On 21 July 2017 at 15:17, Tianon Gravi <tia...@debian.org> wrote:
> https://github.com/docker/distribution/releases/tag/v2.6.2 is the
> release which fixes this (and it links to
> https://github.com/docker/distribution/commit/29fa466debaabb64f8559116bbffd20a289d523c
> as the specific commit which does so).

The also updated the 2.5 branch in
https://github.com/docker/distribution/releases/tag/v2.5.2, so if we
end up cherry-picking the CVE fixing patch instead of bumping,
might apply easier (haven't looked at applying either, just noting it
for completeness).

- Tianon
  4096R / B42F 6819 007F 00F8 8E36  4FD4 036A 9C25 BF35 7DD4

Pkg-go-maintainers mailing list

Reply via email to