summaryrefslogtreecommitdiff
path: root/devdocs/docker/engine%2Frelease-notes%2Findex.html
diff options
context:
space:
mode:
Diffstat (limited to 'devdocs/docker/engine%2Frelease-notes%2Findex.html')
-rw-r--r--devdocs/docker/engine%2Frelease-notes%2Findex.html217
1 files changed, 217 insertions, 0 deletions
diff --git a/devdocs/docker/engine%2Frelease-notes%2Findex.html b/devdocs/docker/engine%2Frelease-notes%2Findex.html
new file mode 100644
index 00000000..54e76712
--- /dev/null
+++ b/devdocs/docker/engine%2Frelease-notes%2Findex.html
@@ -0,0 +1,217 @@
+<h1>Docker Engine release notes</h1>
+<p>This document describes the latest changes, additions, known issues, and fixes for Docker Engine.</p> <h1 id="version-2010">Version 20.10</h1> <h2 id="201016">20.10.16</h2> <p>2022-05-12</p> <p>This release of Docker Engine fixes a regression in the Docker CLI builds for macOS, fixes an issue with <code class="language-plaintext highlighter-rouge">docker stats</code> when using containerd 1.5 and up, and updates the Go runtime to include a fix for <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526" target="_blank" rel="noopener">CVE-2022-29526</a>.</p> <h3 id="client">Client</h3> <ul> <li>Fixed a regression in binaries for macOS introduced in <a href="#201015">20.10.15</a>, which resulted in a panic <a href="https://github.com/docker/cli/pull/3592" target="_blank" rel="noopener">docker/cli#43426</a>.</li> <li>Update golang.org/x/sys dependency which contains a fix for <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526" target="_blank" rel="noopener">CVE-2022-29526</a>.</li> </ul> <h3 id="daemon">Daemon</h3> <ul> <li>Fixed an issue where <code class="language-plaintext highlighter-rouge">docker stats</code> was showing empty stats when running with containerd 1.5.0 or up <a href="https://github.com/moby/moby/pull/43567" target="_blank" rel="noopener">moby/moby#43567</a>.</li> <li>Updated the <code class="language-plaintext highlighter-rouge">golang.org/x/sys</code> build-time dependency which contains a fix for <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526" target="_blank" rel="noopener">CVE-2022-29526</a>.</li> </ul> <h3 id="packaging">Packaging</h3> <ul> <li>Updated Go runtime to <a href="https://go.dev/doc/devel/release#go1.17.minor" target="_blank" rel="noopener">1.17.10</a>, which contains a fix for <a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29526" target="_blank" rel="noopener">CVE-2022-29526</a>.</li> <li>Used “weak” dependencies for the <code class="language-plaintext highlighter-rouge">docker scan</code> CLI plugin, to prevent a “conflicting requests” error when users performed an off-line installation from downloaded RPM packages <a href="https://github.com/docker/docker-ce-packaging/pull/659" target="_blank" rel="noopener">docker/docker-ce-packaging#659</a>.</li> </ul> <h2 id="201015">20.10.15</h2> <p>2022-05-05</p> <p>This release of Docker Engine comes with updated versions of the <code class="language-plaintext highlighter-rouge">compose</code>, <code class="language-plaintext highlighter-rouge">buildx</code>, <code class="language-plaintext highlighter-rouge">containerd</code>, and <code class="language-plaintext highlighter-rouge">runc</code> components, as well as some minor bug fixes.</p> <blockquote class="important"> <p><strong>Known issues</strong></p> <p>We’ve identified an issue with the <a href="https://download.docker.com/mac/static/stable/" target="_blank" rel="noopener" class="_">macOS CLI binaries</a> in the 20.10.15 release. This issue has been resolved in the <a href="#201016">20.10.16</a> release.</p> </blockquote> <h3 id="daemon-1">Daemon</h3> <ul> <li>Use a RWMutex for stateCounter to prevent potential locking congestion <a href="https://github.com/moby/moby/pull/43426">moby/moby#43426</a>.</li> <li>Prevent an issue where the daemon was unable to find an available IP-range in some conditions <a href="https://github.com/moby/moby/pull/43360">moby/moby#43360</a>
+</li> </ul> <h3 id="packaging-1">Packaging</h3> <ul> <li>Update Docker Compose to <a href="https://github.com/docker/compose/releases/tag/v2.5.0">v2.5.0</a>.</li> <li>Update Docker Buildx to <a href="https://github.com/docker/buildx/releases/tag/v0.8.2">v0.8.2</a>.</li> <li>Update Go runtime to <a href="https://go.dev/doc/devel/release#go1.17.minor">1.17.9</a>.</li> <li>Update containerd (<code class="language-plaintext highlighter-rouge">containerd.io</code> package) to <a href="https://github.com/containerd/containerd/releases/tag/v1.6.4">v1.6.4</a>.</li> <li>Update runc version to <a href="https://github.com/opencontainers/runc/releases/tag/v1.1.1">v1.1.1</a>.</li> <li>Add packages for CentOS 9 stream and Fedora 36.</li> </ul> <h2 id="201014">20.10.14</h2> <p>2022-03-23</p> <p>This release of Docker Engine updates the default inheritable capabilities for containers to address <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-24769">CVE-2022-24769</a>, a new version of the <code class="language-plaintext highlighter-rouge">containerd.io</code> runtime is also included to address the same issue.</p> <h3 id="daemon-2">Daemon</h3> <ul> <li>Update the default inheritable capabilities.</li> </ul> <h3 id="builder">Builder</h3> <ul> <li>Update the default inheritable capabilities for containers used during build.</li> </ul> <h3 id="packaging-2">Packaging</h3> <ul> <li>Update containerd (<code class="language-plaintext highlighter-rouge">containerd.io</code> package) to <a href="https://github.com/containerd/containerd/releases/tag/v1.5.11">v1.5.11</a>.</li> <li>Update <code class="language-plaintext highlighter-rouge">docker buildx</code> to <a href="https://github.com/docker/buildx/releases/tag/v0.8.1">v0.8.1</a>.</li> </ul> <h2 id="201013">20.10.13</h2> <p>2022-03-10</p> <p>This release of Docker Engine contains some bug-fixes and packaging changes, updates to the <code class="language-plaintext highlighter-rouge">docker scan</code> and <code class="language-plaintext highlighter-rouge">docker buildx</code> commands, an updated version of the Go runtime, and new versions of the <code class="language-plaintext highlighter-rouge">containerd.io</code> runtime. Together with this release, we now also provide <code class="language-plaintext highlighter-rouge">.deb</code> and <code class="language-plaintext highlighter-rouge">.rpm</code> packages of Docker Compose V2, which can be installed using the (optional) <code class="language-plaintext highlighter-rouge">docker-compose-plugin</code> package.</p> <h3 id="builder-1">Builder</h3> <ul> <li>Updated the bundled version of buildx to <a href="https://github.com/docker/buildx/releases/tag/v0.8.0">v0.8.0</a>.</li> </ul> <h3 id="daemon-3">Daemon</h3> <ul> <li>Fix a race condition when updating the container’s state <a href="https://github.com/moby/moby/pull/43166">moby/moby#43166</a>.</li> <li>Update the etcd dependency to prevent the daemon from incorrectly holding file locks <a href="https://github.com/moby/moby/pull/43259">moby/moby#43259</a>
+</li> <li>Fix detection of user-namespaces when configuring the default <code class="language-plaintext highlighter-rouge">net.ipv4.ping_group_range</code> sysctl <a href="https://github.com/moby/moby/pull/43084">moby/moby#43084</a>.</li> </ul> <h3 id="distribution">Distribution</h3> <ul> <li>Retry downloading image-manifests if a connection failure happens during image pull <a href="https://github.com/moby/moby/pull/43333">moby/moby#43333</a>.</li> </ul> <h3 id="documentation">Documentation</h3> <ul> <li>Various fixes in command-line reference and API documentation.</li> </ul> <h3 id="logging">Logging</h3> <ul> <li>Prevent an OOM when using the “local” logging driver with containers that produce a large amount of log messages <a href="https://github.com/moby/moby/pull/43165">moby/moby#43165</a>.</li> <li>Updates the fluentd log driver to prevent a potential daemon crash, and prevent containers from hanging when using the <code class="language-plaintext highlighter-rouge">fluentd-async-connect=true</code> and the remote server is unreachable <a href="https://github.com/moby/moby/pull/43147">moby/moby#43147</a>.</li> </ul> <h3 id="packaging-3">Packaging</h3> <ul> <li>Provide <code class="language-plaintext highlighter-rouge">.deb</code> and <code class="language-plaintext highlighter-rouge">.rpm</code> packages for Docker Compose V2. <a href="https://github.com/docker/compose/releases/tag/v2.3.3">Docker Compose v2.3.3</a> can now be installed on Linux using the <code class="language-plaintext highlighter-rouge">docker-compose-plugin</code> packages, which provides the <code class="language-plaintext highlighter-rouge">docker compose</code> subcommand on the Docker CLI. The Docker Compose plugin can also be installed and run standalone to be used as a drop-in replacement for <code class="language-plaintext highlighter-rouge">docker-compose</code> (Docker Compose V1) <a href="https://github.com/docker/docker-ce-packaging/pull/638">docker/docker-ce-packaging#638</a>. The <code class="language-plaintext highlighter-rouge">compose-cli-plugin</code> package can also be used on older version of the Docker CLI with support for CLI plugins (Docker CLI 18.09 and up).