Sourced from github.com/docker/docker's releases.
v24.0.9
24.0.9
For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:
Security
This release contains security fixes for the following CVEs affecting Docker Engine and its components.
CVE Component Fix version Severity CVE-2024-21626 runc 1.1.12 High, CVSS 8.6 CVE-2024-24557 Docker Engine 24.0.9 Medium, CVSS 6.9 Important ⚠️
Note that this release of Docker Engine doesn't include fixes for the following known vulnerabilities in BuildKit:
To address these vulnerabilities, upgrade to Docker Engine v25.0.2.
For more information about the security issues addressed in this release, and the unaddressed vulnerabilities in BuildKit, refer to the blog post. For details about each vulnerability, see the relevant security advisory:
Packaging updates
- Upgrade runc to v1.1.12. moby/moby#47269
- Upgrade containerd to v1.7.13 (static binaries only). moby/moby#47280
v24.0.8
24.0.8
For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:
Bug fixes and enhancements
- Live restore: Containers with auto remove (
docker run --rm
) are no longer forcibly removed on engine restart. moby/moby#46857
... (truncated)
fca702d
Merge pull request from GHSA-xw73-rw38-6vjcf78a772
Merge pull request #47281
from thaJeztah/24.0_backport_bump_containerd_binary...61afffe
Merge pull request #47270
from thaJeztah/24.0_backport_bump_runc_binary_1.1.12b38e74c
Merge pull request #47276
from thaJeztah/24.0_backport_bump_runc_1.1.12dac5663
update containerd binary to v1.7.1320e1af3
vendor: github.com/opencontainers/runc v1.1.12858919d
update runc binary to v1.1.12141ad39
Merge pull request #47266
from vvoland/ci-fix-makeps1-templatefail-24db968c6
hack/make.ps1: Fix go list pattern61c51fb
Merge pull request #47221
from vvoland/pkg-pools-close-noop-24Sourced from express's releases.
4.19.2
What's Changed
Full Changelog: https://github.com/expressjs/express/compare/4.19.1...4.19.2
4.19.1
What's Changed
- Fix ci after location patch by
@wesleytodd
in expressjs/express#5552- fixed un-edited version in history.md for 4.19.0 by
@wesleytodd
in expressjs/express#5556Full Changelog: https://github.com/expressjs/express/compare/4.19.0...4.19.1
4.19.0
What's Changed
- fix typo in release date by
@UlisesGascon
in expressjs/express#5527- docs: nominating
@wesleytodd
to be project captian by@wesleytodd
in expressjs/express#5511- docs: loosen TC activity rules by
@wesleytodd
in expressjs/express#5510- Add note on how to update docs for new release by
@crandmck
in expressjs/express#5541- Prevent open redirect allow list bypass due to encodeurl
- Release 4.19.0 by
@wesleytodd
in expressjs/express#5551New Contributors
@crandmck
made their first contribution in expressjs/express#5541Full Changelog: https://github.com/expressjs/express/compare/4.18.3...4.19.0
4.18.3
Main Changes
- Fix routing requests without method
- deps: body-parser@1.20.2
- Fix strict json error message on Node.js 19+
- deps: content-type@~1.0.5
- deps: raw-body@2.5.2
Other Changes
- Use https: protocol instead of deprecated git: protocol by
@vcsjones
in expressjs/express#5032- build: Node.js@16.18 and Node.js@18.12 by
@abenhamdine
in expressjs/express#5034- ci: update actions/checkout to v3 by
@armujahid
in expressjs/express#5027- test: remove unused function arguments in params by
@raksbisht
in expressjs/express#5124- Remove unused originalIndex from acceptParams by
@raksbisht
in expressjs/express#5119- Fixed typos by
@raksbisht
in expressjs/express#5117- examples: remove unused params by
@raksbisht
in expressjs/express#5113- fix: parameter str is not described in JSDoc by
@raksbisht
in expressjs/express#5130- fix: typos in History.md by
@raksbisht
in expressjs/express#5131- build : add Node.js@19.7 by
@abenhamdine
in expressjs/express#5028- test: remove unused function arguments in params by
@raksbisht
in expressjs/express#5137
... (truncated)
Sourced from express's changelog.
