build(rootless): upgrade Docker to 29.2.0 #115

masontikhonov · 2026-01-27T21:14:05Z

What

This upgrades Docker to v29.2.0

Labels

Assign the following labels to the PR:

security - to trigger image scanning in CI build

PR Comments

Add the following comments to the PR:

/e2e - to trigger E2E build

Security Report

Note

Compared security scans:

Current image:
quay.io/codefresh/dev/dind:upgrade-components-rootless@sha256:0670fd1d82b8118707087b77a515f31979471cef17a3ddaaeded507283caf279

Baseline:
quay.io/codefresh/dind:rootless@sha256:fd3a6a57814f9fb1ba5c2f94f7659af0770fd18c1b9ae974f48f9d3e2dc2b148

Important

Current summary is in beta mode.
Please analyze the full scan report for comprehensive details.

Fixed CVEs: 20

🔴 High: 2

CVE-2025-61729 in crypto/x509@1.25.4 at /usr/local/libexec/docker/cli-plugins/docker-buildx
CVE-2025-52881 in github.com/opencontainers/selinux@v1.12.0 at /usr/local/bin/containerd

🟠 Medium: 6

CVE-2025-67499 in github.com/containernetworking/plugins@v1.7.1 at /usr/local/bin/rootlesskit
CVE-2025-67499 in github.com/containernetworking/plugins@v1.8.0 at /usr/local/bin/containerd
CVE-2025-61727 in crypto/x509@1.25.4 at /usr/local/libexec/docker/cli-plugins/docker-buildx
CVE-2026-22796 in openssl@3.5.4-r0 at unknown path
CVE-2025-58181 in golang.org/x/crypto/ssh@v0.42.0 at /usr/local/libexec/docker/cli-plugins/docker-buildx
CVE-2025-47914 in golang.org/x/crypto/ssh/agent@v0.42.0 at /usr/local/libexec/docker/cli-plugins/docker-buildx

🟡 Low: 11

CVE-2026-22795 in openssl@3.5.4-r0 at unknown path
CVE-2025-69421 in openssl@3.5.4-r0 at unknown path
CVE-2025-69420 in openssl@3.5.4-r0 at unknown path
CVE-2025-69419 in openssl@3.5.4-r0 at unknown path
CVE-2025-69418 in openssl@3.5.4-r0 at unknown path
CVE-2025-68160 in openssl@3.5.4-r0 at unknown path
CVE-2025-66199 in openssl@3.5.4-r0 at unknown path
CVE-2025-15469 in openssl@3.5.4-r0 at unknown path
CVE-2025-15468 in openssl@3.5.4-r0 at unknown path
CVE-2025-15467 in openssl@3.5.4-r0 at unknown path
CVE-2025-11187 in openssl@3.5.4-r0 at unknown path

⚫ Unassigned: 1

CVE-2025-47913 in golang.org/x/crypto/ssh/agent@v0.42.0 at /usr/local/libexec/docker/cli-plugins/docker-buildx

masontikhonov · 2026-01-27T21:26:43Z

/e2e

build(rootless): upgrade Docker to 29.2.0

e94005c

masontikhonov added the security label Jan 27, 2026

ci: bump version

ea6018f

masontikhonov requested a review from vasil-cf January 27, 2026 21:29

masontikhonov marked this pull request as ready for review January 27, 2026 21:29

vasil-cf approved these changes Jan 28, 2026

View reviewed changes

masontikhonov merged commit 215633e into rootless Jan 28, 2026
4 checks passed

masontikhonov deleted the upgrade-components-rootless branch January 28, 2026 08:35

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

build(rootless): upgrade Docker to 29.2.0 #115

build(rootless): upgrade Docker to 29.2.0 #115

Uh oh!

masontikhonov commented Jan 27, 2026 •

edited by codefresh-git-integration bot

Loading

Uh oh!

masontikhonov commented Jan 27, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

build(rootless): upgrade Docker to 29.2.0 #115

build(rootless): upgrade Docker to 29.2.0 #115

Uh oh!

Conversation

masontikhonov commented Jan 27, 2026 • edited by codefresh-git-integration bot Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

What

Labels

PR Comments

Security Report

Fixed CVEs: 20

🔴 High: 2

🟠 Medium: 6

🟡 Low: 11

⚫ Unassigned: 1

Uh oh!

masontikhonov commented Jan 27, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

masontikhonov commented Jan 27, 2026 •

edited by codefresh-git-integration bot

Loading