19.03.15

(2021-04-12)

Components

Component

Version

Mirantis Container Runtime

19.03.15

containerd

1.3.10

runc

1.0.0-rc10

Security

  • Resolved CVE-2021-21285, thereby preventing invalid images from crashing the Docker daemon (ENGINE-437).

  • Resolved CVE-2021-21284, thereby preventing a remapped root from accessing the Docker state by locking down file permissions (ENGINE-437).

  • MCR now confirms that AppArmor and SELinux profiles are applied when building with BuildKit (ENGINE-437).

  • Resolved CVE-2021-21334, and in the process updated containerd to version 1.3.10 (ENGINE-437).

Client

  • MCR now evaluates contexts before import to reduce the risk of extracted files escaping the context store (ENGINE-437).