build(deps): bump the go_modules group across 4 directories with 13 updates

[dependabot]

Bumps the go_modules group with 5 updates in the /wormchain/interchaintest directory:

Package	From	To
github.com/docker/docker	20.10.19+incompatible	25.0.13+incompatible
github.com/ethereum/go-ethereum	1.11.6	1.13.15
github.com/CosmWasm/wasmvm	1.2.1	1.5.8
github.com/docker/distribution	2.8.1+incompatible	2.8.2+incompatible
github.com/dvsekhvalnov/jose2go	1.5.0	1.7.0

Bumps the go_modules group with 7 updates in the /node directory:

Package	From	To
github.com/ethereum/go-ethereum	1.10.21	1.13.15
github.com/CosmWasm/wasmvm	1.1.1	1.5.8
github.com/docker/distribution	2.8.1+incompatible	2.8.2+incompatible
github.com/dvsekhvalnov/jose2go	1.5.0	1.7.0
github.com/golang/glog	1.1.0	1.2.4
golang.org/x/crypto	0.28.0	0.35.0
golang.org/x/net	0.30.0	0.38.0

Bumps the go_modules group with 7 updates in the /wormchain directory:

Package	From	To
github.com/ethereum/go-ethereum	1.10.21	1.13.15
github.com/CosmWasm/wasmvm	1.1.1	1.5.8
github.com/docker/distribution	2.8.1+incompatible	2.8.2+incompatible
github.com/dvsekhvalnov/jose2go	1.5.0	1.7.0
github.com/golang/glog	1.0.0	1.2.4
google.golang.org/protobuf	1.28.2-0.20220831092852-f930b1dc76e8	1.33.0
github.com/btcsuite/btcd	0.22.1	0.24.2

Bumps the go_modules group with 3 updates in the /tools directory: github.com/golang/glog, golang.org/x/net and google.golang.org/grpc.

Updates github.com/docker/docker from 20.10.19+incompatible to 25.0.13+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v25.0.13

25.0.13

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestone:

• moby/moby, 25.0.13 milestone
• Changes to the Engine API, see API version history.

Bug fixes and enhancements

• Prevent restoration of iptables rules for deleted networks and containers on firewalld reload. moby/moby#50445
• Fix Swarm services becoming unreachable from published ports after a firewalld reload. moby/moby#50445
• Improve the reliability of the Swarm overlay network control plane by fixing longstanding issues with NetworkDB. moby/moby#50511
• Improve the reliability of Swarm overlay container networks by fixing longstanding issues with the overlay network driver. moby/moby#50551

v25.0.12

25.0.12

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestone:

• moby/moby, 25.0.12 milestone
• Changes to the Engine API, see API version history.

Bug fixes and enhancements

• Fix an issue where all new tasks in the Swarm could get stuck in the PENDING state forever after scaling up a service with placement preferences. moby/moby#50203
• Fix an issue which made DNS service discovery for Swarm services unreliable. moby/moby#50230

Packaging updates

• Update Go toolchain to go1.23.9. moby/moby#50053

v25.0.11

25.0.11

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestone:

• moby/moby, 25.0.11 milestone
• Changes to the Engine API, see API version history.

Networking

• [25.0] Backport network fixes by @​dperny in moby/moby#50005

Known Issues

• Some Swarm services are not discoverable over DNS moby/moby#50129

Full Changelog: moby/moby@v25.0.10...v25.0.11

v25.0.10

25.0.10

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestone:

... (truncated)

Commits

• 165516e Merge pull request #50551 from corhere/backport-25.0/libn/all-the-overlay-fixes
• f099e91 libnetwork: handle coalesced endpoint events
• bace1b8 libnetwork/d/overlay: handle coalesced peer updates
• f9e5429 libn/d/win/overlay: dedupe NetworkDB definitions
• fc3df55 libn/d/overlay: extract hashable address types
• b22872a libnetwork/driverapi: make EventNotify optional
• c7e17ae libn/networkdb: report prev value in update events
• d60c71a libnetwork/d/overlay: fix logical race conditions
• ad54b8f libn/d/overlay: fix encryption race conditions
• 8075689 libn/d/overlay: inline secMapWalk into only caller
• Additional commits viewable in compare view

Updates github.com/ethereum/go-ethereum from 1.11.6 to 1.13.15

Release notes

Sourced from github.com/ethereum/go-ethereum's releases.

