En

Docker官网安全更新(2017-03-01)

来源:Docker官网 发布日期:2017-03-01 阅读次数:267 评论:0

基本信息

发布日期:2017-03-01(官方当地时间)

更新类型:安全更新

更新版本:17.03.0-ce

感知时间:2019-12-05 19:41:37

风险等级:未知

情报贡献:TSRC

更新标题

Docker官网安全更新,17.03.0-ce版本发布

更新详情



IMPORTANT: Starting with this release, Docker is on a monthly release cycle and uses a
new YY.MM versioning scheme to reflect this. Two channels are available: monthly and quarterly.
Any given monthly release will only receive security and bugfixes until the next monthly
release is available. Quarterly releases receive security and bugfixes for 4 months after
initial release. This release includes bugfixes for 1.13.1 but
there are no major feature additions and the API version stays the same.
Upgrading from Docker 1.13.1 to 17.03.0 is expected to be simple and low-risk.

Client


Fix panic in docker stats --format #30776


Contrib


Update various bash and zsh completion scripts #30823, #30945 and more...
Block obsolete socket families in default seccomp profile - mitigates unpatched kernels’ CVE-2017-6074 #29076


Networking


Fix bug on overlay encryption keys rotation in cross-datacenter swarm #30727
Fix side effect panic in overlay encryption and network control plane communication failure (“No installed keys could decrypt the message”) on frequent swarm leader re-election #25608
Several fixes around system responsiveness and datapath programming when using overlay network with external kv-store docker/libnetwork#1639, docker/libnetwork#1632 and more...
Discard incoming plain vxlan packets for encrypted overlay network #31170
Release the network attachment on allocation failure #31073
Fix port allocation when multiple published ports map to the same target port docker/swarmkit#1835


Runtime


Fix a deadlock in docker logs #30223
Fix CPU spin waiting for log write events #31070
Fix a possible crash when using journald #31231 #31263
Fix a panic on close of nil channel #31274
Fix duplicate mount point for --volumes-from in docker run #29563
Fix --cache-from does not cache last step #31189


Swarm Mode


Shutdown leaks an error when the container was never started #31279
Fix possibility of tasks getting stuck in the “NEW” state during a leader failover docker/swarmkit#1938
Fix extraneous task creations for global services that led to confusing replica counts in docker service ls docker/swarmkit#1957
Fix problem that made rolling updates slow when task-history-limit was set to 1 docker/swarmkit#1948
Restart tasks elsewhere, if appropriate, when they are shut down as a result of nodes no longer satisfying constraints docker/swarmkit#1958
(experimental)


Edge releases

软件描述

Docker 是一个开源的应用容器引擎,让开发者可以打包他们的应用以及依赖包到一个可移植的镜像中,然后发布到任何流行的 Linux或Windows 机器上,也可以实现虚拟化。容器是完全使用沙箱机制,相互之间不会有任何接口。 [1]

CVE编号

TSRC分析

暂无

业界资讯

暂无

评论

提交评论 您输入的评论有误,请重新输入