</li> <li>Provide packages for the upcoming Ubuntu 22.04 “Jammy Jellyfish” LTS release <a href="https://github.com/docker/docker-ce-packaging/pull/645">docker/docker-ce-packaging#645</a>, <a href="https://github.com/docker/containerd-packaging/pull/271">docker/containerd-packaging#271</a>.</li> <li>Update <code class="language-plaintext highlighter-rouge">docker buildx</code> to <a href="https://github.com/docker/buildx/releases/tag/v0.8.0">v0.8.0</a>.</li> <li>Update <code class="language-plaintext highlighter-rouge">docker scan</code> (<code class="language-plaintext highlighter-rouge">docker-scan-plugin</code>) to <a href="https://github.com/docker/scan-cli-plugin/releases/tag/v0.17.0">v0.17.0</a>.</li> <li>Update containerd (<code class="language-plaintext highlighter-rouge">containerd.io</code> package) to <a href="https://github.com/containerd/containerd/releases/tag/v1.5.10">v1.5.10</a>.</li> <li>Update the bundled runc version to <a href="https://github.com/opencontainers/runc/releases/tag/v1.0.3">v1.0.3</a>.</li> <li>Update Golang runtime to Go 1.16.15.</li> </ul> <h2 id="201012">20.10.12</h2> <p>2021-12-13</p> <p>This release of Docker Engine contains changes in packaging only, and provides updates to the <code class="language-plaintext highlighter-rouge">docker scan</code> and <code class="language-plaintext highlighter-rouge">docker buildx</code> commands. Versions of <code class="language-plaintext highlighter-rouge">docker scan</code> before v0.11.0 are not able to detect the <a href="https://nvd.nist.gov/vuln/detail/CVE-2021-44228">Log4j 2 CVE-2021-44228</a>. We are shipping an updated version of <code class="language-plaintext highlighter-rouge">docker scan</code> in this release to help you scan your images for this vulnerability.</p> <blockquote> <p><strong>Note</strong></p> <p>The <code class="language-plaintext highlighter-rouge">docker scan</code> command on Linux is currently only supported on x86 platforms. We do not yet provide a package for other hardware architectures on Linux.</p> </blockquote> <p>The <code class="language-plaintext highlighter-rouge">docker scan</code> feature is provided as a separate package and, depending on your upgrade or installation method, ‘docker scan’ may not be updated automatically to the latest version. Use the instructions below to update <code class="language-plaintext highlighter-rouge">docker scan</code> to the latest version. You can also use these instructions to install, or upgrade the <code class="language-plaintext highlighter-rouge">docker scan</code> package without upgrading the Docker Engine:</p> <p>On <code class="language-plaintext highlighter-rouge">.deb</code> based distros, such as Ubuntu and Debian:</p> <div class="highlight"><pre class="highlight" data-language="">$ apt-get update &amp;&amp; apt-get install docker-scan-plugin
+</pre></div> <p>On rpm-based distros, such as CentOS or Fedora:</p> <div class="highlight"><pre class="highlight" data-language="">$ yum install docker-scan-plugin
+</pre></div> <p>After upgrading, verify you have the latest version of <code class="language-plaintext highlighter-rouge">docker scan</code> installed:</p> <div class="highlight"><pre class="highlight" data-language="">$ docker scan --accept-license --version
+Version: v0.12.0
+Git commit: 1074dd0
+Provider: Snyk (1.790.0 (standalone))
+</pre></div> <p><a href="https://www.docker.com/blog/apache-log4j-2-cve-2021-44228/">Read our blog post on CVE-2021-44228</a> to learn how to use the <code class="language-plaintext highlighter-rouge">docker scan</code> command to check if images are vulnerable.</p> <h3 id="packaging-4">Packaging</h3> <ul> <li>Update <code class="language-plaintext highlighter-rouge">docker scan</code> to <a href="https://github.com/docker/scan-cli-plugin/releases/tag/v0.12.0">v0.12.0</a>.</li> <li>Update <code class="language-plaintext highlighter-rouge">docker buildx</code> to <a href="https://github.com/docker/buildx/releases/tag/v0.7.1">v0.7.1</a>.</li> <li>Update Golang runtime to Go 1.16.12.</li> </ul> <h2 id="201011">20.10.11</h2> <p>2021-11-17</p> <blockquote class="important"> <p><strong>IMPORTANT</strong></p> <p>Due to <a href="https://github.com/golang/go/issues/40909">net/http changes</a> in <a href="https://golang.org/doc/go1.16#net/http">Go 1.16</a>, HTTP proxies configured through the <code class="language-plaintext highlighter-rouge">$HTTP_PROXY</code> environment variable are no longer used for TLS (<code class="language-plaintext highlighter-rouge">https://</code>) connections. Make sure you also set an <code class="language-plaintext highlighter-rouge">$HTTPS_PROXY</code> environment variable for handling requests to <code class="language-plaintext highlighter-rouge">https://</code> URLs.</p> <p>Refer to the <a href="https://docs.docker.com/config/daemon/systemd/#httphttps-proxy">HTTP/HTTPS proxy section</a> to learn how to configure the Docker Daemon to use a proxy server.</p> </blockquote> <h3 id="distribution-1">Distribution</h3> <ul> <li>Handle ambiguous OCI manifest parsing to mitigate <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41190">CVE-2021-41190</a> / <a href="https://github.com/opencontainers/distribution-spec/security/advisories/GHSA-mc8v-mgrf-8f4m">GHSA-mc8v-mgrf-8f4m</a>. See <a href="https://github.com/moby/moby/security/advisories/GHSA-xmmx-7jpf-fx42">GHSA-xmmx-7jpf-fx42</a> for details.</li> </ul> <h3 id="windows">Windows</h3> <ul> <li>Fix panic.log file having read-only attribute set <a href="https://github.com/moby/moby/pull/42987">moby/moby#42987</a>.</li> </ul> <h3 id="packaging-5">Packaging</h3> <ul> <li>Update containerd to <a href="https://github.com/containerd/containerd/releases/tag/v1.4.12">v1.4.12</a> to mitigate <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41190">CVE-2021-41190</a>.</li> <li>Update Golang runtime to Go 1.16.10.</li> </ul> <h2 id="201010">20.10.10</h2> <p>2021-10-25</p> <blockquote class="important"> <p><strong>IMPORTANT</strong></p> <p>Due to <a href="https://github.com/golang/go/issues/40909">net/http changes</a> in <a href="https://golang.org/doc/go1.16#net/http">Go 1.16</a>, HTTP proxies configured through the <code class="language-plaintext highlighter-rouge">$HTTP_PROXY</code> environment variable are no longer used for TLS (<code class="language-plaintext highlighter-rouge">https://</code>) connections. Make sure you also set an <code class="language-plaintext highlighter-rouge">$HTTPS_PROXY</code> environment variable for handling requests to <code class="language-plaintext highlighter-rouge">https://</code> URLs.</p> <p>Refer to the <a href="https://docs.docker.com/config/daemon/systemd/#httphttps-proxy">HTTP/HTTPS proxy section</a> to learn how to configure the Docker Daemon to use a proxy server.</p> </blockquote> <h3 id="builder-2">Builder</h3> <ul> <li>Fix platform-matching logic to fix <code class="language-plaintext highlighter-rouge">docker build</code> using not finding images in the local image cache on Arm machines when using BuildKit <a href="https://github.com/moby/moby/pull/42954">moby/moby#42954</a>
+</li> </ul> <h3 id="runtime">Runtime</h3> <ul> <li>Add support for <code class="language-plaintext highlighter-rouge">clone3</code> syscall in the default seccomp policy to support running containers based on recent versions of Fedora and Ubuntu. <a href="https://github.com/moby/moby/pull/42836">moby/moby/#42836</a>.</li> <li>Windows: update hcsshim library to fix a bug in sparse file handling in container layers, which was exposed by recent changes in Windows <a href="https://github.com/moby/moby/pull/42944">moby/moby#42944</a>.</li> <li>Fix some situations where <code class="language-plaintext highlighter-rouge">docker stop</code> could hang forever <a href="https://github.com/moby/moby/pull/42956">moby/moby#42956</a>.</li> </ul> <h3 id="swarm">Swarm</h3> <ul> <li>Fix an issue where updating a service did not roll back on failure <a href="https://github.com/moby/moby/pull/42875">moby/moby#42875</a>.</li> </ul> <h3 id="packaging-6">Packaging</h3> <ul> <li>Add packages for Ubuntu 21.10 “Impish Indri” and Fedora 35.</li> <li>Update <code class="language-plaintext highlighter-rouge">docker scan</code> to v0.9.0</li> <li>Update Golang runtime to Go 1.16.9.</li> </ul> <h2 id="20109">20.10.9</h2> <p>2021-10-04</p> <p>This release is a security release with security fixes in the CLI, runtime, as well as updated versions of the containerd.io package.</p> <blockquote class="important"> <p><strong>IMPORTANT</strong></p> <p>Due to <a href="https://github.com/golang/go/issues/40909">net/http changes</a> in <a href="https://golang.org/doc/go1.16#net/http">Go 1.16</a>, HTTP proxies configured through the <code class="language-plaintext highlighter-rouge">$HTTP_PROXY</code> environment variable are no longer used for TLS (<code class="language-plaintext highlighter-rouge">https://</code>) connections. Make sure you also set an <code class="language-plaintext highlighter-rouge">$HTTPS_PROXY</code> environment variable for handling requests to <code class="language-plaintext highlighter-rouge">https://</code> URLs.</p> <p>Refer to the <a href="https://docs.docker.com/config/daemon/systemd/#httphttps-proxy">HTTP/HTTPS proxy section</a> to learn how to configure the Docker Daemon to use a proxy server.</p> </blockquote> <h3 id="client-1">Client</h3> <ul> <li>
