Skip to content
Snippets Groups Projects
Commit 45ac9efb authored by Jake Buchholz Göktürk's avatar Jake Buchholz Göktürk
Browse files

community/docker: security update to 20.10.18 

Fix a security vulnerability relating to supplementary group permissions, which
could allow a container process to bypass primary group restrictions within the
container CVE-2022-36109.

For more details, see: https://github.com/moby/moby/releases/tag/v20.10.18
parent 89a1cb0e
No related branches found
No related tags found
2 merge requests!39304[3.16] main/expat: security upgrade to 2.4.9,!38846community/docker: security update to 20.10.18
Pipeline #135910 passed with warnings
Stage: verify
Hide whitespace changes
Inline Side-by-side
community/docker/APKBUILD
+ 10
8
View file @ 45ac9efb
......@@ -2,10 +2,10 @@
# Contributor: Jake Buchholz Göktürk <tomalok@gmail.com>
# Maintainer: Jake Buchholz Göktürk <tomalok@gmail.com>
pkgname=docker
pkgver=20.10.17
_cli_commit=100c70180fde3601def79a59cc3e996aa553c9b9 # https://github.com/docker/cli/commits/v$pkgver
_moby_commit=a89b84221c8560e7a3dee2a653353429e7628424 # https://github.com/moby/moby/commits/v$pkgver
pkgrel=4
pkgver=20.10.18
_cli_commit=b40c2f6b5deeb11ac6c485c940865ee40664f0f0 # https://github.com/docker/cli/commits/v$pkgver
_moby_commit=e42327a6d3c55ceda3bd5475be7aae6036d02db3 # https://github.com/moby/moby/commits/v$pkgver
pkgrel=0
pkgdesc="Pack, ship and run any application as a lightweight container"
url="https://www.docker.io/"
arch="all"
......@@ -17,11 +17,13 @@ makedepends="go go-md2man btrfs-progs-dev bash linux-headers coreutils lvm2-dev
install="$pkgname.pre-install"
# from https://github.com/moby/moby: grep libnetwork vendor.conf
_libnetwork_commit=f6ccccb1c082a432c2a5814aaedaca56af33d9ea
_libnetwork_commit=0dde5c895075df6e3630e76f750a447cf63f4789
# from https://github.com/docker/cli: grep cobra vendor.conf
_cobra_ver="1.1.1"
# secfixes:
# 20.10.18-r0:
# - CVE-2022-36109
# 20.10.16-r0:
# - CVE-2022-29526
# 20.10.14-r0:
......@@ -203,9 +205,9 @@ cli_zshcomp() {
}
sha512sums="
9c2cff7e248272e234eac9febdfd7c5c844fc65ee4b08fd4ce0f526e4fed33f2d12682d0991ef28b42977b9de2c84d7ef9c6ddd6f31c4e8c34a3985c1cea3316 cli-20.10.17.tar.gz
1def92a4f87695b1889e482947f2bc49342ad868ee15425900b0c6f8954ba77aa2a9a8bd4fc500ba124218603aa8c7127daf7192140cace6e652a311391397c4 moby-20.10.17.tar.gz
d3d9888f39a9247b6e773b0bfe63e6d248c5c155e7032cdbdd5cfacf995cb6b4cf2f0fb51e09c4554a4b994e3c3d7fc9cd2fde6cf8dda34fba6aa07218ac959c libnetwork-f6ccccb1c082a432c2a5814aaedaca56af33d9ea.tar.gz
fe5359015041f99bacf7b674a99ab7772d9e71eb6c6fefd6acb28f2afee4321a7517a53497627ae9cae8c6e0c253971a53d0579a630a3d71986edd7300a0a8ab cli-20.10.18.tar.gz
202f9f4d455329907e87bd95549aa433b6c773d3067cc89d0bd2e087bddfc66faddd6c2019843e42bf3fed6d6584ba4ab61d762f436f8bb164aa11e6280c91c5 moby-20.10.18.tar.gz
d73e2091c9aeefce501f5900d6c0c108d89e7970f1e091f7db4e05123536357311e65aa8210493f2386aaf4d68aac2ddf66c2c600054b87438d2f2ddd7e39584 libnetwork-0dde5c895075df6e3630e76f750a447cf63f4789.tar.gz
a27debc5c971f468e672826659e5c46946187e2307dded8c496084b9fabc5602e68bdfdc08f444f42d6f82f0f2704d01a0c4bde3e5fbe674c7cb14309f0a3328 cobra-1.1.1.tar.gz
3e913a856ce4452ff090764a3320f07b75163b17fa9b95544f74c1690214d416624a82f1e2bef897ef94ac5eda9dbfa961998c6cb9e2fd0aa5f65ff0afcdb426 docker.initd
f25523f43376ccef71a49618e556e0a16db3acad29eb09fe86c4e572562bdea0bc1eabab00159278835ad9d7c007f2cd10b2ed31f7213b0d9074582dc80a976f docker.confd
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment