docker Docker Engine Releases · · 29.6.1

Docker Engine 29.6.1 addresses security vulnerabilities and updates components

securityinfraengineer
security

Docker Engine 29.6.1 is a patch release that addresses multiple security vulnerabilities, including issues with memory consumption and build container security protections. It also includes updates to core components like containerd and BuildKit. This release is recommended for all users, especially those concerned with security and stability.

Security (2)
  • A malicious image could supply a malicious /etc/passwd or /etc/group-style file causing excessive memory consumption, potentially resulting in process termination due to Out Of Memory (OOM) conditions. GHSA-mjcv-p78q-w5fw, GHSA-jpcc-p29g-p8mq, GHSA-72x6-4j93-7w86

  • A custom frontend could send a crafted build request that disabled Seccomp and AppArmor protections for the build container, even if the user did not explicitly allow the security.insecure entitlement. Other security measures, like Linux capabilities were still applied to these containers. GHSA-7236-3392-c5c6

Read the original announcement →

https://github.com/moby/moby/releases/tag/docker-v29.6.1

Related releases