2.8.1

(2020-06-24)

Enhancements

  • MSR now uses Mirantis’s JWT-based licensing flow, in addition to the legacy Docker Hub licensing method). (ENGDTR-1604)

Bug fixes

  • Removal of auto refresh license toggle from the UI license screen (ENGDTR-1846).

  • Information leak tied to the remote registry endpoint (ENGDTR-1821).

  • The text/csv response file gained from using the scan summary API endpoint to obtain the latest security scanning results contains “column headers” but no true response data (ENGDTR-1646).

  • Due to scanner improvements, libidn2 no longer displays false positives ( ENGDTR-1816).

Security

  • Changes to the whitelist URLs for outgoing connections:

    URLs to de-whitelist if there are no pre-Patch 2020-06 versions of Mirantis Container Runtime running:

    • http://license.enterprise.docker.com

    • http://dss-cve-updates.enterprise.docker.com

    URLs to whitelist for Patch 2020-06 and later:

    • http://license.mirantis.com

    • http://dss-cve-updates.mirantis.com

    (ENGDTR-1847)