Update docker Docker tag to v25.0.5

This MR contains the following updates:

Package	Update	Change
docker	patch	25.0.3 -> 25.0.5

MR created with the help of gitlab-org/frontend/renovate-gitlab-bot

---

Release Notes

moby/moby

v25.0.5

Compare Source

25.0.5

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 25.0.5 milestone
• moby/moby, 25.0.5 milestone
• Deprecated and removed features, see Deprecated Features.
• Changes to the Engine API, see API version history.

Security

This release contains a security fix for CVE-2024-29018, a potential data exfiltration from 'internal' networks via authoritative DNS servers.

Bug fixes and enhancements

• CVE-2024-29018: Do not forward requests to external DNS servers for a container that is only connected to an 'internal' network. Previously, requests were forwarded if the host's DNS server was running on a loopback address, like systemd's 127.0.0.53. moby/moby#​47589
• plugin: fix mounting /etc/hosts when running in UserNS. moby/moby#​47588
• rootless: fix open /etc/docker/plugins: permission denied. moby/moby#​47587
• Fix multiple parallel docker build runs leaking disk space. moby/moby#​47527

v25.0.4

Compare Source

25.0.4

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 25.0.4 milestone
• moby/moby, 25.0.4 milestone
• Deprecated and removed features, see Deprecated Features.
• Changes to the Engine API, see API version history.

Bug fixes and enhancements

• Restore DNS names for containers in the default "nat" network on Windows. moby/moby#​47490
• Fix docker start failing when used with --checkpoint moby/moby#​47466
• Don't enforce new validation rules for existing swarm networks moby/moby#​47482
• Restore IP connectivity between the host and containers on an internal bridge network. moby/moby#​47481
• Fix a regression introduced in v25.0 that prevented the classic builder from ADDing a tar archive with xattrs created on a non-Linux OS moby/moby#​47483
• containerd image store: Fix image pull not emitting Pulling fs layer status moby/moby#​47484

API

• To preserve backwards compatibility, make read-only mounts not recursive by default when using older clients (API version < v1.44). moby/moby#​47393
• GET /images/{id}/json omits the Created field (previously it was 0001-01-01T00:00:00Z) if the Created field is missing from the image config. moby/moby#​47451
• Populate a missing Created field in GET /images/{id}/json with 0001-01-01T00:00:00Z for API version <= 1.43. moby/moby#​47387
• Fix a regression that caused API socket connection failures to report an API version negotiation failure instead. moby/moby#​47470
• Preserve supplied endpoint configuration in a container-create API request, when a container-wide MAC address is specified, but NetworkMode name-or-id is not the same as the name-or-id used in NetworkSettings.Networks. moby/moby#​47510

Packaging updates

• Upgrade Go runtime to 1.21.8. moby/moby#​47503
• Upgrade RootlessKit to v2.0.2. moby/moby#​47508
• Upgrade Compose to v2.24.7. https://github.com/docker/docker-ce-packaging/pull/998
• Upgrade Buildx to v0.13.0. https://github.com/docker/docker-ce-packaging/pull/997

Full Changelog: https://github.com/moby/moby/compare/v25.0.3...v25.0.4

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever MR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this MR and you won't be reminded about this update again.

---

• If you want to rebase/retry this MR, check this box

---

This MR has been generated by Renovate Bot.