<div class="container">
<h1>Security update for docker-compose</h1>
<table class="table table-striped table-bordered">
<tbody>
<tr>
<th>Announcement ID:</th>
<td>SUSE-SU-2025:20385-1</td>
</tr>
<tr>
<th>Release Date:</th>
<td>2025-06-10T11:32:07Z</td>
</tr>
<tr>
<th>Rating:</th>
<td>moderate</td>
</tr>
<tr>
<th>References:</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1217070">bsc#1217070</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>
Cross-References:
</th>
<td>
<ul>
<li style="display: inline;">
<a href="https://www.suse.com/security/cve/CVE-2023-47108.html">CVE-2023-47108</a>
</li>
</ul>
</td>
</tr>
<tr>
<th>CVSS scores:</th>
<td>
<ul class="list-group">
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-47108</span>
<span class="cvss-source">
(
SUSE
):
</span>
<span class="cvss-score">7.5</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</span>
</li>
<li class="list-group-item">
<span class="cvss-reference">CVE-2023-47108</span>
<span class="cvss-source">
(
NVD
):
</span>
<span class="cvss-score">7.5</span>
<span class="cvss-vector">CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H</span>
</li>
</ul>
</td>
</tr>
<tr>
<th>Affected Products:</th>
<td>
<ul class="list-group">
<li class="list-group-item">SUSE Linux Micro 6.0</li>
</ul>
</td>
</tr>
</tbody>
</table>
<p>An update that solves one vulnerability can now be installed.</p>
<h2>Description:</h2>
<p>This update for docker-compose fixes the following issues:</p>
<p>Update to version 2.33.1:</p>
<ul>
<li>
<p>Improvements</p>
<ul>
<li>Add support for gw_priority, enable_ipv4 (requires docker
v28.0) by @thaJeztah in #12570</li>
</ul>
</li>
<li>
<p>Fixes</p>
<ul>
<li>Run watch standalone if menu fails to start by @ndeloof in
#12536</li>
<li>Report error using non-file secret|config with read-only
service by @ndeloof in #12531</li>
<li>Don't display bake suggestion when using --progress with
quiet or json option by @glours in #12561</li>
<li>Fix pull --parallel and --no-parallel deprecation warnings
missing by @maxproske in #12555</li>
<li>Fix error message when detach is implied by wait by @ndeloof
in #12566</li>
</ul>
</li>
<li>
<p>Dependencies</p>
<ul>
<li>build(deps): bump github.com/spf13/cobra from 1.8.1 to 1.9.1
by @dependabot in #12556</li>
<li>build(deps): bump google.golang.org/grpc from 1.68.1 to
1.70.0 by @dependabot in #12494</li>
<li>go.mod: update to docker v28.0.0 by @thaJeztah in #12545</li>
</ul>
</li>
</ul>
<p>Update to version 2.33.0:</p>
<ul>
<li>
<p>Important</p>
<ul>
<li>This release introduce support for Bake to manage builds as
an alternative to the internal buildkit client. This new
feature can be enabled by setting COMPOSE_BAKE=1 variable.