Ontamalca (v1.13.15)

Geth v1.13.15 is a maintenance-release that contains some fixes mainly to avoid snapsync-related data-corruption.

We recommend all users to upgrade to v1.13.15 as soon as possible.

---

As with all our previous releases, you can find the:

• Pre-built binaries for all platforms on our downloads page.
• Docker images published under ethereum/client-go.
• Ubuntu packages in our Launchpad PPA repository.
• OSX packages in our Homebrew Tap repository.

Altaaya (v1.13.14)

Geth v1.13.14 is a small maintenance release with a handful of polishes to the blob pool:

• Disallow blob transactions below the protocol minimum of 1 wei to enter the pool (#29081).
• Reduce the blob pool's max capacity to 2.5GB for the rollout. (#29090).
• Fix gas estimation for blob transactions (#29085).

This release is NOT critical for the Cancun fork, but recommended to make Geth lighter in anticipation to unknown blob load.

Other fixes:

• Support overriding the basefee during tracing (#29051).
• Fix call tracers missing top level logs in top-only mode (#29068).
• Support unlimited gas for eth_createAccessList if --gascap=0 (#28846).

For a full rundown of the changes please consult the Geth 1.13.14 release milestone.

---

As with all our previous releases, you can find the:

• Pre-built binaries for all platforms on our downloads page.
• Docker images published under ethereum/client-go.
• Ubuntu packages in our Launchpad PPA repository.
• OSX packages in our Homebrew Tap repository.

Alsages (v1.13.13)

This is a minor release with fixes for several issues related to the upcoming Cancun mainnet fork. As such, it is recommended for all mainnet users.

Changes in this release:

• Block-building performance with blob transactions has been improved a lot. (#29026, #29008, #29005)
• A corner case in the EVM related to out-of-order fork scheduling has been fixed. (#29023)
• eth_fillTransaction has seen some bug fixes related to blob transactions as well. (#28929, #29037)
• A rare panic in the ethstats client related to chain reorgs is resolved. (#29020)
• The blobpool database will now recover from disk corruption faults instead of crashing geth on startup. (#29001)

... (truncated)

Commits

• c5ba367 params: release Geth v 1.13.15
• 35e0525 core, eth/protocols/snap, trie: fix cause for snap-sync corruption, implement...
• 7bcb553 eth/filters: enforce topic-limit early on filter criterias (#29535)
• e343ddf core/rawdb: add sanity-limit to header accessor (#29534)
• 5dcf503 eth/protocols/snap: skip retrieval for completed storages (#29378)
• 2bd6bd0 Merge branch 'master' into release/1.13
• 9038ba6 params: release Geth v1.13.14
• 51b479e core/txpool: elevate the 'already reserved' error into a constant (#29095)
• 5a0f468 eth/tracers: Fix callTracer logs on onlyTopCall == true (#29068)
• 45a272c core/txpool: no need to log loud rotate if no local txs (#29083)
• Additional commits viewable in compare view

Updates github.com/CosmWasm/wasmvm from 1.2.1 to 1.5.8

Release notes

Sourced from github.com/CosmWasm/wasmvm's releases.

v1.5.8

Fixes CWA-2025-001 and CWA-2025-002.

This patch is consensus breaking.

v1.5.7

Build artifacts generated at this tag.

v1.5.6

• Add SimulateStoreCode
• Fix dangling pointer crash (#571)

v1.5.5

Fixes CWA-2024-007 and CWA-2024-008.

This is a consensus breaking patch.

v1.5.4

Build artifacts generated at this tag.

v1.5.3

Fix for CWA-2024-004

Consensus breaking!

v1.5.2

Upgrade cosmwasm from 1.5.1 to 1.5.2.

