File _patchinfo of Package patchinfo.38234

<patchinfo incident="38234">
  <issue tracker="cve" id="2025-0495"/>
  <issue tracker="bnc" id="1239765">VUL-0: CVE-2025-0495: TRACKERBUG: buildx: credential leakage to telemetry endpoints when credentials allowed to be set as attribute values in cache-to/cache-from configuration</issue>
  <issue tracker="bnc" id="1244035">docker 27.5.1_ce-slfo.1.1_1.1 -> 27.5.1_ce-slfo.1.1_2.1 fails to start existing containers</issue>
  <issue tracker="jsc" id="PED-8905"/>
  <issue tracker="jsc" id="PED-12534"/>
  <issue tracker="bnc" id="1241830" />
  <issue tracker="cve" id="2025-22872" />
  <issue tracker="bnc" id="1240150" />
  <issue tracker="bnc" id="1243833" />
  <issue tracker="bnc" id="1242114" />
  <packager>cyphar</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for docker</summary>
  <description>This update for docker fixes the following issues:

Update to Docker 28.2.2-ce (bsc#1243833, bsc#1242114):

- CVE-2025-0495: Fixed credential leakage to telemetry endpoints when credentials 
  allowed to be set as attribute values in cache-to/cache-from configuration.(bsc#1239765)
- CVE-2025-22872: golang.org/x/net/html: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction (bsc#1241830).

Other fixes:    
 
- Update to docker-buildx v0.22.0.
- Always clear SUSEConnect suse_* secrets when starting containers (bsc#1244035).
- Disable transparent SUSEConnect support for SLE-16. (jsc#PED-12534)
- Now that the only blocker for docker-buildx support was removed for SLE-16,
  enable docker-buildx for SLE-16 as well. (jsc#PED-8905)
- SUSEConnect secrets fails in SLES rootless docker containers (bsc#1240150).
</description>
<message>Updating docker will restart the docker service, which may stop some of your docker containers. Do you want to proceed with the update?</message>
</patchinfo>