18.09.5

Changelog

For official release notes for Docker Engine CE and Docker Engine EE, visit the
release notes page.

18.09.5 (2019-04-11)

Builder

• Fix DOCKER_BUILDKIT=1 docker build --squash .. docker/engine#176

Client

• Fix tty initial size error. docker/cli#1775
• Fix dial-stdio goroutine leakage. docker/cli#1795
• Fix the stack informer's selector used to track deployment. docker/cli#1794

Networking

• Fix network=host using wrong resolv.conf with systemd-resolved. docker/engine#180
• Fix Windows ARP entries getting corrupted randomly under load. docker/engine#192

Runtime

• Fix stopped containers with restart policy showing as Restarting. docker/engine#181
• Fix to use original process spec for execs. docker/engine#178

Swarm Mode

• Fix leaking task resources when nodes are deleted. docker/engine#185

18.09.4 (2019-03-27)

Builder

• Add validation for git ref so it can't be misinterpreted as a flag. moby/moby#38944

Runtime

• Fix docker cp error with filenames greater than 100 characters. moby/moby#38634
• Fix layer/layer_store: ensure NewInputTarStream resources are released. moby/moby#38413

• Increase GRPC limit for GetConfigs. moby/moby#38800
• Update to containerd 1.2.5. docker/engine#173

Swarm Mode

• Fix nil pointer exception when joining node to swarm. moby/moby#38618

18.09.3 (2019-02-28)

Networking

• Windows: avoid regeneration of network ids to prevent broken references to networks. docker/engine#149

Runtime

• Update to Go 1.10.8.
• Modify some of the names in the container name generator. docker/engine#159

• When copying existing folder, ignore xattr set errors when the target filesystem doesn't support xattr. docker/engine#135
• Graphdriver: fix "device" mode not being detected if "character-device" bit is set. docker/engine#160
• Fix nil pointer derefence on failure to connect to containerd. docker/engine#162
• Delete stale containerd object on start failure. docker/engine#154

18.09.2 (2019-02-11)

Security

• Update runc to address a critical vulnerability that allows specially-crafted containers to gain administrative privileges on the host. (CVE-2019-5736)

18.09.1 (2019-01-09)

Builder

• Fix inefficient networking config. docker/engine#123
• Fix docker system prune doesn't accept until filter. docker/engine#122
• Avoid unset credentials in containerd. docker/engine#122

• Update to BuildKit 0.3.3. docker/engine#122

• Additional warnings for use of deprecated legacy overlay and devicemapper storage dirvers. docker/engine#85

Client

• Add bash completion for experimental CLI commands (manifest). docker/cli#1542

• Fix yamldocs outputing [flags] in usage output. docker/cli#1540
• Fix setting default schema to tcp for docker host. docker/cli#1454
• prune: perform image pruning before build cache pruning. docker/cli#1532
• Fix bash completion for service update --force. docker/cli#1526

Networking

• Fix iptables compatibility on debian. docker/engine#107

Packaging

• Add docker.socket requirement for docker.service. docker/docker-ce-packaging#276
• Add socket activation for RHEL-based distributions. docker/docker-ce-packaging#274

• Add libseccomp requirement for RPM packages. docker/docker-ce-packaging#266

Runtime

• Add /proc/asound to masked paths. docker/engine#126
• Update to containerd 1.2.1-rc.0. docker/engine#121

• Windows: allow process isolation. docker/engine#81

• Windows: DetachVhd attempt in cleanup docker/engine#113
• API: properly handle invalid JSON to return a 400 status. docker/engine#110
• API: ignore default address-pools on API < 1.39. docker/engine#118
• API: add missing default address pool fields to swagger. docker/engine#119
• awslogs: account for UTF-8 normalization in limits. docker/engine#112
• Prohibit reading more than 1MB in HTTP error responses. docker/engine#114
• apparmor: allow receiving of signals from docker kill. docker/engine#116
• overlay2: use index=off if possible (fix EBUSY on mount). docker/engine#84

18.09.0 (2018-11-08)

Deprecation

For more information on the list of deprecated flags and APIs, have a look at
https://docs.docker.com/engine/deprecated/ where you can find the target removal dates

• Deprecate devicemapper storage driver docker/cli#1455 / docker/cli#1424
• Deprecate legacy overlay storage driver docker/cli#1455 / docker/cli#1425
• Remove support for TLS < 1.2 moby/moby#37660
• Remove Ubuntu 14.04 "Trusty Tahr" as a supported platform docker-ce-packaging#255 / docker-ce-packaging#254
• Remove Debian 8 "Jessie" as a supported platform docker-ce-packaging#255 / docker-ce-packaging#254

API

• Update API version to 1.39 moby/moby#37640
• Add support for remote connections using SSH docker/cli#1014
• Builder: add prune options to the API moby/moby#37651
• Add "Warnings" to /info endpoint, and move detection to the daemon moby/moby#37502

• Do not return "<unknown>" in /info response moby/moby#37472

Builder

• Allow BuildKit builds to run without experimental mode enabled. Buildkit can now be configured with an option in daemon.json moby/moby#37593 moby/moby#37686 moby/moby#37692 docker/cli#1303 docker/cli#1275
• Add support for build-time secrets using a --secret flag when using BuildKit docker/cli#1288
• Add SSH agent socket forwarder (docker build --ssh $SSHMOUNTID=$SSH_AUTH_SOCK) when using BuildKit docker/cli#1438 / docker/cli#1419
• Add --chown flag support for ADD and COPY commands on Windows moby/moby#35521
• Add builder prune subcommand to prune BuildKit build cache docker/cli#1295 docker/cli#1334
• BuildKit: Add configurable garbage collection policy for the BuildKit build cache docker/engine#59 / moby/moby#37846
• BuildKit: Add support for docker build --pull ... when using BuildKit moby/moby#37613
• BuildKit: Add support or "registry-mirrors" and "insecure-registries" when using BuildKit docker-archive/engine#59](docker-archive/engine#59) / moby/moby#37852
• BuildKit: Enable net modes and bridge. moby/moby#37620

• BuildKit: Change --console=[auto,false,true] to --progress=[auto,plain,tty] docker/cli#1276
• BuildKit: Set BuildKit's ExportedProduct variable to show useful errors in the future. moby/moby#37439

• BuildKit: Do not cancel buildkit status request. [moby/moby#37597](https://github.com/moby/mob...

