-
Tue Oct 13 2015 Oracle USA <ol-ovm-info_ww@oracle.com> - 1.8.3-1.0.1
- Enable configuration of Docker daemon via sysconfig [orabug 21804877]
- Add documentation files to binary RPM
-
Mon Oct 12 2015 Oracle USA <ol-ovm-info_ww@oracle.com> - 1.8.3
- Fix layer IDs lead to local graph poisoning (CVE-2014-8178)
- Fix manifest validation and parsing logic errors allow pull-by-digest validation bypass (CVE-2014-8179)
- Add --disable-legacy-registry to prevent a daemon from using a v1 registry
-
Thu Sep 10 2015 Oracle USA <ol-ovm-info_ww@oracle.com> - 1.8.2
- Fixes rare edge case of handling GNU LongLink and LongName entries.
- Fix ^C on docker pull.
- Fix docker pull issues on client disconnection.
- Fix issue that caused the daemon to panic when loggers weren't configured properly.
- Fix goroutine leak pulling images from registry V2.
- Fix a bug mounting cgroups for docker daemons running inside docker containers.
- Initialize log configuration properly.
- Handle -q flag in docker ps properly when there is a default format.
- Fix several corner cases with netlink.
- Fix several issues with bash completion.
-
Wed Aug 12 2015 Oracle USA <ol-ovm-info_ww@oracle.com> - 1.8.1
- Fix a bug where pushing multiple tags would result in invalid images
-
Tue Aug 11 2015 Oracle USA <ol-ovm-info_ww@oracle.com> - 1.8.0
- Trusted pull, push and build, disabled by default
- Make tar layers deterministic between registries
- Don't allow deleting the image of running containers
- Check if a tag name to load is a valid digest
- Allow one character repository names
- Add a more accurate error description for invalid tag name
- Make build cache ignore mtime
- Add support for DOCKER_CONFIG/--config to specify config file dir
- Add --type flag for docker inspect command
- Add formatting options to docker ps with --format
- Replace docker -d with new subcommand docker daemon
- Zsh completion updates and improvements
- Add some missing events to bash completion
- Support daemon urls with base paths in docker -H
- Validate status= filter to docker ps
- Display when a container is in --net=host in docker ps
- Extend docker inspect to export image metadata related to graph driver
- Restore --default-gateway{,-v6} daemon options
- Add missing unpublished ports in docker ps
- Allow duration strings in docker events as --since/--until
- Expose more mounts information in docker inspect
- Add new Fluentd logging driver
- Allow docker import to load from local files
- Add logging driver for GELF via UDP
- Allow to copy files from host to containers with docker cp
- Promote volume drivers from experimental to master
- Add rollover log driver, and --log-driver-opts flag
- Add memory swappiness tuning options
- Remove cgroup read-only flag when privileged
- Make /proc, /sys, & /dev readonly for readonly containers
- Add cgroup bind mount by default
- Overlay: Export metadata for container and image in docker inspect
- Devicemapper: external device activation
- Devicemapper: Compare uuid of base device on startup
- Remove RC4 from the list of registry cipher suites
- Add syslog-facility option
- LXC execdriver compatibility with recent LXC versions
- Mark LXC execriver as deprecated (to be removed with the migration to runc)
- Separate plugin sockets and specs locations
- Allow TLS connections to plugins
- Add missing 'Names' field to /containers/json API output
- Make docker rmi --dangling safe when pulling
- Devicemapper: Change default basesize to 100G
- Go Scheduler issue with sync.Mutex and gcc
- Fix issue where Search API endpoint would panic due to empty AuthConfig
- Set image canonical names correctly
- Check dockerinit only if lxc driver is used
- Fix ulimit usage of nproc
- Always attach STDIN if -i,--interactive is specified
- Show error messages when saving container state fails
- Fixed incorrect assumption on --bridge=none treated as disable network
- Check for invalid port specifications in host configuration
- Fix endpoint leave failure for --net=host mode
- Fix goroutine leak in the stats API if the container is not running
- Check for apparmor file before reading it
- Fix DOCKER_TLS_VERIFY being ignored
- Set umask to the default on startup
- Correct the message of pause and unpause a non-running container
- Adjust disallowed CpuShares in container creation
- ZFS: correctly apply selinux context
- Display empty string instead of <nil> when IP opt is nil
- docker kill returns error when container is not running
- Fix COPY/ADD quoted/json form
- Fix goroutine leak on logs -f with no output
- Remove panic in nat package on invalid hostport
- Fix container linking in Fedora 22
- Fix error caused using default gateways outside of the allocated range
- Format times in inspect command with a template as RFC3339Nano
- Make registry client to accept 2xx and 3xx http status responses as successful
- Fix race issue that caused the daemon to crash with certain layer downloads failed in a specific order.
