On 21 July 2017 at 15:17, Tianon Gravi <tia...@debian.org> wrote: > https://github.com/docker/distribution/releases/tag/v2.6.2 is the > release which fixes this (and it links to > https://github.com/docker/distribution/commit/29fa466debaabb64f8559116bbffd20a289d523c > as the specific commit which does so).
The also updated the 2.5 branch in https://github.com/docker/distribution/releases/tag/v2.5.2, so if we end up cherry-picking the CVE fixing patch instead of bumping, https://github.com/docker/distribution/commit/58d239d723efbc2b2935ddc8816b51d355525989 might apply easier (haven't looked at applying either, just noting it for completeness). ♥, - Tianon 4096R / B42F 6819 007F 00F8 8E36 4FD4 036A 9C25 BF35 7DD4 _______________________________________________ Pkg-go-maintainers mailing list Pkg-go-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-go-maintainers