This fixes an issue with growing memory usage over time.

v1.5.2-rc.0

Build artifacts generated at this tag.

v1.5.1

Upgrade cosmwasm from 1.5.0 to 1.5.1. This fixes the CWA-2023-004 security vulnerability.

v1.5.0

Upgrade cosmwasm from 1.4.1 to 1.5.0. This enables contracts to use floating point operations (consensus-breaking).

v1.5.0-rc.0

Build artifacts generated at this tag.

v1.4.3

Upgrade cosmwasm from 1.4.2 to 1.4.3.

This fixes an issue with growing memory usage over time.

v1.4.2

... (truncated)

Commits

• ff551e2 [skip ci] Built release libraries
• 98a52f6 Fix tests
• 9ac78db Fix lockfile version
• c4dcda4 Set libwasmvm version to 1.5.8
• 1f4db20 Bump cosmwasm version
• 1151bc6 Fix
• 29b338c [skip ci] Built release libraries
• 43b12d1 Merge pull request #603 from CosmWasm/co/retract-1.5.6
• fa50ee0 Retract 1.5.6
• 6249537 [skip ci] Built release libraries
• Additional commits viewable in compare view

Updates github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible

Release notes

Sourced from github.com/docker/distribution's releases.

v2.8.2

What's Changed

• Revert registry/client: set Accept: identity header when getting layers by @​ndeloof in distribution/distribution#3783
• Parse http forbidden as denied by @​vvoland in distribution/distribution#3914
• Fix CVE-2022-28391 by bumping alpine from 3.14 to 3.16 by @​thaJeztah (#3650)
• Fix CVE-2023-2253 runaway allocation on /v2/_catalog by @​josegomezr 521ea3d9
• Fix panic in inmemory driver by @​wy65701436 in distribution/distribution#3815
• bump up golang version (alternative) by @​thaJeztah in distribution/distribution#3903
• Dockerfile: update xx to v1.2.1 by @​thaJeztah in distribution/distribution#3907
• update to go1.19.9 by @​thaJeztah in distribution/distribution#3908
• Add code to handle pagination of parts. Fixes max layer size of 10GB bug by @​DavidSpek in distribution/distribution#3893
• Dockerfile: fix filenames of artifacts by @​thaJeztah in distribution/distribution#3911

Full Changelog: distribution/distribution@v2.8.1...v2.8.2

v2.8.2-beta.2

What's Changed

• Fix CVE-2022-28391 by bumping alpine from 3.14 to 3.16 by @​thaJeztah (#3650)
• Fix CVE-2023-2253 runaway allocation on /v2/_catalog by @​josegomezr 521ea3d9
• Fix panic in inmemory driver by @​wy65701436 in distribution/distribution#3815
• bump up golang version (alternative) by @​thaJeztah in distribution/distribution#3903
• Dockerfile: update xx to v1.2.1 by @​thaJeztah in distribution/distribution#3907
• update to go1.19.9 by @​thaJeztah in distribution/distribution#3908
• Add code to handle pagination of parts. Fixes max layer size of 10GB bug by @​DavidSpek in distribution/distribution#3893
• Dockerfile: fix filenames of artifacts by @​thaJeztah in distribution/distribution#3911

Full Changelog: distribution/distribution@v2.8.1...v2.8.2-beta.2

v2.8.2-beta.1

NOTE: This is a pre-release that does not contain any artifacts!

What's Changed

• Fix runaway allocation on /v2/_catalog by @​josegomezr 521ea3d9
• Fix CVE-2022-28391 by bumping alpine from 3.14 to 3.16 by @​thaJeztah in distribution/distribution#3650
• Fix panic in inmemory driver by @​wy65701436 in distribution/distribution#3815
• bump up golang version (alternative) by @​thaJeztah in distribution/distribution#3903
• Dockerfile: update xx to v1.2.1 by @​thaJeztah in distribution/distribution#3907
• update to go1.19.9 by @​thaJeztah in distribution/distribution#3908
• Add code to handle pagination of parts. Fixes max layer size of 10GB bug by @​DavidSpek in distribution/distribution#3893

