Sourced from github.com/docker/docker's\r\nreleases.
\r\n\r\n\r\nv20.10.27
\r\nFor a full list of pull requests and changes in this release, refer\r\nto the relevant GitHub milestones:
\r\n\r\nBug Fixes and Enhancements
\r\n\r\n
\r\n- Fix dockerd-rootless-setuptools.sh when user name contains a\r\nbackslash. moby/moby#46424
\r\n- Add
\r\nIP_NF_MANGLE
to check-config.sh to the\r\n"generally required" list in check-config.sh because it is\r\nrequired by Swarm. moby/moby#46674- Fix a deadlock in libnetwork which could prevent containers from\r\nstarting. moby/moby#46693
\r\n- Write overlay2 layer metadata atomically. moby/moby#46705
\r\n- Support building with Go 1.20. moby/moby#46694\r\nmoby/moby#46695\r\nmoby/moby#46696
\r\nPackaging Updates
\r\n\r\n
\r\n- Update to go1.20.10, golang/org/x/net v0.17.0. moby/moby#46692
\r\nSecurity
\r\n\r\n
\r\n- Deny containers access to
\r\n/sys/devices/virtual/powercap
\r\nby default. This change hardens against CVE-2020-8694, CVE-2020-8695, and\r\nCVE-2020-12912,\r\nand an attack known as the\r\nPLATYPUS attack. For more details, see advisory,\r\ncommit.v20.10.26
\r\n20.10.26
\r\nFor a full list of pull requests and changes in this release, refer\r\nto the relevant GitHub milestones:
\r\n\r\nBug Fixes and Enhancements
\r\n\r\n
\r\n- Support filesystems which do not support extended file attributes\r\nwith the VFS graph driver. moby/moby#45466
\r\n- Fix AppArmor profile docker-default
\r\n/proc/sys
rule. moby/moby#45716- seccomp: always allow
\r\nname_to_handle_at(2)
. moby/moby#45835- Fix an issue which prevented volumes mounted to a live-restored\r\ncontainer from being removed. moby/moby#45840
\r\n- client: resolve an incompatibility with Go 1.20.6, Go 1.20.7, Go\r\n1.19.11 and Go 1.19.12. moby/moby#45972
\r\n- windows: fix
\r\n--register-service
when executed from\r\nwithin binary directory. moby/moby#46217Packaging Updates
\r\n\r\n
\r\n- Update Go to 1.19.12. moby/moby#46142
\r\n- Update containerd to v1.6.22. moby/moby#46105
\r\n- Update runc to v1.1.8. moby/moby#46031
\r\n- Delete Upstart init scripts and clean up sysvinit. moby/moby#46047
\r\nv20.10.25
\r\nBug fixes and enhancements
\r\n\r\n
\r\n\r\n- Fix log loss with the AWSLogs log driver moby/moby#45349
\r\n
... (truncated)
\r\n81ebe71
\r\nMerge pull request from GHSA-jq35-85cj-fj4pfb63665
\r\nMerge pull request #46705\r\nfrom thaJeztah/20.10_backport_atomic-layer-data-writeb967d89
\r\nMerge pull request #46692\r\nfrom corhere/backport-20.10/update-x-net-v0.172c22bd5
\r\nvendor: golang.org/x/net v0.17.0d862c21
\r\nUpdate to go1.20.10cb47414
\r\nMerge pull request #46696\r\nfrom corhere/backport-20.10/go1.20-enablementea4eb73
\r\nMerge pull request #46695\r\nfrom corhere/backport-20.10/safer-fileinfo6c523aa
\r\nhack: fix suppressing Xattrs lint errors31b8374
\r\npkg/archive: audit gosec file-traversal lints8e44855
\r\nRemove local fork of archive/tar package