20.10.12¶

(2022-06-21)

Components¶

Deployed an RWMutex for stateCounter, to prevent potential locking congestion (moby/moby#43426).
Fixed an issue wherein the daemon was unable to locate an available IP range under certain conditions (moby/moby#43360).
Fixed an issue where docker stats was showing empty stats when running with containerd 1.5.0 or later (moby/moby#43567).
Updated the golang.org/x/sys build-time dependency, which serves to fix CVE-2022-29526.
Added support to reload the content-trust setting in /etc/docker/daemon.json through the use of the systemctl reload docker command (FIELD-4665).

Fixed an issue wherein the Interlock proxy config size was reaching and attempting to exceed the swarm-config-size limitation (FIELD-4709) (moby/moby#43356).

Fixed an application performance issue with VIP endpoint (FIELD-3942) (FIELD-4867) (moby/moby#43683).
Fixed an issue wherein UDP ports were not available for five minutes following a container stoppage or crash in swarm service VIP endpoint mode (FIELD-4882).

Updated containerd to 1.6.6, to address CVE-2022-31030.
Updated buildx to 0.8.2
Updated Golang runtime to 1.17.11, which fixes CVE-2022-30634, CVE-2022-30629, CVE-2022-30580, and CVE-2022-29804.
Removed support for SLES15 SP1 and SLES15 SP2.
Added rootless mode for the following Linux distributions:
- RHEL 7.9
- RHEL 8.4
- CentOS 7.9
- Rocky 8.5
- SLES15 SP3
- Ubuntu 18.04.x
- Ubuntu 20.04.x LTS
MCR does not support rootless mode for Oracle Linux 7 and SLES 12 (ENGINE-538).

A Windows port conflict on the daemon side requires a pending upstream fix on the Windows side (hostnetsvc.dll) (FIELD-4218) (moby/moby#43644).