Full Changelog: distribution/distribution@v2.8.1...v2.8.2-beta.1

Commits

• 7c354a4 Merge pull request #3915 from distribution/2.8.2-release-notes
• a173a9c Add v2.8.2 release notes
• 4894d35 Merge pull request #3914 from vvoland/handle-forbidden-28
• f067f66 Merge pull request #3783 from ndeloof/accept-encoding-28
• 483ad69 registry/errors: Parse http forbidden as denied
• 2b0f84d Revert "registry/client: set Accept: identity header when getting layers"
• 320d6a1 Merge pull request #3912 from distribution/2.8.2-beta.2-release-notes
• 5f3ca1b Add release notes for 2.8.2-beta.2 release
• cb840f6 Merge pull request #3911 from thaJeztah/2.8_backport_fix_releaser_filenames
• e884644 Dockerfile: fix filenames of artifacts
• Additional commits viewable in compare view

Updates github.com/dvsekhvalnov/jose2go from 1.5.0 to 1.7.0

Commits

• 0a0673d Merge pull request #34 from dvsekhvalnov/issue-33-deflate-limit
• c3fff7c docs
• e51b47f docs
• c7dde52 fixing workflow
• a194baa added go versions and OSs to matrix
• f31cfc6 fixing yaml
• 1a4ba55 added matrix to workflow
• d2baff2 go workflow
• b14c81a added limitation for deflate decompression stream
• 48ba0b7 Merge pull request #32 from dvsekhvalnov/issue-31-security-tuning
• Additional commits viewable in compare view

Updates github.com/golang/glog from 1.0.0 to 1.2.5

Release notes

Sourced from github.com/golang/glog's releases.

v1.2.4

What's Changed

• Fail if log file already exists by @​chressie in golang/glog#74:
  • glog: Don't try to create/rotate a given syncBuffer twice in the same second
  • glog: introduce createInDir function as in internal version
  • glog: have createInDir fail if the file already exists

Full Changelog: golang/glog@v1.2.3...v1.2.4

v1.2.3

What's Changed

• glog: check that stderr is valid before using it by default by @​chressie in golang/glog#72
• glog: fix typo by @​chressie in golang/glog#73

Full Changelog: golang/glog@v1.2.2...v1.2.3

v1.2.2

What's Changed

• glog: avoid calling user.Current() on windows by @​bentekkie in golang/glog#69

Full Changelog: golang/glog@v1.2.1...v1.2.2

v1.2.1

What's Changed

• glog: don't hold mutex when sync'ing by @​chressie in golang/glog#68

Full Changelog: golang/glog@v1.2.0...v1.2.1

v1.2.0

What's Changed

• glog: add context variants and logsink tests by @​chressie in golang/glog#66

Full Changelog: golang/glog@v1.1.2...v1.2.0

v1.1.2

Bugfix release.

What's Changed

• glog: populate symlinks -log_link directory by @​chressie in golang/glog#64

Full Changelog: golang/glog@v1.1.1...v1.1.2

v1.1.1

Bugfixes since the larger v1.1.0, which have been addressed.

Commits

• a0e3c40 glog: have createInDir fail if the file already exists
• 7139da2 glog: introduce createInDir function as in internal version
• dd58629 glog: Don't try to create/rotate a given syncBuffer twice in the same second
• 04dbec0 glog: fix typo (#73)
• 459cf3b glog: check that stderr is valid before using it by default (#72)
• 9730314 glog: avoid calling user.Current() on windows (#69)
• 861d094 glog: don't hold mutex when sync'ing (#68)
• b256bbe glog: add context variants to most log functions
• bcf3184 glog/internal/logsink: add logsink tests
• 6b9d7f7 glog: populate symlinks -log_link directory (#64)
• Additional commits viewable in compare view