- Fix error when the docker ps format was not valid.
- Remove redundant ip forward check.
- Fix issue trying to push images to repository mirrors.
- Fix error cleaning up network entrypoints when there is an initialization issue.
-
Tue Jul 14 2015 Oracle USA <ol-ovm-info_ww@oracle.com> - 1.7.1
- Fix default user spawning exec process with docker exec
- Make --bridge=none not to configure the network bridge
- Publish networking stats properly
- Fix implicit devicemapper selection with static binaries
- Fix socket connections that hung intermittently
- Fix bridge interface creation on CentOS/RHEL 6.6
- Fix local dns lookups added to resolv.conf
- Fix copy command mounting volumes
- Fix read/write privileges in volumes mounted with --volumes-from
- Fix unmarshalling of Command and Entrypoint
- Set limit for minimum client version supported
- Validate port specification
- Return proper errors when attach/reattach fail
- Fix pulling private images
- Fix fallback between registry V2 and V1
-
Tue Jun 16 2015 Oracle USA <ol-ovm-info_ww@oracle.com> - 1.7.0
- Experimental feature: support for out-of-process volume plugins
- The userland proxy can be disabled in favor of hairpin NAT using the daemon’s --userland-proxy=false flag
- The exec command supports the -u|--user flag to specify the new process owner
- Default gateway for containers can be specified daemon-wide using the --default-gateway and --default-gateway-v6 flags
- The CPU CFS (Completely Fair Scheduler) quota can be set in docker run using --cpu-quota
- Container block IO can be controlled in docker run using--blkio-weight
- ZFS support
- The docker logs command supports a --since argument
- UTS namespace can be shared with the host with docker run --uts=host
- Networking stack was entirely rewritten as part of the libnetwork effort
- Engine internals refactoring
- Volumes code was entirely rewritten to support the plugins effort
- Sending SIGUSR1 to a daemon will dump all goroutines stacks without exiting
- Support ${variable:-value} and ${variable:+value} syntax for environment variables
- Support resource management flags --cgroup-parent, --cpu-period, --cpu-quota, --cpuset-cpus, --cpuset-mems
- git context changes with branches and directories
- The .dockerignore file support exclusion rules
- Client support for v2 mirroring support for the official registry
- Firewalld is now supported and will automatically be used when available
- mounting --device recursively
-
Wed May 13 2015 Oracle USA <ol-ovm-info_ww@oracle.com> - 1.6.2
- Revert change prohibiting mounting into /sys
-
Thu May 07 2015 Oracle USA <ol-ovm-info_ww@oracle.com> - 1.6.1
- Fix read/write /proc paths (CVE-2015-3630)
- Prohibit VOLUME /proc and VOLUME / (CVE-2015-3631)
- Fix opening of file-descriptor 1 (CVE-2015-3627)
- Fix symlink traversal on container respawn allowing local privilege escalation (CVE-2015-3629)
- Prohibit mount of /sys
- Update AppArmor policy to not allow mounts
-
Tue Apr 07 2015 Oracle USA <ol-ovm-info_ww@oracle.com> - 1.6.0
- Building images from an image ID
- Build containers with resource constraints, ie docker build --cpu-shares=100 --memory=1024m...
- commit --change to apply specified Dockerfile instructions while committing the image
- import --change to apply specified Dockerfile instructions while importing the image
- Builds no longer continue in the background when canceled with CTRL-C
- Windows Support
- Container and image Labels
- --cgroup-parent for specifying a parent cgroup to place container cgroup within
- Logging drivers, json-file, syslog, or none
- Pulling images by ID
- --ulimit to set the ulimit on a container
- --default-ulimit option on the daemon which applies to all created containers (and overwritten by --ulimit on run)