Doctor 20.10.18发布

This release of Docker Engine comes with a fix for a low-severity security issue,
some minor bug fixes, and updated versions of Docker Compose, Docker Buildx,
containerd, and runc.

Client

• Add Bash completion for Docker Compose docker/cli#3752.

Builder

• Fix an issue where file-capabilities were not preserved during build moby/moby#43876.
• Fix an issue that could result in a panic caused by a concurrent map read and map write moby/moby#44067

Daemon

• Fix a security vulnerability relating to supplementary group permissions, which
  could allow a container process to bypass primary group restrictions within the
  container CVE-2022-36109, GHSA-rc4r-wh2q-q6c4.
• seccomp: add support for Landlock syscalls in default policy moby/moby#43991.
• seccomp: update default policy to support new syscalls introduced in kernel 5.12 – 5.16 moby/moby#43991.
• Fix an issue where cache lookup for image manifests would fail, resulting
  in a redundant round-trip to the image registry moby/moby#44109.
• Fix an issue where exec processes and healthchecks were not terminated
  when they timed out moby/moby#44018.

Packaging

• Update Docker Buildx to v0.9.1.
• Update Docker Compose to v2.10.2.
• Update containerd (containerd.io package) to v1.6.8.
• Update runc to v1.1.4.
• Update Go runtime to 1.18.6,
  which contains fixes for CVE-2022-27664
  and CVE-2022-32190.