Skip to content

Update DNS library#40579

Merged
thaJeztah merged 1 commit intomoby:masterfrom
SamWhited:dns_update
Feb 27, 2020
Merged

Update DNS library#40579
thaJeztah merged 1 commit intomoby:masterfrom
SamWhited:dns_update

Conversation

@SamWhited
Copy link
Contributor

@SamWhited SamWhited commented Feb 25, 2020
edited by thaJeztah
Loading

supersedes #40534
closes #40534

This makes sure that we don't become vulnerable to CVE-2018-17419 or
CVE-2019-19794 in the future. As far as I can tell we are not vulnerable to either right now, but if someone were to use one of the affected methods in the future we could become vulnerable with our current dependency.

- What I did

Bumped the version of github.com/miekg/dns to v1.1.27 in vendor.conf.

- How I did it

Manually edited the file, then ran the version of vendor installed in our containers by default to update the vendor tree.

eg. go get -u github.com/LK4D4/vndr@85886e1ac99b8d96590e6e0d9f075dc7a711d132

- How to verify it

CI should do that, I'm waiting on that now.

This also updates libnetwork to 264bffcb88c1b6b7471c04e3c6b3f301233a544b;

full diff: moby/libnetwork@feeff4f...264bffc

includes:

- Description for the changelog

- Add support for a `com.docker.network.bridge.inhibit_ipv4` driver label to skip IPv4 configuration of bridge interface docker/libnetwork#2317
- Add support for a ` com.docker.network.host_ipv4` driver label to choose outbound (external) IP for containers docker/libnetwork#2454
- Improve load balancer performance for ingress network with lots of parallel requests docker/libnetwork#2491

- A picture of a cute animal (not mandatory but encouraged)

@SamWhited
Update DNS library
8c0f614 
This makes sure that we don't become vulnerable to CVE-2018-17419 or
CVE-2019-19794 in the future.

Signed-off-by: Sam Whited <[email protected]>
@SamWhited SamWhited marked this pull request as ready for review February 26, 2020 14:11
@SamWhited SamWhited requested a review from tianon as a code owner February 26, 2020 14:11
thaJeztah
thaJeztah approved these changes Feb 27, 2020
View reviewed changes
Copy link
Member

@thaJeztah thaJeztah left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@thaJeztah thaJeztah merged commit feed3da into moby:master Feb 27, 2020
@thaJeztah thaJeztah added this to the 20.03.0 milestone Feb 28, 2020
This was referenced Feb 28, 2020
Closed
Closed
Closed
Closed
Closed
@SamWhited SamWhited mentioned this pull request Mar 3, 2020
Merged
@SamWhited SamWhited deleted the dns_update branch March 3, 2020 21:53
@thaJeztah thaJeztah mentioned this pull request Mar 22, 2021
Merged
@albert-a
Copy link

albert-a commented Jan 20, 2024

Thank you very much! Support for com.docker.network.bridge.inhibit_ipv4 is a brilliant feature! But it is not mentioned here: https://docs.docker.com/network/drivers/bridge/

Why hasn't it been documented yet?

@thaJeztah
Copy link
Member

thaJeztah commented Jan 20, 2024

@albert-a quite likely overlooked because it's in a separate repository. Could you open a ticket in https://github.com/docker/docs ?

/cc @dvdksn @akerouanton

@albert-a albert-a mentioned this pull request Jan 20, 2024
Closed
1 task
@albert-a
Copy link

albert-a commented Jan 20, 2024

@thaJeztah Sure! I opened the ticket.

@thaJeztah
Copy link
Member

thaJeztah commented Jan 20, 2024

Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@thaJeztah thaJeztah thaJeztah approved these changes

@AkihiroSuda AkihiroSuda AkihiroSuda approved these changes

@tianon tianon Awaiting requested review from tianon tianon is a code owner

Assignees

No one assigned

Labels

area/networking Networking docs/revisit impact/changelog impact/documentation status/2-code-review

Projects

None yet

Milestone

20.10.0

4 participants

@SamWhited @albert-a @thaJeztah @AkihiroSuda