Updates golang.org/x/crypto from 0.5.0 to 0.41.0

Commits

• 7292932 ssh: limit the size of the internal packet queue while waiting for KEX
• f66f74b acme/autocert: check host policy before probing the cache
• b0784b7 x509roots/fallback: drop obsolete build constraint
• 911360c all: bump golang.org/x/crypto dependencies of asm generators
• 89ff08d all: upgrade go directive to at least 1.23.0 [generated]
• e47973b all: update certs for go1.24
• 9290511 go.mod: update golang.org/x dependencies
• fa5273e x509roots/fallback: update bundle
• a8ea4be ssh: add ServerConfig.PreAuthConnCallback, ServerPreAuthConn (banner) interface
• 71d3a4c acme: support challenges that require the ACME client to send a non-empty JSO...
• Additional commits viewable in compare view

Updates golang.org/x/net from 0.8.0 to 0.43.0

Commits

• e1fcd82 html: properly handle trailing solidus in unquoted attribute value in foreign...
• ebed060 internal/http3: fix build of tests with GOEXPERIMENT=nosynctest
• 1f1fa29 publicsuffix: regenerate table
• 1215081 http2: improve error when server sends HTTP/1
• 312450e html: ensure <search> tag closes <p> and update tests
• 09731f9 http2: improve handling of lost PING in Server
• 55989e2 http2/h2c: use ResponseController for hijacking connections
• 2914f46 websocket: re-recommend gorilla/websocket
• 99b3ae0 go.mod: update golang.org/x dependencies
• 85d1d54 go.mod: update golang.org/x dependencies
• Additional commits viewable in compare view

Updates google.golang.org/grpc from 1.53.0 to 1.75.0

Release notes

Sourced from google.golang.org/grpc's releases.

Release 1.56.3

Security

• server: prohibit more than MaxConcurrentStreams handlers from running at once (CVE-2023-44487)

  In addition to this change, applications should ensure they do not leave running tasks behind related to the RPC before returning from method handlers, or should enforce appropriate limits on any such work.

Release 1.56.2

• status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (#6374)

Release 1.56.1

• client: handle empty address lists correctly in addrConn.updateAddrs

Release 1.56.0

New Features

• client: support channel idleness using WithIdleTimeout dial option (#6263)
  • This feature is currently disabled by default, but will be enabled with a 30 minute default in the future.
• client: when using pickfirst, keep channel state in TRANSIENT_FAILURE until it becomes READY (gRFC A62) (#6306)
• xds: Add support for Custom LB Policies (gRFC A52) (#6224)
• xds: support pick_first Custom LB policy (gRFC A62) (#6314) (#6317)
• client: add support for pickfirst address shuffling (gRFC A62) (#6311)
• xds: Add support for String Matcher Header Matcher in RDS (#6313)
• xds/outlierdetection: Add Channelz Logger to Outlier Detection LB (#6145)
  • Special Thanks: @​s-matyukevich
• xds: enable RLS in xDS by default (#6343)
• orca: add support for application_utilization field and missing range checks on several metrics setters
• balancer/weightedroundrobin: add new LB policy for balancing between backends based on their load reports (gRFC A58) (#6241)
• authz: add conversion of json to RBAC Audit Logging config (#6192)
• authz: add support for stdout logger (#6230 and #6298)
• authz: support customizable audit functionality for authorization policy (#6192 #6230 #6298 #6158 #6304 and #6225)

Bug Fixes

• orca: fix a race at startup of out-of-band metric subscriptions that would cause the report interval to request 0 (#6245)
• xds/xdsresource: Fix Outlier Detection Config Handling and correctly set xDS Defaults (#6361)
• xds/outlierdetection: Fix Outlier Detection Config Handling by setting defaults in ParseConfig() (#6361)

API Changes

• orca: allow a ServerMetricsProvider to be passed to the ORCA service and ServerOption (#6223)

Release 1.55.1

• status: To fix a panic, status.FromError now returns an error with codes.Unknown when the error implements the GRPCStatus() method, and calling GRPCStatus() returns nil. (#6374)

Release 1.55.0

Behavior Changes

• xds: enable federation support by default (#6151)
• status: status.Code and status.FromError handle wrapped errors (#6031 and #6150)

... (truncated)

Commits

• See full diff in compare view

Updates google.golang.org/protobuf from 1.28.2-0.20220831092852-f930b1dc76e8 to 1.36.8

Updates github.com/ethereum/go-ethereum from 1.10.21 to 1.13.15

Release notes

Sourced from github.com/ethereum/go-ethereum's releases.

