Update docker.io/gotenberg/gotenberg Docker tag to v8.33.0
No problems upgrading the Docker container with a Docker compose yaml file within Portainer and by means of Portainer DevOps resp. GitOps with dependency update facilitated by Mend's Renovate Bot.
This MR contains the following updates:
| Package | Update | Change |
|---|---|---|
| docker.io/gotenberg/gotenberg | minor | 8.32.0 → 8.33.0 |
Release Notes
gotenberg/gotenberg (docker.io/gotenberg/gotenberg)
v8.33.0: 8.33.0
Security Fixes ⚠️
- Block IPv6 prefixes that tunnel to internal IPv4 in
IsPublicIP.::ffff:10.0.0.1,2002:c0a8::(6to4), and2001::/32(Teredo) embed an internal IPv4 destination inside an IPv6 address.IsPublicIPevaluated only the outer IPv6 form, so--*-deny-private-ipsfilters let the embedded private IPv4 reach the dialer. The check now unwraps IPv4-mapped, IPv4-translated, 6to4, and Teredo addresses, and rejects them when the embedded IPv4 is non-public. - Strip backslash separators from supplied filenames. Linux treated a caller-supplied
Gotenberg-Output-Filenameheader orfilenameform field containing..\orfoo\baras a single segment. The handler now strips both forward-slash and backslash path separators before composing the output path.
New Features
- Device scale ratio for screenshots (#1543). A new
deviceScaleFactorform field on/forms/chromium/screenshot/{html,url,markdown}controls the screenshot pixel density. Defaults to1. Thanks @hovcharenko.
Bug Fixes
- Pinning proxy outlived a failed Chromium start. When
chromedpfailed to start (port conflict, container OOM, sandbox denial), the loopback HTTP/CONNECT pinning proxy added in 8.32.0 stayed bound to its port and leaked across restart attempts. The browser now stops the pinning proxy on every start failure. - Lifecycle listener race on
Navigate.chromedp.Navigatecould firePage.lifecycleEventbefore Gotenberg's listener subscribed, so the converter occasionally waited the full network-idle timeout on otherwise fast pages. Listeners now register before navigation. - Supervisor flapped on transient CDP latency. A single slow CDP health probe marked the supervised process unhealthy and triggered a restart, even when the next probe succeeded. Probes now require N consecutive failures before reporting unhealthy.
downloadFromconcurrent map writes. ParalleldownloadFromentries merged results into a shared map without a lock. Under enough concurrency this raced and panicked the request goroutine. Result merging is now serialized.- Pinning-proxy noise on client cancellations.
context canceledandconnection reset by peerfrom the client side of the pinning proxy logged at error level, flooding logs whenever a caller aborted mid-render. Client-cancelled dial errors now log at debug.
Chore
- Updated Chromium to version
148.0.7778.178-1. - Updated Go dependencies.