4.19.2 / 2024-03-25
- Improved fix for open redirect allow list bypass
4.19.1 / 2024-03-20
- Allow passing non-strings to res.location with new encoding handling checks
4.19.0 / 2024-03-20
- Prevent open redirect allow list bypass due to encodeurl
- deps: cookie@0.6.0
4.18.3 / 2024-02-29
- Fix routing requests without method
- deps: body-parser@1.20.2
- Fix strict json error message on Node.js 19+
- deps: content-type@~1.0.5
- deps: raw-body@2.5.2
- deps: cookie@0.6.0
- Add
partitioned
option
04bc627
4.19.2da4d763
Improved fix for open redirect allow list bypass4f0f6cc
4.19.1a003cfa
Allow passing non-strings to res.location with new encoding handling
checks f...a1fa90f
fixed un-edited version in history.md for 4.19.011f2b1d
build: fix build due to inconsistent supertest behavior in older
versions084e365
4.19.00867302
Prevent open redirect allow list bypass due to encodeurl567c9c6
Add note on how to update docs for new release (#5541)69a4cf2
deps: cookie@0.6.0This version was pushed to npm by wesleytodd, a new releaser for express since your current version.
Sourced from express's releases.
4.19.2
What's Changed
Full Changelog: https://github.com/expressjs/express/compare/4.19.1...4.19.2
4.19.1
What's Changed
- Fix ci after location patch by
@wesleytodd
in expressjs/express#5552- fixed un-edited version in history.md for 4.19.0 by
@wesleytodd
in expressjs/express#5556Full Changelog: https://github.com/expressjs/express/compare/4.19.0...4.19.1
4.19.0
What's Changed
- fix typo in release date by
@UlisesGascon
in expressjs/express#5527- docs: nominating
@wesleytodd
to be project captian by@wesleytodd
in expressjs/express#5511- docs: loosen TC activity rules by
@wesleytodd
in expressjs/express#5510- Add note on how to update docs for new release by
@crandmck
in expressjs/express#5541- Prevent open redirect allow list bypass due to encodeurl
- Release 4.19.0 by
@wesleytodd
in expressjs/express#5551New Contributors
@crandmck
made their first contribution in expressjs/express#5541Full Changelog: https://github.com/expressjs/express/compare/4.18.3...4.19.0
4.18.3
Main Changes
- Fix routing requests without method
- deps: body-parser@1.20.2
- Fix strict json error message on Node.js 19+
- deps: content-type@~1.0.5
- deps: raw-body@2.5.2
Other Changes
- Use https: protocol instead of deprecated git: protocol by
@vcsjones
in expressjs/express#5032- build: Node.js@16.18 and Node.js@18.12 by
@abenhamdine
in expressjs/express#5034- ci: update actions/checkout to v3 by
@armujahid
in expressjs/express#5027- test: remove unused function arguments in params by
@raksbisht
in expressjs/express#5124- Remove unused originalIndex from acceptParams by
@raksbisht
in expressjs/express#5119- Fixed typos by
@raksbisht
in expressjs/express#5117- examples: remove unused params by
@raksbisht
in expressjs/express#5113- fix: parameter str is not described in JSDoc by
@raksbisht
in expressjs/express#5130- fix: typos in History.md by
@raksbisht
in expressjs/express#5131- build : add Node.js@19.7 by
@abenhamdine
in expressjs/express#5028- test: remove unused function arguments in params by
@raksbisht
in expressjs/express#5137
... (truncated)
Sourced from express's changelog.
4.19.2 / 2024-03-25
- Improved fix for open redirect allow list bypass
4.19.1 / 2024-03-20
- Allow passing non-strings to res.location with new encoding handling checks
4.19.0 / 2024-03-20
- Prevent open redirect allow list bypass due to encodeurl
- deps: cookie@0.6.0
4.18.3 / 2024-02-29
- Fix routing requests without method
- deps: body-parser@1.20.2
- Fix strict json error message on Node.js 19+
- deps: content-type@~1.0.5
- deps: raw-body@2.5.2
- deps: cookie@0.6.0
- Add
partitioned
option
04bc627
4.19.2da4d763
Improved fix for open redirect allow list bypass4f0f6cc
4.19.1a003cfa
Allow passing non-strings to res.location with new encoding handling
checks f...a1fa90f
fixed un-edited version in history.md for 4.19.011f2b1d
build: fix build due to inconsistent supertest behavior in older
versions084e365
4.19.00867302
Prevent open redirect allow list bypass due to encodeurl567c9c6
Add note on how to update docs for new release (#5541)69a4cf2
deps: cookie@0.6.0This version was pushed to npm by wesleytodd, a new releaser for express since your current version.
Sourced from github.com/docker/docker's releases.
v24.0.9
24.0.9
For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:
Security
This release contains security fixes for the following CVEs affecting Docker Engine and its components.
CVE Component Fix version Severity CVE-2024-21626 runc 1.1.12 High, CVSS 8.6 CVE-2024-24557 Docker Engine 24.0.9 Medium, CVSS 6.9 Important ⚠️
Note that this release of Docker Engine doesn't include fixes for the following known vulnerabilities in BuildKit:
To address these vulnerabilities, upgrade to Docker Engine v25.0.2.
