26.0.0-rc3
For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:
- docker/cli, 26.0.0 milestone
- moby/moby, 26.0.0 milestone
- Deprecated and removed features, see Deprecated Features.
- Changes to the Engine API, see API version history.
Security
This release contains a security fix for CVE-2024-29018, a potential data exfiltration from 'internal' networks via authoritative DNS servers.
New
- containerd image store: Implement prometheus metrics moby/moby#47555
Bug fixes and enhancements
- CVE-2024-29018: Do not forward requests to external DNS servers for a container that is only connected to an 'internal' network. Previously, requests were forwarded if the host's DNS server was running on a loopback address, like systemd's 127.0.0.53. moby/moby#47589
- containerd image store: Improve
docker imagesperformance. moby/moby#47580 - Add explicit deprecation notice message when using remote TCP connections without TLS. Deprecation notice docker/cli#4928. moby/moby#47556
- Use IPv6 nameservers from the host's
resolv.confas upstream resolvers for Docker Engine's internal DNS, rather than listing them in the container'sresolv.conf. moby/moby#47512 - rc2 regression: containerd image store: Fix
image listnot showing images when an image that has no locally available platforms is encountered. - rootless: fix
open /etc/docker/plugins: permission deniedmoby/moby#47559 - plugin: fix mounting /etc/hosts when running in UserNS moby/moby#47558
API
- Remove
ContainerandContainerConfigfields from theGET /images/{name}/jsonresponse. moby/moby#47430
Packaging updates
- Update Buildx to v0.13.1. docker/docker-ce-packaging#1000
- Update Buildkit to v0.13.1. moby/moby#47582
- Update Compose to v2.25.0. docker/docker-ce-packaging#1002
- Add Ubuntu Noble packages. docker/docker-ce-packaging#1006
- Add Fedora 40 packages. docker/docker-ce-packaging#1005