Bake will become the default builder in a future release.</li>
</ul>
</li>
<li>
<p>Improvements</p>
<ul>
<li>let user know bake is now supported by @ndeloof in #12524</li>
<li>support additional_context reference to another service by
@ndeloof in #12485</li>
<li>add support for BUILDKIT_PROGRESS by @ndeloof in #12458</li>
<li>add --with-env flag to publish command by @glours in #12482</li>
<li>Update ls --quiet help description by @maxproske in #12541</li>
<li>Publish warn display env vars by @glours in #12486</li>
</ul>
</li>
<li>
<p>Fixes</p>
<ul>
<li>Fix bake support by @ndeloof in #12507</li>
<li>Update link in stats --help output by @maxproske in #12523</li>
<li>Properly handle "builtin" seccomp profile by @r-bk in #12478</li>
<li>manage watch applied to mulitple services by @ndeloof in
#12469</li>
</ul>
</li>
<li>
<p>Internal</p>
<ul>
<li>use main branch for docs upstream validation workflow by
@crazy-max in #12487</li>
<li>fix provenance for binaries and generate sbom by @crazy-max
in #12479</li>
<li>add codeowners file by @glours in #12480</li>
<li>remove exit code per error type used by legacy metrics system
by @ndeloof in #12502</li>
<li>Dockerfile: update golangci-lint to v1.63.4 by @thaJeztah in
#12546</li>
<li>Full test coverage for compatibility cmd by @maxproske in
#12528</li>
<li>don't send raw os.Args to opentelemetry but a pseudo command
line by @ndeloof in #12530</li>
<li>add docker engine v28.x to the test-matrix by @thaJeztah in
#12539</li>
<li>enable copyloopvar linter by @thaJeztah in #12542</li>
<li>go.mod: remove toolchain directive by @thaJeztah in #12551</li>
</ul>
</li>
<li>
<p>Dependencies</p>
<ul>
<li>bump buildx v0.20.1 by @ndeloof in #12488</li>
<li>bump docker to v27.5.1 by @ndeloof in #12491</li>
<li>bump compose-go v2.4.8 by @ndeloof in #12543</li>
<li>bump golang.org/x/sys from 0.28.0 to 0.30.0 by @dependabot in
#12529</li>
<li>bump github.com/moby/term v0.5.2 by @thaJeztah in #12540</li>
<li>bump github.com/otiai10/copy from 1.14.0 to 1.14.1 by
@dependabot in #12493</li>
<li>bump github.com/jonboulle/clockwork from 0.4.0 to 0.5.0 by
@dependabot in #12430</li>
<li>bump github.com/spf13/pflag from 1.0.5 to 1.0.6 by
@dependabot in #12548</li>
<li>bump golang.org/x/sync from 0.10.0 to 0.11.0 by @dependabot
in #12547</li>
<li>bump gotest.tools/v3 from 3.5.1 to 3.5.2 by @dependabot in
#12549</li>
</ul>
</li>
</ul>
<p>Update to version 2.32.4:</p>
<ul>
<li>add missing tag for build during merge workflow</li>
<li>ci: re-use local source to build binary images</li>
<li>ci: use local source for binary builds</li>
</ul>
<p>Update to version 2.32.3:</p>
<ul>
<li>ci: update bake-action to v6</li>
<li>simplification</li>
<li>image can be set to a local ID, that isn't a valid docker ref</li>
<li>can't render progress concurrently with buildkit</li>
<li>exclude one-off container running convergence</li>
<li>Only override service mac if set on the main network.</li>
</ul>
<p>Update to version 2.32.2:</p>
<ul>
<li>remove engine v25 from e2e test matrix The 1st version
available for Ubuntu 24.x is Docker Engine v26</li>
<li>fix relative path in compose file</li>
<li>bump compose-go to v2.4.7</li>
<li>replace tibdex/github-app-token by official GitHub
create-github-app-token</li>
<li>bump golang.org/x/net to v0.33.0 to fix potential security
issue https://github.com/golang/go/issues/70906</li>
<li>checkExpectedVolumes must ignore anonymous volumes</li>
<li>When retrying to resolveOrCreateNetwork, retry with a valid
network name</li>
<li>only check bind mount conflict if sync action is involved</li>
<li>use the 3 latest major versions of the engine to run e2e step</li>
<li>bump Golang version to v1.22.10 and update CI actions</li>
<li>add --pull to run command</li>
<li>CI to validate fmt</li>
<li><code>make fmt</code> so any contributor can enforce formatting</li>
<li>format code with gofumpt</li>
</ul>
<p>Update to version 2.32.1:</p>
<ul>
<li>e2e test to prevent future regression</li>
