[ubuntu/noble-proposed] docker.io-app 27.5.1-0ubuntu3~24.04.1 (Accepted)

Athos Ribeiro athos.ribeiro at canonical.com
Wed May 21 13:15:35 UTC 2025 

docker.io-app (27.5.1-0ubuntu3~24.04.1) noble; urgency=medium

  * Backport from plucky to noble (LP: #2085187)
  * d/control: build with golang 1.22 for consistency across the supported
    release
  * d/rules: add golang 1.22 to PATH
  * d/t/docker-in-lxd: workaround Apparmor/kernel bug (LP #2067900)
  * d/docker.io.postinst: notify when a reboot is required to reload the
    AppArmor profile (LP #2065423).

docker.io-app (27.5.1-0ubuntu3) plucky; urgency=medium

  * d/control: set a version for the docker-cli Provides

docker.io-app (27.5.1-0ubuntu2) plucky; urgency=medium

  * d/control: provides docker-cli (LP: #2099941)

docker.io-app (27.5.1-0ubuntu1) plucky; urgency=medium

  * New upstream version 27.5.1 (LP: #2085187)
  * d/control: build with golang 1.24 (LP: #2098661)
  * d/rules: add golang 1.24 to PATH
  * d/patches: drop patches for CVE-2024-41110. Fixed upstream
  * d/helpers/build-manpages.sh: build manpages with Go 1.24
  * d/manpages/*: update manpages for version 27.5.1
  * d/docker.io.docs: update NOTICE files

docker.io-app (26.1.3-0ubuntu2) plucky; urgency=medium

  * SECURITY UPDATE: authz plugin bypass causes privilege escalation
    - debian/patches/CVE-2024-41110-1.patch: Authz plugin security fixes
      for 0-length content and path validation
    - debian/patches/CVE-2024-41110-2.patch: If url includes scheme,
      urlPath will drop hostname, which would not match the auth check
    - CVE-2024-41110

Date: Tue, 01 Apr 2025 11:11:56 -0300
Changed-By: Athos Ribeiro <athos.ribeiro at canonical.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/docker.io-app/27.5.1-0ubuntu3~24.04.1
-------------- next part --------------
Format: 1.8
Date: Tue, 01 Apr 2025 11:11:56 -0300
Source: docker.io-app
Built-For-Profiles: noudeb
Architecture: source
Version: 27.5.1-0ubuntu3~24.04.1
Distribution: noble
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Athos Ribeiro <athos.ribeiro at canonical.com>
Launchpad-Bugs-Fixed: 2085187 2098661 2099941
Changes:
 docker.io-app (27.5.1-0ubuntu3~24.04.1) noble; urgency=medium
 .
   * Backport from plucky to noble (LP: #2085187)
   * d/control: build with golang 1.22 for consistency across the supported
     release
   * d/rules: add golang 1.22 to PATH
   * d/t/docker-in-lxd: workaround Apparmor/kernel bug (LP #2067900)
   * d/docker.io.postinst: notify when a reboot is required to reload the
     AppArmor profile (LP #2065423).
 .
 docker.io-app (27.5.1-0ubuntu3) plucky; urgency=medium
 .
   * d/control: set a version for the docker-cli Provides
 .
 docker.io-app (27.5.1-0ubuntu2) plucky; urgency=medium
 .
   * d/control: provides docker-cli (LP: #2099941)
 .
 docker.io-app (27.5.1-0ubuntu1) plucky; urgency=medium
 .
   * New upstream version 27.5.1 (LP: #2085187)
   * d/control: build with golang 1.24 (LP: #2098661)
   * d/rules: add golang 1.24 to PATH
   * d/patches: drop patches for CVE-2024-41110. Fixed upstream
   * d/helpers/build-manpages.sh: build manpages with Go 1.24
   * d/manpages/*: update manpages for version 27.5.1
   * d/docker.io.docs: update NOTICE files
 .
 docker.io-app (26.1.3-0ubuntu2) plucky; urgency=medium
 .
   * SECURITY UPDATE: authz plugin bypass causes privilege escalation
     - debian/patches/CVE-2024-41110-1.patch: Authz plugin security fixes
       for 0-length content and path validation
     - debian/patches/CVE-2024-41110-2.patch: If url includes scheme,
       urlPath will drop hostname, which would not match the auth check
     - CVE-2024-41110
Checksums-Sha1:
 4b80c37767316128c7f9284dc4a8a3d1aeba4192 2447 docker.io-app_27.5.1-0ubuntu3~24.04.1.dsc
 61bd81385c293815d7c812312ba52546205c4899 24574055 docker.io-app_27.5.1.orig.tar.gz
 c469dd8e860a31939536b852e93b6cef54597231 99100 docker.io-app_27.5.1-0ubuntu3~24.04.1.debian.tar.xz
 a5c27341928a717092c01947daab4589c933fa60 8723 docker.io-app_27.5.1-0ubuntu3~24.04.1_source.buildinfo
Checksums-Sha256:
 831d0741758c20bc8377578f25c20e3a665534b7aabdafdb30ec8f6c7928270d 2447 docker.io-app_27.5.1-0ubuntu3~24.04.1.dsc
 56b9a6ee36c7d5a20deddf9ede497142fbe8f609b96a3d889874406b8def84aa 24574055 docker.io-app_27.5.1.orig.tar.gz
 729bdce05d2a1d6e4362e3c0086a1e237dc29e93c8681d79b073a772c2924221 99100 docker.io-app_27.5.1-0ubuntu3~24.04.1.debian.tar.xz
 a61167c334712c9c2e6aabfe3fa686fefa947e63a929f506ffacf9532a20007b 8723 docker.io-app_27.5.1-0ubuntu3~24.04.1_source.buildinfo
Files:
 606cf9ffb500ebbc78bb7ee600a352c4 2447 admin optional docker.io-app_27.5.1-0ubuntu3~24.04.1.dsc
 a5289cdaa1596f62ac99e74d114c06a6 24574055 admin optional docker.io-app_27.5.1.orig.tar.gz
 abdfbbe20a6da980c0db1a0e659c9d23 99100 admin optional docker.io-app_27.5.1-0ubuntu3~24.04.1.debian.tar.xz
 77621ba1aa254cb071c009566986a07b 8723 admin optional docker.io-app_27.5.1-0ubuntu3~24.04.1_source.buildinfo

More information about the noble-changes mailing list