From 392aeaf66bd4a9ad35df6aba56054b63cf0bb75f Mon Sep 17 00:00:00 2001
From: Erich Blume <blume.erich@gmail.com>
Date: Sat, 14 Mar 2026 09:21:59 -0700
Subject: [PATCH] Bump zot registry to v2.1.15

Upgrade from v2.1.13 to v2.1.15 for two security fixes:
- CVE-2025-30204 (golang-jwt excessive memory allocation)
- Open redirect via callback_ui

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
---
 docs/changelog.d/bump-zot-v2.1.15.infra.md | 1 +
 docs/reference/services/zot.md             | 2 +-
 service-versions.yaml                      | 4 ++--
 3 files changed, 4 insertions(+), 3 deletions(-)
 create mode 100644 docs/changelog.d/bump-zot-v2.1.15.infra.md

diff --git a/docs/changelog.d/bump-zot-v2.1.15.infra.md b/docs/changelog.d/bump-zot-v2.1.15.infra.md
new file mode 100644
index 0000000..f20e2d5
--- /dev/null
+++ b/docs/changelog.d/bump-zot-v2.1.15.infra.md
@@ -0,0 +1 @@
+Upgrade zot container registry from v2.1.13 to v2.1.15 (CVE-2025-30204, open redirect fix)
diff --git a/docs/reference/services/zot.md b/docs/reference/services/zot.md
index c113695..c309557 100644
--- a/docs/reference/services/zot.md
+++ b/docs/reference/services/zot.md
@@ -1,6 +1,6 @@
 ---
 title: Zot
-modified: 2026-02-21
+modified: 2026-03-14
 tags:
   - service
   - registry
diff --git a/service-versions.yaml b/service-versions.yaml
index f060499..7d03295 100644
--- a/service-versions.yaml
+++ b/service-versions.yaml
@@ -269,8 +269,8 @@ services:
 
   - name: zot
     type: ansible
-    last-reviewed: null
-    current-version: null
+    last-reviewed: 2026-03-14
+    current-version: "v2.1.15"
     upstream-source: https://github.com/project-zot/zot/releases
     notes: Built from source on indri