<li>only check volume mounts for updated config</li>
</ul>
<p>Update to version 2.32.0:</p>
<ul>
<li>e2e test for recreate volume</li>
<li>build(deps): bump google.golang.org/grpc from 1.68.0 to 1.68.1</li>
<li>build(deps): bump golang.org/x/crypto from 0.27.0 to 0.31.0</li>
<li>build(deps): bump golang.org/x/sys from 0.27.0 to 0.28.0</li>
<li>prompt user to confirm volume recreation</li>
<li>Recreate container on volume configuration change</li>
<li>introduce watch restart action</li>
<li>bump otel dependencies to v1.28.0 and v0.53.0 to align with
buildx, buildkit and engine versions</li>
<li>bump docker/buildx to latest release</li>
<li>fix support for service.mac_address</li>
<li>update xx to v1.6.1 for compatibility with alpine 3.21 and file
5.46+</li>
<li>build(deps): bump golang.org/x/sync from 0.9.0 to 0.10.0</li>
<li>Update pkg/e2e/watch_test.go</li>
<li>first watch action for a file event wins</li>
<li>fix</li>
<li>revisit TestDebounceBatching</li>
<li>introduce sync+exec watch action</li>
<li>log configuration error as a watch log event</li>
<li>do not require a build section but for <code>rebuild</code> action</li>
<li>pull --quiet should not drop status message, only progress</li>
<li>use latest engine tags</li>
<li>Bump buildx to 0.19.1</li>
<li>be sure everything has been cleanup at the end of each tests</li>
<li>add local config.json to test configuration dir if exists</li>
<li>disable failing TestBuildSSH test</li>
<li>fix build with bake</li>
</ul>
<p>Update to version 2.31.0:</p>
<ul>
<li>bump containerd to v1.7,24</li>
<li>bump google.golang.org/grpc to v1.68.0</li>
<li>build(deps): bump github.com/moby/buildkit from 0.17.1 to
0.17.2</li>
<li>build(deps): bump github.com/compose-spec/compose-go/v2</li>
<li>only stop dependent containers ... if there's some</li>
<li>disable TestNetworkConfigChanged which is unstable on CI</li>
<li>only check attached networks on running containers</li>
<li>fix: commit tests</li>
<li>feat: add commit command</li>
<li>run build tests against bake</li>
<li>delegate build to buildx bake</li>
<li>build(deps): bump github.com/stretchr/testify from 1.9.0 to
1.10.0</li>
<li>use service.stop to stop dependent containers</li>
<li>Update wait-timeout flag usage to include the unit</li>
<li>go.mod: github.com/docker/cli v27.4.0-rc.2</li>
<li>go.mod: github.com/docker/docker v27.4.0-rc.2</li>
<li>go.mod: github.com/docker/cli 8d1bacae3e49 (v27.4.0-rc.2-dev)</li>
<li>go.mod: github.com/docker/cli v27.4.0-rc.1</li>
<li>go.mod: github.com/docker/docker v27.4.0-rc.1</li>
<li>Update pkg/compose/convergence.go</li>
<li>detect network config changes and recreate if needed</li>
<li>go.mod: github.com/docker/buildx v0.18.0</li>
<li>go.mod: github.com/moby/buildkit v0.17.1</li>
<li>gha: test against docker engine v27.4.0</li>
<li>push empty descriptor layer when using OCI version 1.1 for
Compose artifact it fixes a repository creation issue when
pushing the 1st time a Compose OCI artifact on the Hub</li>
<li>remove ddev e2e tests</li>
<li>implement remove-orphans on run</li>
<li>ci: enable testifylint linter</li>
<li>Emit events for building images</li>
<li>Fix compose images that reutn a different image with the same
ID</li>
<li>remove obsolete containers first on scale down</li>
<li>pass stal bot inactivity limit from 6 to 3 months</li>
<li>fix(config): Print service names with --no-interpolate</li>
<li>build(deps): bump golang.org/x/sys from 0.26.0 to 0.27.0</li>
<li>build(deps): bump golang.org/x/sync from 0.8.0 to 0.9.0</li>
</ul>
<p>Update to version 2.30.3:</p>
<ul>
<li>bump compose-go v2.4.4</li>
<li>Avoid starting all services on rebuild</li>
</ul>
<p>Update to version 2.30.2:</p>
<ul>
<li>remove ArtifactType from Config in OCI v1.1 definition of the
artifact</li>
<li>build(deps): bump github.com/compose-spec/compose-go/v2</li>
<li>Service being declared in a profile must not trigger
re-creation</li>
<li>Add profile e2e test case to document in compose</li>
<li>Update <code>MAINTAINERS</code> file</li>
</ul>
