Merge pull request #15610 from thaJeztah/20.10.18_release_notes

engine: add release-notes for 20.10.18
2022-09-09 11:58:51 +02:00 · 2022-09-09 11:58:51 +02:00 · 9856e25800
parent fa1fd3bbd6 d47dd63a20
commit 9856e25800
1 changed files with 45 additions and 4 deletions
--- a/engine/release-notes/index.md
+++ b/engine/release-notes/index.md
@ -15,6 +15,47 @@ for Docker Engine.
 # Version 20.10
 ## 20.10.18
 2022-09-09
 This release of Docker Engine comes with a fix for a low-severity security issue,
 some minor bug fixes, and updated versions of Docker Compose, Docker Buildx,
 `containerd`, and `runc`.
 ### Client
 - Add Bash completion for Docker Compose [docker/cli#3752](https://github.com/docker/cli/pull/3752){:target="_blank" rel="noopener"}.
 ### Builder
 - Fix an issue where file-capabilities were not preserved during build
  [moby/moby#43876](https://github.com/moby/moby/pull/43876){:target="_blank" rel="noopener"}.
 - Fix an issue that could result in a panic caused by a concurrent map read and
  map write [moby/moby#44067](https://github.com/moby/moby/pull/44067){:target="_blank" rel="noopener"}.
 ### Daemon
 - Fix a security vulnerability relating to supplementary group permissions, which
  could allow a container process to bypass primary group restrictions within the
  container [CVE-2022-36109](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36109){:target="_blank" rel="noopener"},
  [GHSA-rc4r-wh2q-q6c4](https://github.com/moby/moby/security/advisories/GHSA-rc4r-wh2q-q6c4){:target="_blank" rel="noopener"}.
 - seccomp: add support for Landlock syscalls in default policy [moby/moby#43991](https://github.com/moby/moby/pull/43991){:target="_blank" rel="noopener"}.
 - seccomp: update default policy to support new syscalls introduced in kernel 5.12 - 5.16 [moby/moby#43991](https://github.com/moby/moby/pull/43991){:target="_blank" rel="noopener"}.
 - Fix an issue where cache lookup for image manifests would fail, resulting
  in a redundant round-trip to the image registry [moby/moby#44109](https://github.com/moby/moby/pull/44109){:target="_blank" rel="noopener"}.
 - Fix an issue where `exec` processes and healthchecks were not terminated
  when they timed out [moby/moby#44018](https://github.com/moby/moby/pull/44018){:target="_blank" rel="noopener"}.
 ### Packaging
 - Update Docker Buildx to [v0.9.1](https://github.com/docker/buildx/releases/tag/v0.9.1){:target="_blank" rel="noopener"}.
 - Update Docker Compose to [v2.10.2](https://github.com/docker/compose/releases/tag/v2.10.2){:target="_blank" rel="noopener"}.
 - Update containerd (`containerd.io` package) to [v1.6.8](https://github.com/containerd/containerd/releases/tag/v1.6.8){:target="_blank" rel="noopener"}.
 - Update runc version to [v1.1.4](https://github.com/opencontainers/runc/releases/tag/v1.1.4){:target="_blank" rel="noopener"}.
 - Update Go runtime to [1.18.6](https://go.dev/doc/devel/release#go1.18.minor){:target="_blank" rel="noopener"},
  which contains fixes for [CVE-2022-27664](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664){:target="_blank" rel="noopener"} and
  [CVE-2022-32190](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32190){:target="_blank" rel="noopener"}.
 ## 20.10.17
 2022-06-06
@ -48,25 +89,25 @@ This release of Docker Engine comes with updated versions of Docker Compose and
 This release of Docker Engine fixes a regression in the Docker CLI builds for
 macOS, fixes an issue with `docker stats` when using containerd 1.5 and up,
-and updates the Go runtime to include a fix for [CVE-2022-29526](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526){:target="_blank" rel="noopener"}.
+and updates the Go runtime to include a fix for [CVE-2022-29526](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526){:target="_blank" rel="noopener"}.
 ### Client
 - Fixed a regression in binaries for macOS introduced in [20.10.15](#201015), which
  resulted in a panic [docker/cli#43426](https://github.com/docker/cli/pull/3592){:target="_blank" rel="noopener"}.
 - Update golang.org/x/sys dependency which contains a fix for
-  [CVE-2022-29526](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526){:target="_blank" rel="noopener"}.
+  [CVE-2022-29526](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526){:target="_blank" rel="noopener"}.
 ### Daemon
 - Fixed an issue where `docker stats` was showing empty stats when running with
  containerd 1.5.0 or up [moby/moby#43567](https://github.com/moby/moby/pull/43567){:target="_blank" rel="noopener"}.
- Updated the `golang.org/x/sys` build-time dependency which contains a fix for [CVE-2022-29526](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526){:target="_blank" rel="noopener"}.
+- Updated the `golang.org/x/sys` build-time dependency which contains a fix for [CVE-2022-29526](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526){:target="_blank" rel="noopener"}.
 ### Packaging
 - Updated Go runtime to [1.17.10](https://go.dev/doc/devel/release#go1.17.minor){:target="_blank" rel="noopener"},
-  which contains a fix for [CVE-2022-29526](http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526){:target="_blank" rel="noopener"}.
+  which contains a fix for [CVE-2022-29526](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526){:target="_blank" rel="noopener"}.
 - Used "weak" dependencies for the `docker scan` CLI plugin, to prevent a
  "conflicting requests" error when users performed an off-line installation from
  downloaded RPM packages [docker/docker-ce-packaging#659](https://github.com/docker/docker-ce-packaging/pull/659){:target="_blank" rel="noopener"}.