+<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41092">CVE-2021-41092</a> Ensure default auth config has address field set, to prevent credentials being sent to the default registry.</li> </ul> <h3 id="runtime-1">Runtime</h3> <ul> <li>
+<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41089">CVE-2021-41089</a> Create parent directories inside a chroot during <code class="language-plaintext highlighter-rouge">docker cp</code> to prevent a specially crafted container from changing permissions of existing files in the host’s filesystem.</li> <li>
+<a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41091">CVE-2021-41091</a> Lock down file permissions to prevent unprivileged users from discovering and executing programs in <code class="language-plaintext highlighter-rouge">/var/lib/docker</code>.</li> </ul> <h3 id="packaging-7">Packaging</h3> <blockquote> <p><strong>Known issue</strong></p> <p>The <code class="language-plaintext highlighter-rouge">ctr</code> binary shipping with the static packages of this release is not statically linked, and will not run in Docker images using alpine as a base image. Users can install the <code class="language-plaintext highlighter-rouge">libc6-compat</code> package, or download a previous version of the <code class="language-plaintext highlighter-rouge">ctr</code> binary as a workaround. Refer to the containerd ticket related to this issue for more details: <a href="https://github.com/containerd/containerd/issues/5824">containerd/containerd#5824</a>.</p> </blockquote> <ul> <li>Update Golang runtime to Go 1.16.8, which contains fixes for <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-36221">CVE-2021-36221</a> and <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-39293">CVE-2021-39293</a>
+</li> <li>Update static binaries and containerd.io rpm and deb packages to containerd v1.4.11 and runc v1.0.2 to address <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41103">CVE-2021-41103</a>.</li> <li>Update the bundled buildx version to v0.6.3 for rpm and deb packages.</li> </ul> <h2 id="20108">20.10.8</h2> <p>2021-08-03</p> <blockquote class="important"> <p><strong>IMPORTANT</strong></p> <p>Due to <a href="https://github.com/golang/go/issues/40909">net/http changes</a> in <a href="https://golang.org/doc/go1.16#net/http">Go 1.16</a>, HTTP proxies configured through the <code class="language-plaintext highlighter-rouge">$HTTP_PROXY</code> environment variable are no longer used for TLS (<code class="language-plaintext highlighter-rouge">https://</code>) connections. Make sure you also set an <code class="language-plaintext highlighter-rouge">$HTTPS_PROXY</code> environment variable for handling requests to <code class="language-plaintext highlighter-rouge">https://</code> URLs.</p> <p>Refer to the <a href="https://docs.docker.com/config/daemon/systemd/#httphttps-proxy">HTTP/HTTPS proxy section</a> to learn how to configure the Docker Daemon to use a proxy server.</p> </blockquote> <h3 id="deprecation">Deprecation</h3> <ul> <li>Deprecate support for encrypted TLS private keys. Legacy PEM encryption as specified in RFC 1423 is insecure by design. Because it does not authenticate the ciphertext, it is vulnerable to padding oracle attacks that can let an attacker recover the plaintext. Support for encrypted TLS private keys is now marked as deprecated, and will be removed in an upcoming release. <a href="https://github.com/docker/cli/pull/3219">docker/cli#3219</a>
+</li> <li>Deprecate Kubernetes stack support. Following the deprecation of <a href="https://github.com/docker/compose-on-kubernetes">Compose on Kubernetes</a>, support for Kubernetes in the <code class="language-plaintext highlighter-rouge">stack</code> and <code class="language-plaintext highlighter-rouge">context</code> commands in the Docker CLI is now marked as deprecated, and will be removed in an upcoming release <a href="https://github.com/docker/cli/pull/3174">docker/cli#3174</a>.</li> </ul> <h3 id="client-2">Client</h3> <ul> <li>Fix <code class="language-plaintext highlighter-rouge">Invalid standard handle identifier</code> errors on Windows <a href="https://github.com/docker/cli/pull/3132">docker/cli#3132</a>.</li> </ul> <h3 id="rootless">Rootless</h3> <ul> <li>Avoid <code class="language-plaintext highlighter-rouge">can't open lock file /run/xtables.lock: Permission denied</code> error on SELinux hosts <a href="https://github.com/moby/moby/pull/42462">moby/moby#42462</a>.</li> <li>Disable overlay2 when running with SELinux to prevent permission denied errors <a href="https://github.com/moby/moby/pull/42462">moby/moby#42462</a>.</li> <li>Fix <code class="language-plaintext highlighter-rouge">x509: certificate signed by unknown authority</code> error on openSUSE Tumbleweed <a href="https://github.com/moby/moby/pull/42462">moby/moby#42462</a>.</li> </ul> <h3 id="runtime-2">Runtime</h3> <ul> <li>Print a warning when using the <code class="language-plaintext highlighter-rouge">--platform</code> option to pull a single-arch image that does not match the specified architecture <a href="https://github.com/moby/moby/pull/42633">moby/moby#42633</a>.</li> <li>Fix incorrect <code class="language-plaintext highlighter-rouge">Your kernel does not support swap memory limit</code> warning when running with cgroups v2 <a href="https://github.com/moby/moby/pull/42479">moby/moby#42479</a>.</li> <li>Windows: Fix a situation where containers were not stopped if <code class="language-plaintext highlighter-rouge">HcsShutdownComputeSystem</code> returned an <code class="language-plaintext highlighter-rouge">ERROR_PROC_NOT_FOUND</code> error <a href="https://github.com/moby/moby/pull/42613">moby/moby#42613</a>
+</li> </ul> <h3 id="swarm-1">Swarm</h3> <ul> <li>Fix a possibility where overlapping IP addresses could exist as a result of the node failing to clean up its old loadbalancer IPs <a href="https://github.com/moby/moby/pull/42538">moby/moby#42538</a>
+</li> <li>Fix a deadlock in log broker (“dispatcher is stopped”) <a href="https://github.com/moby/moby/pull/42537">moby/moby#42537</a>
+</li> </ul> <h3 id="packaging-8">Packaging</h3> <blockquote> <p><strong>Known issue</strong></p> <p>The <code class="language-plaintext highlighter-rouge">ctr</code> binary shipping with the static packages of this release is not statically linked, and will not run in Docker images using alpine as a base image. Users can install the <code class="language-plaintext highlighter-rouge">libc6-compat</code> package, or download a previous version of the <code class="language-plaintext highlighter-rouge">ctr</code> binary as a workaround. Refer to the containerd ticket related to this issue for more details: <a href="https://github.com/containerd/containerd/issues/5824">containerd/containerd#5824</a>.</p> </blockquote> <ul> <li>Remove packaging for Ubuntu 16.04 “Xenial” and Fedora 32, as they reached EOL <a href="https://github.com/docker/docker-ce-packaging/pull/560">docker/docker-ce-packaging#560</a>
+</li> <li>Update Golang runtime to Go 1.16.6</li> <li>Update the bundled buildx version to v0.6.1 for rpm and deb packages <a href="https://github.com/docker/docker-ce-packaging/pull/562">docker/docker-ce-packaging#562</a>