Ontamalca (v1.13.15)

Geth v1.13.15 is a maintenance-release that contains some fixes mainly to avoid snapsync-related data-corruption.

We recommend all users to upgrade to v1.13.15 as soon as possible.

---

As with all our previous releases, you can find the:

• Pre-built binaries for all platforms on our downloads page.
• Docker images published under ethereum/client-go.
• Ubuntu packages in our Launchpad PPA repository.
• OSX packages in our Homebrew Tap repository.

Altaaya (v1.13.14)

Geth v1.13.14 is a small maintenance release with a handful of polishes to the blob pool:

• Disallow blob transactions below the protocol minimum of 1 wei to enter the pool (#29081).
• Reduce the blob pool's max capacity to 2.5GB for the rollout. (#29090).
• Fix gas estimation for blob transactions (#29085).

This release is NOT critical for the Cancun fork, but recommended to make Geth lighter in anticipation to unknown blob load.

Other fixes:

• Support overriding the basefee during tracing (#29051).
• Fix call tracers missing top level logs in top-only mode (#29068).
• Support unlimited gas for eth_createAccessList if --gascap=0 (#28846).

For a full rundown of the changes please consult the Geth 1.13.14 release milestone.

---

As with all our previous releases, you can find the:

• Pre-built binaries for all platforms on our downloads page.
• Docker images published under ethereum/client-go.
• Ubuntu packages in our Launchpad PPA repository.
• OSX packages in our Homebrew Tap repository.

Alsages (v1.13.13)

This is a minor release with fixes for several issues related to the upcoming Cancun mainnet fork. As such, it is recommended for all mainnet users.

Changes in this release:

• Block-building performance with blob transactions has been improved a lot. (#29026, #29008, #29005)
• A corner case in the EVM related to out-of-order fork scheduling has been fixed. (#29023)
• eth_fillTransaction has seen some bug fixes related to blob transactions as well. (#28929, #29037)
• A rare panic in the ethstats client related to chain reorgs is resolved. (#29020)
• The blobpool database will now recover from disk corruption faults instead of crashing geth on startup. (#29001)

... (truncated)

Commits

• c5ba367 params: release Geth v 1.13.15
• 35e0525 core, eth/protocols/snap, trie: fix cause for snap-sync corruption, implement...
• 7bcb553 eth/filters: enforce topic-limit early on filter criterias (#29535)
• e343ddf core/rawdb: add sanity-limit to header accessor (#29534)
• 5dcf503 eth/protocols/snap: skip retrieval for completed storages (#29378)
• 2bd6bd0 Merge branch 'master' into release/1.13
• 9038ba6 params: release Geth v1.13.14
• 51b479e core/txpool: elevate the 'already reserved' error into a constant (#29095)
• 5a0f468 eth/tracers: Fix callTracer logs on onlyTopCall == true (#29068)
• 45a272c core/txpool: no need to log loud rotate if no local txs (#29083)
• Additional commits viewable in compare view

Updates github.com/CosmWasm/wasmvm from 1.1.1 to 1.5.8

Release notes

Sourced from github.com/CosmWasm/wasmvm's releases.

v1.5.8

Fixes CWA-2025-001 and CWA-2025-002.

This patch is consensus breaking.

v1.5.7

Build artifacts generated at this tag.

v1.5.6

• Add SimulateStoreCode
• Fix dangling pointer crash (#571)

v1.5.5

Fixes CWA-2024-007 and CWA-2024-008.

This is a consensus breaking patch.

v1.5.4

Build artifacts generated at this tag.

v1.5.3

Fix for CWA-2024-004

Consensus breaking!

v1.5.2

Upgrade cosmwasm from 1.5.1 to 1.5.2.

