Moby - v25.0.5
25.0.5
For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:
- docker/cli, 25.0.5 milestone
- moby/moby, 25.0.5 milestone
- Deprecated and removed features, see Deprecated Features.
- Changes to the Engine API, see API version history.
Security
This release contains a security fix for CVE-2024-29018, a potential data exfiltration from 'internal' networks via authoritative DNS servers.
Bug fixes and enhancements
- CVE-2024-29018: Do not forward requests to external DNS servers for a container that is only connected to an 'internal' network. Previously, requests were forwarded if the host's DNS server was running on a loopback address, like systemd's 127.0.0.53. moby/moby#47589
- plugin: fix mounting /etc/hosts when running in UserNS. moby/moby#47588
- rootless: fix
open /etc/docker/plugins: permission denied
. moby/moby#47587 - Fix multiple parallel
docker build
runs leaking disk space. moby/moby#47527
Security
Details
date
March 19, 2024, 9:36 p.m.
name
v25.0.5
type
Patch
official page
👇
Register or login to:
- 🔍View and search all Moby releases.
- 🛠️Create and share lists to track your tools.
- 🚨Setup notifications for major, security, feature or patch updates.
- 🚀Much more coming soon!