+</li> <li>Update static binaries and containerd.io rpm and deb packages to containerd v1.4.9 and runc v1.0.1: <a href="https://github.com/docker/containerd-packaging/pull/241">docker/containerd-packaging#241</a>, <a href="https://github.com/docker/containerd-packaging/pull/245">docker/containerd-packaging#245</a>, <a href="https://github.com/docker/containerd-packaging/pull/247">docker/containerd-packaging#247</a>.</li> </ul> <h2 id="20107">20.10.7</h2> <p>2021-06-02</p> <h3 id="client-3">Client</h3> <ul> <li>Suppress warnings for deprecated cgroups <a href="https://github.com/docker/cli/pull/3099">docker/cli#3099</a>.</li> <li>Prevent sending <code class="language-plaintext highlighter-rouge">SIGURG</code> signals to container on Linux and macOS. The Go runtime (starting with Go 1.14) uses <code class="language-plaintext highlighter-rouge">SIGURG</code> signals internally as an interrupt to support preemptable syscalls. In situations where the Docker CLI was attached to a container, these interrupts were forwarded to the container. This fix changes the Docker CLI to ignore <code class="language-plaintext highlighter-rouge">SIGURG</code> signals <a href="https://github.com/docker/cli/pull/3107">docker/cli#3107</a>, <a href="https://github.com/moby/moby/pull/42421">moby/moby#42421</a>.</li> </ul> <h3 id="builder-3">Builder</h3> <ul> <li>Update BuildKit to version v0.8.3-3-g244e8cde <a href="https://github.com/moby/moby/pull/42448">moby/moby#42448</a>: <ul> <li>Transform relative mountpoints for exec mounts in the executor to work around a breaking change in runc v1.0.0-rc94 and up. <a href="https://github.com/moby/buildkit/pull/2137">moby/buildkit#2137</a>.</li> <li>Add retry on image push 5xx errors. <a href="https://github.com/moby/buildkit/pull/2043">moby/buildkit#2043</a>.</li> <li>Fix build-cache not being invalidated when renaming a file that is copied using a <code class="language-plaintext highlighter-rouge">COPY</code> command with a wildcard. Note that this change invalidates existing build caches for copy commands that use a wildcard. <a href="https://github.com/moby/buildkit/pull/2018">moby/buildkit#2018</a>.</li> <li>Fix build-cache not being invalidated when using mounts <a href="https://github.com/moby/buildkit/pull/2076">moby/buildkit#2076</a>.</li> </ul> </li> <li>Fix build failures when <code class="language-plaintext highlighter-rouge">FROM</code> image is not cached when using legacy schema 1 images <a href="https://github.com/moby/moby/pull/42382">moby/moby#42382</a>.</li> </ul> <h3 id="logging-1">Logging</h3> <ul> <li>Update the hcsshim SDK to make daemon logs on Windows less verbose <a href="https://github.com/moby/moby/pull/42292">moby/moby#42292</a>.</li> </ul> <h3 id="rootless-1">Rootless</h3> <ul> <li>Fix capabilities not being honored when an image was built on a daemon with user-namespaces enabled <a href="https://github.com/moby/moby/pull/42352">moby/moby#42352</a>.</li> </ul> <h3 id="networking">Networking</h3> <ul> <li>Update libnetwork to fix publishing ports on environments with kernel boot parameter <code class="language-plaintext highlighter-rouge">ipv6.disable=1</code>, and to fix a deadlock causing internal DNS lookups to fail <a href="https://github.com/moby/moby/pull/42413">moby/moby#42413</a>.</li> </ul> <h3 id="contrib">Contrib</h3> <ul> <li>Update rootlesskit to v0.14.2 to fix a timeout when starting the userland proxy with the <code class="language-plaintext highlighter-rouge">slirp4netns</code> port driver <a href="https://github.com/moby/moby/pull/42294">moby/moby#42294</a>.</li> <li>Fix “Device or resource busy” errors when running docker-in-docker on a rootless daemon <a href="https://github.com/moby/moby/pull/42342">moby/moby#42342</a>.</li> </ul> <h3 id="packaging-9">Packaging</h3> <ul> <li>Update containerd to v1.4.6, runc v1.0.0-rc95 to address <a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-30465">CVE-2021-30465</a> <a href="https://github.com/moby/moby/pull/42398">moby/moby#42398</a>, <a href="https://github.com/moby/moby/pull/42395">moby/moby#42395</a>, <a href="https://github.com/docker/containerd-packaging/pull/234">ocker/containerd-packaging#234</a>
+</li> <li>Update containerd to v1.4.5, runc v1.0.0-rc94 <a href="https://github.com/moby/moby/pull/42372">moby/moby#42372</a>, <a href="https://github.com/moby/moby/pull/42388">moby/moby#42388</a>, <a href="https://github.com/docker/containerd-packaging/pull/232">docker/containerd-packaging#232</a>.</li> <li>Update Docker Scan plugin packages (<code class="language-plaintext highlighter-rouge">docker-scan-plugin</code>) to v0.8 <a href="https://github.com/docker/docker-ce-packaging/pull/545">docker/docker-ce-packaging#545</a>.</li> </ul> <h2 id="20106">20.10.6</h2> <p>2021-04-12</p> <h3 id="client-4">Client</h3> <ul> <li>Apple Silicon (darwin/arm64) support for Docker CLI <a href="https://github.com/docker/cli/pull/3042">docker/cli#3042</a>
+</li> <li>config: print deprecation warning when falling back to pre-v1.7.0 config file <code class="language-plaintext highlighter-rouge">~/.dockercfg</code>. Support for this file will be removed in a future release <a href="https://github.com/docker/cli/pull/3000">docker/cli#3000</a>
+</li> </ul> <h3 id="builder-4">Builder</h3> <ul> <li>Fix classic builder silently ignoring unsupported Dockerfile options and prompt to enable BuildKit instead <a href="https://github.com/moby/moby/pull/42197">moby/moby#42197</a>
+</li> </ul> <h3 id="logging-2">Logging</h3> <ul> <li>json-file: fix sporadic unexpected EOF errors <a href="https://github.com/moby/moby/pull/42174">moby/moby#42174</a>
+</li> </ul> <h3 id="networking-1">Networking</h3> <ul> <li>Fix a regression in docker 20.10, causing IPv6 addresses no longer to be bound by default when mapping ports <a href="https://github.com/moby/moby/pull/42205">moby/moby#42205</a>
+</li> <li>Fix implicit IPv6 port-mappings not included in API response. Before docker 20.10, published ports were accessible through both IPv4 and IPv6 by default, but the API only included information about the IPv4 (0.0.0.0) mapping <a href="https://github.com/moby/moby/pull/42205">moby/moby#42205</a>
+</li> <li>Fix a regression in docker 20.10, causing the docker-proxy to not be terminated in all cases <a href="https://github.com/moby/moby/pull/42205">moby/moby#42205</a>
+</li> <li>Fix iptables forwarding rules not being cleaned up upon container removal <a href="https://github.com/moby/moby/pull/42205">moby/moby#42205</a>
+</li> </ul> <h3 id="packaging-10">Packaging</h3> <ul> <li>Update containerd to <a href="https://github.com/containerd/containerd/releases/tag/v1.4.4">v1.4.4</a> for static binaries. The containerd.io package on apt/yum repos already had this update out of band. Includes a fix for <a href="https://github.com/containerd/containerd/security/advisories/GHSA-6g2q-w5j3-fwh4">CVE-2021-21334</a>. <a href="https://github.com/moby/moby/pull/42124">moby/moby#42124</a>
+</li> <li>Packages for Debian/Raspbian 11 Bullseye, Ubuntu 21.04 Hirsute Hippo and Fedora 34 <a href="https://github.com/docker/docker-ce-packaging/pull/521">docker/docker-ce-packaging#521</a> <a href="https://github.com/docker/docker-ce-packaging/pull/522">docker/docker-ce-packaging#522</a> <a href="https://github.com/docker/docker-ce-packaging/pull/533">docker/docker-ce-packaging#533</a>
+</li> <li>Provide the <a href="https://github.com/docker/scan-cli-plugin">Docker Scan CLI</a> plugin on Linux amd64 via a <code class="language-plaintext highlighter-rouge">docker-scan-plugin</code> package as a recommended dependency for the <code class="language-plaintext highlighter-rouge">docker-ce-cli</code> package <a href="https://github.com/docker/docker-ce-packaging/pull/537">docker/docker-ce-packaging#537</a>
+</li> <li>Include VPNKit binary for arm64 <a href="https://github.com/moby/moby/pull/42141">moby/moby#42141</a>
+</li> </ul> <h3 id="plugins">Plugins</h3> <ul> <li>Fix docker plugin create making plugins that were incompatible with older versions of Docker <a href="https://github.com/moby/moby/pull/42256">moby/moby#42256</a>
+</li> </ul> <h3 id="rootless-2">Rootless</h3> <ul> <li>Update RootlessKit to <a href="https://github.com/rootless-containers/rootlesskit/releases/tag/v0.14.1">v0.14.1</a> (see also <a href="https://github.com/rootless-containers/rootlesskit/releases/tag/v0.14.0">v0.14.0</a> <a href="https://github.com/rootless-containers/rootlesskit/releases/tag/v0.13.2">v0.13.2</a>) <a href="https://github.com/moby/moby/pull/42186">moby/moby#42186</a> <a href="https://github.com/moby/moby/pull/42232">moby/moby#42232</a>
+</li> <li>dockerd-rootless-setuptool.sh: create CLI context “rootless” <a href="https://github.com/moby/moby/pull/42109">moby/moby#42109</a>
+</li> <li>dockerd-rootless.sh: prohibit running as root <a href="https://github.com/moby/moby/pull/42072">moby/moby#42072</a>
+</li> <li>Fix “operation not permitted” when bind mounting existing mounts <a href="https://github.com/moby/moby/pull/42233">moby/moby#42233</a>
+</li> <li>overlay2: fix “createDirWithOverlayOpaque(...) ... input/output error” <a href="https://github.com/moby/moby/pull/42235">moby/moby#42235</a>
+</li> <li>overlay2: support “userxattr” option (kernel 5.11) <a href="https://github.com/moby/moby/pull/42168">moby/moby#42168</a>
+</li> <li>btrfs: allow unprivileged user to delete subvolumes (kernel &gt;= 4.18) <a href="https://github.com/moby/moby/pull/42253">moby/moby#42253</a>
+</li> <li>cgroup2: Move cgroup v2 out of experimental <a href="https://github.com/moby/moby/pull/42263">moby/moby#42263</a>