18.09.5-rc1

Changelog

For official release notes for Docker Engine CE and Docker Engine EE, visit the
release notes page.

18.09.5 (2019-04-11)

Builder

• Fix DOCKER_BUILDKIT=1 docker build --squash .. docker/engine#176

Client

• Fix tty initial size error. docker/cli#1775
• Fix dial-stdio goroutine leakage. docker/cli#1795
• Fix the stack informer's selector used to track deployment. docker/cli#1794

Networking

• Fix network=host using wrong resolv.conf with systemd-resolved. docker/engine#180
• Fix Windows ARP entries getting corrupted randomly under load. docker/engine#192

Runtime

• Fix stopped containers with restart policy showing as Restarting. docker/engine#181
• Fix to use original process spec for execs. docker/engine#178

Swarm Mode

• Fix leaking task resources when nodes are deleted. docker/engine#185

18.09.4 (2019-03-27)

Builder

• Add validation for git ref so it can't be misinterpreted as a flag. moby/moby#38944

Runtime

• Fix docker cp error with filenames greater than 100 characters. moby/moby#38634
• Fix layer/layer_store: ensure NewInputTarStream resources are released. moby/moby#38413

• Increase GRPC limit for GetConfigs. moby/moby#38800
• Update to containerd 1.2.5. docker/engine#173

Swarm Mode

• Fix nil pointer exception when joining node to swarm. moby/moby#38618

18.09.3 (2019-02-28)

Networking

• Windows: avoid regeneration of network ids to prevent broken references to networks. docker/engine#149

Runtime

• Update to Go 1.10.8.
• Modify some of the names in the container name generator. docker/engine#159

• When copying existing folder, ignore xattr set errors when the target filesystem doesn't support xattr. docker/engine#135
• Graphdriver: fix "device" mode not being detected if "character-device" bit is set. docker/engine#160
• Fix nil pointer derefence on failure to connect to containerd. docker/engine#162
• Delete stale containerd object on start failure. docker/engine#154

18.09.2 (2019-02-11)

Security

• Update runc to address a critical vulnerability that allows specially-crafted containers to gain administrative privileges on the host. (CVE-2019-5736)

18.09.1 (2019-01-09)

Builder

• Fix inefficient networking config. docker/engine#123
• Fix docker system prune doesn't accept until filter. docker/engine#122
• Avoid unset credentials in containerd. docker/engine#122

• Update to BuildKit 0.3.3. docker/engine#122

• Additional warnings for use of deprecated legacy overlay and devicemapper storage dirvers. docker/engine#85

Client

• Add bash completion for experimental CLI commands (manifest). docker/cli#1542

• Fix yamldocs outputing [flags] in usage output. docker/cli#1540
• Fix setting default schema to tcp for docker host. docker/cli#1454
• prune: perform image pruning before build cache pruning. docker/cli#1532
• Fix bash completion for service update --force. docker/cli#1526

Networking

• Fix iptables compatibility on debian. docker/engine#107

Packaging

• Add docker.socket requirement for docker.service. docker/docker-ce-packaging#276
• Add socket activation for RHEL-based distributions. docker/docker-ce-packaging#274

• Add libseccomp requirement for RPM packages. docker/docker-ce-packaging#266

Runtime

• Add /proc/asound to masked paths. docker/engine#126
• Update to containerd 1.2.1-rc.0. docker/engine#121

• Windows: allow process isolation. docker/engine#81

• Windows: DetachVhd attempt in cleanup docker/engine#113
• API: properly handle invalid JSON to return a 400 status. docker/engine#110
• API: ignore default address-pools on API < 1.39. docker/engine#118
• API: add missing default address pool fields to swagger. docker/engine#119
• awslogs: account for UTF-8 normalization in limits. docker/engine#112
• Prohibit reading more than 1MB in HTTP error responses. docker/engine#114
• apparmor: allow receiving of signals from docker kill. docker/engine#116
• overlay2: use index=off if possible (fix EBUSY on mount). docker/engine#84

18.09.0 (2018-11-08)

Deprecation

For more information on the list of deprecated flags and APIs, have a look at
https://docs.docker.com/engine/deprecated/ where you can find the target removal dates

• Deprecate devicemapper storage driver docker/cli#1455 / docker/cli#1424
• Deprecate legacy overlay storage driver docker/cli#1455 / docker/cli#1425
• Remove support for TLS < 1.2 moby/moby#37660
• Remove Ubuntu 14.04 "Trusty Tahr" as a supported platform docker-ce-packaging#255 / docker-ce-packaging#254
• Remove Debian 8 "Jessie" as a supported platform docker-ce-packaging#255 / docker-ce-packaging#254

