mirror/docker-docs
1
0
Fork 0
mirror of https://github.com/docker/docs.git synced 2026-06-19 07:35:16 +00:00
Code Issues Packages Projects Releases Wiki Activity

engine: 29.5.1

Browse Source 
Signed-off-by: Paweł Gronowski <pawel.gronowski@docker.com>
This commit is contained in:
Paweł Gronowski
2026-05-18 17:40:59 +02:00
parent ec6d849759
commit 23e841178a
2 changed files with 28 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
content/manuals/engine/release-notes/29.md
+26
View File
@@ -22,6 +22,32 @@ For more information about:
- Deprecated and removed features, see [Deprecated Engine Features](../deprecated.md).
- Changes to the Engine API, see [Engine API version history](/reference/api/engine/version-history/).
## 29.5.1
{{< release-date date="2026-05-18" >}}
For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:
- [docker/cli, 29.5.1 milestone](https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A29.5.1)
- [moby/moby, 29.5.1 milestone](https://github.com/moby/moby/issues?q=is%3Aclosed+milestone%3A29.5.1)
### Security
This release includes fixes for multiple security vulnerabilities affecting Docker Engine.
- **CVE-2026-41567** Fix a vulnerability in `docker cp` where archive decompression binaries (e.g. `xz`, `unpigz`) were resolved via `PATH` inside the container filesystem while running as host root, allowing a malicious container to execute arbitrary binaries with host root privileges.
[GHSA-x86f-5xw2-fm2r](https://github.com/moby/moby/security/advisories/GHSA-x86f-5xw2-fm2r)
- **CVE-2026-41568** Fix a TOCTOU vulnerability in `docker cp` that allowed a container process to create files or directories at arbitrary locations on the host filesystem.
[GHSA-vp62-88p7-qqf5](https://github.com/moby/moby/security/advisories/GHSA-vp62-88p7-qqf5)
- **CVE-2026-42306** Fix a TOCTOU vulnerability in `docker cp` that allowed a container process to redirect a bind mount to an arbitrary location on the host filesystem.
[GHSA-rg2x-37c3-w2rh](https://github.com/moby/moby/security/advisories/GHSA-rg2x-37c3-w2rh)
### Networking
- Fix UDP conntrack entries not being deleted when not bound to a specific IP address. [moby/moby#52640](https://github.com/moby/moby/pull/52640)
## 29.5.0
{{< release-date date="2026-05-14" >}}
hugo.yaml
+2 -2
View File
@@ -154,10 +154,10 @@ params:
# Latest version of the Docker Engine API
latest_engine_api_version: "1.54"
# Latest version of Docker Engine
docker_ce_version: "29.5.0"
docker_ce_version: "29.5.1"
# Previous version of the Docker Engine
# (Used to show e.g., "latest" and "latest"-1 in engine install examples
docker_ce_version_prev: "29.4.3"
docker_ce_version_prev: "29.5.0"
# Latest Docker Compose version
compose_version: "v5.1.2"
# Latest BuildKit version