Skip to content
Permalink

Comparing changes

Choose two branches to see what’s changed or to start a new pull request. If you need to, you can also or learn more about diff comparisons.

Open a pull request

Create a new pull request by comparing changes across two branches. If you need to, you can also . Learn more about diff comparisons here.
base repository: docker/cli
Failed to load repositories. Confirm that selected base ref is valid, then try again.
Loading
base: v29.1.1
Choose a base ref
...
head repository: docker/cli
Failed to load repositories. Confirm that selected head ref is valid, then try again.
Loading
compare: v29.1.2
Choose a head ref
  • 4 commits
  • 9 files changed
  • 3 contributors

Commits on Dec 1, 2025

  1. opts/swarmopts: use sub-tests 

    Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
    @thaJeztah
    thaJeztah committed Dec 1, 2025
    Configuration menu
    Copy the full SHA
    ba683d8 View commit details
    Browse the repository at this point in the history

  2. Merge pull request #6687 from thaJeztah/use_subtests 

    opts/swarmopts: use sub-tests
    @vvoland
    vvoland authored Dec 1, 2025
    Configuration menu
    Copy the full SHA
    c197aa7 View commit details
    Browse the repository at this point in the history

Commits on Dec 2, 2025

  1. update to go1.25.5 

    These releases include 2 security fixes following the security policy:

- crypto/x509: excessive resource consumption in printing error string for host certificate validation

    Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out.
    Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime.

    Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.
    HostnameError.Error() now limits the number of hosts and utilizes strings.Builder when constructing an error string.

    Thanks to Philippe Antoine (Catena cyber) for reporting this issue.

    This is CVE-2025-61729 and Go issue https://go.dev/issue/76445.

- crypto/x509: excluded subdomain constraint does not restrict wildcard SANs

    An excluded subdomain constraint in a certificate chain does not restrict the
    usage of wildcard SANs in the leaf certificate. For example a constraint that
    excludes the subdomain test.example.com does not prevent a leaf certificate from
    claiming the SAN *.example.com.

    This is CVE-2025-61727 and Go issue https://go.dev/issue/76442.

View the release notes for more information:
https://go.dev/doc/devel/release#go1.25.5

Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
    @vvoland
    vvoland committed Dec 2, 2025
    Configuration menu
    Copy the full SHA
    d544885 View commit details
    Browse the repository at this point in the history

  2. Merge pull request #6688 from vvoland/update-go 

    update to go1.25.5
    @thaJeztah
    thaJeztah authored Dec 2, 2025
    Configuration menu
    Copy the full SHA
    890dcca View commit details
    Browse the repository at this point in the history
Loading