2.8.1¶
(2020-06-24)
Enhancements¶
MSR now uses Mirantis’s JWT-based licensing flow, in addition to the legacy Docker Hub licensing method). (ENGDTR-1604)
Bug fixes¶
Removal of auto refresh license toggle from the UI license screen (ENGDTR-1846).
Information leak tied to the remote registry endpoint (ENGDTR-1821).
The text/csv response file gained from using the scan summary API endpoint to obtain the latest security scanning results contains “column headers” but no true response data (ENGDTR-1646).
Due to scanner improvements, libidn2 no longer displays false positives ( ENGDTR-1816).
Security¶
Changes to the whitelist URLs for outgoing connections:
URLs to de-whitelist if there are no pre-Patch 2020-06 versions of Mirantis Container Runtime running:
http://license.enterprise.docker.com
http://dss-cve-updates.enterprise.docker.com
URLs to whitelist for Patch 2020-06 and later:
http://license.mirantis.com
http://dss-cve-updates.mirantis.com
(ENGDTR-1847)