docker Docker Engine Releases · · 29.6.2

Docker Engine v29.6.2: Security fixes and dependency updates

securityinfraengineer
security

Docker Engine v29.6.2 addresses multiple security vulnerabilities within the buildkit component, mitigating risks of command injection and unauthorized file operations. The release also includes updates to core dependencies like containerd and the Go runtime. These patches are crucial for maintaining the security posture of Docker environments and are relevant to all users running Docker Engine.

  • Git source checkout from a bundle file could lead to command injection. GHSA-hw3h-2gp9-cxpv
  • Incorrect parameters sent from a frontend could cause a panic. GHSA-qx3x-mv6r-52p6
  • An LLB file operation could be tricked into removing the contents of the /tmp directory. GHSA-32pv-7hq5-qhwq
  • A malicious client could bypass destination directory validation when uploading local sources. GHSA-g2h8-426c-7976
  • A WCOW cache mount source selector could resolve NTFS junctions outside of the cache root. GHSA-388v-wmr2-g2v2
Security (5)
  • Git source checkout from a bundle file could lead to command injection. GHSA-hw3h-2gp9-cxpv
  • Incorrect parameters sent from a frontend could cause a panic. GHSA-qx3x-mv6r-52p6
  • An LLB file operation could be tricked into removing the contents of the /tmp directory. GHSA-32pv-7hq5-qhwq
  • A malicious client could bypass destination directory validation when uploading local sources. GHSA-g2h8-426c-7976
  • A WCOW cache mount source selector could resolve NTFS junctions outside of the cache root. GHSA-388v-wmr2-g2v2
Read the original announcement →

https://github.com/moby/moby/releases/tag/docker-v29.6.2

Related releases