En

Docker官网安全更新(2017-05-04)

来源:Docker官网 发布日期:2017-05-04 阅读次数:243 评论:0

基本信息

发布日期:2017-05-04(官方当地时间)

更新类型:安全更新

更新版本:17.05.0-ce

感知时间:2019-12-05 19:41:37

风险等级:未知

情报贡献:TSRC

更新标题

Docker官网安全更新,17.05.0-ce版本发布

更新详情



Builder


Add multi-stage build support #31257 #32063
Allow using build-time args (ARG) in FROM #31352
Add an option for specifying build target #32496
Accept -f - to read Dockerfile from stdin, but use local context for building #31236
The values of default build time arguments (e.g HTTP_PROXY) are no longer displayed in docker image history unless a corresponding ARG instruction is written in the Dockerfile. #31584
Fix setting command if a custom shell is used in a parent image #32236
Fix docker build --label when the label includes single quotes and a space #31750


Client


Add --mount flag to docker run and docker create #32251
Add --type=secret to docker inspect #32124
Add --format option to docker secret ls #31552
Add --filter option to docker secret ls #30810
Add --filter scope=<swarm|local> to docker network ls #31529
Add --cpus support to docker update #31148
Add label filter to docker system prune and other prune commands #30740
docker stack rm now accepts multiple stacks as input #32110
Improve docker version --format option when the client has downgraded the API version #31022
Prompt when using an encrypted client certificate to connect to a docker daemon #31364
Display created tags on successful docker build #32077
Cleanup compose convert error messages #32087


Contrib


Add support for building docker debs for Ubuntu 17.04 Zesty on amd64 #32435


Daemon


Fix --api-cors-header being ignored if --api-enable-cors is not set #32174
Cleanup docker tmp dir on start #31741
Deprecate --graph flag in favor or --data-root #28696


Logging


Add support for logging driver plugins #28403
Add support for showing logs of individual tasks to docker service logs, and add /task/{id}/logs REST endpoint #32015
Add --log-opt env-regex option to match environment variables using a regular expression #27565


Networking


Allow user to replace, and customize the ingress network #31714
Fix UDP traffic in containers not working after the container is restarted #32505
Fix files being written to /var/lib/docker if a different data-root is set #32505


Runtime


Ensure health probe is stopped when a container exits #32274


Swarm Mode


Add update/rollback order for services (--update-order / --rollback-order) #30261
Add support for synchronous service create and service update #31144
Add support for “grace periods” on healthchecks through the HEALTHCHECK --start-period and --health-start-period flag to
docker service create, docker service update, docker create, and docker run to support containers with an initial startup
time #28938
docker service create now omits fields that are not specified by the user, when possible. This will allow defaults to be applied inside the manager #32284
docker service inspect now shows default values for fields that are not specified by the user #32284
Move docker service logs out of experimental #32462
Add support for Credential Spec and SELinux to services to the API #32339
Add --entrypoint flag to docker service create and docker service update #29228
Add --network-add and --network-rm to docker service update #32062
Add --credential-spec flag to docker service create and docker service update #32339
Add --filter mode=<global|replicated> to docker service ls #31538
Resolve network IDs on the client side, instead of in the daemon when creating services #32062
Add --format option to docker node ls #30424
Add --prune option to docker stack deploy to remove services that are no longer defined in the docker-compose file #31302
Add PORTS column for docker service ls when using ingress mode #30813
Fix unnescessary re-deploying of tasks when environment-variables are used #32364
Fix docker stack deploy not supporting endpoint_mode when deploying from a docker compose file #32333
Proceed with startup if cluster component cannot be created to allow recovering from a broken swarm setup #31631


Security


Allow setting SELinux type or MCS labels when using --ipc=container: or --ipc=host #30652


Deprecation


Deprecate --api-enable-cors daemon flag. This flag was marked deprecated in Docker 1.6.0 but not listed in deprecated features #32352
Remove Ubuntu 12.04 (Precise Pangolin) as supported platform. Ubuntu 12.04 is EOL, and no longer receives updates #32520


软件描述

Docker 是一个开源的应用容器引擎,让开发者可以打包他们的应用以及依赖包到一个可移植的镜像中,然后发布到任何流行的 Linux或Windows 机器上,也可以实现虚拟化。容器是完全使用沙箱机制,相互之间不会有任何接口。 [1]

CVE编号

TSRC分析

暂无

业界资讯

暂无

评论

提交评论 您输入的评论有误,请重新输入