23.0.17¶
Release date |
Name |
Upstream release |
---|---|---|
2025-MAR-10 |
MCR 23.0.17 |
Moby 23.0.17 and Docker CLI 23.0.17 |
Changelog¶
MCR 23.0.17 comprises the Moby 23.0.17 upstream release.
Changes specific to MCR¶
MCR contains the following component updates:
Fipster (Go runtime)
go1.22.12-m1
Changes from upstream¶
The upstream pull requests detailed in the sections that follow are those that pertain to the MCR product. For the complete list of changes and pull requests upstream, refer to the GitHub milestones.
What is new
The MCR 23.0.17 patch release focuses on the delivery of CVE and bug fixes.
Security
go net/http: Fix CVE-2024-45336, the HTTP client drops sensitive headers after following a cross-domain redirect.
go crypto/x509: Fix CVE-2024-45341, a certificate with a URI which has a IPv6 address with a zone ID may incorrectly satisfy a URI name constraint that applies to the certificate chain.
GitHub milestones¶
The GitHub milestones offer full detail on the pull requests and changes as they correlate to the upstream Moby 23.0.17 release:
Major component versions¶
Version detail for the major components that comprise MCR 23.0.17 is presented in the table below:
Component |
Version |
---|---|
Fipster (Go runtime) |
|
Known issues¶
Known issues that apply to Moby 23.0.17 and thus also to MCR 23.0.17 include:
moby/moby#47728 The DNS records for containers on a node that has restarted may not be resolvable by containers on other nodes on the same overlay network. This may also occur without a daemon restart, if the underlay network is experiencing packet loss at the time the container is started. Only recently uncovered, this has been an issue since the advent of the NetworkDB moby component.