+</li> </ul> <h2 id="20105">20.10.5</h2> <p>2021-03-02</p> <h3 id="client-5">Client</h3> <ul> <li>Revert <a href="https://github.com/docker/cli/pull/2960">docker/cli#2960</a> to fix hanging in <code class="language-plaintext highlighter-rouge">docker start --attach</code> and remove spurious <code class="language-plaintext highlighter-rouge">Unsupported signal: &lt;nil&gt;. Discarding</code> messages. <a href="https://github.com/docker/cli/pull/2987">docker/cli#2987</a>.</li> </ul> <h2 id="20104">20.10.4</h2> <p>2021-02-26</p> <h3 id="builder-5">Builder</h3> <ul> <li>Fix incorrect cache match for inline cache import with empty layers <a href="https://github.com/moby/moby/pull/42061">moby/moby#42061</a>
+</li> <li>Update BuildKit to v0.8.2 <a href="https://github.com/moby/moby/pull/42061">moby/moby#42061</a> <ul> <li>resolver: avoid error caching on token fetch</li> <li>fileop: fix checksum to contain indexes of inputs preventing certain cache misses</li> <li>Fix reference count issues on typed errors with mount references (fixing <code class="language-plaintext highlighter-rouge">invalid mutable ref</code> errors)</li> <li>git: set token only for main remote access allowing cloning submodules with different credentials</li> </ul> </li> <li>Ensure blobs get deleted in /var/lib/docker/buildkit/content/blobs/sha256 after pull. To clean up old state run <code class="language-plaintext highlighter-rouge">builder prune</code> <a href="https://github.com/moby/moby/pull/42065">moby/moby#42065</a>
+</li> <li>Fix parallel pull synchronization regression <a href="https://github.com/moby/moby/pull/42049">moby/moby#42049</a>
+</li> <li>Ensure libnetwork state files do not leak <a href="https://github.com/moby/moby/pull/41972">moby/moby#41972</a>
+</li> </ul> <h3 id="client-6">Client</h3> <ul> <li>Fix a panic on <code class="language-plaintext highlighter-rouge">docker login</code> if no config file is present <a href="https://github.com/docker/cli/pull/2959">docker/cli#2959</a>
+</li> <li>Fix <code class="language-plaintext highlighter-rouge">WARNING: Error loading config file: .dockercfg: $HOME is not defined</code> <a href="https://github.com/docker/cli/pull/2958">docker/cli#2958</a>
+</li> </ul> <h3 id="runtime-3">Runtime</h3> <ul> <li>docker info: silence unhandleable warnings <a href="https://github.com/moby/moby/pull/41958">moby/moby#41958</a>
+</li> <li>Avoid creating parent directories for XGlobalHeader <a href="https://github.com/moby/moby/pull/42017">moby/moby#42017</a>
+</li> <li>Use 0755 permissions when creating missing directories <a href="https://github.com/moby/moby/pull/42017">moby/moby#42017</a>
+</li> <li>Fallback to manifest list when no platform matches in image config <a href="https://github.com/moby/moby/pull/42045">moby/moby#42045</a> <a href="https://github.com/moby/moby/pull/41873">moby/moby#41873</a>
+</li> <li>Fix a daemon panic on setups with a custom default runtime configured <a href="https://github.com/moby/moby/pull/41974">moby/moby#41974</a>
+</li> <li>Fix a panic when daemon configuration is empty <a href="https://github.com/moby/moby/pull/41976">moby/moby#41976</a>
+</li> <li>Fix daemon panic when starting container with invalid device cgroup rule <a href="https://github.com/moby/moby/pull/42001">moby/moby#42001</a>
+</li> <li>Fix userns-remap option when username &amp; UID match <a href="https://github.com/moby/moby/pull/42013">moby/moby#42013</a>
+</li> <li>static: update runc binary to v1.0.0-rc93 <a href="https://github.com/moby/moby/pull/42014">moby/moby#42014</a>
+</li> </ul> <h3 id="logger">Logger</h3> <ul> <li>Honor <code class="language-plaintext highlighter-rouge">labels-regex</code> config even if <code class="language-plaintext highlighter-rouge">labels</code> is not set <a href="https://github.com/moby/moby/pull/42046">moby/moby#42046</a>
+</li> <li>Handle long log messages correctly preventing awslogs in non-blocking mode to split events bigger than 16kB <a href="https://github.com/moby/moby/pull/41975">mobymoby#41975</a>
+</li> </ul> <h3 id="rootless-3">Rootless</h3> <ul> <li>Prevent the service hanging when stopping by setting systemd KillMode to mixed <a href="https://github.com/moby/moby/pull/41956">moby/moby#41956</a>
+</li> <li>dockerd-rootless.sh: add typo guard <a href="https://github.com/moby/moby/pull/42070">moby/moby#42070</a>
+</li> <li>Update rootlesskit to v0.13.1 to fix handling of IPv6 addresses <a href="https://github.com/moby/moby/pull/42025">moby/moby#42025</a>
+</li> <li>allow mknodding FIFO inside userns <a href="https://github.com/moby/moby/pull/41957">moby/moby#41957</a>
+</li> </ul> <h3 id="security">Security</h3> <ul> <li>profiles: seccomp: update to Linux 5.11 syscall list <a href="https://github.com/moby/moby/pull/41971">moby/moby#41971</a>
+</li> </ul> <h3 id="swarm-2">Swarm</h3> <ul> <li>Fix issue with heartbeat not persisting upon restart <a href="https://github.com/moby/moby/pull/42060">moby/moby#42060</a>
+</li> <li>Fix potential stalled tasks <a href="https://github.com/moby/moby/pull/42060">moby/moby#42060</a>
+</li> <li>Fix <code class="language-plaintext highlighter-rouge">--update-order</code> and <code class="language-plaintext highlighter-rouge">--rollback-order</code> flags when only <code class="language-plaintext highlighter-rouge">--update-order</code> or <code class="language-plaintext highlighter-rouge">--rollback-order</code> is provided <a href="https://github.com/docker/cli/pull/2963">docker/cli#2963</a>
+</li> <li>Fix <code class="language-plaintext highlighter-rouge">docker service rollback</code> returning a non-zero exit code in some situations <a href="https://github.com/docker/cli/pull/2964">docker/cli#2964</a>
+</li> <li>Fix inconsistent progress-bar direction on <code class="language-plaintext highlighter-rouge">docker service rollback</code> <a href="https://github.com/docker/cli/pull/2964">docker/cli#2964</a>
+</li> </ul> <h2 id="20103">20.10.3</h2> <p>2021-02-01</p> <h3 id="security-1">Security</h3> <ul> <li>
+<a href="https://github.com/moby/moby/security/advisories/GHSA-6fj5-m822-rqx8">CVE-2021-21285</a> Prevent an invalid image from crashing docker daemon</li> <li>
+<a href="https://github.com/moby/moby/security/advisories/GHSA-7452-xqpj-6rpc">CVE-2021-21284</a> Lock down file permissions to prevent remapped root from accessing docker state</li> <li>Ensure AppArmor and SELinux profiles are applied when building with BuildKit</li> </ul> <h3 id="client-7">Client</h3> <ul> <li>Check contexts before importing them to reduce risk of extracted files escaping context store</li> <li>Windows: prevent executing certain binaries from current directory <a href="https://github.com/docker/cli/pull/2950">docker/cli#2950</a>
+</li> </ul> <h2 id="20102">20.10.2</h2> <p>2021-01-04</p> <h3 id="runtime-4">Runtime</h3> <ul> <li>Fix a daemon start up hang when restoring containers with restart policies but that keep failing to start <a href="https://github.com/moby/moby/pull/41729">moby/moby#41729</a>
+</li> <li>overlay2: fix an off-by-one error preventing to build or run containers when data-root is 24-bytes long <a href="https://github.com/moby/moby/pull/41830">moby/moby#41830</a>
+</li> <li>systemd: send <code class="language-plaintext highlighter-rouge">sd_notify STOPPING=1</code> when shutting down <a href="https://github.com/moby/moby/pull/41832">moby/moby#41832</a>
+</li> </ul> <h3 id="networking-2">Networking</h3> <ul> <li>Fix IPv6 port forwarding <a href="https://github.com/moby/moby/pull/41805">moby/moby#41805</a> <a href="https://github.com/moby/libnetwork/pull/2604">moby/libnetwork#2604</a>
+</li> </ul> <h3 id="swarm-3">Swarm</h3> <ul> <li>Fix filtering for <code class="language-plaintext highlighter-rouge">replicated-job</code> and <code class="language-plaintext highlighter-rouge">global-job</code> service modes <a href="https://github.com/moby/moby/pull/41806">moby/moby#41806</a>
+</li> </ul> <h3 id="packaging-11">Packaging</h3> <ul> <li>buildx updated to <a href="https://github.com/docker/buildx/releases/tag/v0.5.1">v0.5.1</a> <a href="https://github.com/docker/docker-ce-packaging/pull/516">docker/docker-ce-packaging#516</a>
+</li> </ul> <h2 id="20101">20.10.1</h2> <p>2020-12-14</p> <h3 id="builder-6">Builder</h3> <ul> <li>buildkit: updated to <a href="https://github.com/moby/buildkit/releases/tag/v0.8.1">v0.8.1</a> with various bugfixes <a href="https://github.com/moby/moby/pull/41793">moby/moby#41793</a>
+</li> </ul> <h3 id="packaging-12">Packaging</h3> <ul> <li>Revert a change in the systemd unit that could prevent docker from starting due to a startup order conflict <a href="https://github.com/docker/docker-ce-packaging/pull/514">docker/docker-ce-packaging#514</a>
+</li> <li>buildx updated to <a href="https://github.com/docker/buildx/releases/tag/v0.5.0">v0.5.0</a> <a href="https://github.com/docker/docker-ce-packaging/pull/515">docker/docker-ce-packaging#515</a>