API

• Update API version to 1.39 moby/moby#37640
• Add support for remote connections using SSH docker/cli#1014
• Builder: add prune options to the API moby/moby#37651
• Add "Warnings" to /info endpoint, and move detection to the daemon moby/moby#37502

• Do not return "<unknown>" in /info response moby/moby#37472

Builder

• Allow BuildKit builds to run without experimental mode enabled. Buildkit can now be configured with an option in daemon.json moby/moby#37593 moby/moby#37686 moby/moby#37692 docker/cli#1303 docker/cli#1275
• Add support for build-time secrets using a --secret flag when using BuildKit docker/cli#1288
• Add SSH agent socket forwarder (docker build --ssh $SSHMOUNTID=$SSH_AUTH_SOCK) when using BuildKit docker/cli#1438 / docker/cli#1419
• Add --chown flag support for ADD and COPY commands on Windows moby/moby#35521
• Add builder prune subcommand to prune BuildKit build cache docker/cli#1295 docker/cli#1334
• BuildKit: Add configurable garbage collection policy for the BuildKit build cache docker/engine#59 / moby/moby#37846
• BuildKit: Add support for docker build --pull ... when using BuildKit moby/moby#37613
• BuildKit: Add support or "registry-mirrors" and "insecure-registries" when using BuildKit docker-archive/engine#59](docker-archive/engine#59) / moby/moby#37852
• BuildKit: Enable net modes and bridge. moby/moby#37620

• BuildKit: Change --console=[auto,false,true] to --progress=[auto,plain,tty] docker/cli#1276
• BuildKit: Set BuildKit's ExportedProduct variable to show useful errors in the future. moby/moby#37439

• BuildKit: Do not cancel buildkit status request. [moby/moby#37597](https://github.com/moby/mob...

19.03.0-beta1

Changelog

For official release notes for Docker Engine CE and Docker Engine EE, visit the
release notes page.

19.03.0 (2019-05-21)

Client

• Update buildkit to 62e55427. docker/cli#1800
• Cli change to pass driver specific options to docker run. docker/cli#1767
• build: allow setting buildkit outputs. docker/cli#1766
• Add --pids-limit flag to docker update. docker/cli#1765
• Add systctl support for services. docker/cli#1754
• Add support for template_driver in composefiles. docker/cli#1746
• Bump Golang 1.12.1. docker/cli#1708
• Fix labels copying value from environment variables. docker/cli#1671
• The docker system info output now segregates information relevant to the client and daemon. docker/cli#1638
• (Experimental) When targetting Kubernetes, add support for x-pull-secret: some-pull-secret in compose-files service configs. docker/cli#1617
• (Experimental) When targetting Kubernetes, add support for x-pull-policy: <Never|Always|IfNotPresent> in compose-files service configs. docker/cli#1617
• Add support for maximum replicas per node without stack. docker/cli#1612
• Add --device support for Windows. docker/cli#1606
• Basic framework for writing and running CLI plugins. docker/cli#1564
• Fix tty initial size error. docker/cli#1529
• cp, save, export: Prevent overwriting irregular files. docker/cli#1515
• Data Path Port configuration support. docker/cli#1509
• Fast context switch: commands. docker/cli#1501
• Support --mount type=bind,bind-nonrecursive,... docker/cli#1430
• Deprecate legacy overlay storage driver. docker/cli#1425
• Deprecate "devicemapper" storage driver. docker/cli#1424
• build: add SSH agent socket forwarder (docker build --ssh $SSHMOUNTID=$SSH_AUTH_SOCK) docker/cli#1419
• Add maximum replicas per node support to stack version 3.8. docker/cli#1410
• Allow npipe volume type on stack file. docker/cli#1195
• Add option to pull images quietly. docker/cli#882
• Add a separate --domainname flag. docker/cli#1130

API

• Update API version to v1.40. moby/moby#38089
• Add warnings to /info endpoint, and move detection to the daemon. moby/moby#37502
• Add HEAD support for /_ping endpoint. moby/moby#38570
• Add Cache-Control headers to disable caching /_ping endpoint. moby/moby#38569
• Add containerd, runc, and docker-init versions to /version. moby/moby#37974
• Add undocumented /grpc endpoint and register BuildKit's controller. moby/moby#38990

Builder

• Builder: fix COPY --from should preserve ownership. moby/moby#38599
• builder-next: update buildkit to c3541087 (v0.4.0). moby/moby#38882
  • This brings in inline cache support. --cache-from can now point to an existing image
    if it was built with --build-arg BUILDKIT_INLINE_CACHE=true and contains the cache metadata in the image config.
• builder-next: allow outputs configuration. moby/moby#38898
• TODO changes from BuildKit

Experimental

• Enable checkpoint/restore of containers with TTY. moby/moby#38405
• LCOW: Add support for memory and CPU limits. moby/moby#37296
• Windows: Experimental: ContainerD runtime. moby/moby#38541

Security

• mount: add BindOptions.NonRecursive (API v1.40). moby/moby#38003
• seccomp: whitelist io_pgetevents(). moby/moby#38895
• seccomp: allow ptrace(2) for 4.8+ kernels. moby/moby#38137

Runtime

• Allow running dockerd as a non-root user (Rootless mode). moby/moby#380050
• Add DeviceRequests to HostConfig to support NVIDIA GPUs. moby/moby#38828
• Making it possible to pass Windows credential specs directly to the engine. moby/moby#38777
• Add pids-limit support in docker update. moby/moby#32519
• Add support for exact list of capabilities. moby/moby#38380
• daemon: use 'private' ipc mode by default. moby/moby#35621
• daemon: switch to semaphore-gated WaitGroup for startup tasks. moby/moby#38301
• Add --device support for Windows. moby/moby#37638
• Add memory.kernelTCP support for linux. moby/moby#37043
• Use idtools.LookupGroup instead of parsing /etc/group file for docker.sock ownership to fix: api.go doesn't respect nsswitch.conf. moby/moby#38126
• Fix docker --init with /dev bind mount. moby/moby#37665
• cli: fix images filter when use multi reference filter. moby/moby#38171
• Bump Golang to 1.12.1. moby/moby#38404

