769a1181bf591a9637fd487a541ec7db1e6 Signed-off-by: Tibor Vass <tibor@docker.com>	2020-05-31 23:42:53 +00:00
Tibor Vass	9482566a5c	vendor libnetwork to 71d4d82a5ce50453b1121d95544f0a2ae95bef9b Signed-off-by: Tibor Vass <tibor@docker.com>	2020-05-28 10:52:02 +00:00
Tonis Tiigi	a76633684b	vendor: update buildkit to a7d7b7f1 Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>	2020-05-11 16:28:55 -07:00
Sebastiaan van Stijn	edf2c49410	vendor: pkg/errors v0.9.1 full diff: https://github.com/pkg/errors/compare/v0.8.1...v0.9.1 Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit `dc089c22ce`) Signed-off-by: Brian Goff <cpuguy83@gmail.com>	2020-05-07 12:22:58 -07:00
Sebastiaan van Stijn	63841af153	[19.03] vendor: buildkit v0.6.4-5-g59e305aa full diff: `b26cff2413...59e305aa33` - moby/buildkit#1469 Avoid creation of irrelevant temporary files on Windows - backport of moby/buildkit#1462 for the docker-19.03/v0.6 branch Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2020-04-30 17:13:00 +02:00
Sebastiaan van Stijn	e4f239d68e	[19.03] vendor: swarmkit 0b8364e7d08aa0e972241eb59ae981a67a587a0e full diff: `062b694b46...0b8364e7d0` - Fix leaking tasks.db Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2020-04-16 21:55:43 +02:00
Sebastiaan van Stijn	e149ff62fe	vendor: update go-events to fix alignment for 32bit systems - relates to moby/buildkit 1111 - relates to moby/buildkit 1079 - relates to docker/buildx 129 full diff: `9461782956...e31b211e4f` Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit `e7183dbfe9`) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2020-04-15 21:17:11 +02:00
Sebastiaan van Stijn	a6beb24dc5	[19.03] update libnetwork b9bcf0c3fba9ef8897c9676c5b70ba0345b84b17 full diff: `0941c3f409...b9bcf0c3fb` - docker/libnetwork#2545 Fix NPE due to null value returned by ep.Iface() - backport of docker/libnetwork#2544 - addresses docker/docker#37506 Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2020-04-10 20:34:31 +02:00
Sebastiaan van Stijn	08a2fe0d56	[19.03] vendor buildkit b26cff2413cc6a466f8739262efa13bd126f8fc7 full diff: https://github.com/moby/buildkit/compare/v0.6.4...b26cff2413cc6a466f8739262efa13bd126f8fc7 - solver: avoid looping over same keys in loadwithparents Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2020-04-06 19:06:25 +02:00
Sebastiaan van Stijn	359edd8cbf	[19.03] vendor: containerd 481103c8793316c118d9f795cde18060847c370e full diff: `7c1e88399e...481103c879` - Fix error handling for task deletion - Fix fd leak of shim log - Fix killall when use pidnamespace - Improve ARM platform matching Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2020-03-30 19:36:07 +02:00
Sam Whited	021258661b	Update libnetwork and DNS library This makes sure that we don't become vulnerable to CVE-2018-17419 or CVE-2019-19794 in the future. While we are not currently vulnerable to either, there is a risk that a PR could be made which uses one of the vulnerable methods in the future, so it's worth going ahead and updating to ensure that a simple PR that would easily pass code review doesn't lead to a vulnerability. Signed-off-by: Sam Whited <sam@samwhited.com>	2020-03-27 09:53:11 -04:00
Tonis Tiigi	aa6a9891b0	vendor: add local copy of archive/tar This version avoids doing name lookups on creating tarball that should be avoided in to not hit loading glibc shared libraries. Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>	2020-03-09 21:45:05 +00:00
Sebastiaan van Stijn	bb19f8cc90	Merge pull request #40566 from thaJeztah/19.03_backport_bump_grpc [19.03 backport] bump google.golang.org/grpc v1.23.1	2020-02-28 18:17:14 +01:00
Akihiro Suda	a515a320f2	Merge pull request #40547 from thaJeztah/19.03_backport_update_selinux_v1.3.1 [19.03 backport] vendor: update opencontainers/selinux v1.3.1	2020-02-25 09:40:40 +09:00