<p>Update to version 2.30.1:</p>
<ul>
<li>bump compose-go to version v2.4.2</li>
</ul>
<p>Update to version 2.30.0:</p>
<ul>
<li>
<p>Improvements</p>
<ul>
<li>Introduce service hooks by @ndeloof (12166)</li>
<li>Introduce generate command as alpha command by @glours
(12209)</li>
<li>Add export command by @jarqvi (12120)</li>
<li>Add support for CDI device request using devices by @ndeloof
(12184)</li>
<li>Add support for bind recursive by @ndeloof (12210)</li>
<li>Allow usage of -f flag with OCI Compose artifacts by @glours
(12220)</li>
</ul>
</li>
<li>
<p>Fixes</p>
<ul>
<li>Append unix-style relative path when computing container
target path by @ndeloof (12145)</li>
<li>Wait for dependent service up to delay set by --wait-timeout
by @ndeloof (12156)</li>
<li>Check secret source exists, as bind mount would create target
by @ndeloof (12151)</li>
<li>After container restart register printer consumer by @jhrotko
(12158)</li>
<li>Fix(down): Fix down command if specified services are not
running by @idsulik (12164)</li>
<li>Show watch error message and open DD only when w is pressed
by @jhrotko (12165)</li>
<li>Fix(push): Fix unexpected EOF on alpha publish by @idsulik
(12169)</li>
<li>Fix(convergence): Serialize access to observed state by
@anantadwi13 (12150)</li>
<li>Remove feature flag integration with Docker Desktop for
ComposeUI and ComposeNav by @jhrotko (12192)</li>
<li>Support Dockerfile-specific ignore-file with watch by
@ndeloof (12193)</li>
<li>Add support for raw env_file format by @ndeloof (12179)</li>
<li>Convert GPUs to DeviceRequests with implicit "gpu" capability
by @ndeloof (12197)</li>
<li>Improve error message to include expected network label by
@divinity76 (12213)</li>
<li>Don't use progress to render restart, which hides logs by
@ndeloof (12226)</li>
<li>One-off containers are not indexed, and must be ignored by
exec --index command by @ndeloof (12224)</li>
<li>Don't warn about uid/gid not being supported while ... they
are by @ndeloof (12232)</li>
<li>Connect to external networks by name by @ndeloof (12234)</li>
<li>Fix push error message typo by @chris-crone (12237)</li>
<li>Fix(dockerignore): Add wildcard support to dockerignore.go by
@idsulik (12239)</li>
</ul>
</li>
<li>
<p>Internal</p>
<ul>
<li>Remove bind options when creating a volume type by @jhrotko
(12177)</li>
<li>pass device.options to engine by @ndeloof (12183)</li>
<li>Add security policy by @thaJeztah (12194)</li>
<li>Gha: set default permissions to "contents: read" by
@thaJeztah (12195)</li>
<li>Desktop: allow this client to be identified via user-agent by
@djs55 (12212)</li>
<li>Compose-go clean volume target to avoid ambiguous comparisons
by @ndeloof (12208)</li>
</ul>
</li>
<li>
<p>Dependencies</p>
<ul>
<li>Bump docker v27.3.1 by @ndeloof (12178)</li>
<li>Build(deps): bump golang.org/x/sys from 0.25.0 to 0.26.0 by
@dependabot (12189)</li>
<li>Bump compose-go to v2.3.0 by @glours (12198)</li>
<li>Bump compose-go to v2.4.0 by @glours (12231)</li>
<li>Bump compose-go to v2.4.1 by @glours (12243)</li>
<li>Build(deps): bump github.com/containerd/containerd from
1.7.22 to 1.7.23 by @dependabot (12211)</li>
<li>Bump golang minimal version to 1.22 in go.mod by @glours
(12246)</li>
<li>Bump go.uber.org/mock to v0.5.0 and google.golang.org/grpc to
v1.67.1 by @glours (12245)</li>
</ul>
</li>
</ul>
<p>Update to version 2.29.7:</p>
<ul>
<li>revert commits link to mount API over bind changes</li>
</ul>
<p>Update to version 2.29.6:</p>
<ul>
<li>don't set propagation if target engine isn't linux</li>
<li>build(deps): bump github.com/docker/docker v27.3.0-rc.2</li>
<li>build(deps): bump github.com/docker/cli v27.3.0-rc.2</li>
</ul>
<p>Update to version 2.29.5:</p>
<ul>
<li>set propagation default</li>
<li>Remove custom codeql workflow</li>
</ul>
<p>Update to version 2.29.4:</p>
<ul>
<li>fix import</li>
<li>chore(watch): Add debug log when skipping service without build
context</li>
<li>stop dependent containers before recreating diverged service</li>