Networking

• Network: add support for 'dangling' filter. moby/moby#31551
• Move IPVLAN driver out of experimental. moby/moby#38983 / docker/libnetwork#2230

Swarm

• Added support for maximum replicas per node. moby/moby#37940
• Add support for GMSA CredentialSpecs from Swarmkit configs. moby/moby#38632
• Add support for sysctl options in services. moby/moby#37701
• Add support for filtering on node labels. moby/moby#37650
• Windows: Support named pipe mounts in docker service create + stack yml. moby/moby#37400
• VXLAN UDP Port configuration support. moby/moby#38102

Logging

• Enable gcplogs driver on windows. moby/moby#37717
• Add zero padding for RFC5424 syslog format. moby/moby#38335
• Add IMAGE_NAME attribute to journald log events. moby/moby#38032

Deprecation

• Remove v1 manifest support, remove --disable-legacy-registry. moby/moby#37874
• Remove v1.10 migrator. moby/moby#38265
• Skip deprecated storage-drivers in auto-selection. moby/moby#38019
• Deprecate AuFS storage driver, and add warning. moby/moby#38090

18.09.4

Changelog

For official release notes for Docker Engine CE and Docker Engine EE, visit the
release notes page.

18.09.4 (2019-03-27)

Builder

• Add validation for git ref so it can't be misinterpreted as a flag. moby/moby#38944

Runtime

• Fix docker cp error with filenames greater than 100 characters. moby/moby#38634
• Fix layer/layer_store: ensure NewInputTarStream resources are released. moby/moby#38413

• Increase GRPC limit for GetConfigs. moby/moby#38800
• Update to containerd 1.2.5. docker/engine#173

Swarm Mode

• Fix nil pointer exception when joining node to swarm. moby/moby#38618

18.09.3 (2019-02-28)

Networking

• Windows: avoid regeneration of network ids to prevent broken references to networks. docker/engine#149

Runtime

• Update to Go 1.10.8.
• Modify some of the names in the container name generator. docker/engine#159

• When copying existing folder, ignore xattr set errors when the target filesystem doesn't support xattr. docker/engine#135
• Graphdriver: fix "device" mode not being detected if "character-device" bit is set. docker/engine#160
• Fix nil pointer derefence on failure to connect to containerd. docker/engine#162
• Delete stale containerd object on start failure. docker/engine#154

18.09.2 (2019-02-11)

Security

• Update runc to address a critical vulnerability that allows specially-crafted containers to gain administrative privileges on the host. (CVE-2019-5736)

18.09.1 (2019-01-09)

Builder

• Fix inefficient networking config. docker/engine#123
• Fix docker system prune doesn't accept until filter. docker/engine#122
• Avoid unset credentials in containerd. docker/engine#122

• Update to BuildKit 0.3.3. docker/engine#122

• Additional warnings for use of deprecated legacy overlay and devicemapper storage dirvers. docker/engine#85

Client

• Add bash completion for experimental CLI commands (manifest). docker/cli#1542

• Fix yamldocs outputing [flags] in usage output. docker/cli#1540
• Fix setting default schema to tcp for docker host. docker/cli#1454
• prune: perform image pruning before build cache pruning. docker/cli#1532
• Fix bash completion for service update --force. docker/cli#1526

Networking

• Fix iptables compatibility on debian. docker/engine#107

Packaging

• Add docker.socket requirement for docker.service. docker/docker-ce-packaging#276
• Add socket activation for RHEL-based distributions. docker/docker-ce-packaging#274

• Add libseccomp requirement for RPM packages. docker/docker-ce-packaging#266

Runtime

• Add /proc/asound to masked paths. docker/engine#126
• Update to containerd 1.2.1-rc.0. docker/engine#121

• Windows: allow process isolation. docker/engine#81

• Windows: DetachVhd attempt in cleanup docker/engine#113
• API: properly handle invalid JSON to return a 400 status. docker/engine#110
• API: ignore default address-pools on API < 1.39. docker/engine#118
• API: add missing default address pool fields to swagger. docker/engine#119
• awslogs: account for UTF-8 normalization in limits. docker/engine#112
• Prohibit reading more than 1MB in HTTP error responses. docker/engine#114
• apparmor: allow receiving of signals from docker kill. docker/engine#116
• overlay2: use index=off if possible (fix EBUSY on mount). docker/engine#84

18.09.0 (2018-11-08)

Deprecation

For more information on the list of deprecated flags and APIs, have a look at
https://docs.docker.com/engine/deprecated/ where you can find the target removal dates

• Deprecate devicemapper storage driver docker/cli#1455 / docker/cli#1424
• Deprecate legacy overlay storage driver docker/cli#1455 / docker/cli#1425
• Remove support for TLS < 1.2 moby/moby#37660
• Remove Ubuntu 14.04 "Trusty Tahr" as a supported platform docker-ce-packaging#255 / docker-ce-packaging#254
• Remove Debian 8 "Jessie" as a supported platform docker-ce-packaging#255 / docker-ce-packaging#254

