Merge pull request #14019 from docker/master

Updates from Master

config/containers/multi-service_container.md

@@ -2,9 +2,10 @@
 description: How to run more than one process in a container
 keywords: docker, supervisor, process management
 redirect_from:
-- /engine/articles/using_supervisord/
+- /articles/using_supervisord/
-- /engine/admin/using_supervisord/
 - /engine/admin/multi-service_container/
+- /engine/admin/using_supervisord/
+- /engine/articles/using_supervisord/
 title: Run multiple services in a container
 ---
 

config/daemon/index.md

@@ -2,22 +2,26 @@
 description: Configuring and troubleshooting the Docker daemon
 keywords: docker, daemon, configuration, troubleshooting
 redirect_from:
-- /engine/articles/chef/
+- /articles/chef/
-- /engine/articles/configuring/
+- /articles/configuring/
-- /engine/articles/dsc/
+- /articles/dsc/
-- /engine/articles/puppet/
+- /articles/puppet/
-- /engine/admin/configuring/
-- /engine/admin/
-- /engine/admin/ansible/
-- /engine/admin/chef/
-- /engine/admin/dsc/
-- /engine/admin/puppet/
-- /engine/userguide/
 - /config/thirdparty/
 - /config/thirdparty/ansible/
 - /config/thirdparty/chef/
 - /config/thirdparty/dsc/
 - /config/thirdparty/puppet/
+- /engine/admin/
+- /engine/admin/ansible/
+- /engine/admin/chef/
+- /engine/admin/configuring/
+- /engine/admin/dsc/
+- /engine/admin/puppet/
+- /engine/articles/chef/
+- /engine/articles/configuring/
+- /engine/articles/dsc/
+- /engine/articles/puppet/
+- /engine/userguide/
 
 title: Configure and troubleshoot the Docker daemon
 ---

config/daemon/systemd.md

@@ -2,9 +2,10 @@
 description: Controlling and configuring Docker using systemd
 keywords: docker, daemon, systemd, configuration
 redirect_from:
-- /engine/articles/systemd/
+- /articles/host_integration/
 - /articles/systemd/
 - /engine/admin/systemd/
+- /engine/articles/systemd/
 title: Control Docker with systemd
 ---
 

desktop/faqs.md

@@ -29,6 +29,30 @@ The effective date of these terms is August 31, 2021. There is a grace period un
 
 Read the [Blog](https://www.docker.com/blog/updating-product-subscriptions/){: target="_blank" rel="noopener" class="_" id="dkr_docs_subscription_btl"} and [FAQs](https://www.docker.com/pricing/faq){: target="_blank" rel="noopener" class="_" id="dkr_docs_subscription_btl"} to learn how companies using Docker Desktop may be affected. For information about Docker Desktop licensing, see [Docker Desktop License Agreement](../subscription/index.md#docker-desktop-license-agreement).
 
+### Can I use Docker Desktop offline?
+
+Yes, you can use Docker Desktop offline. However, you
+will not be able to access features that require an active internet
+connection. Additionally, any functionality that requires you to sign in will
+also not work while using Docker Desktop offline or in air-gapped environments.
+This includes:
+
+- The in-app [Quick Start Guide](/mac/install.md#quick-start-guide)
+- Pull or push an image to Docker Hub
+- [Image Access Management](../docker-hub/image-access-management.md)
+- [Vulnerability scanning](../docker-hub/vulnerability-scanning.md)
+- View remote images in the [Docker Dashboard](dashboard.md)
+- Set up [Dev Environments](dev-environments.md)
+- Docker build when using [Buildkit](../develop/develop-images/build_enhancements.md). You can work around this by disabling
+  BuildKit. Run `DOCKER_BUILDKIT=0 docker build .` to disable BuildKit.
+- Deploying an app to the cloud through Compose
+  [ACI](../cloud/aci-integration.md) and [ECS](../cloud/ecs-integration.md)
+  integrations
+- [Kubernetes](kubernetes.md) (Images are download when you enable Kubernetes for the first time)
+- [Check for updates](/mac/install.md#updates) (manual and automatic)
+- [In-app diagnostics](/mac/troubleshoot.md#diagnose-and-feedback) (including the [Self-diagnose tool](/mac/troubleshoot.md#self-diagnose-tool))
+- Tip of the week
+- Sending usage statistics
 