+</li> </ul> <h2 id="20100">20.10.0</h2> <p>2020-12-08</p> <h3 id="deprecation--removal">Deprecation / Removal</h3> <p>For an overview of all deprecated features, refer to the <a href="../deprecated/index">Deprecated Engine Features</a> page.</p> <ul> <li>Warnings and deprecation notice when <code class="language-plaintext highlighter-rouge">docker pull</code>-ing from non-compliant registries not supporting pull-by-digest <a href="https://github.com/docker/cli/pull/2872">docker/cli#2872</a>
+</li> <li>Sterner warnings and deprecation notice for unauthenticated tcp access <a href="https://github.com/moby/moby/pull/41285">moby/moby#41285</a>
+</li> <li>Deprecate KernelMemory (<code class="language-plaintext highlighter-rouge">docker run --kernel-memory</code>) <a href="https://github.com/moby/moby/pull/41254">moby/moby#41254</a> <a href="https://github.com/docker/cli/pull/2652">docker/cli#2652</a>
+</li> <li>Deprecate <code class="language-plaintext highlighter-rouge">aufs</code> storage driver <a href="https://github.com/docker/cli/pull/1484">docker/cli#1484</a>
+</li> <li>Deprecate host-discovery and overlay networks with external k/v stores <a href="https://github.com/moby/moby/pull/40614">moby/moby#40614</a> <a href="https://github.com/moby/moby/pull/40510">moby/moby#40510</a>
+</li> <li>Deprecate Dockerfile legacy ‘ENV name value’ syntax, use <code class="language-plaintext highlighter-rouge">ENV name=value</code> instead <a href="https://github.com/docker/cli/pull/2743">docker/cli#2743</a>
+</li> <li>Remove deprecated “filter” parameter for API v1.41 and up <a href="https://github.com/moby/moby/pull/40491">moby/moby#40491</a>
+</li> <li>Disable distribution manifest v2 schema 1 on push <a href="https://github.com/moby/moby/pull/41295">moby/moby#41295</a>
+</li> <li>Remove hack MalformedHostHeaderOverride breaking old docker clients (&lt;= 1.12) in which case, set <code class="language-plaintext highlighter-rouge">DOCKER_API_VERSION</code> <a href="https://github.com/moby/moby/pull/39076">moby/moby#39076</a>
+</li> <li>Remove “docker engine” subcommands <a href="https://github.com/docker/cli/pull/2207">docker/cli#2207</a>
+</li> <li>Remove experimental “deploy” from “dab” files <a href="https://github.com/docker/cli/pull/2216">docker/cli#2216</a>
+</li> <li>Remove deprecated <code class="language-plaintext highlighter-rouge">docker search --automated</code> and <code class="language-plaintext highlighter-rouge">--stars</code> flags <a href="https://github.com/docker/cli/pull/2338">docker/cli#2338</a>
+</li> <li>No longer allow reserved namespaces in engine labels <a href="https://github.com/docker/cli/pull/2326">docker/cli#2326</a>
+</li> </ul> <h3 id="api">API</h3> <ul> <li>Update API version to v1.41</li> <li>Do not require “experimental” for metrics API <a href="https://github.com/moby/moby/pull/40427">moby/moby#40427</a>
+</li> <li>
+<code class="language-plaintext highlighter-rouge">GET /events</code> now returns <code class="language-plaintext highlighter-rouge">prune</code> events after pruning resources have completed <a href="https://github.com/moby/moby/pull/41259">moby/moby#41259</a> <ul> <li>Prune events are returned for <code class="language-plaintext highlighter-rouge">container</code>, <code class="language-plaintext highlighter-rouge">network</code>, <code class="language-plaintext highlighter-rouge">volume</code>, <code class="language-plaintext highlighter-rouge">image</code>, and <code class="language-plaintext highlighter-rouge">builder</code>, and have a <code class="language-plaintext highlighter-rouge">reclaimed</code> attribute, indicating the amount of space reclaimed (in bytes)</li> </ul> </li> <li>Add <code class="language-plaintext highlighter-rouge">one-shot</code> stats option to not prime the stats <a href="https://github.com/moby/moby/pull/40478">moby/moby#40478</a>
+</li> <li>Adding OS version info to the system info’s API (<code class="language-plaintext highlighter-rouge">/info</code>) <a href="https://github.com/moby/moby/pull/38349">moby/moby#38349</a>
+</li> <li>Add DefaultAddressPools to docker info <a href="https://github.com/moby/moby/pull/40714">moby/moby#40714</a>
+</li> <li>Add API support for PidsLimit on services <a href="https://github.com/moby/moby/pull/39882">moby/moby#39882</a>
+</li> </ul> <h3 id="builder-7">Builder</h3> <ul> <li>buildkit,dockerfile: Support for <code class="language-plaintext highlighter-rouge">RUN --mount</code> options without needing to specify experimental dockerfile <code class="language-plaintext highlighter-rouge">#syntax</code> directive. <a href="https://github.com/moby/buildkit/pull/1717">moby/buildkit#1717</a>
+</li> <li>dockerfile: <code class="language-plaintext highlighter-rouge">ARG</code> command now supports defining multiple build args on the same line similarly to <code class="language-plaintext highlighter-rouge">ENV</code> <a href="https://github.com/moby/buildkit/pull/1692">moby/buildkit#1692</a>
+</li> <li>dockerfile: <code class="language-plaintext highlighter-rouge">--chown</code> flag in <code class="language-plaintext highlighter-rouge">ADD</code> now allows parameter expansion <a href="https://github.com/moby/buildkit/pull/1473">moby/buildkit#1473</a>
+</li> <li>buildkit: Fetching authorization tokens has been moved to client-side (if the client supports it). Passwords do not leak into the build daemon anymore and users can see from build output when credentials or tokens are accessed. <a href="https://github.com/moby/buildkit/pull/1660">moby/buildkit#1660</a>
+</li> <li>buildkit: Connection errors while communicating with the registry for push and pull now trigger a retry <a href="https://github.com/moby/buildkit/pull/1791">moby/buildkit#1791</a>
+</li> <li>buildkit: Git source now supports token authentication via build secrets <a href="https://github.com/moby/moby/pull/41234">moby/moby#41234</a> <a href="https://github.com/docker/cli/pull/2656">docker/cli#2656</a> <a href="https://github.com/moby/buildkit/pull/1533">moby/buildkit#1533</a>
+</li> <li>buildkit: Building from git source now supports forwarding SSH socket for authentication <a href="https://github.com/moby/buildkit/pull/1782">moby/buildkit#1782</a>
+</li> <li>buildkit: Avoid builds that generate excessive logs to cause a crash or slow down the build. Clipping is performed if needed. <a href="https://github.com/moby/buildkit/pull/1754">moby/buildkit#1754</a>
+</li> <li>buildkit: Change default Seccomp profile to the one provided by Docker <a href="https://github.com/moby/buildkit/pull/1807">moby/buildkit#1807</a>
+</li> <li>buildkit: Support for exposing SSH agent socket on Windows has been improved <a href="https://github.com/moby/buildkit/pull/1695">moby/buildkit#1695</a>
+</li> <li>buildkit: Disable truncating by default when using --progress=plain <a href="https://github.com/moby/buildkit/pull/1435">moby/buildkit#1435</a>
+</li> <li>buildkit: Allow better handling client sessions dropping while it is being shared by multiple builds <a href="https://github.com/moby/buildkit/pull/1551">moby/buildkit#1551</a>
+</li> <li>buildkit: secrets: allow providing secrets with env <a href="https://github.com/moby/moby/pull/41234">moby/moby#41234</a> <a href="https://github.com/docker/cli/pull/2656">docker/cli#2656</a> <a href="https://github.com/moby/buildkit/pull/1534">moby/buildkit#1534</a> <ul> <li>Support <code class="language-plaintext highlighter-rouge">--secret id=foo,env=MY_ENV</code> as an alternative for storing a secret value to a file.</li> <li>
+<code class="language-plaintext highlighter-rouge">--secret id=GIT_AUTH_TOKEN</code> will load env if it exists and the file does not.</li> </ul> </li> <li>buildkit: Support for mirrors fallbacks, insecure TLS and custom TLS config <a href="https://github.com/moby/moby/pull/40814">moby/moby#40814</a>
+</li> <li>buildkit: remotecache: Only visit each item once when walking results <a href="https://github.com/moby/moby/pull/41234">moby/moby#41234</a> <a href="https://github.com/moby/buildkit/pull/1577">moby/buildkit#1577</a> <ul> <li>Improves performance and CPU use on bigger graphs</li> </ul> </li> <li>buildkit: Check remote when local image platform doesn’t match <a href="https://github.com/moby/moby/pull/40629">moby/moby#40629</a>
+</li> <li>buildkit: image export: Use correct media type when creating new layer blobs <a href="https://github.com/moby/moby/pull/41234">moby/moby#41234</a> <a href="https://github.com/moby/buildkit/pull/1541">moby/buildkit#1541</a>
+</li> <li>buildkit: progressui: fix logs time formatting <a href="https://github.com/moby/moby/pull/41234">moby/moby#41234</a> <a href="https://github.com/docker/cli/pull/2656">docker/cli#2656</a> <a href="https://github.com/moby/buildkit/pull/1549">moby/buildkit#1549</a>
+</li> <li>buildkit: mitigate containerd issue on parallel push <a href="https://github.com/moby/moby/pull/41234">moby/moby#41234</a> <a href="https://github.com/moby/buildkit/pull/1548">moby/buildkit#1548</a>
