Bump the go-modules group with 2 updates

[dependabot]

Bumps the go-modules group with 2 updates: github.com/containerd/containerd and github.com/docker/docker.

Updates github.com/containerd/containerd from 1.7.7 to 1.7.8

Release notes

Sourced from github.com/containerd/containerd's releases.

containerd 1.7.8

Welcome to the v1.7.8 release of containerd!

The eighth patch release for containerd 1.7 contains various fixes and updates.

Notable Updates

• Fix ambiguous TLS fallback (#9299)
• Update Go to 1.20.10 (#9265)
• Add a new image label on converted schema 1 images (#9252)
• Fix handling for missing basic auth credentials (#9235)
• Fix potential deadlock in create handler for containerd-shim-runc-v2 (#9209)

See the changelog for complete list of changes

Please try out the release binaries and report any issues at https://github.com/containerd/containerd/issues.

Contributors

• Sebastiaan van Stijn
• Derek McGowan
• Phil Estes
• Chen Yiyang
• Wei Fu
• Akihiro Suda
• Maksym Pavlenko
• Marat Radchenko
• Milas Bowman
• Qiutong Song
• Samuel Karp

Changes

• [release/1.7] Prepare release notes for v1.7.8 (#9278)
  • 48dbdf871 Prepare release notes for v1.7.8
• [release/1.7] Fix ambiguous tls fallback (#9299)
  • 68abc543b Check scheme and host of request on push redirect
  • 35c7634e3 Avoid TLS fallback when protocol is not ambiguous
• [release/1.7] vendor: google.golang.org/grpc v1.58.3 (#9281)
  • f36948cad vendor: gRPC v1.58.3
• [release/1.7 backport] vendor: golang.org/x/net v0.17.0 (#9276)
  • c67a53190 vendor: golang.org/x/net v0.17.0
  • 71f4b36ca vendor: golang.org/x/text v0.13.0
  • a7b3b7090 vendor: golang.org/x/sys v0.13.0
• [release/1.7] vendor: google.golang.org/grpc v1.56.3 (#9248)
  • 26736d6e1 vendor: google.golang.org/grpc v1.56.3
  • 54a69a6e4 vendor: golang.org/x/oauth2 v0.7.0

... (truncated)

Commits

• 8e4b0bd Merge pull request #9278 from dmcgowan/prepare-v1.7.8
• 48dbdf8 Prepare release notes for v1.7.8
• 6a9a187 Merge pull request #9299 from dmcgowan/1.7-fix-ambiguous-tls-fallback
• bb65a3a Merge pull request #9281 from milas/grpc-1.58.3-1.7
• 68abc54 Check scheme and host of request on push redirect
• 35c7634 Avoid TLS fallback when protocol is not ambiguous
• f36948c vendor: gRPC v1.58.3
• f118563 Merge pull request #9276 from thaJeztah/1.7_backport_bump_x_net
• c67a531 vendor: golang.org/x/net v0.17.0
• 71f4b36 vendor: golang.org/x/text v0.13.0
• Additional commits viewable in compare view

Updates github.com/docker/docker from 24.0.6+incompatible to 24.0.7+incompatible

Release notes

Sourced from github.com/docker/docker's releases.

v24.0.7

24.0.7

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 24.0.7 milestone
• moby/moby, 24.0.7 milestone

Bug fixes and enhancements

• Write overlay2 layer metadata atomically. moby/moby#46703
• Fix "Rootful-in-Rootless" Docker-in-Docker on systemd version 250 and later. moby/moby#46626
• Fix dockerd-rootless-setuptools.sh when username contains a backslash. moby/moby#46407
• Fix a bug that would prevent network sandboxes to be fully deleted when stopping containers with no network attachments and when dockerd --bridge=none is used. moby/moby#46702
• Fix a bug where cancelling an API request could interrupt container restart. moby/moby#46697
• Fix an issue where containers would fail to start when providing --ip-range with a range larger than the subnet. docker/for-mac#6870
• Fix data corruption with zstd output. moby/moby#46709
• Fix the conditions under which the container's MAC address is applied. moby/moby#46478
• Improve the performance of the stats collector. moby/moby#46448
• Fix an issue with source policy rules ending up in the wrong order. moby/moby#46441

Packaging updates

• Add support for Fedora 39 and Ubuntu 23.10. docker/docker-ce-packaging#940, docker/docker-ce-packaging#955
• Fix docker.socket not getting disabled when uninstalling the docker-ce RPM package. docker/docker-ce-packaging#852
• Upgrade Go to go1.20.10. docker/docker-ce-packaging#951
• Upgrade containerd to v1.7.6 (static binaries only). moby/moby#46103
• Upgrade the containerd.io package to v1.6.24.

Security

• Deny containers access to /sys/devices/virtual/powercap by default. This change hardens against CVE-2020-8694, CVE-2020-8695, and CVE-2020-12912, and an attack known as the PLATYPUS attack. For more details, see advisory, commit.

Commits

• 311b9ff Merge pull request #46697 from thaJeztah/24.0_backport_restart_nocancel
• af60804 Merge pull request from GHSA-jq35-85cj-fj4p
• 3cf363e Merge pull request #46709 from thaJeztah/24.0_backport_bump_compress
• 05d7386 daemon: daemon.containerRestart: don't cancel restart on context cancel
• 649c944 Merge pull request #46703 from thaJeztah/24.0_backport_atomic-layer-data-write
• 9b20b1a Merge pull request #46702 from thaJeztah/24.0_backport_releaseNetwork_Network...
• dd37b0b vendor: github.com/klauspost/compress v1.17.2
• 7058c0d vendor: github.com/klauspost/compress v1.16.5
• 57bd388 daemon: overlay2: Write layer metadata atomically
• 05d95fd daemon: release sandbox even when NetworkDisabled
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions