moby 20.10.9 发布

2021-10-07 分类：软件更新资讯评论(0)

This release is a security release with security fixes in the CLI, runtime, as
well as updated versions of the containerd.io package and the Go runtime.

Client

CVE-2021-41092
Ensure default auth config has address field set, to prevent credentials being
sent to the default registry.

Runtime

CVE-2021-41089
Create parent directories inside a chroot during docker cp to prevent a specially
crafted container from changing permissions of existing files in the host’s filesystem.
CVE-2021-41091
Lock down file permissions to prevent unprivileged users from discovering and
executing programs in /var/lib/docker.

Packaging

Update Golang runtime to Go 1.16.8, which contains fixes for CVE-2021-36221
and CVE-2021-39293
Update static binaries and containerd.io rpm and deb packages to containerd
v1.4.11 and runc v1.0.2 to address CVE-2021-41103.
Update the bundled buildx version to v0.6.3 for rpm and deb packages.

Assets 2

Source code (zip)

Source code (tar.gz)

转自 https://github.com/moby/moby/releases/tag/v20.10.9

相关推荐