<li>Fixed possible <code>nil</code> pointer dereference</li>
<li>bump github.com/docker/buildx v0.17.1</li>
<li>build(deps): bump docker, docker/cli to v27.3.0-rc.1</li>
<li>gha: test against docker engine v27.3.0</li>
</ul>
<p>Update to version 2.29.3:</p>
<ul>
<li>show sync files only in debug level</li>
<li>chore(watch): Add changed files path/count to log</li>
<li>build(deps): bump golang.org/x/sync from 0.7.0 to 0.8.0</li>
<li>bump compose-go to version v2.2.0</li>
<li>Restore compose v1 behavior to recreate containers when ran
with -V</li>
<li>fix linting issues with golangci-lint 1.60.2</li>
<li>bump golang to version 1.22.7</li>
<li>bump dependencies versions, engine and cli v27.2.1 containerd
v1.7.22 buildx v0.17.0 buildkit v0.16.0</li>
<li>build(deps): bump golang.org/x/sys from 0.22.0 to 0.25.0</li>
<li>Fix typos</li>
<li>Use logrus instead of direct output to stderr.</li>
<li>attach: close streams when done</li>
<li>Fix typo in pull.go</li>
<li>Allow combination of bind mounts and 'rebuild' watches</li>
<li>service hash must exlude depends_on</li>
<li>prefer mount API over bind</li>
<li>docs: duplicate documentation for root cmd</li>
<li>docs(wait): Fix wait command description</li>
<li>allow to add empty line in the logs when nav menu activated</li>
<li>upgrade docker versions</li>
</ul>
<p>Update to version 2.29.2:</p>
<ul>
<li>initial sync files that modified after image creation</li>
<li>initial sync for root directory</li>
<li>Removes redundant condition from toAPIBuildOptions in build.go</li>
<li>docs: Update docker compose kill usage</li>
<li>Fix stop on file chane for sync-restart action</li>
<li>bump engine and cli to v27.1.1, buildx to v0.16.1</li>
<li>remove all dependabot update PRs for OTel dependencies</li>
<li>gp.mod: github.com/gofrs/flock v0.12.1</li>
<li>go.mod: golang.org/x/sys v0.22.0</li>
<li>update to go1.21.12</li>
</ul>
<p>Update to version 2.29.1:</p>
<ul>
<li>Enhance JSON progress events with more fields.</li>
<li>bump compose-go v2.1.5</li>
<li>bump github.com/docker/cli v27.1.0</li>
<li>bump github.com/docker/docker v27.1.0</li>
<li>bump github.com/containerd/containerd v1.7.20</li>
<li>gha: add docker 27.1.0</li>
<li>fix(containers): fix sorting logic by adding secondary sorting
for one-off containers</li>
</ul>
<p>Update to version 2.29.0:</p>
<ul>
<li>update docs generation to avoid man pages generation</li>
<li>bump compose-go to v2.1.4, buildx to v0.16.0, containerd to
v1.7.19 and buildx to v0.15.0</li>
<li>restore setEnvWithDotEnv</li>
<li>empty env variable with no value must be unset in container</li>
<li>exclude unnecessary resources after services have been selected</li>
<li>change time for stale bot</li>
<li>Remove debug mode and run twice a week</li>
<li>Add stale workflow</li>
<li>update docs</li>
<li>feat(watch): Add --prune option to docker-compose watch command</li>
<li>Remove COMPOSE_MENU env from e2e tests</li>
<li>Use rawjson for the build backend.</li>
<li>Set logging format to JSON.</li>
<li>Format errors as JSON when in JSON progress mode.</li>
<li>Pass 'plain' instead of 'json' to build backend</li>
<li>Add JSON stream progress writer</li>
<li>go.mod: docker/cli, docker/docker v27.0.3</li>
<li>gha: test against docker v27.0.3</li>
<li>go.mod: docker/cli, docker/docker v27.0.2</li>
</ul>
<p>Update to version 2.28.1:</p>
<ul>
<li>Remove <code>console.Terminal</code> check and use <code>IsTerminal</code> from
<code>streams.Out</code></li>
</ul>
<p>Update to version 2.28.0:</p>
<ul>
<li>go.mod: github.com/compose-spec/compose-go v2.1.3</li>
<li>go.mod: docker/docker and docker/cli v27.0.1-rc.1</li>
</ul>
<p>Update to version 2.27.3:</p>
<ul>
<li>build(deps): bump github.com/spf13/cobra from 1.8.0 to 1.8.1</li>
<li>build(deps): bump github.com/docker/buildx from 0.15.0 to
0.15.1</li>
</ul>
<p>Update to version 2.27.2:</p>
<ul>
<li>using as flag of the up command, watch was blocking process
shutdown This happened when sunsetting the application from
docker compose down command</li>
