Package "docker-doc"
| Name: |
docker-doc
|
Description: |
Linux container runtime -- documentation
|
| Latest version: |
29.1.3-0ubuntu3~24.04.2 |
| Release: |
noble (24.04) |
| Level: |
updates |
| Repository: |
universe |
| Head package: |
docker.io-app |
| Homepage: |
https://mobyproject.org/ |
Links
Download "docker-doc"
Other versions of "docker-doc" in Noble
Changelog
|
docker.io-app (29.1.3-0ubuntu3~24.04.2) noble-security; urgency=medium
* SECURITY UPDATE: BuildKit path traversal
- debian/patches/CVE-2026-33747_1.patch: Validate container IDs centrally
in engine/vendor/.../buildkit/executor/containerdexecutor/executor.go,
engine/vendor/.../buildkit/executor/containerid.go,
engine/vendor/.../buildkit/executor/runcexecutor/executor.go.
- debian/patches/CVE-2026-33747_2.patch: Sanitize downloaded filenames in
engine/vendor/.../buildkit/source/http/source.go.
- debian/patches/CVE-2026-33747_3.patch: Use os.Root for saved file
operations in engine/vendor/.../buildkit/source/http/source.go.
- CVE-2026-33747
* SECURITY UPDATE: BuildKit path traversal
- debian/patches/CVE-2026-33748_1.patch: Harden ref arg handling in
engine/vendor/.../buildkit/source/git/source.go.
- debian/patches/CVE-2026-33748_2.patch: Normalize and validate subdir
paths in engine/vendor/.../buildkit/client/llb/source.go,
engine/vendor/.../buildkit/source/git/identifier.go,
engine/vendor/.../buildkit/source/git/source.go,
engine/vendor/.../buildkit/util/gitutil/git_url.go.
- CVE-2026-33748
-- Edwin Jiang <email address hidden> Wed, 29 Apr 2026 12:41:06 -0400
|
| Source diff to previous version |
| CVE-2026-33747 |
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, when |
| CVE-2026-33748 |
BuildKit is a toolkit for converting source code to build artifacts in an efficient, expressive and repeatable manner. Prior to version 0.28.1, insuf |
|
|
docker.io-app (29.1.3-0ubuntu3~24.04.1) noble; urgency=medium
* Merge from resolute to noble (LP: #2127661). Remaining changes:
- d/docker.io.postinst: notify when a reboot is required to reload the
AppArmor profile (LP #2065423)
- d/t/docker-in-lxd: workaround Apparmor/kernel bug (LP #2067900)
* Dropped changes:
- d/control: build with golang 1.23
- d/rules: add golang 1.23 to PATH
|
| Source diff to previous version |
| 2065423 |
Update AppArmor template to allow confined runc to kill containers |
| 2067900 |
apparmor unconfined profile blocks pivot_root |
|
|
docker.io-app (28.2.2-0ubuntu1~24.04.1) noble; urgency=medium
* Merge from questing to noble (LP: #2112523). Remaining changes:
- d/t/docker-in-lxd: workaround Apparmor/kernel bug (LP #2067900)
- d/docker.io.postinst: notify when a reboot is required to reload the
AppArmor profile (LP #2065423)
* Dropped changes:
- d/control: build with golang 1.22 for consistency across the supported
release
- d/rules: add golang 1.22 to PATH
* New changes:
- d/control: build with golang 1.23
- d/rules: add golang 1.23 to PATH
|
| Source diff to previous version |
| 2067900 |
apparmor unconfined profile blocks pivot_root |
| 2065423 |
Update AppArmor template to allow confined runc to kill containers |
|
|
docker.io-app (27.5.1-0ubuntu3~24.04.2) noble-security; urgency=medium
* No-change rebuild to copy previous update to the security pocket.
-- Hlib Korzhynskyy <email address hidden> Mon, 02 Jun 2025 09:21:53 -0230
|
| Source diff to previous version |
|
docker.io-app (27.5.1-0ubuntu3~24.04.1) noble; urgency=medium
* Backport from plucky to noble (LP: #2085187)
* d/control: build with golang 1.22 for consistency across the supported
release
* d/rules: add golang 1.22 to PATH
* d/t/docker-in-lxd: workaround Apparmor/kernel bug (LP #2067900)
* d/docker.io.postinst: notify when a reboot is required to reload the
AppArmor profile (LP #2065423).
|
| 2067900 |
apparmor unconfined profile blocks pivot_root |
| 2065423 |
Update AppArmor template to allow confined runc to kill containers |
|
About
-
Send Feedback to @ubuntu_updates
