build(deps): Bump github.com/docker/docker from 23.0.2+incompatible to 23.0.3+incompatible (#343)

dependabot[bot] · web-flow · commit 6cfbb9ffa3a9 · 2023-04-05T22:14:54.000-07:00
Bumps [github.com/docker/docker](https://github.com/docker/docker) from 23.0.2+incompatible to 23.0.3+incompatible. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/docker/releases">github.com/docker/docker's releases</a>.</em></p> <blockquote> <h2>v23.0.3</h2> <h2>23.0.3</h2> <blockquote> <p><strong>Note</strong></p> <p>Due to an issue with CentOS 9 Stream's package repositories, packages for CentOS 9 are currently unavailable. Packages for CentOS 9 may be added later, or as part of the next (23.0.4) patch release.</p> </blockquote> <h3>Bug fixes and enhancements</h3> <ul> <li>Fixed a number of issues that can cause Swarm encrypted overlay networks to fail to uphold their guarantees, addressing <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28841">CVE-2023-28841</a>, <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28840">CVE-2023-28840</a>, and <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28842">CVE-2023-28842</a>. <ul> <li>A lack of kernel support for encrypted overlay networks now reports as an error.</li> <li>Encrypted overlay networks are eagerly set up, rather than waiting for multiple nodes to attach.</li> <li>Encrypted overlay networks are now usable on Red Hat Enterprise Linux 9 through the use of the <code>xt_bpf</code> kernel module.</li> <li>Users of Swarm overlay networks should review <a href="https://github.com/moby/moby/security/advisories/GHSA-vwm3-crmr-xfxw">GHSA-vwm3-crmr-xfxw</a> to ensure that unintentional exposure has not occurred.</li> </ul> </li> </ul> <h3>Packaging Updates</h3> <ul> <li>Update containerd to <a href="https://github.com/containerd/containerd/releases/tag/v1.6.20">v1.6.20</a>.</li> <li>Update runc to <a href="https://github.com/opencontainers/runc/releases/tag/v1.1.5">v1.1.5</a>.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/moby/moby/commit/59118bff500fc0d95d0560a9788735a8d89568ce"><code>59118bf</code></a> Merge pull request from GHSA-232p-vwff-86mp</li> <li><a href="https://github.com/moby/moby/commit/b87f7f18b82fbb647b5142c6e5459a88a7652d02"><code>b87f7f1</code></a> libnet/d/overlay: insert the input-drop rule</li> <li><a href="https://github.com/moby/moby/commit/98cbcb8003b7cf8da35fb5d05f5babbe142ab7c8"><code>98cbcb8</code></a> libnet/d/overlay: add BPF-powered VNI matcher</li> <li><a href="https://github.com/moby/moby/commit/5c5fac237425c4bf79d2f048c1850f855f0182aa"><code>5c5fac2</code></a> libnet/d/overlay: extract VNI match rule builder</li> <li><a href="https://github.com/moby/moby/commit/c492a22287557860831a7c4f523b8e53692bb822"><code>c492a22</code></a> libn/d/overlay: enforce encryption on sandbox init</li> <li><a href="https://github.com/moby/moby/commit/018edb02849100de701d6ab6fb932ffb68843e4b"><code>018edb0</code></a> libnet/d/overlay: document some encryption code</li> <li>See full diff in <a href="https://github.com/docker/docker/compare/v23.0.2...v23.0.3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/docker/docker&package-manager=go_modules&previous-version=23.0.2+incompatible&new-version=23.0.3+incompatible)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
diff --git a/go.mod b/go.mod
@@ -3,7 +3,7 @@ module github.com/runfinch/finch
 go 1.20
 
 require (
-	github.com/docker/docker v23.0.2+incompatible
+	github.com/docker/docker v23.0.3+incompatible
 	github.com/golang/mock v1.6.0
 	github.com/google/go-licenses v1.6.0
 	github.com/lima-vm/lima v0.15.0
diff --git a/go.sum b/go.sum
@@ -101,8 +101,8 @@ github.com/creack/pty v1.1.9/go.mod h1:oKZEueFk5CKHvIhNR5MUki03XCEU+Q6VDXinZuGJ3
 github.com/davecgh/go-spew v1.1.0/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
 github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c=
 github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
-github.com/docker/docker v23.0.2+incompatible h1:q81C2qQ/EhPm8COZMUGOQYh4qLv4Xu6CXELJ3WK/mlU=
-github.com/docker/docker v23.0.2+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
+github.com/docker/docker v23.0.3+incompatible h1:9GhVsShNWz1hO//9BNg/dpMnZW25KydO4wtVxWAIbho=
+github.com/docker/docker v23.0.3+incompatible/go.mod h1:eEKB0N0r5NX/I1kEveEz05bcu8tLC/8azJZsviup8Sk=
 github.com/docker/go-connections v0.4.0 h1:El9xVISelRB7BuFusrZozjnkIM5YnzCViNKohAFqRJQ=
 github.com/docker/go-connections v0.4.0/go.mod h1:Gbd7IOopHjR8Iph03tsViu4nIes5XhDvyHbTtUxmeec=
 github.com/docker/go-units v0.5.0 h1:69rxXcBk27SvSaaxTtLh/8llcHD8vYHT7WSdRZ/jvr4=

-Original file line number
+Diff line change
 go 1.20
 require (
 -	github.com/docker/docker v23.0.2+incompatible
 +	github.com/docker/docker v23.0.3+incompatible
 	github.com/golang/mock v1.6.0
 	github.com/google/go-licenses v1.6.0
 	github.com/lima-vm/lima v0.15.0