3f55382ff0
go1.21.12 (released 2024-07-02) includes security fixes to the net/http package, as well as bug fixes to the compiler, the go command, the runtime, and the crypto/x509, net/http, net/netip, and os packages. See the Go 1.21.12 milestone on our issue tracker for details: - https://github.com/golang/go/issues?q=milestone%3AGo1.21.12+label%3ACherryPickApproved - full diff: https://github.com/golang/go/compare/go1.21.11...go1.21.12 From the security mailing: > Hello gophers, > > We have just released Go versions 1.22.5 and 1.21.12, minor point releases. > > These minor releases include 1 security fixes following the security policy: > > * net/http: denial of service due to improper 100-continue handling > > The net/http HTTP/1.1 client mishandled the case where a server responds > to a request with an “Expect: 100-continue” header with a non-informational > (200 or higher) status. This mishandling could leave a client connection > in an invalid state, where the next request sent on the connection will fail. > > An attacker sending a request to a net/http/httputil.ReverseProxy proxy can > exploit this mishandling to cause a denial of service by sending > “Expect: 100-continue” requests which elicit a non-informational response > from the backend. Each such request leaves the proxy with an invalid connection, > and causes one subsequent request using that connection to fail. > > Thanks to Geoff Franks for reporting this issue. > > This is CVE-2024-24791 and Go issue https://go.dev/issue/67555. Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
Table of Contents
Docker Compose v2
Docker Compose is a tool for running multi-container applications on Docker
defined using the Compose file format.
A Compose file is used to define how one or more containers that make up
your application are configured.
Once you have a Compose file, you can create and start your application with a
single command: docker compose up.
Where to get Docker Compose
Windows and macOS
Docker Compose is included in Docker Desktop for Windows and macOS.
Linux
You can download Docker Compose binaries from the release page on this repository.
Rename the relevant binary for your OS to docker-compose and copy it to $HOME/.docker/cli-plugins
Or copy it into one of these folders to install it system-wide:
/usr/local/lib/docker/cli-pluginsOR/usr/local/libexec/docker/cli-plugins/usr/lib/docker/cli-pluginsOR/usr/libexec/docker/cli-plugins
(might require making the downloaded file executable with chmod +x)
Quick Start
Using Docker Compose is a three-step process:
- Define your app's environment with a
Dockerfileso it can be reproduced anywhere. - Define the services that make up your app in
compose.yamlso they can be run together in an isolated environment. - Lastly, run
docker compose upand Compose will start and run your entire app.
A Compose file looks like this:
services:
web:
build: .
ports:
- "5000:5000"
volumes:
- .:/code
redis:
image: redis
Contributing
Want to help develop Docker Compose? Check out our contributing documentation.
If you find an issue, please report it on the issue tracker.
Legacy
The Python version of Compose is available under the v1 branch.