From bd9c89ea096957d123ece1de8522814ae3a41ce8 Mon Sep 17 00:00:00 2001 From: Bjorn Neergaard Date: Tue, 19 Mar 2024 18:12:44 -0600 Subject: [PATCH] engine: add 25.0.5 release notes Signed-off-by: Bjorn Neergaard --- content/engine/release-notes/25.0.md | 22 ++++++++++++++++++++++ 1 file changed, 22 insertions(+) diff --git a/content/engine/release-notes/25.0.md b/content/engine/release-notes/25.0.md index fe7a8b14f6..9454434e08 100644 --- a/content/engine/release-notes/25.0.md +++ b/content/engine/release-notes/25.0.md @@ -19,6 +19,28 @@ For more information about: - Deprecated and removed features, see [Deprecated Engine Features](../deprecated.md). - Changes to the Engine API, see [Engine API version history](../api/version-history.md). +## 25.0.5 + +{{< release-date date="2024-03-19" >}} + +For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones: + +- [docker/cli, 25.0.5 milestone](https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A25.0.5) +- [moby/moby, 25.0.5 milestone](https://github.com/moby/moby/issues?q=is%3Aclosed+milestone%3A25.0.5) + +### Security + +This release contains a security fix for [CVE-2024-29018], a potential data exfiltration from 'internal' networks via authoritative DNS servers. + +### Bug fixes and enhancements + +- [CVE-2024-29018]: Do not forward requests to external DNS servers for a container that is only connected to an 'internal' network. Previously, requests were forwarded if the host's DNS server was running on a loopback address, like systemd's 127.0.0.53. [moby/moby#47589](https://github.com/moby/moby/pull/47589) +- plugin: fix mounting /etc/hosts when running in UserNS. [moby/moby#47588](https://github.com/moby/moby/pull/47588) +- rootless: fix `open /etc/docker/plugins: permission denied`. [moby/moby#47587](https://github.com/moby/moby/pull/47587) +- Fix multiple parallel `docker build` runs leaking disk space. [moby/moby#47527](https://github.com/moby/moby/pull/47527) + + [CVE-2024-29018]: https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx + ## 25.0.4 {{< release-date date="2024-03-07" >}}