Sebastiaan van Stijn	ce1b8c8c93	bump google.golang.org/grpc v1.23.1 full diff: https://github.com/grpc/grpc-go/compare/v1.23.0...v1.23.1 - grpc/grpc-go#3018 server: set and advertise max frame size of 16KB - grpc/grpc-go#3017 grpclb: fix deadlock in grpclb connection cache - Before the fix, if the timer to remove a SubConn fires at the same time NewSubConn cancels the timer, it caused a mutex leak and deadlock. Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit `39ad39d220`) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2020-02-22 16:11:05 +01:00
Sebastiaan van Stijn	b47f177f20	vendor: update buildkit v0.6.4 full diff: `57e8ad5217`...v0.6.4 - buildkit#1374 [v0.6] ops: fix deadlock on releasing shared mounts - backport of buildkit#1355 ops: fix deadlock on releasing shared mounts - fixes buildkit#1322 Deadlock on cache mounts Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2020-02-22 12:28:37 +01:00
Sebastiaan van Stijn	2b130c28ca	vendor: update opencontainers/selinux v1.3.1 full diff: `5215b1806f`...v1.3.1 Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit `12c7541f1f`) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2020-02-20 15:22:08 +01:00
Akihiro Suda	d3dab1f618	update runc library to v1.0.0-rc10 (CVE-2019-19921) Notable changes: * Fix CVE-2019-19921 (Volume mount race condition with shared mounts): https://github.com/opencontainers/runc/pull/2207 * Fix exec FIFO race: https://github.com/opencontainers/runc/pull/2185 * Basic support for cgroup v2. Almost feature-complete, but still missing support for systemd mode in rootless. See also https://github.com/opencontainers/runc/issues/2209 for the known issues. Full changes: https://github.com/opencontainers/runc/compare/v1.0.0-rc9...v1.0.0-rc10 Also updates go-selinux: `3a1f366feb...5215b1806f` (See https://github.com/containerd/cri/pull/1383#issuecomment-578227009) Signed-off-by: Akihiro Suda <akihiro.suda.cz@hco.ntt.co.jp> (cherry picked from commit `6d68080907`) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2020-02-04 18:41:02 +01:00
Tonis Tiigi	a836daf6c5	vendor: update buildkit to 57e8ad5 Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>	2020-02-04 17:15:19 +00:00
Brian Goff	3ba45cef16	Merge pull request #40432 from thaJeztah/19.03_bump_swarmkit [19.03] vendor: bump swarmkit 062b694b46c0744d601eebef79f3f7433d808a04	2020-02-04 17:15:19 +00:00
Sebastiaan van Stijn	0dd0af939f	[19.03] vendor: bump swarmkit 062b694b46c0744d601eebef79f3f7433d808a04 full diff: `f35d9100f2...062b694b46` changes: - docker/swarmkit#2927 [19.03 backport] Fix leaking subscription contexts - backport of docker/swarmkit#2926 Fix leaking log subscription contexts - addresses moby/moby#39916 Dockerd eats too much RAM Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2020-02-04 17:15:19 +00:00
Sebastiaan van Stijn	7b575f9813	vendor: update golang.org/x/crypto 69ecbb4d6d5dab05e49161c6e77ea40a030884e1 full diff: `88737f569e...69ecbb4d6d` Includes `69ecbb4d6d` (forward-port of `8b5121be2f`), which fixes CVE-2020-7919: - Panic in crypto/x509 certificate parsing and golang.org/x/crypto/cryptobyte On 32-bit architectures, a malformed input to crypto/x509 or the ASN.1 parsing functions of golang.org/x/crypto/cryptobyte can lead to a panic. The malformed certificate can be delivered via a crypto/tls connection to a client, or to a server that accepts client certificates. net/http clients can be made to crash by an HTTPS server, while net/http servers that accept client certificates will recover the panic and are unaffected. Thanks to Project Wycheproof for providing the test cases that led to the discovery of this issue. The issue is CVE-2020-7919 and Go issue golang.org/issue/36837. Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit `b606c8e440`) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2020-02-04 17:15:19 +00:00
