En

Docker官网安全更新(2017-12-07)

来源:Docker官网 发布日期:2017-12-07 阅读次数:245 评论:0

基本信息

发布日期:2017-12-07(官方当地时间)

更新类型:安全更新

更新版本:17.09.1-ce

感知时间:2019-12-05 19:41:37

风险等级:未知

情报贡献:TSRC

更新标题

Docker官网安全更新,17.09.1-ce版本发布

更新详情



Builder


Fix config leakage on shared parent stage moby/moby#33753
Warn on empty continuation lines only, not on comment-only lines moby/moby#35004


Client


Set API version on Client even when Ping fails docker/cli#546


Networking


Overlay fix for transient IP reuse docker/libnetwork#2016
Fix reapTime logic in NetworkDB and handle DNS cleanup for attachable container docker/libnetwork#2017
Disable hostname lookup on chain exists check docker/libnetwork#2019
Fix lint issues docker/libnetwork#2020
Restore error type in FindNetwork moby/moby#35634


Runtime


Protect health monitor Go channel moby/moby#35482
Fix leaking container/exec state moby/moby#35484
Add /proc/scsi to masked paths (patch to work around CVE-2017-16539) moby/moby/#35399
Vendor tar-split: fix to prevent memory exhaustion issue that could crash Docker daemon moby/moby/#35424 Fixes CVE-2017-14992
Fix P/Z HubPullSuite tests moby/moby#34837
Windows: Add support for version filtering on pull moby/moby#35090
Windows: Stop filtering Windows manifest lists by version moby/moby#35117
Use rslave instead of rprivate in chroot archive moby/moby/#35217
Remove container rootfs mountPath after unmount moby/moby#34573
Fix honoring tmpfs size of user /dev/shm mount moby/moby#35316
Don’t abort when setting may_detach_mounts (log the error instead) moby/moby#35172
Fix version comparison when negotiating the API version moby/moby#35008


Swarm mode


Increase gRPC request timeout when sending snapshots docker/swarmkit#2404
Fix node filtering when there is no log driver docker/swarmkit#2442
Add an error on attempt to change cluster name docker/swarmkit/#2454
Delete node attachments when node is removed docker/swarmkit/#2456
Provide custom gRPC dialer to override default proxy dialer docker/swarmkit/#2457
Avoids recursive readlock on swarm info moby/moby#35388


软件描述

Docker 是一个开源的应用容器引擎,让开发者可以打包他们的应用以及依赖包到一个可移植的镜像中,然后发布到任何流行的 Linux或Windows 机器上,也可以实现虚拟化。容器是完全使用沙箱机制,相互之间不会有任何接口。 [1]

TSRC分析

暂无

业界资讯

暂无

评论

提交评论 您输入的评论有误,请重新输入