API

• Update API version to 1.39 moby/moby#37640
• Add support for remote connections using SSH docker/cli#1014
• Builder: add prune options to the API moby/moby#37651
• Add "Warnings" to /info endpoint, and move detection to the daemon moby/moby#37502

• Do not return "<unknown>" in /info response moby/moby#37472

Builder

• Allow BuildKit builds to run without experimental mode enabled. Buildkit can now be configured with an option in daemon.json moby/moby#37593 moby/moby#37686 moby/moby#37692 docker/cli#1303 docker/cli#1275
• Add support for build-time secrets using a --secret flag when using BuildKit docker/cli#1288
• Add SSH agent socket forwarder (docker build --ssh $SSHMOUNTID=$SSH_AUTH_SOCK) when using BuildKit docker/cli#1438 / docker/cli#1419
• Add --chown flag support for ADD and COPY commands on Windows moby/moby#35521
• Add builder prune subcommand to prune BuildKit build cache docker/cli#1295 docker/cli#1334
• BuildKit: Add configurable garbage collection policy for the BuildKit build cache docker/engine#59 / moby/moby#37846
• BuildKit: Add support for docker build --pull ... when using BuildKit moby/moby#37613
• BuildKit: Add support or "registry-mirrors" and "insecure-registries" when using BuildKit docker-archive/engine#59](docker-archive/engine#59) / moby/moby#37852
• BuildKit: Enable net modes and bridge. moby/moby#37620

• BuildKit: Change --console=[auto,false,true] to --progress=[auto,plain,tty] docker/cli#1276
• BuildKit: Set BuildKit's ExportedProduct variable to show useful errors in the future. moby/moby#37439

• BuildKit: Do not cancel buildkit status request. moby/moby#37597
• Fix no error is shown if build args are missing during docker build moby/moby#37396
• Fix error "unexpected EOF" when adding an 8GB file moby/moby#37771
• LCOW: Ensure platform is populated on COPY/ADD. moby/moby#37563

Client

• Add docker engine subcommand to manage the lifecycle of a Docker Engine running as a privileged container on top of containerd, and to allow upgrades to Docker Engine Enterprise docker/cli#1260
• Expose product license in docker info output docker/cli#1313
• Show warnings produced by daemon in docker info output docker/cli#1225

• Hide --data-path-addr flags when connected to a daemon that doesn't support this option docker/docker/cli#1240
• Only show buildkit-specific flags if BuildKit is enabled docker/cli#1438 / [docker/cli#1...

18.09.4-rc1

Changelog

For official release notes for Docker Engine CE and Docker Engine EE, visit the
release notes page.

18.09.4 (2019-03-27)

Runtime

• Fix docker cp error with filenames greater than 100 characters. moby/moby#38634
• Fix layer/layer_store: ensure NewInputTarStream resources are released. moby/moby#38413

• Increase GRPC limit for GetConfigs. moby/moby#38800

Swarm Mode

• Fix nil pointer exception when joining node to swarm. moby/moby#38618

18.09.3 (2019-02-28)

Networking

• Windows: avoid regeneration of network ids to prevent broken references to networks. docker/engine#149

Runtime

• Update to Go 1.10.8.
• Modify some of the names in the container name generator. docker/engine#159

• When copying existing folder, ignore xattr set errors when the target filesystem doesn't support xattr. docker/engine#135
• Graphdriver: fix "device" mode not being detected if "character-device" bit is set. docker/engine#160
• Fix nil pointer derefence on failure to connect to containerd. docker/engine#162
• Delete stale containerd object on start failure. docker/engine#154

18.09.2 (2019-02-11)

Security

• Update runc to address a critical vulnerability that allows specially-crafted containers to gain administrative privileges on the host. (CVE-2019-5736)

18.09.1 (2019-01-09)

Builder

• Fix inefficient networking config. docker/engine#123
• Fix docker system prune doesn't accept until filter. docker/engine#122
• Avoid unset credentials in containerd. docker/engine#122

• Update to BuildKit 0.3.3. docker/engine#122

• Additional warnings for use of deprecated legacy overlay and devicemapper storage dirvers. docker/engine#85

Client

• Add bash completion for experimental CLI commands (manifest). docker/cli#1542

• Fix yamldocs outputing [flags] in usage output. docker/cli#1540
• Fix setting default schema to tcp for docker host. docker/cli#1454
• prune: perform image pruning before build cache pruning. docker/cli#1532
• Fix bash completion for service update --force. docker/cli#1526

Networking

• Fix iptables compatibility on debian. docker/engine#107

Packaging

• Add docker.socket requirement for docker.service. docker/docker-ce-packaging#276
• Add socket activation for RHEL-based distributions. docker/docker-ce-packaging#274

• Add libseccomp requirement for RPM packages. docker/docker-ce-packaging#266

Runtime

• Add /proc/asound to masked paths. docker/engine#126
• Update to containerd 1.2.1-rc.0. docker/engine#121

• Windows: allow process isolation. docker/engine#81

• Windows: DetachVhd attempt in cleanup docker/engine#113
• API: properly handle invalid JSON to return a 400 status. docker/engine#110
• API: ignore default address-pools on API < 1.39. docker/engine#118
• API: add missing default address pool fields to swagger. docker/engine#119
• awslogs: account for UTF-8 normalization in limits. docker/engine#112
• Prohibit reading more than 1MB in HTTP error responses. docker/engine#114
• apparmor: allow receiving of signals from docker kill. docker/engine#116
• overlay2: use index=off if possible (fix EBUSY on mount). docker/engine#84

18.09.0 (2018-11-08)

Deprecation

For more information on the list of deprecated flags and APIs, have a look at
https://docs.docker.com/engine/deprecated/ where you can find the target removal dates

