Releases: cloudfoundry/bosh-docker-cpi-release
Releases · cloudfoundry/bosh-docker-cpi-release
v0.0.17
Fixed CVEs:
- CVE-2024-45338: Non-linear parsing of case-insensitive content in golang.org/x/net/html
v0.0.16
Updates:
- Updates golang package golang-1-linux to 1.23.4
- Updates golang package golang-1-darwin to 1.23.4
v0.0.15
Updates:
- Updates golang package golang-1-linux to 1.23.3
- Updates golang package golang-1-darwin to 1.23.3
v0.0.14
Fixed CVEs:
- CVE-2023-2253: distribution/distribution: DoS from malicious API request
- CVE-2023-28840: moby: Encrypted overlay network may be unauthenticated
- CVE-2024-41110: moby: Authz zero length regression
- GHSA-m425-mq94-257g: gRPC-Go HTTP/2 Rapid Reset vulnerability
v0.0.13
Full Changelog: v0.0.12...v0.0.13
v0.0.12
Full Changelog: v0.0.11...v0.0.12
v0.0.11
Full Changelog: v0.0.10...v0.0.11
v0.0.10
v0.0.10
Note: this is all release notes since v0.0.5
- Removal of CPI v1 code
- Removal of chrony as it doesn't work in warden
- Fix issue with attaching disk with new nats 2.0 on bosh director
Full Changelog: v0.0.5...v0.0.10
v0.0.5
- Remove IPv4 address if network is set to be IPv6 (useful for testing pure IPv6 connectivity)
- Allow docker container to be attached to multiple networks
- Switched to golang-1-* vendored packages
v0.0.3
- Allow
docker.hostto useunix://...paths - Automatically create networks if necessary