+</li> <li>buildkit: inline cache: fix handling of duplicate blobs <a href="https://github.com/moby/moby/pull/41234">moby/moby#41234</a> <a href="https://github.com/moby/buildkit/pull/1568">moby/buildkit#1568</a> <ul> <li>Fixes https://github.com/moby/buildkit/issues/1388 cache-from working unreliably</li> <li>Fixes https://github.com/moby/moby/issues/41219 Image built from cached layers is missing data</li> </ul> </li> <li>Allow ssh:// for remote context URLs <a href="https://github.com/moby/moby/pull/40179">moby/moby#40179</a>
+</li> <li>builder: remove legacy build’s session handling (was experimental) <a href="https://github.com/moby/moby/pull/39983">moby/moby#39983</a>
+</li> </ul> <h3 id="client-8">Client</h3> <ul> <li>Add swarm jobs support to CLI <a href="https://github.com/docker/cli/pull/2262">docker/cli#2262</a>
+</li> <li>Add <code class="language-plaintext highlighter-rouge">-a/--all-tags</code> to docker push <a href="https://github.com/docker/cli/pull/2220">docker/cli#2220</a>
+</li> <li>Add support for Kubernetes username/password auth <a href="https://github.com/docker/cli/pull/2308">docker/cli#2308</a>
+</li> <li>Add <code class="language-plaintext highlighter-rouge">--pull=missing|always|never</code> to <code class="language-plaintext highlighter-rouge">run</code> and <code class="language-plaintext highlighter-rouge">create</code> commands <a href="https://github.com/docker/cli/pull/1498">docker/cli#1498</a>
+</li> <li>Add <code class="language-plaintext highlighter-rouge">--env-file</code> flag to <code class="language-plaintext highlighter-rouge">docker exec</code> for parsing environment variables from a file <a href="https://github.com/docker/cli/pull/2602">docker/cli#2602</a>
+</li> <li>Add shorthand <code class="language-plaintext highlighter-rouge">-n</code> for <code class="language-plaintext highlighter-rouge">--tail</code> option <a href="https://github.com/docker/cli/pull/2646">docker/cli#2646</a>
+</li> <li>Add log-driver and options to service inspect “pretty” format <a href="https://github.com/docker/cli/pull/1950">docker/cli#1950</a>
+</li> <li>docker run: specify cgroup namespace mode with <code class="language-plaintext highlighter-rouge">--cgroupns</code> <a href="https://github.com/docker/cli/pull/2024">docker/cli#2024</a>
+</li> <li>
+<code class="language-plaintext highlighter-rouge">docker manifest rm</code> command to remove manifest list draft from local storage <a href="https://github.com/docker/cli/pull/2449">docker/cli#2449</a>
+</li> <li>Add “context” to “docker version” and “docker info” <a href="https://github.com/docker/cli/pull/2500">docker/cli#2500</a>
+</li> <li>Propagate platform flag to container create API <a href="https://github.com/docker/cli/pull/2551">docker/cli#2551</a>
+</li> <li>The <code class="language-plaintext highlighter-rouge">docker ps --format</code> flag now has a <code class="language-plaintext highlighter-rouge">.State</code> placeholder to print the container’s state without additional details about uptime and health check <a href="https://github.com/docker/cli/pull/2000">docker/cli#2000</a>
+</li> <li>Add support for docker-compose schema v3.9 <a href="https://github.com/docker/cli/pull/2073">docker/cli#2073</a>
+</li> <li>Add support for docker push <code class="language-plaintext highlighter-rouge">--quiet</code> <a href="https://github.com/docker/cli/pull/2197">docker/cli#2197</a>
+</li> <li>Hide flags that are not supported by BuildKit, if BuildKit is enabled <a href="https://github.com/docker/cli/pull/2123">docker/cli#2123</a>
+</li> <li>Update flag description for <code class="language-plaintext highlighter-rouge">docker rm -v</code> to clarify the option only removes anonymous (unnamed) volumes <a href="https://github.com/docker/cli/pull/2289">docker/cli#2289</a>
+</li> <li>Improve tasks printing for docker services <a href="https://github.com/docker/cli/pull/2341">docker/cli#2341</a>
+</li> <li>docker info: list CLI plugins alphabetically <a href="https://github.com/docker/cli/pull/2236">docker/cli#2236</a>
+</li> <li>Fix order of processing of <code class="language-plaintext highlighter-rouge">--label-add/--label-rm</code>, <code class="language-plaintext highlighter-rouge">--container-label-add/--container-label-rm</code>, and <code class="language-plaintext highlighter-rouge">--env-add/--env-rm</code> flags on <code class="language-plaintext highlighter-rouge">docker service update</code> to allow replacing existing values <a href="https://github.com/docker/cli/pull/2668">docker/cli#2668</a>
+</li> <li>Fix <code class="language-plaintext highlighter-rouge">docker rm --force</code> returning a non-zero exit code if one or more containers did not exist <a href="https://github.com/docker/cli/pull/2678">docker/cli#2678</a>
+</li> <li>Improve memory stats display by using <code class="language-plaintext highlighter-rouge">total_inactive_file</code> instead of <code class="language-plaintext highlighter-rouge">cache</code> <a href="https://github.com/docker/cli/pull/2415">docker/cli#2415</a>
+</li> <li>Mitigate against YAML files that has excessive aliasing <a href="https://github.com/docker/cli/pull/2117">docker/cli#2117</a>
+</li> <li>Allow using advanced syntax when setting a config or secret with only the source field <a href="https://github.com/docker/cli/pull/2243">docker/cli#2243</a>
+</li> <li>Fix reading config files containing <code class="language-plaintext highlighter-rouge">username</code> and <code class="language-plaintext highlighter-rouge">password</code> auth even if <code class="language-plaintext highlighter-rouge">auth</code> is empty <a href="https://github.com/docker/cli/pull/2122">docker/cli#2122</a>
+</li> <li>docker cp: prevent NPE when failing to stat destination <a href="https://github.com/docker/cli/pull/2221">docker/cli#2221</a>
+</li> <li>config: preserve ownership and permissions on configfile <a href="https://github.com/docker/cli/pull/2228">docker/cli#2228</a>
+</li> </ul> <h3 id="logging-3">Logging</h3> <ul> <li>Support reading <code class="language-plaintext highlighter-rouge">docker logs</code> with all logging drivers (best effort) <a href="https://github.com/moby/moby/pull/40543">moby/moby#40543</a>
+</li> <li>Add <code class="language-plaintext highlighter-rouge">splunk-index-acknowledgment</code> log option to work with Splunk HECs with index acknowledgment enabled <a href="https://github.com/moby/moby/pull/39987">moby/moby#39987</a>
+</li> <li>Add partial metadata to journald logs <a href="https://github.com/moby/moby/pull/41407">moby/moby#41407</a>
+</li> <li>Reduce allocations for logfile reader <a href="https://github.com/moby/moby/pull/40796">moby/moby#40796</a>
+</li> <li>Fluentd: add fluentd-async, fluentd-request-ack, and deprecate fluentd-async-connect <a href="https://github.com/moby/moby/pull/39086">moby/moby#39086</a>
+</li> </ul> <h3 id="runtime-5">Runtime</h3> <ul> <li>Support cgroup2 <a href="https://github.com/moby/moby/pull/40174">moby/moby#40174</a> <a href="https://github.com/moby/moby/pull/40657">moby/moby#40657</a> <a href="https://github.com/moby/moby/pull/40662">moby/moby#40662</a>
+</li> <li>cgroup2: use “systemd” cgroup driver by default when available <a href="https://github.com/moby/moby/pull/40846">moby/moby#40846</a>
+</li> <li>new storage driver: fuse-overlayfs <a href="https://github.com/moby/moby/pull/40483">moby/moby#40483</a>
+</li> <li>Update containerd binary to v1.4.3 <a href="https://github.com/moby/moby/pull/41732">moby/moby#41732</a>
+</li> <li>
+<code class="language-plaintext highlighter-rouge">docker push</code> now defaults to <code class="language-plaintext highlighter-rouge">latest</code> tag instead of all tags <a href="https://github.com/moby/moby/pull/40302">moby/moby#40302</a>
+</li> <li>Added ability to change the number of reconnect attempts during connection loss while pulling an image by adding max-download-attempts to the config file <a href="https://github.com/moby/moby/pull/39949">moby/moby#39949</a>
+</li> <li>Add support for containerd v2 shim by using the now default <code class="language-plaintext highlighter-rouge">io.containerd.runc.v2</code> runtime <a href="https://github.com/moby/moby/pull/41182">moby/moby#41182</a>
+</li> <li>cgroup v1: change the default runtime to io.containerd.runc.v2. Requires containerd v1.3.0 or later. v1.3.5 or later is recommended <a href="https://github.com/moby/moby/pull/41210">moby/moby#41210</a>
+</li> <li>Start containers in their own cgroup namespaces <a href="https://github.com/moby/moby/pull/38377">moby/moby#38377</a>
+</li> <li>Enable DNS Lookups for CIFS Volumes <a href="https://github.com/moby/moby/pull/39250">moby/moby#39250</a>
+</li> <li>Use MemAvailable instead of MemFree to estimate actual available memory <a href="https://github.com/moby/moby/pull/39481">moby/moby#39481</a>
