Prohibit VOLUME /proc and VOLUME / (CVE-2015-3631)
Fix opening of file-descriptor 1 (CVE-2015-3627)
Fix symlink traversal on container respawn allowing local privilege escalation (CVE-2015-3629)
Prohibit mount of /sys
Runtime
Update Apparmor policy to not allow mounts
1.6.0 (2015-04-07)
Builder
Building images from an image ID
build containers with resource constraints, ie docker build --cpu-shares=100 --memory=1024m...
commit --change to apply specified Dockerfile instructions while committing the image
import --change to apply specified Dockerfile instructions while importing the image
basic build cancellation
Client
Windows Support
Runtime
Container and image Labels
--cgroup-parent for specifying a parent cgroup to place container cgroup within
Logging drivers, json-file, syslog, or none
Pulling images by ID
--ulimit to set the ulimit on a container
--default-ulimit option on the daemon which applies to all created containers (and overwritten by --ulimit on run)
1.5.0 (2015-02-10)
Builder
Dockerfile to use for a given docker build can be specified with the -f flag
Dockerfile and .dockerignore files can be themselves excluded as part of the .dockerignore file, thus preventing modifications to these files invalidating ADD or COPY instructions cache
ADD and COPY instructions accept relative paths
Dockerfile FROM scratch instruction is now interpreted as a no-base specifier
Improve performance when exposing a large number of ports
Hack
Allow client-side only integration tests for Windows
Include docker-py integration tests against Docker daemon as part of our test suites
Packaging
Support for the new version of the registry HTTP API
Speed up docker push for images with a majority of already existing layers
Fixed contacting a private registry through a proxy
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
- `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language
- `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language
- `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language
- `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language
You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/pulumi/pulumi-terraform/network/alerts).
Bumps github.com/docker/docker from 0.0.0-20170504205632-89658bed64c2 to 1.6.1.
Changelog
Sourced from github.com/docker/docker's changelog.
... (truncated)
Commits
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) - `@dependabot use these labels` will set the current labels as the default for future PRs for this repo and language - `@dependabot use these reviewers` will set the current reviewers as the default for future PRs for this repo and language - `@dependabot use these assignees` will set the current assignees as the default for future PRs for this repo and language - `@dependabot use this milestone` will set the current milestone as the default for future PRs for this repo and language You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/pulumi/pulumi-terraform/network/alerts).