皇上,还记得我吗?我就是1999年那个Linux伊甸园啊-----24小时滚动更新开源资讯,全年无休!

moby 20.10.9 发布

This release is a security release with security fixes in the CLI, runtime, as
well as updated versions of the containerd.io package and the Go runtime.

Client

  • CVE-2021-41092
    Ensure default auth config has address field set, to prevent credentials being
    sent to the default registry.

Runtime

  • CVE-2021-41089
    Create parent directories inside a chroot during docker cp to prevent a specially
    crafted container from changing permissions of existing files in the host’s filesystem.
  • CVE-2021-41091
    Lock down file permissions to prevent unprivileged users from discovering and
    executing programs in /var/lib/docker.

Packaging

  • Update Golang runtime to Go 1.16.8, which contains fixes for CVE-2021-36221
    and CVE-2021-39293
  • Update static binaries and containerd.io rpm and deb packages to containerd
    v1.4.11 and runc v1.0.2 to address CVE-2021-41103.
  • Update the bundled buildx version to v0.6.3 for rpm and deb packages.

 

Assets 2

 

转自 https://github.com/moby/moby/releases/tag/v20.10.9