docker-v29.6.2
v29.6.2
Release Notes
29.6.2
For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:
Security
This release includes fixes for multiple security vulnerabilities affecting Docker Engine.
- Git source checkout from a bundle file could lead to command injection. GHSA-hw3h-2gp9-cxpv
- Incorrect parameters sent from a frontend could cause a panic. GHSA-qx3x-mv6r-52p6
- An LLB file operation could be tricked into removing the contents of the
/tmpdirectory. GHSA-32pv-7hq5-qhwq - A malicious client could bypass destination directory validation when uploading local sources. GHSA-g2h8-426c-7976
- A WCOW cache mount source selector could resolve NTFS junctions outside of the cache root. GHSA-388v-wmr2-g2v2
Packaging updates
- Update containerd (static binaries) to v2.2.6. moby/moby#53051
- Update Go runtime to 1.26.5. moby/moby#53027
Rootless
- Update RootlessKit to v3.0.2. moby/moby#53054