Docker

26.0.1

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 26.0.1 milestone
• moby/moby, 26.0.1 milestone
• Deprecated and removed features, see Deprecated Features.
• Changes to the Engine API, see API version history.

Bug fixes and enhancements

• Fix a regression that meant network interface specific --sysctl options prevented container startup. moby/moby#47646
• Remove erroneous platform from image config OCI descriptor in docker save output. moby/moby#47694
• containerd image store: OCI archives produced by docker save will now have a non-empty

23.0.10

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 23.0.10 milestone
• moby/moby, 23.0.10 milestone

26.0.0

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 26.0.0 milestone
• moby/moby, 26.0.0 milestone
• Deprecated and removed features, see Deprecated Features.
• Changes to the Engine API, see API version history.

Security

This release contains a security fix for CVE-2024-29018, a potential data exfiltration from 'internal' networks via authoritative DNS servers.

New

• Add Subpath field to the VolumeOptions making it possible to mount a subpath of a volume. moby/moby#45687
• Add volume-subpath support to the mount flag (--mount type=volume,..

26.0.0-rc3

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 26.0.0 milestone
• moby/moby, 26.0.0 milestone
• Deprecated and removed features, see Deprecated Features.
• Changes to the Engine API, see API version history.

Security

This release contains a security fix for CVE-2024-29018, a potential data exfiltration from 'internal' networks via authoritative DNS servers.

New

• containerd image store: Implement prometheus metrics moby/moby#47555

Bug fixes and enh

25.0.5

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 25.0.5 milestone
• moby/moby, 25.0.5 milestone
• Deprecated and removed features, see Deprecated Features.
• Changes to the Engine API, see API version history.

Security

This release contains a security fix for CVE-2024-29018, a potential data exfiltration from 'internal' networks via authoritative DNS servers.

Bug fixes and enhancements

• CVE-2024-29018: Do not forward requests to external DNS servers for a container that is only connected to an 'internal' network. Previously, requests were forwarded if the host's DNS server was running on a

26.0.0-rc2

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 26.0.0 milestone
• moby/moby, 26.0.0 milestone
• Deprecated and removed features, see Deprecated Features.
• Changes to the Engine API, see API version history.

New

• Allow to enable host loopback by setting DOCKERD_ROOTLESS_ROOTLESSKIT_DISABLE_HOST_LOOPBACK to false, defaults true. It allows to connect to host by using 10.0.2.2 IP moby/moby#47352

Bug fixes and enhancements

• Fix multiple parallel docker bu

v25.0.4

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 25.0.4 milestone
• moby/moby, 25.0.4 milestone
• Deprecated and removed features, see Deprecated Features.
• Changes to the Engine API, see API version history.

Bug fixes and enhancements

• Restore DNS names for containers in the default "nat" network on Windows. moby/moby#47490
• Fix docker start failing when used with --checkpoint moby/moby#47466
• Do not enforce new validation rules for existing swarm networks moby/moby#47482
• Restore IP connectivity between the host and containers on an internal bridge ne

26.0.0-rc1

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 26.0.0 milestone
• moby/moby, 26.0.0 milestone
• Deprecated and removed features, see Deprecated Features.
• Changes to the Engine API, see API version history.

New

• Add Subpath field to the VolumeOptions making it possible to mount a subpath of a volume. moby/moby#45687
• containerd image store: image list will no longer produce multiple duplicates image entries for multi-platform images moby/moby#45967

25.0.3

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 25.0.3 milestone
• moby/moby, 25.0.3 milestone

What's Changed

• [25.0 backport] pkg/ioutils: Make subsequent Close attempts noop #47222
• [25.0 backport] Fix HasResource inverted boolean error - vendor swarmkit v2.0.0-20240125134710-dcda100a8261 #47225
• [25.0 backport] gha: update actions to account for node 16 deprecation #47291
• [25.0 backport] docs: remove dead links from api verison history #47296
• [25.0 backport] Assert temp output directory is not an empty string #47298
• [25.0 backport] api: Document version in

25.0.2

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 25.0.2 milestone
• moby/moby, 25.0.2 milestone

Security

This release contains security fixes for the following CVEs
affecting Docker Engine and its components.

The potential impacts of the above vulnerabilities include:

• Unauthorized access to the host filesystem
• Compromising the integrity of the build cache
• In the case of CVE-2024-21626, a scenario that could lead to full container escape

For more information about the security issues addressed in this release,
refer to the blog post.
For details about each vulnerability, see the relevant security advis

23.0.9

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 23.0.9 milestone
• moby/moby, 23.0.9 milestone