This fixes an issue with growing memory usage over time.

v1.5.2-rc.0

Build artifacts generated at this tag.

v1.5.1

Upgrade cosmwasm from 1.5.0 to 1.5.1. This fixes the CWA-2023-004 security vulnerability.

v1.5.0

Upgrade cosmwasm from 1.4.1 to 1.5.0. This enables contracts to use floating point operations (consensus-breaking).

v1.5.0-rc.0

Build artifacts generated at this tag.

v1.4.3

Upgrade cosmwasm from 1.4.2 to 1.4.3.

This fixes an issue with growing memory usage over time.

v1.4.2

... (truncated)

Commits

• ff551e2 [skip ci] Built release libraries
• 98a52f6 Fix tests
• 9ac78db Fix lockfile version
• c4dcda4 Set libwasmvm version to 1.5.8
• 1f4db20 Bump cosmwasm version
• 1151bc6 Fix
• 29b338c [skip ci] Built release libraries
• 43b12d1 Merge pull request #603 from CosmWasm/co/retract-1.5.6
• fa50ee0 Retract 1.5.6
• 6249537 [skip ci] Built release libraries
• Additional commits viewable in compare view

Updates github.com/docker/distribution from 2.8.1+incompatible to 2.8.2+incompatible

Release notes

Sourced from github.com/docker/distribution's releases.

v2.8.2

What's Changed

• Revert registry/client: set Accept: identity header when getting layers by @​ndeloof in distribution/distribution#3783
• Parse http forbidden as denied by @​vvoland in distribution/distribution#3914
• Fix CVE-2022-28391 by bumping alpine from 3.14 to 3.16 by @​thaJeztah (#3650)
• Fix CVE-2023-2253 runaway allocation on /v2/_catalog by @​josegomezr 521ea3d9
• Fix panic in inmemory driver by @​wy65701436 in distribution/distribution#3815
• bump up golang version (alternative) by @​thaJeztah in distribution/distribution#3903
• Dockerfile: update xx to v1.2.1 by @​thaJeztah in distribution/distribution#3907
• update to go1.19.9 by @​thaJeztah in distribution/distribution#3908
• Add code to handle pagination of parts. Fixes max layer size of 10GB bug by @​DavidSpek in distribution/distribution#3893
• Dockerfile: fix filenames of artifacts by @​thaJeztah in distribution/distribution#3911

Full Changelog: distribution/distribution@v2.8.1...v2.8.2

v2.8.2-beta.2

What's Changed

• Fix CVE-2022-28391 by bumping alpine from 3.14 to 3.16 by @​thaJeztah (#3650)
• Fix CVE-2023-2253 runaway allocation on /v2/_catalog by @​josegomezr 521ea3d9
• Fix panic in inmemory driver by @​wy65701436 in distribution/distribution#3815
• bump up golang version (alternative) by @​thaJeztah in distribution/distribution#3903
• Dockerfile: update xx to v1.2.1 by @​thaJeztah in distribution/distribution#3907
• update to go1.19.9 by @​thaJeztah in distribution/distribution#3908
• Add code to handle pagination of parts. Fixes max layer size of 10GB bug by @​DavidSpek in distribution/distribution#3893
• Dockerfile: fix filenames of artifacts by @​thaJeztah in distribution/distribution#3911

Full Changelog: distribution/distribution@v2.8.1...v2.8.2-beta.2

v2.8.2-beta.1

NOTE: This is a pre-release that does not contain any artifacts!

What's Changed

• Fix runaway allocation on /v2/_catalog by @​josegomezr 521ea3d9
• Fix CVE-2022-28391 by bumping alpine from 3.14 to 3.16 by @​thaJeztah in distribution/distribution#3650
• Fix panic in inmemory driver by @​wy65701436 in distribution/distribution#3815
• bump up golang version (alternative) by @​thaJeztah in distribution/distribution#3903
• Dockerfile: update xx to v1.2.1 by @​thaJeztah in distribution/distribution#3907
• update to go1.19.9 by @​thaJeztah in distribution/distribution#3908
• Add code to handle pagination of parts. Fixes max layer size of 10GB bug by @​DavidSpek in