Description
This docker version upgrade fixes the following security and non security
issues, and adds the also additional features:
- Updated to 1.4.1 (2014-12-15):
* Runtime:
- Fix issue with volumes-from and bind mounts not being honored after
create (fixes bnc#913213)
- Added e2fsprogs as runtime dependency, this is required when the
devicemapper driver is used. (bnc#913211).
- Fixed owner & group for docker.socket (thanks to Andrei Dziahel and
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=752555#5)
- Updated to 1.4.0 (2014-12-11):
* Notable Features since 1.3.0:
- Set key=value labels to the daemon (displayed in `docker info`),
applied with new `-label` daemon flag
- Add support for `ENV` in Dockerfile of the form: `ENV name=value
name2=value2...`
- New Overlayfs Storage Driver
- `docker info` now returns an `ID` and `Name` field
- Filter events by event name, container, or image
- `docker cp` now supports copying from container volumes
- Fixed `docker tag`, so it honors `--force` when overriding a tag for
existing image.
- Changes introduced by 1.3.3 (2014-12-11):
* Security:
- Fix path traversal vulnerability in processing of absolute symbolic
links (CVE-2014-9356) - (bnc#909709)
- Fix decompression of xz image archives, preventing privilege
escalation (CVE-2014-9357) - (bnc#909710)
- Validate image IDs (CVE-2014-9358) - (bnc#909712)
* Runtime:
- Fix an issue when image archives are being read slowly
* Client:
- Fix a regression related to stdin redirection
- Fix a regression with `docker cp` when destination is the current
directory