From 2480222b4e353f940551e3f1efea847965155e9a Mon Sep 17 00:00:00 2001 From: Joao Fernandes Date: Sun, 11 Feb 2018 20:36:53 -0800 Subject: [PATCH] Release UCP 2.1.7, DTR 2.2.11, 2.3.6, 2.4.2 --- _config.yml | 8 +++---- _data/ddc_offline_files.yaml | 4 ++++ _data/ddc_offline_files_2.yaml | 6 +++++ .../dtr/2.2/guides/release-notes/index.md | 19 +++++++++++++++ datacenter/dtr/2.3/guides/release-notes.md | 18 +++++++++++++++ datacenter/dtr/2.4/guides/release-notes.md | 18 +++++++++++++++ .../ucp/2.1/guides/release-notes/index.md | 23 +++++++++++++++++++ 7 files changed, 92 insertions(+), 4 deletions(-) diff --git a/_config.yml b/_config.yml index 64f9c1b76f..8971ba672a 100644 --- a/_config.yml +++ b/_config.yml @@ -146,20 +146,20 @@ defaults: values: dtr_org: "docker" dtr_repo: "dtr" - dtr_version: "2.4.1" + dtr_version: "2.4.2" - scope: path: "datacenter/dtr/2.3" values: hide_from_sitemap: true dtr_org: "docker" dtr_repo: "dtr" - dtr_version: "2.3.5" + dtr_version: "2.3.6" - scope: path: "datacenter/dtr/2.2" values: ucp_version: "2.1" dtr_version: "2.2" - docker_image: "docker/dtr:2.2.10" + docker_image: "docker/dtr:2.2.11" - scope: path: "datacenter/dtr/2.1" values: @@ -181,7 +181,7 @@ defaults: values: ucp_version: "2.1" dtr_version: "2.2" - docker_image: "docker/ucp:2.1.6" + docker_image: "docker/ucp:2.1.7" - scope: path: "datacenter/ucp/2.0" values: diff --git a/_data/ddc_offline_files.yaml b/_data/ddc_offline_files.yaml index 21592efa57..eb3900d367 100644 --- a/_data/ddc_offline_files.yaml +++ b/_data/ddc_offline_files.yaml @@ -6,6 +6,8 @@ - ucp-version: "2.1" tar-files: + - description: "UCP 2.1.7" + url: https://packages.docker.com/caas/ucp_images_2.1.7.tar.gz - description: "UCP 2.1.6" url: https://packages.docker.com/caas/ucp_images_2.1.6.tar.gz - description: "UCP 2.1.5" @@ -20,6 +22,8 @@ url: https://packages.docker.com/caas/ucp_images_2.1.1.tar.gz - description: "UCP 2.1.0" url: https://packages.docker.com/caas/ucp_images_2.1.0.tar.gz + - description: "DTR 2.2.11" + url: https://packages.docker.com/caas/dtr_images_2.2.11.tar.gz - description: "DTR 2.2.10" url: https://packages.docker.com/caas/dtr_images_2.2.10.tar.gz - description: "DTR 2.2.9" diff --git a/_data/ddc_offline_files_2.yaml b/_data/ddc_offline_files_2.yaml index c9b0f43167..5e76fc9ae0 100644 --- a/_data/ddc_offline_files_2.yaml +++ b/_data/ddc_offline_files_2.yaml @@ -39,6 +39,10 @@ - product: "dtr" version: "2.4" tar-files: + - description: "DTR 2.4.2 Linux x86" + url: https://packages.docker.com/caas/dtr_images_2.4.2.tar.gz + - description: "DTR 2.4.2 IBM Z" + url: https://packages.docker.com/caas/dtr_images_s390x_2.4.2.tar.gz - description: "DTR 2.4.1 Linux x86" url: https://packages.docker.com/caas/dtr_images_2.4.1.tar.gz - description: "DTR 2.4.1 IBM Z" @@ -50,6 +54,8 @@ - product: "dtr" version: "2.3" tar-files: + - description: "DTR 2.3.6" + url: https://packages.docker.com/caas/dtr_images_2.3.6.tar.gz - description: "DTR 2.3.5" url: https://packages.docker.com/caas/dtr_images_2.3.5.tar.gz - description: "DTR 2.3.4" diff --git a/datacenter/dtr/2.2/guides/release-notes/index.md b/datacenter/dtr/2.2/guides/release-notes/index.md index 2bf9b734ea..b30d79726d 100644 --- a/datacenter/dtr/2.2/guides/release-notes/index.md +++ b/datacenter/dtr/2.2/guides/release-notes/index.md @@ -12,6 +12,25 @@ known issues for each DTR version. You can then use [the upgrade instructions](../admin/upgrade.md), to upgrade your installation to the latest release. +## Version 2.2.11 + +(13 February 2018) + +**Security notice** + +The log driver is now disabled for containers started by backup and HA cluster +join operations. This is a critical security fix for customers that rely on +Docker Trusted Registry 2.2, 2.3 and 2.4 with a log driver to capture logs from +all containers across the platform. + +Caution is advised when applying this update, make sure you redeploy DTR, and