Sourced fromgithub.com/docker/docker's releases.

v26.1.4

26.1.4

For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:

• docker/cli, 26.1.4 milestone
• moby/moby, 26.1.4 milestone
• Deprecated and removed features, seeDeprecated Features.
• Changes to the Engine API, seeAPI version history.

Security

This release updates the Go runtime to 1.21.11 which contains security fixes for:

• CVE-2024-24789
• CVE-2024-24790
• A symlink time of check to time of use race condition during directory removal reported by Addison Crump (@​addisoncrump).

Bug fixes and enhancements

• Fixed an issue where rapidly promoting a node after another node was demoted could cause the promoted node to fail its promotion.moby/moby#47870
• Prevent daemon log being spammed withsuperfluous response.WriteHeader call ... message.moby/moby#47843
• Don't show empty hints when plugins returns an empty hook message.docker/cli#5083
• Added ContextType: "moby" to the context list/inspect output to address a compatibility issue with Visual Studio Container Tools.docker/cli#5095

Packaging updates

• Update containerd (static binaries only) tov1.7.17.moby/moby#47841
• CVE-2024-24789,CVE-2024-24790: Update Go runtime to 1.21.11.moby/moby#47904
• Update Compose tov2.27.1.docker/docker-ce-packages#1022
• Update Buildx tov0.14.1.docker/docker-ce-packages#1021

• de5c9cf Merge pull request#47912 from thaJeztah/26.1_backport_vendor_containerd_1.7.18
• c62dcf8 Merge pull request#47911 from thaJeztah/26.1_backport_bump_containerd_binary...
• 17315a2 vendor: github.com/containerd/containerd v1.7.18
• cbd9418 update containerd binary to v1.7.18
• fb9f72a Merge pull request#47904 from thaJeztah/26.1_backport_bump_go1.21.11
• 3115daa update to go1.21.11
• 2861734 Merge pull request#47892 from thaJeztah/26.1_backport_api_docs_network_confi...
• 9c95aea Merge pull request#47893 from thaJeztah/26.1_backport_bump_docker_py
• 3e09e19 Merge pull request#47894 from thaJeztah/26.1_backport_vendor_containerd_v1.7.17
• 65b679a Merge pull request#47889 from thaJeztah/26.1_backport_platforms_err_handling
• Additional commits viewable incompare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)