Here you can learn about new features, bug fixes, breaking changes, and known issues for each MSR version.
(2021-06-29)
Note
MSR 2.7.13 is the final 2.7 release, as MSR version 2.7 becomes end-of-life on 2021-07-21.
anonymizeAnalytics
, and the MSR web UI no longer includes the
Make data anonymous toggle (ENGDTR-2607).(2021-05-17)
enableManifestLists
setting is no longer needed and has been removed
due to breaking Docker Content Trust (FIELD-2642, FIELD-2644).before
a particular
time (after
already exists) (FIELD-2180).mirantis/dtr --help
documentation no longer recommends using the
--rm
option when invoking commands. Leaving it out preserves containers
after they have finished running, thus allowing users to retrieve logs at a
later time (FIELD-2204).crictl
no longer returns a 500
error (FIELD-3331, ENGDTR-2569).unknown blob
errors. Pushing such
images now replaces missing layer data. Sweeping image layers
with image layer data missing from storage no longer causes garbage
collection to error out (FIELD-1836).(2021-04-12)
anonymize analytics
setting is
enabled). The license subject reads License ID in the web UI
(ENGDTR-2327).dtr-notary-signer
and dtr-notary-server
vulnerability scans, as the
SQL backend is not used in Notary deployment (ENGDTR-2319).dtr-jobrunner
can give false positives for
CVE-2020-29363, CVE-2020-29361, and CVE-2020-29362 in the p11-kit component.
The container’s version of p11-kit is not vulnerable to these CVEs.
(ENGDTR-2319).(2021-03-01)
No changes were made to MSR for the March 1, 2021 software patch (only MKE is affected). As such, the product retains the 2.7.10 version number and there are no new release notes to report.
(2021-02-02)
No changes were made to MSR for the February 2, 2021 software patch (only MKE is affected). As such, the product retains the 2.7.10 version number and there are no new release notes to report.
(2020-12-17)
(2020-11-12)
Updated images to be built from Go 1.14 (ENGDTR-1989).
The following CVEs have been resolved: CVE-2020-11656, CVE-2019-19646, CVE-2018-1000878, CVE-2018-1000877, CVE-2018-11243, CVE-2019-14296, CVE-2020-1967, CVE-2015-4646, CVE-2019-15601, CVE-2020-13630, CVE-2019-19921, CVE-2019-1000019, CVE-2019-20509, CVE-2018-1000879, CVE-2019-1000020, CVE-2018-1000880, CVE-2020-1720, CVE-2020-13631, CVE-2019-20051, CVE-2019-20021, CVE-2015-4645, CVE-2020-13632, CVE-2020-13435, CVE-2019-19645, CVE-2019-20053, CVE-2019-14295, CVE-2019-17595, CVE-2019-1551, CVE-2019-17594, CVE-2020-14155, CVE-2019-15562, CVE-2017-14623, CVE-2016-8867, CVE-2020-9283, CVE-2020-7919, CVE-2019-0205, CVE-2020-14040, CVE-2020-14040, CVE-2020-14040, CVE-2019-11254, CVE-2020-8911, CVE-2020-8912
(ENGDOCS-2179)
(2020-08-10)
Starting with this release, we moved the location of our offline bundles for MSR from https://packages.docker.com/caas/ to https://packages.mirantis.com/caas/ for the following versions.
Offline bundles for other previous versions of MSR will remain on the docker domain.
Due to infrastructure changes, licenses will no longer auto-update and the relaged screens in MSR have been removed.
(2020-06-26)
- MSR now uses Mirantis’s JWT-based licensing flow, in addition to the legacy Docker Hub licensing method). (ENGDTR-1604)
- Removal of auto refresh license toggle from the UI license screen. (ENGDTR-1846)
- Information leak tied to the remote registry endpoint. (ENGDTR-1821)
- The text/csv response file gained from using the scan summary API endpoint to obtain the latest security scanning results contains “column headers” but no true response data. (ENGDTR-1646)
- Changes to the whitelist URLs for outgoing connections: URLs to de-whitelist if there are no pre-Patch 2020-06 versions of Mirantis Container Runtime running the following. (ENGDTR-1847)
- http://license.enterprise.docker.com
- http://dss-cve-updates.enterprise.docker.com
- URLs to whitelist for Patch 2020-06 and later:
(2020-03-10)
--force
argument can be used to skip the check).
(docker/dhe-deploy #10886)(2020-01-28)
unable to cancel request: nil
. (docker/dhe-deploy #10807)Includes a new version of the security scanner which re-enables daily CVE database updates. Following the patch release upgrade, security scans will fail until a new version of the database is provided (if MSR is configured for online updates, this will occur automatically within 24 hours). To trigger an immediate update, (1) access the MSR UI, (2) go to the Security under System settings, and (3) click the Sync database now button.
If MSR is configured for offline updates, download the database for version 2.7.5 or higher. (docker/dhe-deploy #10845)
(2019-11-13)
1.12.12
. (docker/dhe-deploy
#10769)(2019-10-08)
3.9
to
3.10
. (docker/dhe-deploy #10716)(2019-09-03)
1.12.9
.
(docker/dhe-deploy #10570)(2019-7-22)
vuln_db_update
jobs fail with the message
Unable to get update url: Could not get signed urls with errors
–
2.7.1 addresses this issue. With it your vulnerability database
update jobs should succeed.(2019-7-22)
Refer to MSR image vulnerabilities for details regarding actions to be taken and any status updates, issues, and recommendations.
docker registry
management
command which lets you interact with Docker Hub and trusted
registries.docker run -it --rm docker/dtr:2.7.0-beta4
now includes a global
option, --version
, which prints the MSR version and associated
commit hash. (docker/dhe-deploy #10144)1.12.4
. (docker/dhe-deploy#10274)--no-image-check
flag has been removed from the
upgrade
command as image check is no longer a part of the
upgrade process.