in +the process you will create new credentials because the previous ones were +potentially disclosed due to the vulnerability. + +Use the `--log-driver=none` option for `docker run` when running a DTR backup, HA +cluster join or dumpcerts. + + ## 2.2.10 (20 November 2017) diff --git a/datacenter/dtr/2.3/guides/release-notes.md b/datacenter/dtr/2.3/guides/release-notes.md index adf102ad31..d7e966382c 100644 --- a/datacenter/dtr/2.3/guides/release-notes.md +++ b/datacenter/dtr/2.3/guides/release-notes.md @@ -11,6 +11,24 @@ known issues for each DTR version. You can then use [the upgrade instructions](admin/upgrade.md), to upgrade your installation to the latest release. +## Version 2.3.6 + +(13 February 2018) + +**Security notice** + +The log driver is now disabled for containers started by backup and HA cluster +join operations. This is a critical security fix for customers that rely on +Docker Trusted Registry 2.2, 2.3 and 2.4 with a log driver to capture logs from +all containers across the platform. + +Caution is advised when applying this update, make sure you redeploy DTR, and in +the process you will create new credentials because the previous ones were +potentially disclosed due to the vulnerability. + +Use the `--log-driver=none` option for `docker run` when running a DTR backup, HA +cluster join or dumpcerts. + ## 2.3.5 (20 November 2017) diff --git a/datacenter/dtr/2.4/guides/release-notes.md b/datacenter/dtr/2.4/guides/release-notes.md index 13d85c2c1b..54b1d0e212 100644 --- a/datacenter/dtr/2.4/guides/release-notes.md +++ b/datacenter/dtr/2.4/guides/release-notes.md @@ -11,6 +11,24 @@ known issues for each DTR version. You can then use [the upgrade instructions](admin/upgrade.md), to upgrade your installation to the latest release. +## Version 2.4.2 + +(13 February 2018) + +**Security notice** + +The log driver is now disabled for containers started by backup and HA cluster +join operations. This is a critical security fix for customers that rely on +Docker Trusted Registry 2.2, 2.3 and 2.4 with a log driver to capture logs from +all containers across the platform. + +Caution is advised when applying this update, make sure you redeploy DTR, and in +the process you will create new credentials because the previous ones were +potentially disclosed due to the vulnerability. + +Use the `--log-driver=none` option for `docker run` when running a DTR backup, HA +cluster join or dumpcerts. + ## 2.4.1 (20 November 2017) diff --git a/datacenter/ucp/2.1/guides/release-notes/index.md b/datacenter/ucp/2.1/guides/release-notes/index.md index 79931f2340..a05b171105 100644 --- a/datacenter/ucp/2.1/guides/release-notes/index.md +++ b/datacenter/ucp/2.1/guides/release-notes/index.md @@ -12,6 +12,29 @@ known issues for the latest UCP version. You can then use [the upgrade instructions](../admin/upgrade.md), to upgrade your installation to the latest release. +## Version 2.1.7 + +(13 February 2018) + +**Security Notice** + +The user must use `--log-driver=none` to disable the log driver for containers +started by backup operations. This is a critical security fix for customers that +rely on Universal Control Plane 2.1 and a log driver to capture logs from all +containers across the platform. + +Caution is advised: any sensitive information that has already been disclosed in +the logs will NOT be removed by this update. Sensitive information needs to be +purged manually from the logs. +Use the backup encryption mechanism with the `--passphrase` option when running a +UCP backup. + +A full credentials re-generation and update transition procedure is available: +[https://success.docker.com/article/KB000623](https://success.docker.com/article/KB000623) + +This is a breaking change on UCP backup operation. It is now mandatory to specify +`--log-driver none` option for `docker run` for all UCP backups. + ## Version 2.1.6 (16 January 2018)