chore(master): release 2.0.23

[lotyp]

🤖 I have created a release beep boop

2.0.23 (2025-05-18)

Dependencies

• deps: update wayofdev/gh-actions action to v3.3.0 (#87) (a14d262)

---

This PR was generated with Release Please. See documentation.

[github-actions]

Outdated

🔍 Vulnerabilities of moby/buildkit:buildx-stable-1

📦 Image Reference moby/buildkit:buildx-stable-1

digest	sha256:8124f5e2ddf9a4985ca653c7bd4bb0132eef4316aaf2975181a5f6a9d0f14ced
vulnerabilities
platform	linux/amd64
size	104 MB
packages	248

📦 Base Image alpine:3

also known as	3.21 3.21.3 latest
digest	sha256:1c4eef651f65e2f7daee7ee785882ac164b02b78fb74503052a26dc061c90474
vulnerabilities

stdlib 1.22.4 (golang) pkg:golang/stdlib@1.22.4 Affected range <1.23.8 Fixed version 1.23.8 EPSS Score 0.018% EPSS Percentile 3rd percentile Description The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext. Affected range <1.22.7 Fixed version 1.22.7 EPSS Score 0.054% EPSS Percentile 17th percentile Description Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion. Affected range <1.22.7 Fixed version 1.22.7 EPSS Score 0.108% EPSS Percentile 30th percentile Description Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. Affected range >=1.22.0-0 <1.22.5 Fixed version 1.22.5 EPSS Score 0.200% EPSS Percentile 43rd percentile Description The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail. Affected range <1.22.7 Fixed version 1.22.7 EPSS Score 0.127% EPSS Percentile 33rd percentile Description Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

[github-actions]

Outdated

Recommended fixes for image moby/buildkit:buildx-stable-1

Base image is alpine:3

Name	3.21.3
Digest	sha256:1c4eef651f65e2f7daee7ee785882ac164b02b78fb74503052a26dc061c90474
Vulnerabilities
Pushed	3 months ago
Size	3.6 MB
Packages	19
OS	3.21.3

The base image is also available under the supported tag(s): 3.21, 3.21.3, latest

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

✅ There are no tag recommendations at this time.

[github-actions]

🔍 Vulnerabilities of moby/buildkit:buildx-stable-1

📦 Image Reference moby/buildkit:buildx-stable-1

digest	sha256:8124f5e2ddf9a4985ca653c7bd4bb0132eef4316aaf2975181a5f6a9d0f14ced
vulnerabilities
platform	linux/amd64
size	104 MB
packages	248

📦 Base Image alpine:3

also known as	3.21 3.21.3 latest
digest	sha256:1c4eef651f65e2f7daee7ee785882ac164b02b78fb74503052a26dc061c90474
vulnerabilities

stdlib 1.22.4 (golang) pkg:golang/stdlib@1.22.4 Affected range <1.23.8 Fixed version 1.23.8 EPSS Score 0.018% EPSS Percentile 3rd percentile Description The net/http package improperly accepts a bare LF as a line terminator in chunked data chunk-size lines. This can permit request smuggling if a net/http server is used in conjunction with a server that incorrectly accepts a bare LF as part of a chunk-ext. Affected range <1.22.7 Fixed version 1.22.7 EPSS Score 0.054% EPSS Percentile 17th percentile Description Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion. Affected range <1.22.7 Fixed version 1.22.7 EPSS Score 0.108% EPSS Percentile 30th percentile Description Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635. Affected range >=1.22.0-0 <1.22.5 Fixed version 1.22.5 EPSS Score 0.200% EPSS Percentile 43rd percentile Description The net/http HTTP/1.1 client mishandled the case where a server responds to a request with an "Expect: 100-continue" header with a non-informational (200 or higher) status. This mishandling could leave a client connection in an invalid state, where the next request sent on the connection will fail. An attacker sending a request to a net/http/httputil.ReverseProxy proxy can exploit this mishandling to cause a denial of service by sending "Expect: 100-continue" requests which elicit a non-informational response from the backend. Each such request leaves the proxy with an invalid connection, and causes one subsequent request using that connection to fail. Affected range <1.22.7 Fixed version 1.22.7 EPSS Score 0.127% EPSS Percentile 33rd percentile Description Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion. This is a follow-up to CVE-2022-30635.

[github-actions]

Recommended fixes for image moby/buildkit:buildx-stable-1

Base image is alpine:3

Name	3.21.3
Digest	sha256:1c4eef651f65e2f7daee7ee785882ac164b02b78fb74503052a26dc061c90474
Vulnerabilities
Pushed	3 months ago
Size	3.6 MB
Packages	19
OS	3.21.3

The base image is also available under the supported tag(s): 3.21, 3.21.3, latest

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

✅ There are no tag recommendations at this time.

[lotyp]

🤖 Created releases:

• v2.0.23

🌻