+</li> <li>The <code class="language-plaintext highlighter-rouge">--device</code> flag in <code class="language-plaintext highlighter-rouge">docker run</code> will now be honored when the container is started in privileged mode <a href="https://github.com/moby/moby/pull/40291">moby/moby#40291</a>
+</li> <li>Enforce reserved internal labels <a href="https://github.com/moby/moby/pull/40394">moby/moby#40394</a>
+</li> <li>Raise minimum memory limit to 6M, to account for higher memory use by runtimes during container startup <a href="https://github.com/moby/moby/pull/41168">moby/moby#41168</a>
+</li> <li>Add support for <code class="language-plaintext highlighter-rouge">CAP_PERFMON</code>, <code class="language-plaintext highlighter-rouge">CAP_BPF</code>, and <code class="language-plaintext highlighter-rouge">CAP_CHECKPOINT_RESTORE</code> on supported kernels <a href="https://github.com/moby/moby/pull/41460">moby/moby#41460</a>
+</li> <li>vendor runc v1.0.0-rc92 <a href="https://github.com/moby/moby/pull/41344">moby/moby#41344</a> <a href="https://github.com/moby/moby/pull/41317">moby/moby#41317</a>
+</li> <li>info: add warnings about missing blkio cgroup support <a href="https://github.com/moby/moby/pull/41083">moby/moby#41083</a>
+</li> <li>Accept platform spec on container create <a href="https://github.com/moby/moby/pull/40725">moby/moby#40725</a>
+</li> <li>Fix handling of looking up user- and group-names with spaces <a href="https://github.com/moby/moby/pull/41377">moby/moby#41377</a>
+</li> </ul> <h3 id="networking-3">Networking</h3> <ul> <li>Support host.docker.internal in dockerd on Linux <a href="https://github.com/moby/moby/pull/40007">moby/moby#40007</a>
+</li> <li>Include IPv6 address of linked containers in /etc/hosts <a href="https://github.com/moby/moby/pull/39837">moby/moby#39837</a>
+</li> <li>
+<code class="language-plaintext highlighter-rouge">--ip6tables</code> enables IPv6 iptables rules (only if experimental) <a href="https://github.com/moby/moby/pull/41622">moby/moby#41622</a>
+</li> <li>Add alias for hostname if hostname != container name <a href="https://github.com/moby/moby/pull/39204">moby/moby#39204</a>
+</li> <li>Better selection of DNS server (with systemd) <a href="https://github.com/moby/moby/pull/41022">moby/moby#41022</a>
+</li> <li>Add docker interfaces to firewalld docker zone <a href="https://github.com/moby/moby/pull/41189">moby/moby#41189</a> <a href="https://github.com/moby/libnetwork/pull/2548">moby/libnetwork#2548</a> <ul> <li>Fixes DNS issue on CentOS8 <a href="https://github.com/docker/for-linux/issues/957">docker/for-linux#957</a>
+</li> <li>Fixes Port Forwarding on RHEL 8 with Firewalld running with FirewallBackend=nftables <a href="https://github.com/moby/libnetwork/issues/2496">moby/libnetwork#2496</a>
+</li> </ul> </li> <li>Fix an issue reporting ‘failed to get network during CreateEndpoint’ <a href="https://github.com/moby/moby/pull/41189">moby/moby#41189</a> <a href="https://github.com/moby/libnetwork/pull/2554">moby/libnetwork#2554</a>
+</li> <li>Log error instead of disabling IPv6 router advertisement failed <a href="https://github.com/moby/moby/pull/41189">moby/moby#41189</a> <a href="https://github.com/moby/libnetwork/pull/2563">moby/libnetwork#2563</a>
+</li> <li>No longer ignore <code class="language-plaintext highlighter-rouge">--default-address-pool</code> option in certain cases <a href="https://github.com/moby/moby/pull/40711">moby/moby#40711</a>
+</li> <li>Produce an error with invalid address pool <a href="https://github.com/moby/moby/pull/40808">moby/moby#40808</a> <a href="https://github.com/moby/libnetwork/pull/2538">moby/libnetwork#2538</a>
+</li> <li>Fix <code class="language-plaintext highlighter-rouge">DOCKER-USER</code> chain not created when IPTableEnable=false <a href="https://github.com/moby/moby/pull/40808">moby/moby#40808</a> <a href="https://github.com/moby/libnetwork/pull/2471">moby/libnetwork#2471</a>
+</li> <li>Fix panic on startup in systemd environments <a href="https://github.com/moby/moby/pull/40808">moby/moby#40808</a> <a href="https://github.com/moby/libnetwork/pull/2544">moby/libnetwork#2544</a>
+</li> <li>Fix issue preventing containers to communicate over macvlan internal network <a href="https://github.com/moby/moby/pull/40596">moby/moby#40596</a> <a href="https://github.com/moby/libnetwork/pull/2407">moby/libnetwork#2407</a>
+</li> <li>Fix InhibitIPv4 nil panic <a href="https://github.com/moby/moby/pull/40596">moby/moby#40596</a>
+</li> <li>Fix VFP leak in Windows overlay network deletion <a href="https://github.com/moby/moby/pull/40596">moby/moby#40596</a> <a href="https://github.com/moby/libnetwork/pull/2524">moby/libnetwork#2524</a>
+</li> </ul> <h3 id="packaging-13">Packaging</h3> <ul> <li>docker.service: Add multi-user.target to After= in unit file <a href="https://github.com/moby/moby/pull/41297">moby/moby#41297</a>
+</li> <li>docker.service: Allow socket activation <a href="https://github.com/moby/moby/pull/37470">moby/moby#37470</a>
+</li> <li>seccomp: Remove dependency in dockerd on libseccomp <a href="https://github.com/moby/moby/pull/41395">moby/moby#41395</a>
+</li> </ul> <h3 id="rootless-4">Rootless</h3> <ul> <li>rootless: graduate from experimental <a href="https://github.com/moby/moby/pull/40759">moby/moby#40759</a>
+</li> <li>Add dockerd-rootless-setuptool.sh <a href="https://github.com/moby/moby/pull/40950">moby/moby#40950</a>
+</li> <li>Support <code class="language-plaintext highlighter-rouge">--exec-opt native.cgroupdriver=systemd</code> <a href="https://github.com/moby/moby/pull/40486">moby/moby#40486</a>
+</li> </ul> <h3 id="security-2">Security</h3> <ul> <li>Fix CVE-2019-14271 loading of nsswitch based config inside chroot under Glibc <a href="https://github.com/moby/moby/pull/39612">moby/moby#39612</a>
+</li> <li>seccomp: Whitelist <code class="language-plaintext highlighter-rouge">clock_adjtime</code>. <code class="language-plaintext highlighter-rouge">CAP_SYS_TIME</code> is still required for time adjustment <a href="https://github.com/moby/moby/pull/40929">moby/moby#40929</a>
+</li> <li>seccomp: Add openat2 and faccessat2 to default seccomp profile <a href="https://github.com/moby/moby/pull/41353">moby/moby#41353</a>
+</li> <li>seccomp: allow ‘rseq’ syscall in default seccomp profile <a href="https://github.com/moby/moby/pull/41158">moby/moby#41158</a>
+</li> <li>seccomp: allow syscall membarrier <a href="https://github.com/moby/moby/pull/40731">moby/moby#40731</a>
+</li> <li>seccomp: whitelist io-uring related system calls <a href="https://github.com/moby/moby/pull/39415">moby/moby#39415</a>
+</li> <li>Add default sysctls to allow ping sockets and privileged ports with no capabilities <a href="https://github.com/moby/moby/pull/41030">moby/moby#41030</a>
+</li> <li>Fix seccomp profile for clone syscall <a href="https://github.com/moby/moby/pull/39308">moby/moby#39308</a>
+</li> </ul> <h3 id="swarm-4">Swarm</h3> <ul> <li>Add support for swarm jobs <a href="https://github.com/moby/moby/pull/40307">moby/moby#40307</a>
+</li> <li>Add capabilities support to stack/service commands <a href="https://github.com/docker/cli/pull/2687">docker/cli#2687</a> <a href="https://github.com/docker/cli/pull/2709">docker/cli#2709</a> <a href="https://github.com/moby/moby/pull/39173">moby/moby#39173</a> <a href="https://github.com/moby/moby/pull/41249">moby/moby#41249</a>
+</li> <li>Add support for sending down service Running and Desired task counts <a href="https://github.com/moby/moby/pull/39231">moby/moby#39231</a>
+</li> <li>service: support <code class="language-plaintext highlighter-rouge">--mount type=bind,bind-nonrecursive</code> <a href="https://github.com/moby/moby/pull/38788">moby/moby#38788</a>
+</li> <li>Support ulimits on Swarm services. <a href="https://github.com/moby/moby/pull/41284">moby/moby#41284</a> <a href="https://github.com/docker/cli/pull/2712">docker/cli#2712</a>
+</li> <li>Fixed an issue where service logs could leak goroutines on the worker <a href="https://github.com/moby/moby/pull/40426">moby/moby#40426</a>
+</li> </ul>
+<p><a href="https://docs.docker.com/search/?q=docker">docker</a>, <a href="https://docs.docker.com/search/?q=docker%20engine">docker engine</a>, <a href="https://docs.docker.com/search/?q=ce">ce</a>, <a href="https://docs.docker.com/search/?q=whats%20new">whats new</a>, <a href="https://docs.docker.com/search/?q=release%20notes">release notes</a></p>
+<div class="_attribution">
+ <p class="_attribution-p">
+ &copy; 2019 Docker, Inc.<br>Licensed under the Apache License, Version 2.0.<br>Docker and the Docker logo are trademarks or registered trademarks of Docker, Inc. in the United States and/or other countries.<br>Docker, Inc. and other parties may also have trademark rights in other terms used herein.<br>
+ <a href="https://docs.docker.com/engine/release-notes/" class="_attribution-link">https://docs.docker.com/engine/release-notes/</a>
+ </p>
+</div>
generated by cgit v1.2.3 (git 2.25.1) at 2025-10-27 01:50:12 +0000