• Deprecate devicemapper storage driver docker/cli#1455 / docker/cli#1424
• Deprecate legacy overlay storage driver docker/cli#1455 / docker/cli#1425
• Remove support for TLS < 1.2 moby/moby#37660
• Remove Ubuntu 14.04 "Trusty Tahr" as a supported platform docker-ce-packaging#255 / docker-ce-packaging#254
• Remove Debian 8 "Jessie" as a supported platform docker-ce-packaging#255 / docker-ce-packaging#254

API

• Update API version to 1.39 moby/moby#37640
• Add support for remote connections using SSH docker/cli#1014
• Builder: add prune options to the API moby/moby#37651
• Add "Warnings" to /info endpoint, and move detection to the daemon moby/moby#37502

• Do not return "<unknown>" in /info response moby/moby#37472

Builder

• Allow BuildKit builds to run without experimental mode enabled. Buildkit can now be configured with an option in daemon.json moby/moby#37593 moby/moby#37686 moby/moby#37692 docker/cli#1303 docker/cli#1275
• Add support for build-time secrets using a --secret flag when using BuildKit docker/cli#1288
• Add SSH agent socket forwarder (docker build --ssh $SSHMOUNTID=$SSH_AUTH_SOCK) when using BuildKit docker/cli#1438 / docker/cli#1419
• Add --chown flag support for ADD and COPY commands on Windows moby/moby#35521
• Add builder prune subcommand to prune BuildKit build cache docker/cli#1295 docker/cli#1334
• BuildKit: Add configurable garbage collection policy for the BuildKit build cache docker/engine#59 / moby/moby#37846
• BuildKit: Add support for docker build --pull ... when using BuildKit moby/moby#37613
• BuildKit: Add support or "registry-mirrors" and "insecure-registries" when using BuildKit docker-archive/engine#59](docker-archive/engine#59) / moby/moby#37852
• BuildKit: Enable net modes and bridge. moby/moby#37620

• BuildKit: Change --console=[auto,false,true] to --progress=[auto,plain,tty] docker/cli#1276
• BuildKit: Set BuildKit's ExportedProduct variable to show useful errors in the future. moby/moby#37439

• BuildKit: Do not cancel buildkit status request. moby/moby#37597
• Fix no error is shown if build args are missing during docker build moby/moby#37396
• Fix error "unexpected EOF" when adding an 8GB file moby/moby#37771
• LCOW: Ensure platform is populated on COPY/ADD. moby/moby#37563

Client

• Add docker engine subcommand to manage the lifecycle of a Docker Engine running as a privileged container on top of containerd, and to allow upgrades to Docker Engine Enterprise docker/cli#1260
• Expose product license in docker info output docker/cli#1313
• Show warnings produced by daemon in docker info output docker/cli#1225

• Hide --data-path-addr flags when connected to a daemon that doesn't support this option docker/docker/cli#1240
• Only show buildkit-specific flags if BuildKit is enabled docker/cli#1438 / docker/cli#1427
• Improve version output alignment docker/cli#1204
• Sort plugin names and networks in a natural order [docker/cli#1166](https://github.com/docker/...

18.09.3

Changelog

For official release notes for Docker Engine CE and Docker Engine EE, visit the
release notes page.

18.09.3 (2019-02-28)

Networking

• Windows: avoid regeneration of network ids to prevent broken references to networks. docker/engine#149

Runtime

• Update to Go 1.10.8.
• Modify some of the names in the container name generator. docker/engine#159

• When copying existing folder, ignore xattr set errors when the target filesystem doesn't support xattr. docker/engine#135
• Graphdriver: fix "device" mode not being detected if "character-device" bit is set. docker/engine#160
• Fix nil pointer derefence on failure to connect to containerd. docker/engine#162
• Delete stale containerd object on start failure. docker/engine#154

18.09.2 (2019-02-11)

Security

• Update runc to address a critical vulnerability that allows specially-crafted containers to gain administrative privileges on the host. (CVE-2019-5736)

18.09.1 (2019-01-09)

Builder

• Fix inefficient networking config. docker/engine#123
• Fix docker system prune doesn't accept until filter. docker/engine#122
• Avoid unset credentials in containerd. docker/engine#122

• Update to BuildKit 0.3.3. docker/engine#122

• Additional warnings for use of deprecated legacy overlay and devicemapper storage dirvers. docker/engine#85

Client

• Add bash completion for experimental CLI commands (manifest). docker/cli#1542

• Fix yamldocs outputing [flags] in usage output. docker/cli#1540
• Fix setting default schema to tcp for docker host. docker/cli#1454
• prune: perform image pruning before build cache pruning. docker/cli#1532
• Fix bash completion for service update --force. docker/cli#1526

Networking

• Fix iptables compatibility on debian. docker/engine#107

Packaging

• Add docker.socket requirement for docker.service. docker/docker-ce-packaging#276
• Add socket activation for RHEL-based distributions. docker/docker-ce-packaging#274

• Add libseccomp requirement for RPM packages. docker/docker-ce-packaging#266

Runtime

• Add /proc/asound to masked paths. docker/engine#126
• Update to containerd 1.2.1-rc.0. docker/engine#121

• Windows: allow process isolation. docker/engine#81

• Windows: DetachVhd attempt in cleanup docker/engine#113
• API: properly handle invalid JSON to return a 400 status. docker/engine#110
• API: ignore default address-pools on API < 1.39. docker/engine#118
• API: add missing default address pool fields to swagger. docker/engine#119
• awslogs: account for UTF-8 normalization in limits. docker/engine#112
• Prohibit reading more than 1MB in HTTP error responses. docker/engine#114
• apparmor: allow receiving of signals from docker kill. docker/engine#116
• overlay2: use index=off if possible (fix EBUSY on mount). docker/engine#84

