20.10.12

(2022-06-21)

Components

Component

Version

Mirantis Container Runtime

20.10.12

containerd

1.6.6

runc

1.1.2

Client

Daemon

  • Deployed an RWMutex for stateCounter, to prevent potential locking congestion (moby/moby#43426).

  • Fixed an issue wherein the daemon was unable to locate an available IP range under certain conditions (moby/moby#43360).

  • Fixed an issue where docker stats was showing empty stats when running with containerd 1.5.0 or later (moby/moby#43567).

  • Updated the golang.org/x/sys build-time dependency, which serves to fix CVE-2022-29526.

  • Added support to reload the content-trust setting in /etc/docker/daemon.json through the use of the systemctl reload docker command (FIELD-4665).

Swarm

  • Fixed an issue wherein the Interlock proxy config size was reaching and attempting to exceed the swarm-config-size limitation (FIELD-4709) (moby/moby#43356).

Networking

  • Fixed an application performance issue with VIP endpoint (FIELD-3942) (FIELD-4867) (moby/moby#43683).

  • Fixed an issue wherein UDP ports were not available for five minutes following a container stoppage or crash in swarm service VIP endpoint mode (FIELD-4882).

Packaging

  • Updated contained to 1.6.6, to address CVE-2022-31030.

  • Updated buildx to 0.8.2

  • Updated Golang runtime to 1.17.11, which fixes CVE-2022-30634, CVE-2022-30629, CVE-2022-30580, and CVE-2022-29804.

  • Removed support for SLES15 SP1 and SLES15 SP2.

  • Added rootless mode for the following Linux distributions:

    • RHEL 7.9

    • RHEL 8.4

    • CentOS 7.9

    • Rocky 8.5

    • SLES15 SP3

    • Ubuntu 18.04.x

    • Ubuntu 20.04.x LTS

    MCR does not support rootless mode for Oracle Linux 7 and SLES 12 (ENGINE-538).

Known issues

  • A Windows port conflict on the daemon side requires a pending upstream fix on the Windows side (hostnetsvc.dll) (FIELD-4218) (moby/moby#43644).