Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

new release of docker/dockerfile image to fix CVE-2024-41110 #5201

Open
akhal3d96 opened this issue Jul 30, 2024 · 3 comments
Open

new release of docker/dockerfile image to fix CVE-2024-41110 #5201

akhal3d96 opened this issue Jul 30, 2024 · 3 comments
Labels
kind/invalid

Comments

@akhal3d96
Copy link

akhal3d96 commented Jul 30, 2024
edited
Loading

docker/dockerfile image is using github.com/docker/docker v27.0.3+incompatible as a dependency which is affected by CVE-2024-41110. I can see that the master branch already fixed this. Could you please release a new frontend image with a different tag :) ?
@akhal3d96 akhal3d96 changed the title new release of docker/dockerfile image to fix a CVE new release of docker/dockerfile image to fix a CVE-2024-41110 Jul 30, 2024
@akhal3d96 akhal3d96 changed the title new release of docker/dockerfile image to fix a CVE-2024-41110 new release of docker/dockerfile image to fix CVE-2024-41110 Jul 30, 2024
@AkihiroSuda
Copy link
Member

False alarm.
The dockerfile frontend does not use the authz plugin of dockerd.

@AkihiroSuda
Copy link
Member

I marked this issue as "invalid", but I think it is still ok to make a release just for silencing the false alarm.

@fiskhest
Copy link

Hitting this in internal CI mirroring, can we get a new release please?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/invalid
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@akhal3d96 @AkihiroSuda @fiskhest