Sebastiaan van Stijn	6949793bb1	Merge pull request #429 from thaJeztah/19.03_backport_windows_1903_fixes [19.03 backport] bump hcsshim to fix docker build failing on Windows 1903	2020-01-23 20:48:16 +01:00
Sebastiaan van Stijn	78571e9049	Merge pull request #439 from arkodg/19.03 [19.03] Bump 19.03 libnetwork refpoint	2020-01-23 20:23:38 +01:00
Tonis Tiigi	68b270b97c	vendor: update buildkit to 926935b5 Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>	2020-01-21 15:50:25 -08:00
Arko Dasgupta	89c5fbacfd	Bump 19.03 libnetwork refpoint [19.03 backport] bridge: Fix hwaddr set race between us and udev Signed-off-by: Arko Dasgupta <arko.dasgupta@docker.com>	2020-01-16 16:54:52 -08:00
Vikram bir Singh	e2f226b5b4	Bump hcsshim to b3f49c06ffaeef24d09c6c08ec8ec8425a Among other things, this is required to pull in microsoft/hcsshim#718 Also fixes microsoft/hcsshim#737 which was caught by checks while attempting to bump up hcsshim version. Signed-off-by: Vikram bir Singh <vikrambir.singh@docker.com> (cherry picked from commit `a7b6c3f0bf`) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2019-12-03 16:16:30 +01:00
Sebastiaan van Stijn	1f18c73c09	bump Microsoft/hcsshim 2226e083fc390003ae5aa8325c3c92789afa0e7a Adds osversion.Build() utility Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit `a5341aaf32`) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2019-12-03 16:16:13 +01:00
Sebastiaan van Stijn	9ab162a73a	bump containerd/cgroups 5fbad35c2a7e855762d3c60f2e474ffcad0d470a full diff: `c4b9ac5c76...5fbad35c2a` - containerd/cgroups#82 Add go module support - containerd/cgroups#96 Move metrics proto package to stats/v1 - containerd/cgroups#97 Allow overriding the default /proc folder in blkioController - containerd/cgroups#98 Allows ignoring memory modules - containerd/cgroups#99 Add Go 1.13 to Travis - containerd/cgroups#100 stats/v1: export per-cgroup stats Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit `27552ceb15`) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2019-12-03 16:03:22 +01:00
Sebastiaan van Stijn	fe00613d06	bump containerd/cgroups c4b9ac5c7601384c965b9646fc515884e091ebb9 full diff: github.com/containerd/cgroups `4994991857...c4b9ac5c76` changes included: - containerd/cgroups#81 Add network stats - addresses containerd/cgroups#80 Add network metrics - containerd/cgroups#85 Fix cgroup hugetlb size prefix for kB - addresses kubernetes/kubernetes#77169 Permission denied on hugetlb due to wrong filename - relates to opencontainers/runc#2065 Fix cgroup hugetlb size prefix for kB - containerd/cgroups#88 cgroups: fix MoveTo function fail problem - containerd/cgroups#92 fixed an issue with invalid soft memory limits - containerd/cgroups#93 avoid adding io_serviced and io_service_bytes duplicately - fixes containerd/containerd#3412 collected metric container_blkio_io_serviced_recursive_total: was collected before with the same name and label values Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit `0af1099a81`) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2019-12-03 15:58:15 +01:00
Grant Millar	d3d724e45a	daemon: Use short libnetwork ID in exec-root & update libnetwork also updates libnetwork to d9a6682a4dbb13b1f0d8216c425fe9ae010a0f23 full diff: `3eb39382bf...d9a6682a4d` - docker/libnetwork#2482 [19.03 backport] Shorten controller ID in exec-root to not hit UNIX_PATH_MAX - docker/libnetwork#2483 [19.03 backport] Fix panic in drivers/overlay/encryption.go Signed-off-by: Grant Millar <rid@cylo.io> (cherry picked from commit `df7b8f458a`) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2019-11-21 14:30:33 +01:00