<li>Add open watch docs in up menu</li>
<li>bump buildkit to v0.14.0 and buildx to v0.15.0</li>
<li>stop watch process when associated up process is stopped</li>
<li>build(deps): bump github.com/docker/docker</li>
<li>build(deps): bump github.com/containerd/containerd from 1.7.17
to 1.7.18</li>
<li>build(deps): bump golang.org/x/sys from 0.20.0 to 0.21.0</li>
<li>build(deps): bump github.com/hashicorp/go-version from 1.6.0 to
1.7.0</li>
<li>build: replace uses of archive.CanonicalTarNameForPath</li>
<li>update gh actions versions, update engine matrix, bump golang
to 1.21.11</li>
<li>enforce keyboard.Close is always executed to restore terminal</li>
<li>config --environment</li>
<li>Readd event</li>
<li>remove unreachable code</li>
<li>Fix dot env file to define COMPOSE_* variables</li>
<li>return an error when --detach and --watch are used together in
up command</li>
<li>Correct 'cancellation' typo in comment</li>
<li>Fix: change append to use slice index in ps.go</li>
<li>COMPOSE_PROFILES can be set by .env file</li>
<li>prevent concurrent map write relying on project immutability</li>
</ul>
<p>Update to version 2.27.1:
* build(deps): bump github.com/containerd/containerd from 1.7.16
to 1.7.17
* build(deps): bump github.com/docker/buildx from 0.14.0 to
0.14.1
* drop COMPOSE_EXPERIMENTAL_OTEL as docker/cli has opentelemetry
in
* add gui/composeview as part of available commands
* fix opentelemetry
* bump compose-go to version v2.1.1
* Set endpoint-specific DriverOpts
* Bump compose-go version to latest main
* Backport OpenBSD patches
* add new navigation menu to open Compose app configuration in
Docker Desktop
* build(deps): bump github.com/fsnotify/fsevents from 0.1.1 to
0.2.0
* build(deps): bump golang.org/x/sys from 0.19.0 to 0.20.0
* fix --resolve-image-digests
* allow a local .env file to override compose.yaml sibling .env
* Bump docker engine and cli to version 26.1.3
* Bump docker to v26.1.2
* Add documentation for --menu up option and COMPOSE_MENU
environemnt variable
* chore(deps): bump docker to v26.1.1 (#11794)</p>
<p>Update to version 2.27.0:
* fix: overlapping logs and menu navigation (#11765)
* build(deps): bump github.com/moby/buildkit
* chore(e2e): fix flaky cascade failure test
* use v2.26.1 tag for moby and Docker cli
* chore(deps): update to Moby v26.1 & buildx v0.14
* bump compose-go version to v2.1.0
* fix support for --context=foo
* Fix #11710: Avoid to try to close channel twice after hitting
Ctrl-C on compose up (#11719)
* fix(desktop): remove overly-aggressive feature flag check
(#11748)
* chore: fix typo in comment
* bump dependencies
* fix: do not try to create file shares for non-directories
* check container_name is not in use by another service we will
create
* don't clear line when navigation is disabled
* fix: return correct exit code with <code>--exit-code-from</code> (#11715)
* progress for resource can be restarted after more Working event
comes
* Revert "Stop the resource timer after last expected event"
* Revert change to allow trying to kill again if a kill fails
* Handle errors and allow to send multiple kills if one failed
* Ignore errors when killing on second Ctrl-C
* docker compose up always kills the containers on second Ctrl-C
* read COMPOSE_REMOVE_ORPHANS from .env
* Set Required false to depends_on containers for compose -p
stop/down
* Ignore missing containers when compose stop -p
* Ignore missing containers when compose down -p
* Introduce support for build.entitlements
* Remove dead url reference.
* e2e test for --all-resources
* introduce --all-resources to <em>not</em> exclude resources not used
by services
* Introduce --abort-on-container-failure
* bump golang version to 1.21.9
* don't use ansi espace sequence when disabled</p>
<p>Update to version 2.26.1:
* Does not start keyboard manager if there is no tty
* Change menu information text to dim
* Handle --no-build and --watch args
* build(deps): bump github.com/opencontainers/image-spec
* Unwrap error message.
