2.8.7¶
(2021-05-17)
What’s new¶
MSR now applies a 56-character limit on “namespace/repository” length at creation, and thus eliminates a situation wherein attempts to push tags to repos with too-long names return a 500 Internal Server Error (ENGDTR-2525).
MSR now alerts administrators if the storage back end contents do not match the metadata, or if a new install of MSR uses a storage back end that contains data from a different MSR installation (ENGDTR-2501).
The MSR UI now includes a horizontal scrollbar (in addition to the existing vertical scrollbar), thus allowing users to better adjust the window dimensions.
The
enableManifestLists
setting is no longer needed and has been removed due to breaking Docker Content Trust (FIELD-2642, FIELD-2644).Updated the MSR web UI Last updated at trigger for the promotion and mirror policies to include the option to specify
before
a particular time (after
already exists) (FIELD-2180).The
mirantis/dtr --help
documentation no longer recommends using the--rm
option when invoking commands. Leaving it out preserves containers after they have finished running, thus allowing users to retrieve logs at a later time (FIELD-2204).
Bug fixes¶
Pulling images from a repository using
crictl
no longer returns a 500 error (FIELD-3331, ENGDTR-2569).Fixed broken links to MSR documentation in the MSR web UI (FIELD-3822).
Fixed an issue wherein pushing images with previously-pushed layer data that has been deleted from storage caused
unknown blob
errors. Pushing such images now replaces missing layer data. Sweeping image layers with image layer data missing from storage no longer causes garbage collection to error out (FIELD-1836).
Security¶
Vulnerability scans no longer report CVE-2016-4074 as a result of the 2021.03 scanner update.
A self scan of MSR 2.9.1 reveals five vulnerabilities, however these CVEs have been analyzed and determined not to impact MSR:
(ENGDTR-2543)
A self-scan can report a false positive for CVE-2021-29482 (ENGDTR-2608).