Tonis Tiigi	33b2719488	vendor: update buildkit to 928f3b48 Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>	2019-11-12 18:17:50 -08:00
Andrew Hsu	075a0201b9	Merge pull request #374 from thaJeztah/19.03_backport_add_tc_dynamic_ingress_network [19.03 backport] Add TC to check dynamic subnet for ingress network	2019-11-05 20:12:14 -08:00
Tonis Tiigi	25162d4a4e	vendor: update buildkit to ff93519ee Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>	2019-11-04 16:06:35 -08:00
Sebastiaan van Stijn	0c38d56a6d	Revert "Revert "[19.03] bump swarmkit to f35d9100f2c6ac810cc8d7de6e8f93dcc7a42d29"" This reverts commit `ef4366ee89`. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2019-10-31 17:46:54 +01:00
Sebastiaan van Stijn	54a58760b6	[19.03 backport] revert controller: Check if IPTables is enabled for arrangeUserFilterRule This change caused a regression, causing the DOCKER-USER chain to not be created, despite iptables being enabled on the daemon. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2019-10-11 21:10:48 +02:00
Sebastiaan van Stijn	fb0fca8607	[19.03] roll-back libnetwork iptables forward policy change The patch made in docker/libnetwork#2450 caused a breaking change in the networking behaviour, causing Kubernetes installations on Docker Desktop (and possibly other setups) to fail. Rolling back this change in the 19.03 branch while we investigate if there are alternatives. diff: `45c710223c...96bcc0dae8` Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2019-10-07 18:11:13 +02:00
Andrew Hsu	b6a7124855	Merge pull request #383 from thaJeztah/19.03_backport_test_fixes_2 [19.03 backport] Testing and Jenkinsfile changes [step 2]	2019-09-27 16:58:30 -07:00
Sebastiaan van Stijn	3136dea250	Re-group vendor.conf deps to reflect reality Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit `05a0621fd0`) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2019-09-27 16:25:56 +02:00
Sebastiaan van Stijn	8ddb4c4e95	bump runc vendor v1.0.0-rc8-92-g84373aaa full diff: https://github.com/opencontainers/runc/compare/v1.0.0-rc8...3e425f80a8c931f88e6d94a8c831b9d5aa481657 - opencontainers/runc#2010 criu image path permission error when checkpoint rootless container - opencontainers/runc#2028 Update to Go 1.12 and drop obsolete versions - opencontainers/runc#2029 Update dependencies - opencontainers/runc#2034 Support for logging from children processes - opencontainers/runc#2035 specconv: always set "type: bind" in case of MS_BIND - opencontainers/runc#2038 `r.destroy` can defer exec in `runner.run` method - opencontainers/runc#2041 Change the permissions of the notify listener socket to rwx for everyone - opencontainers/runc#2042 libcontainer: intelrdt: add missing destroy handler in defer func - opencontainers/runc#2047 Move systemd.Manager initialization into a function in that module - opencontainers/runc#2057 main: not reopen /dev/stderr - closes opencontainers/runc#2056 Runc + podman\|cri-o + systemd issue with stderr - closes kubernetes/kubernetes#77615 kubelet fails starting CRI-O containers (Ubuntu 18.04 + systemd cgroups driver) - closes cri-o/cri-o#2368 Joining worker node not starting flannel or kube-proxy / CRI-O error "open /dev/stderr: no such device or address" - opencontainers/runc#2061 libcontainer: fix TestGetContainerState to check configs.NEWCGROUP - opencontainers/runc#2065 Fix cgroup hugetlb size prefix for kB - opencontainers/runc#2067 libcontainer: change seccomp test for clone syscall - opencontainers/runc#2074 Update dependency libseccomp-golang - opencontainers/runc#2081 Bump CRIU to 3.12 - opencontainers/runc#2089 doc: First process in container needs `Init: true` - opencontainers/runc#2094 Skip searching /dev/.udev for device nodes - closes opencontainers/runc#2093 