Mirantis Container Runtime release notes

Mirantis Container Runtime release notes

Docker Engine - Enterprise is now MCR

The product formerly known as Docker Engine - Enterprise is now Mirantis Container Runtime (MCR).

This document describes the latest changes, additions, known issues, and fixes for Mirantis Container Runtime.

Version 19.03

19.03.14

(2021-03-01)

No changes were made to MCR for the March 1, 2021 software patch (only MKE is affected). As such, the product retains the 19.03.14 version number and there are no new release notes to report.

(2021-02-02)

No changes were made to MCR for the February 2, 2021 software patch (only MKE is affected). As such, the product retains the 19.03.14 version number and there are no new release notes to report.

(2020-12-17)

Components

Component

Version

Mirantis Container Runtime

19.03.14

containerd

1.3.9

runc

1.0.0-rc10

Engine

  • Fixed a memory leak related to the use of gcplogs (ENGINE-317).

  • Bumped libnetwork to address null dereference in error handling (ENGINE-317).

Runtime

  • Resolved an issue wherein containerd 1.7 binaries for RHEL 7.7 and 7.8 were missing (ENGINE-295).

Security

  • Resolved CVE-2020-15257 (ENGINE-322).

19.03.13

(2020-11-12)

Components

Component

Version

Docker Engine - Enterprise

19.03.13

containerd

1.3.7

runc

1.0.0-rc10

Client

  • Bumped golang version to 1.13.15 to address CVE-2020-16845.

  • Fixed errors on close in config file write on Windows.

  • Fixed an issue wherein Docker does not gracefully logout for non-default registry.

Engine

  • Bumped golang version to 1.13.15 to address CVE-2020-16845.

  • Fixed an issue where stopping a container did not remove it’s network namespace after running docker network disconnect cmd.

  • Bumped aws-sdk-go to support IMDSv2.

19.03.12

(2020-09-15)

Components

Component

Version

Mirantis Container Runtime

19.03.12

containerd

1.3.4

runc

1.0.0-rc10

Client

  • Fixed a command-line input regression on Windows

  • Bumped to go1.13.13 to address CVE-2020-14039

  • Bumped golang.org/x/text to address CVE-2020-14040

  • Fix bug preventing logout from registry when using multiple config files (e.g. Windows vs WSL2 when using Docker Desktop)

  • Fix regression preventing context metadata to be read

Engine

  • Bumped to go1.13.13 to address CVE-2020-14039

  • Fixed license warning regression on Windows

  • Fixes to Microsoft/hcsshim to address issues in directory timestamps, log-rotation, and Windows container startup times.

  • Bump vendor x/text to address CVE-2019-19794

19.03.11

(2020-06-24)

Networking

  • Fix for ‘failed to get network during CreateEndpoint’

  • Disable IPv6 Router Advertisements to prevent address spoofing. CVE-2020-13401

  • Fix DNS fallback regression. moby/moby#41009

  • Fix potential panic upon restart. moby/moby#40809

  • Assign the correct network value to the default bridge Subnet field. moby/moby#40565

Client

Runtime

Rootless

Builder

  • buildkit: Fix concurrent map write panic when building multiple images in parallel. moby/moby#40780

  • buildkit: Fix issue preventing chowning of non-root-owned files between stages with userns. moby/moby#40955

  • Avoid creation of irrelevant temporary files on Windows. moby/moby#40877

Logging

  • Avoid situation preventing container logs to rotate due to closing a closed log file. moby/moby#40921

Security

Swarm

  • Fix issue where single swarm manager is stuck in Down state after reboot. moby/moby#40831

  • tasks.db no longer grows indefinitely.

19.03.8

(2020-05-28)

Builder

  • builder-next: Fix deadlock issues in corner cases.

  • builder-next: Allow modern sign hashes for ssh forwarding.

  • builder-next: Clear onbuild rules after triggering.

  • builder-next: Fix issue with directory permissions when usernamespaces is enabled.

  • Bump hcsshim to fix docker build failing on Windows 1903.

Networking

  • Shorten controller ID in exec-root to not hit UNIX_PATH_MAX.

  • Fix panic in drivers/overlay/encryption.go.

  • Fix hwaddr set race between us and udev.

Runtime

  • Fix docker crash when creating namespaces with UID in /etc/subuid and /etc/ subgid

  • Fix rate limiting for logger, increase refill rate

  • seccomp: add 64-bit time_t syscalls

  • libnetwork: cleanup VFP during overlay network removal

  • Improve mitigation for CVE-2019-14271 for some nscd configuration.

  • overlay: remove modprobe execs.

  • selinux: display better error messages when setting file labels.

  • Speed up initial stats collection.

  • rootless: use certs.d from XDG_CONFIG_HOME.

  • Bump Golang 1.12.17.

  • Bump google.golang.org/grpc to v1.23.1.

  • Update containerd binary to v1.2.13.

  • Prevent showing stopped containers as running in an edge case.

  • Prevent potential lock.

  • Update to runc v1.0.0-rc10.

  • Fix possible runtime panic in Lgetxattr.

  • rootless: fix proxying UDP packets.

Client

  • Bump Golang 1.12.17.

  • Bump google.golang.org/grpc to v1.23.1.