For more information about the security issues addressed in this release, and the unaddressed vulnerabilities in BuildKit, refer to the blog post. For details about each vulnerability, see the relevant security advisory:
Packaging updates
- Upgrade runc to v1.1.12. moby/moby#47269
- Upgrade containerd to v1.7.13 (static binaries only). moby/moby#47280
v24.0.8
24.0.8
For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:
Bug fixes and enhancements
- Live restore: Containers with auto remove (
docker run --rm
) are no longer forcibly removed on engine restart. moby/moby#46857
... (truncated)
fca702d
Merge pull request from GHSA-xw73-rw38-6vjcf78a772
Merge pull request #47281
from thaJeztah/24.0_backport_bump_containerd_binary...61afffe
Merge pull request #47270
from thaJeztah/24.0_backport_bump_runc_binary_1.1.12b38e74c
Merge pull request #47276
from thaJeztah/24.0_backport_bump_runc_1.1.12dac5663
update containerd binary to v1.7.1320e1af3
vendor: github.com/opencontainers/runc v1.1.12858919d
update runc binary to v1.1.12141ad39
Merge pull request #47266
from vvoland/ci-fix-makeps1-templatefail-24db968c6
hack/make.ps1: Fix go list pattern61c51fb
Merge pull request #47221
from vvoland/pkg-pools-close-noop-24Sourced from express's releases.
4.19.2
What's Changed
Full Changelog: https://github.com/expressjs/express/compare/4.19.1...4.19.2
4.19.1
What's Changed
- Fix ci after location patch by
@wesleytodd
in expressjs/express#5552- fixed un-edited version in history.md for 4.19.0 by
@wesleytodd
in expressjs/express#5556Full Changelog: https://github.com/expressjs/express/compare/4.19.0...4.19.1
4.19.0
What's Changed
- fix typo in release date by
@UlisesGascon
in expressjs/express#5527- docs: nominating
@wesleytodd
to be project captian by@wesleytodd
in expressjs/express#5511- docs: loosen TC activity rules by
@wesleytodd
in expressjs/express#5510- Add note on how to update docs for new release by
@crandmck
in expressjs/express#5541- Prevent open redirect allow list bypass due to encodeurl
- Release 4.19.0 by
@wesleytodd
in expressjs/express#5551New Contributors
@crandmck
made their first contribution in expressjs/express#5541Full Changelog: https://github.com/expressjs/express/compare/4.18.3...4.19.0
4.18.3
Main Changes
- Fix routing requests without method
- deps: body-parser@1.20.2
- Fix strict json error message on Node.js 19+
- deps: content-type@~1.0.5
- deps: raw-body@2.5.2
Other Changes
- Use https: protocol instead of deprecated git: protocol by
@vcsjones
in expressjs/express#5032- build: Node.js@16.18 and Node.js@18.12 by
@abenhamdine
in expressjs/express#5034- ci: update actions/checkout to v3 by
@armujahid
in expressjs/express#5027- test: remove unused function arguments in params by
@raksbisht
in expressjs/express#5124- Remove unused originalIndex from acceptParams by
@raksbisht
in expressjs/express#5119- Fixed typos by
@raksbisht
in expressjs/express#5117- examples: remove unused params by
@raksbisht
in expressjs/express#5113- fix: parameter str is not described in JSDoc by
@raksbisht
in expressjs/express#5130- fix: typos in History.md by
@raksbisht
in expressjs/express#5131- build : add Node.js@19.7 by
@abenhamdine
in expressjs/express#5028- test: remove unused function arguments in params by
@raksbisht
in expressjs/express#5137
... (truncated)
Sourced from express's changelog.
4.19.2 / 2024-03-25
- Improved fix for open redirect allow list bypass
4.19.1 / 2024-03-20
- Allow passing non-strings to res.location with new encoding handling checks
4.19.0 / 2024-03-20
- Prevent open redirect allow list bypass due to encodeurl
- deps: cookie@0.6.0
4.18.3 / 2024-02-29
- Fix routing requests without method
- deps: body-parser@1.20.2
- Fix strict json error message on Node.js 19+
- deps: content-type@~1.0.5
- deps: raw-body@2.5.2
- deps: cookie@0.6.0
- Add
partitioned
option
04bc627
4.19.2da4d763
Improved fix for open redirect allow list bypass4f0f6cc
4.19.1a003cfa
Allow passing non-strings to res.location with new encoding handling
checks f...a1fa90f
fixed un-edited version in history.md for 4.19.011f2b1d
build: fix build due to inconsistent supertest behavior in older
versions084e365
4.19.00867302
Prevent open redirect allow list bypass due to encodeurl567c9c6
Add note on how to update docs for new release (#5541)69a4cf2
deps: cookie@0.6.0This version was pushed to npm by wesleytodd, a new releaser for express since your current version.