18.09.0 (2018-11-08)

Deprecation

For more information on the list of deprecated flags and APIs, have a look at
https://docs.docker.com/engine/deprecated/ where you can find the target removal dates

• Deprecate devicemapper storage driver docker/cli#1455 / docker/cli#1424
• Deprecate legacy overlay storage driver docker/cli#1455 / docker/cli#1425
• Remove support for TLS < 1.2 moby/moby#37660
• Remove Ubuntu 14.04 "Trusty Tahr" as a supported platform docker-ce-packaging#255 / docker-ce-packaging#254
• Remove Debian 8 "Jessie" as a supported platform docker-ce-packaging#255 / docker-ce-packaging#254

API

• Update API version to 1.39 moby/moby#37640
• Add support for remote connections using SSH docker/cli#1014
• Builder: add prune options to the API moby/moby#37651
• Add "Warnings" to /info endpoint, and move detection to the daemon moby/moby#37502

• Do not return "<unknown>" in /info response moby/moby#37472

Builder

• Allow BuildKit builds to run without experimental mode enabled. Buildkit can now be configured with an option in daemon.json moby/moby#37593 moby/moby#37686 moby/moby#37692 docker/cli#1303 docker/cli#1275
• Add support for build-time secrets using a --secret flag when using BuildKit docker/cli#1288
• Add SSH agent socket forwarder (docker build --ssh $SSHMOUNTID=$SSH_AUTH_SOCK) when using BuildKit docker/cli#1438 / docker/cli#1419
• Add --chown flag support for ADD and COPY commands on Windows moby/moby#35521
• Add builder prune subcommand to prune BuildKit build cache docker/cli#1295 docker/cli#1334
• BuildKit: Add configurable garbage collection policy for the BuildKit build cache docker/engine#59 / moby/moby#37846
• BuildKit: Add support for docker build --pull ... when using BuildKit moby/moby#37613
• BuildKit: Add support or "registry-mirrors" and "insecure-registries" when using BuildKit docker-archive/engine#59](docker-archive/engine#59) / moby/moby#37852
• BuildKit: Enable net modes and bridge. moby/moby#37620

• BuildKit: Change --console=[auto,false,true] to --progress=[auto,plain,tty] docker/cli#1276
• BuildKit: Set BuildKit's ExportedProduct variable to show useful errors in the future. moby/moby#37439

• BuildKit: Do not cancel buildkit status request. moby/moby#37597
• Fix no error is shown if build args are missing during docker build moby/moby#37396
• Fix error "unexpected EOF" when adding an 8GB file moby/moby#37771
• LCOW: Ensure platform is populated on COPY/ADD. moby/moby#37563

Client

• Add docker engine subcommand to manage the lifecycle of a Docker Engine running as a privileged container on top of containerd, and to allow upgrades to Docker Engine Enterprise docker/cli#1260
• Expose product license in docker info output docker/cli#1313
• Show warnings produced by daemon in docker info output docker/cli#1225

• Hide --data-path-addr flags when connected to a daemon that doesn't support this option docker/docker/cli#1240
• Only show buildkit-specific flags if BuildKit is enabled docker/cli#1438 / docker/cli#1427
• Improve version output alignment docker/cli#1204
• Sort plugin names and networks in a natural order docker/cli#1166, docker/cli#1266
• Updated bash and zsh completion scripts

• Fix mapping a range of host ports to a single container port docker/cli#1102
• Fix trust inspect typo: "AdminstrativeKeys" [docker/cli#1300](ht...

18.09.3-rc1

Changelog

For official release notes for Docker Engine CE and Docker Engine EE, visit the
[https://docs.docker.com/engine/release-notes/](release notes page).

18.09.3 (2019-02-DD)

Networking

• Windows: avoid regeneration of network ids to prevent broken references to networks. docker/engine#149

Runtime

• Update to Go 1.10.8.
• Modify some of the names in the container name generator. docker/engine#159

• When copying existing folder, ignore xattr set errors when the target filesystem doesn't support xattr. docker/engine#135
• Graphdriver: fix "device" mode not being detected if "character-device" bit is set. docker/engine#160
• Fix nil pointer derefence on failure to connect to containerd. docker/engine#162
• Delete stale containerd object on start failure. docker/engine#154

18.09.2 (2019-02-11)

Security

• Update runc to address a critical vulnerability that allows specially-crafted containers to gain administrative privileges on the host. (CVE-2019-5736)

18.09.1 (2019-01-09)

Builder

• Fix inefficient networking config. docker/engine#123
• Fix docker system prune doesn't accept until filter. docker/engine#122
• Avoid unset credentials in containerd. docker/engine#122

• Update to BuildKit 0.3.3. docker/engine#122

• Additional warnings for use of deprecated legacy overlay and devicemapper storage dirvers. docker/engine#85

Client

• Add bash completion for experimental CLI commands (manifest). docker/cli#1542

• Fix yamldocs outputing [flags] in usage output. docker/cli#1540
• Fix setting default schema to tcp for docker host. docker/cli#1454
• prune: perform image pruning before build cache pruning. docker/cli#1532
• Fix bash completion for service update --force. docker/cli#1526

Networking

• Fix iptables compatibility on debian. docker/engine#107

Packaging

• Add docker.socket requirement for docker.service. docker/docker-ce-packaging#276
• Add socket activation for RHEL-based distributions. docker/docker-ce-packaging#274

