The Docker CLI
Go to file
Sebastiaan van Stijn 4d630fe843
Update Golang 1.12.16 (CVE-2020-0601, CVE-2020-7919)
full diff: https://github.com/golang/go/compare/go1.12.15...go1.12.16

go1.12.16 (released 2020/01/28) includes two security fixes. One mitigates the
CVE-2020-0601 certificate verification bypass on Windows. The other affects only
32-bit architectures.

https://github.com/golang/go/issues?q=milestone%3AGo1.12.16+label%3ACherryPickApproved

- X.509 certificate validation bypass on Windows 10
  A Windows vulnerability allows attackers to spoof valid certificate chains when
  the system root store is in use. These releases include a mitigation for Go
  applications, but it’s strongly recommended that affected users install the
  Windows security update to protect their system.
  This issue is CVE-2020-0601 and Go issue golang.org/issue/36834.
- Panic in crypto/x509 certificate parsing and golang.org/x/crypto/cryptobyte
  On 32-bit architectures, a malformed input to crypto/x509 or the ASN.1 parsing
  functions of golang.org/x/crypto/cryptobyte can lead to a panic.
  The malformed certificate can be delivered via a crypto/tls connection to a
  client, or to a server that accepts client certificates. net/http clients can
  be made to crash by an HTTPS server, while net/http servers that accept client
  certificates will recover the panic and are unaffected.
  Thanks to Project Wycheproof for providing the test cases that led to the
  discovery of this issue. The issue is CVE-2020-7919 and Go issue golang.org/issue/36837.
  This is also fixed in version v0.0.0-20200124225646-8b5121be2f68 of golang.org/x/crypto/cryptobyte.

Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
(cherry picked from commit 19fd390c36)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
2020-01-29 22:23:41 +01:00
.github Remove myself from codeowners 😅 2019-01-10 17:32:07 +01:00
cli Merge pull request #2291 from thaJeztah/19.03_backport_update_flag_description 2020-01-28 16:10:01 +01:00
cli-plugins cli-plugins: add test names for easier debugging 2019-05-23 21:28:18 +02:00
cmd/docker Use command.Cli instead of command.DockerCli 2019-05-13 09:05:54 -07:00
contrib/completion Update flag description for docker rm -v 2020-01-27 15:53:37 +01:00
dockerfiles Update Golang 1.12.16 (CVE-2020-0601, CVE-2020-7919) 2020-01-29 22:23:41 +01:00
docs Update flag description for docker rm -v 2020-01-27 15:53:37 +01:00
e2e e2e: remove unnecessary trailing newline (whitespace) 2020-01-06 13:16:59 +01:00
experimental Fix link to Kubernetes blog 2018-12-29 01:39:54 +01:00
internal internal: remove unnecessary newlines (whitespace) 2020-01-06 13:16:59 +01:00
kubernetes Use underlying `NewKubernetesConfig` directly from compose-on-kubernetes. 2019-05-20 18:14:36 +02:00
man Fix phrasing when referring to the freezer cgroup 2019-10-29 15:26:20 +01:00
opts opts: Using the variable on range scope `tc` in function literal (scopelint) 2020-01-06 13:17:02 +01:00
scripts Support GOARM and windows .exe in binary target 2019-06-05 14:13:14 -07:00
service/logs service/logs: Using the variable on range scope `testcase` in function literal (scopelint) 2020-01-06 13:16:52 +01:00
templates templates: Using the variable on range scope `testCase` in function literal (scopelint) 2020-01-06 13:16:53 +01:00
types Remove unused helath check func 2018-10-02 20:52:34 +02:00
vendor Add test for --sig-proxy with a TTY 2019-10-29 15:19:30 +01:00
.dockerignore Update dockerignore 2019-08-15 03:18:34 +02:00
.gitignore Update gitignore 2017-09-27 16:45:35 +02:00
.golangci.yml Remove now obsolete gometalinter and use golangci-lint instead 2020-01-06 13:23:38 +01:00
.mailmap Update AUTHORS and mailmap 2019-05-13 08:58:21 -07:00
AUTHORS Update AUTHORS and mailmap 2019-05-13 08:58:21 -07:00
CONTRIBUTING.md Add Contribution guidelines 2017-07-28 11:33:19 -07:00
Jenkinsfile e2e: enable buildkit 2019-08-15 03:18:42 +02:00
LICENSE Add project files 2017-04-17 17:49:33 -04:00
MAINTAINERS Remove outdated completion reviewers file 2018-08-01 15:08:36 +02:00
Makefile Allow control over dirs passed to e2e and unit tests 2019-03-11 16:02:55 +00:00
NOTICE Add project files 2017-04-17 17:49:33 -04:00
README.md update Jenkins Build Status urls for README 2019-10-29 15:27:54 +01:00
TESTING.md Update TESTING.md to replace testify by gotest.tools 2018-07-02 09:24:28 +02:00
VERSION Bump version to 19.03.0-dev 2018-09-11 13:06:49 +02:00
appveyor.yml Update Golang 1.12.16 (CVE-2020-0601, CVE-2020-7919) 2020-01-29 22:23:41 +01:00
circle.yml CircleCI: add some info steps, and re-group jobs 2020-01-17 13:45:00 +01:00
codecov.yml Fix PR comments 2018-01-03 10:23:32 +01:00
docker.Makefile Dockerfile: use GO_VERSION build-arg for overriding Go version 2019-08-14 03:03:04 +02:00
poule.yml Add github templates and initial poule configuration 2017-05-09 16:57:46 +02:00
vendor.conf Add test for --sig-proxy with a TTY 2019-10-29 15:19:30 +01:00

README.md

build status Build Status

docker/cli

This repository is the home of the cli used in the Docker CE and Docker EE products.

Development

docker/cli is developed using Docker.

Build a linux binary:

$ make -f docker.Makefile binary

Build binaries for all supported platforms:

$ make -f docker.Makefile cross

Run all linting:

$ make -f docker.Makefile lint

List all the available targets:

$ make help

In-container development environment

Start an interactive development environment:

$ make -f docker.Makefile shell

In the development environment you can run many tasks, including build binaries:

$ make binary

Legal

Brought to you courtesy of our legal counsel. For more context, please see the NOTICE document in this repo.

Use and transfer of Docker may be subject to certain restrictions by the United States and other governments.

It is your responsibility to ensure that your use and/or transfer does not violate applicable laws.

For more information, please see https://www.bis.doc.gov

Licensing

docker/cli is licensed under the Apache License, Version 2.0. See LICENSE for the full license text.