no changes in vendored files

full diff: moby/moby@8b79278...v26.0.0

Signed-off-by: Paweł Gronowski <[email protected]>

[26.0] vendor: github.com/docker/docker v26.0.0

go1.21.9 (released 2024-04-03) includes a security fix to the net/http
package, as well as bug fixes to the linker, and the go/types and
net/http packages. See the Go 1.21.9 milestone on our issue tracker for
details.

- https://github.com/golang/go/issues?q=milestone%3AGo1.21.9+label%3ACherryPickApproved
- full diff: golang/go@go1.21.8...go1.21.9

**- Description for the changelog**

```markdown changelog
Update Go runtime to 1.21.9
```

Signed-off-by: Paweł Gronowski <[email protected]>
(cherry picked from commit 0a5bd6c)
Signed-off-by: Paweł Gronowski <[email protected]>

[26.0 backport] update to go1.21.9

full diff: golang/sys@v0.16.0...v0.18.0

Signed-off-by: Sebastiaan van Stijn <[email protected]>
(cherry picked from commit 9a2133f)
Signed-off-by: Sebastiaan van Stijn <[email protected]>

no changes in vendored code

full diff: golang/term@v0.15.0...v0.18.0

Signed-off-by: Sebastiaan van Stijn <[email protected]>
(cherry picked from commit c7a50eb)
Signed-off-by: Sebastiaan van Stijn <[email protected]>

full diffs changes relevant to vendored code:

- golang/net@v0.19.0...v0.22.0
    - http2: remove suspicious uint32->v conversion in frame code
    - http2: send an error of FLOW_CONTROL_ERROR when exceed the maximum octets
- golang/crypto@v0.17.0...v0.21.0
    - (no changes in vendored code)

Signed-off-by: Sebastiaan van Stijn <[email protected]>
(cherry picked from commit 4745b95)
Signed-off-by: Sebastiaan van Stijn <[email protected]>

full diff: golang/net@v0.22.0...v0.23.0

Includes a fix for CVE-2023-45288, which is also addressed in go1.22.2
and go1.21.9;

> http2: close connections when receiving too many headers
>
> Maintaining HPACK state requires that we parse and process
> all HEADERS and CONTINUATION frames on a connection.
> When a request's headers exceed MaxHeaderBytes, we don't
> allocate memory to store the excess headers but we do
> parse them. This permits an attacker to cause an HTTP/2
> endpoint to read arbitrary amounts of data, all associated
> with a request which is going to be rejected.
>
> Set a limit on the amount of excess header frames we
> will process before closing a connection.
>
> Thanks to Bartek Nowotarski for reporting this issue.

Signed-off-by: Sebastiaan van Stijn <[email protected]>
(cherry picked from commit 5fcbbde)
Signed-off-by: Sebastiaan van Stijn <[email protected]>

[26.0 backport] vendor: golang.org/x/sys v0.18.0, golang.org/x/term v0.18.0, golang.org/x/crypto v0.21.0, golang.org/x/net v0.23.0

Before this commit, the CLI binary in `dockereng/cli-bin` image was
named `docker` regardless of platform.

Change the binary name to `docker.exe` in Windows images.

Signed-off-by: Paweł Gronowski <[email protected]>
(cherry picked from commit 718203d)
Signed-off-by: Paweł Gronowski <[email protected]>

[26.0 backport] cli-bin/windows: Add .exe extension

full diff: moby/moby@v26.0.0...60b9add

Signed-off-by: Paweł Gronowski <[email protected]>

[26.0] vendor: github.com/docker/docker v26.0.1-dev (60b9add796ae)