* Include error message in pull warning/errors</p>
<p>Update to version 2.26.0:
* chore(desktop): revised feature detection for file shares
* Add Navigation Menu to compose up
* Add support for volume Subpath option
* Bump docker v26.0.0
* introduce config --variables to list compose model variables
* Fix docs on default build image name
* Bump compose-go to v2.0.2
* add support for annotations
* Revert "Bump compose-go to v2.0.1"
* Bump compose-go to v2.0.1
* feat(desktop): synchronized file share integration (#11614)
* feat(experiments): add experimental feature state (#11633)
* reduce timeout of the Otel tracing command
* fix <code>compose config --format json</code></p>
<p>Update to version 2.25.0:
* Bump compose-go v2.0.0
* services shell completion bugfix
* fix TestBuildPlatformsWithCorrectBuildxConfig
* only use ToModel when --no-interpolate is set
* feat(desktop): add Docker Desktop detection and client skeleton
(#11593)</p>
<p>Update to version 2.24.7:
* chore(deps): upgrade go to 1.21.8 (#11578)
* ci(deps): bump moby/moby & docker/cli to v25.0.4 (#11566)
* Add test summary for test jobs in ci
* make code simpler
* avoid duplicated "xx exited with code 0" message
* introduce --watch
* move code into small functions for better readability
* restore support for <code>config --no-interpolate</code>
* remove docker cli step in ci.yml
* get log to manage <code>attach</code>
* bump compose-go to version v2.0.0-rc.8
* use an dedicated compose file --quiet-pull e2e test
* Add a fallback check of Watch pid on Windows False positives
were detected when checking the previous watch process state
* add support of QuietOption to create command
* pass QuietOption when starting dependencies from run command
* when ran with ANSI disabled, force progress=plain
* Issue-11374: Modified compose up command to respect
COMPOSE_REMOVE_ORPHANS environment variable
* ci: bump engine version to <code>25.0.3</code>
* sort containers to optimize scale down
* discard stdout for laaarge log test</p>
<p>Update to version 2.24.6:</p>
<ul>
<li>use listeners to collect include metrics</li>
<li>docs: update cli reference link</li>
<li>docs: unify no trailing dots in docstrings and help (#11301)</li>
<li>Use listener for file metadata</li>
<li>fix deadlock collecting large logs</li>
<li>chore(watch): remove old <code>docker cp</code> implementation</li>
<li>ci(deps): bump docker/cli to v25.0.3 (#11481)</li>
<li>pass All option to backend api.Service when length statuses is
not equal to zero</li>
<li>Add OTEL specs: build, depends_on, capabilities (gpu/tpu)</li>
<li>build(deps): bump github.com/opencontainers/image-spec</li>
<li>feat(tracing): add project hash attr</li>
<li>chore(load): ensure context passed to load</li>
<li>Include all networks in ContainerCreate call if API >= 1.44</li>
<li>bump compose-go to v2.0.0-rc.4</li>
<li>CI: docker engine version matrix</li>
<li>build(deps): bump github.com/docker/cli</li>
<li>Fix load .env from project directory when project file is set
by COMPOSE_FILE</li>
</ul>
<h2>Patch Instructions:</h2>
<p>
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".<br/>
Alternatively you can run the command listed for your product:
</p>
<ul class="list-group">
<li class="list-group-item">
SUSE Linux Micro 6.0
<br/>
<code>zypper in -t patch SUSE-SLE-Micro-6.0-348=1</code>
</li>
</ul>
<h2>Package List:</h2>
<ul>
<li>
SUSE Linux Micro 6.0 (aarch64 s390x x86_64)
<ul>
<li>docker-compose-2.33.1-1.1</li>
</ul>
</li>
</ul>
<h2>References:</h2>
<ul>
<li>
<a href="https://www.suse.com/security/cve/CVE-2023-47108.html">https://www.suse.com/security/cve/CVE-2023-47108.html</a>
</li>
<li>
<a href="https://bugzilla.suse.com/show_bug.cgi?id=1217070">https://bugzilla.suse.com/show_bug.cgi?id=1217070</a>
</li>
</ul>
</div>