HostDevices() race with older udevd versions - opencontainers/runc#2098 man: fix man-pages - opencontainers/runc#2103 cgroups/fs: check nil pointers in cgroup manager - opencontainers/runc#2107 Make get devices function public - opencontainers/runc#2113 libcontainer: initial support for cgroups v2 - opencontainers/runc#2116 Avoid the dependency on cgo through go-systemd/util package - removes github.com/coreos/pkg as dependency - opencontainers/runc#2117 Remove libcontainer detection for systemd features - fixes opencontainers/runc#2117 Cache the systemd detection results - opencontainers/runc#2119 libcontainer: update masked paths of /proc - relates to moby/moby#36368 Add /proc/keys to masked paths - relates to moby/moby#38299 Masked /proc/asound - relates to moby/moby#37404 Add /proc/acpi to masked paths (CVE-2018-10892) - opencontainers/runc#2122 nsenter: minor fixes - opencontainers/runc#2123 Bump x/sys and update syscall for initial Risc-V support - opencontainers/runc#2125 cgroup: support mount of cgroup2 - opencontainers/runc#2126 libcontainer/nsenter: Don't import C in non-cgo file - opencontainers/runc#2129 Only allow proc mount if it is procfs - addresses opencontainers/runc#2129 AppArmor can be bypassed by a malicious image that specifies a volume at /proc (CVE-2019-16884) Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit `ac0ab114a2`) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2019-09-27 16:25:48 +02:00
Tibor Vass	c3d8cb99a0	vendor: remove vdemeester/shakers and go-check/check Signed-off-by: Tibor Vass <tibor@docker.com> (cherry picked from commit `3aa4ff64aa`) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2019-09-26 23:52:41 +02:00
Sebastiaan van Stijn	559be42fc2	bump libnetwork to 96bcc0dae898308ed659c5095526788a602f4726 full diff: `92d1fbe1eb...96bcc0dae8` changes included: - docker/libnetwork#2429 Updating IPAM config with results from HNS create network call - addresses moby/moby#38358 - docker/libnetwork#2450 Always configure iptables forward policy - related to moby/moby#14041 and docker/libnetwork#1526 Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit `75477f0b3c`) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2019-09-24 20:45:32 +02:00
Andrew Hsu	0ff52c285d	Merge pull request #289 from thaJeztah/19.03_backport_bump_gorilla_mux [19.03 backport] bump gorilla/mux v1.7.2	2019-09-24 11:36:24 -07:00
Andrew Hsu	53b9d440b8	Merge pull request #373 from tonistiigi/19.03-buildkit [19.03] vendor: update buildkit for 19.03	2019-09-23 15:43:25 -07:00
Andrew Hsu	c27f11fa2e	Merge pull request #340 from thaJeztah/19.03_backport_bump_grpc [19.03 backport] bump google.golang.org/grpc v1.23.0 (CVE-2019-9512, CVE-2019-9514, CVE-2019-9515)	2019-09-23 09:32:43 -07:00
Tonis Tiigi	b71e1008a5	vendor: update buildkit for 19.03 Signed-off-by: Tonis Tiigi <tonistiigi@gmail.com>	2019-09-23 09:23:35 -07:00
Sebastiaan van Stijn	ef4366ee89	Revert "[19.03] bump swarmkit to f35d9100f2c6ac810cc8d7de6e8f93dcc7a42d29" This reverts commit `02465c9f9d`. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2019-09-21 10:32:58 +02:00
Sebastiaan van Stijn	486953e2ff	bump gorilla/mux v1.7.2 full diff: https://github.com/gorilla/mux/compare/v1.7.0...v1.7.2 includes: - gorilla/mux#457 adding Router.Name to create new Route - gorilla/mux#447 host:port matching does not require a :port to be specified Signed-off-by: Sebastiaan van Stijn <github@gone.nl> (cherry picked from commit `25b451e01b`) Signed-off-by: Sebastiaan van Stijn <github@gone.nl>	2019-09-20 19:07:11 +02:00
Andrew Hsu	2399b7a91b	Merge pull request #369 from thaJeztah/19.03_bump_swarmkit [19.03] bump swarmkit to f35d9100f2c6ac810cc8d7de6e8f93dcc7a42d29	2019-09-19 17:48:36 -07:00

1 2 3 4 5 ...

742 commits