 ### What is an experimental feature?
 

develop/develop-images/baseimages.md

@@ -2,6 +2,7 @@
 description: How to create base images
 keywords: images, base image, examples
 redirect_from:
+- /articles/baseimages/
 - /engine/articles/baseimages/
 - /engine/userguide/eng-image/baseimages/
 title: Create a base image

engine/security/certificates.md

@@ -2,6 +2,7 @@
 description: How to set up and use certificates with a registry to verify access
 keywords: Usage, registry, repository, client, root, certificate, docker, apache, ssl, tls, documentation, examples, articles, tutorials
 redirect_from:
+- /articles/certificates/
 - /engine/articles/certificates/
 title: Verify repository client with certificates
 ---
@@ -60,8 +61,10 @@ creating an os-provided bundled certificate chain.
 Use OpenSSL's `genrsa` and `req` commands to first generate an RSA
 key and then use the key to create the certificate.   
 
-    $ openssl genrsa -out client.key 4096
+```console
-    $ openssl req -new -x509 -text -key client.key -out client.cert
+$ openssl genrsa -out client.key 4096
+$ openssl req -new -x509 -text -key client.key -out client.cert
+```
 
 > **Note**:
 > These TLS commands only generate a working set of certificates on Linux.

security/index.md

@@ -25,10 +25,10 @@ vulnerable versions.
 > As an update to
 > [CVE-2021-44228](https://nvd.nist.gov/vuln/detail/CVE-2021-44228){:
 target="_blank" rel="noopener" class="_"}, the fix made in version 2.15.0 was
-> incomplete in certain non-default configurations. An additional issue has
+> incomplete. Additional issues have been identified and are tracked with
-> been identified and is tracked with
+> [CVE-2021-45046](https://nvd.nist.gov/vuln/detail/CVE-2021-45046){: target="_blank" rel="noopener" class="_"} and
-> [CVE-2021-45046](https://nvd.nist.gov/vuln/detail/CVE-2021-45046){: target="_blank" rel="noopener" class="_"}. For a more complete fix to this
+> [CVE-2021-45105](https://nvd.nist.gov/vuln/detail/CVE-2021-45105){: target="_blank" rel="noopener" class="_"}.
-> vulnerability, we recommended that you update to 2.16.0 where possible.
+> For a more complete fix to this vulnerability, we recommended that you update to 2.17.0 where possible.
 {: .important}
 
 ## Scan images using the `docker scan` command
@@ -69,9 +69,8 @@ vulnerable for other reasons. We recommend that you also review the guidelines p
 | [Geonetwork](https://hub.docker.com/_/geonetwork)    | 3.10.10 | [Geonetwork GitHub discussion](https://github.com/geonetwork/core-geonetwork/issues/6076) |
 | [lightstreamer](https://hub.docker.com/_/lightstreamer)     | Awaiting info | Awaiting info  |
 | [logstash](https://hub.docker.com/_/logstash)    | 7.16.1 | Awaiting info |
-| [neo4j](https://hub.docker.com/_/neo4j)     | 4.4.1 | [Neo4j announcement](https://community.neo4j.com/t/log4j-cve-mitigation-for-neo4j/48856) |
+| [neo4j](https://hub.docker.com/_/neo4j)     | 4.4.2 | [Neo4j announcement](https://community.neo4j.com/t/log4j-cve-mitigation-for-neo4j/48856) |
-| [nuxeo](https://hub.docker.com/_/nuxeo)     | Awaiting info | [nuxeo blog](https://www.nuxeo.com/blog/apache-log4j/) |
+| [solr](https://hub.docker.com/_/solr)    | 8.11.1 | [Solr security news](https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228) |
-| [solr](https://hub.docker.com/_/solr)    | Awaiting info | [Solr security news](https://solr.apache.org/security.html#apache-solr-affected-by-apache-log4j-cve-2021-44228) |
 | [sonarqube](https://hub.docker.com/_/sonarqube)    | 8.9.5, 9.2.2 | [SonarQube announcement](https://community.sonarsource.com/t/sonarqube-sonarcloud-and-the-log4j-vulnerability/54721) |
 | [storm](https://hub.docker.com/_/storm)    | Awaiting info | Awaiting info |
 
@@ -81,3 +80,5 @@ vulnerable for other reasons. We recommend that you also review the guidelines p
 target="_blank" rel="noopener" class="_"} images may be detected as vulnerable
 by some scanners, the authors believe the images are not vulnerable by Log4j 2
 CVE as the API jars do not contain the vulnerability.
+> The [Nuxeo](https://hub.docker.com/_/nuxeo){: target="_blank" rel="noopener" class="_"}
+> image is deprecated and will not be updated.