https://hub.docker.com/r/moby/buildkit
Notable changes:
This release contains two security fixes.
- Provide mitigation for Git vulnerability CVE-2022-39253. In systems with Git version lower than 2.38.1 invoking a build of a maliciously crafted Git repository with
BUILDKIT_CONTEXT_KEEP_GIT_DIR=1build-arg could lead to copying arbitrary file system paths into resulting containers/images. - Add additional validation when loading content for
image@digestreferences from the local build cache. The new validation makes sure that the same repository name populated the local data and invalid name and digest combinations are detected.