• Add libseccomp requirement for RPM packages. docker/docker-ce-packaging#266

Runtime

• Add /proc/asound to masked paths. docker/engine#126
• Update to containerd 1.2.1-rc.0. docker/engine#121

• Windows: allow process isolation. docker/engine#81

• Windows: DetachVhd attempt in cleanup docker/engine#113
• API: properly handle invalid JSON to return a 400 status. docker/engine#110
• API: ignore default address-pools on API < 1.39. docker/engine#118
• API: add missing default address pool fields to swagger. docker/engine#119
• awslogs: account for UTF-8 normalization in limits. docker/engine#112
• Prohibit reading more than 1MB in HTTP error responses. docker/engine#114
• apparmor: allow receiving of signals from docker kill. docker/engine#116
• overlay2: use index=off if possible (fix EBUSY on mount). docker/engine#84

18.09.0 (2018-11-08)

Deprecation

For more information on the list of deprecated flags and APIs, have a look at
https://docs.docker.com/engine/deprecated/ where you can find the target removal dates

• Deprecate devicemapper storage driver docker/cli#1455 / docker/cli#1424
• Deprecate legacy overlay storage driver docker/cli#1455 / docker/cli#1425
• Remove support for TLS < 1.2 moby/moby#37660
• Remove Ubuntu 14.04 "Trusty Tahr" as a supported platform docker-ce-packaging#255 / docker-ce-packaging#254
• Remove Debian 8 "Jessie" as a supported platform docker-ce-packaging#255 / docker-ce-packaging#254

API

• Update API version to 1.39 moby/moby#37640
• Add support for remote connections using SSH docker/cli#1014
• Builder: add prune options to the API moby/moby#37651
• Add "Warnings" to /info endpoint, and move detection to the daemon moby/moby#37502

• Do not return "<unknown>" in /info response moby/moby#37472

Builder

• Allow BuildKit builds to run without experimental mode enabled. Buildkit can now be configured with an option in daemon.json moby/moby#37593 moby/moby#37686 moby/moby#37692 docker/cli#1303 docker/cli#1275
• Add support for build-time secrets using a --secret flag when using BuildKit docker/cli#1288
• Add SSH agent socket forwarder (docker build --ssh $SSHMOUNTID=$SSH_AUTH_SOCK) when using BuildKit docker/cli#1438 / docker/cli#1419
• Add --chown flag support for ADD and COPY commands on Windows moby/moby#35521
• Add builder prune subcommand to prune BuildKit build cache docker/cli#1295 docker/cli#1334
• BuildKit: Add configurable garbage collection policy for the BuildKit build cache docker/engine#59 / moby/moby#37846
• BuildKit: Add support for docker build --pull ... when using BuildKit moby/moby#37613
• BuildKit: Add support or "registry-mirrors" and "insecure-registries" when using BuildKit docker-archive/engine#59](docker-archive/engine#59) / moby/moby#37852
• BuildKit: Enable net modes and bridge. moby/moby#37620

• BuildKit: Change --console=[auto,false,true] to --progress=[auto,plain,tty] docker/cli#1276
• BuildKit: Set BuildKit's ExportedProduct variable to show useful errors in the future. moby/moby#37439

• BuildKit: Do not cancel buildkit status request. moby/moby#37597
• Fix no error is shown if build args are missing during docker build moby/moby#37396
• Fix error "unexpected EOF" when adding an 8GB file moby/moby#37771
• LCOW: Ensure platform is populated on COPY/ADD. moby/moby#37563

Client

• Add docker engine subcommand to manage the lifecycle of a Docker Engine running as a privileged container on top of containerd, and to allow upgrades to Docker Engine Enterprise docker/cli#1260
• Expose product license in docker info output docker/cli#1313
• Show warnings produced by daemon in docker info output docker/cli#1225

• Hide --data-path-addr flags when connected to a daemon that doesn't support this option docker/docker/cli#1240
• Only show buildkit-specific flags if BuildKit is enabled docker/cli#1438 / docker/cli#1427
• Improve version output alignment docker/cli#1204
• Sort plugin names and networks in a natural order docker/cli#1166, docker/cli#1266
• Updated bash and zsh completion scripts

• Fix mapping a range of host ports to a single container port docker/cli#1102
• Fix trust inspect typo: "AdminstrativeKeys" docker/cli#1300
• Fix environment file parsing for imports of absent variables and those with no n...

18.06.3-ce

Changelog

For more information on the list of deprecated flags and APIs, have a look at
https://docs.docker.com/engine/deprecated/ where you can find the target removal dates

18.06.3-ce (2019-02-19)

• Change the way runc critical vulnerability patch is applied so the fix is included in RPM packages. docker/engine#156

18.06.2-ce (2019-02-11)

Security

• Update runc to address a critical vulnerability that allows specially-crafted containers to gain administrative privileges on the host. (CVE-2019-5736)

18.06.1-ce (2018-08-21)

Builder

• Fix no error if build args are missing during docker build. docker/engine#25

• Set BuildKit's ExportedProduct variable to show useful errors. docker/engine#21

Client

• Various shell completion script updates. docker/cli#1229 docker/cli#1268 docker/cli#1272

• Fix DOCKER_CONFIG warning message and fallback search. docker/cli#1241
• Fix help message flags on docker stack commands and sub-commands. docker/cli#1267

Runtime

• Disable CRI plugin listening on port 10010 by default. docker/engine#29
• Update containerd to v1.1.2. docker/engine#33

• Windows: Do not invoke HCS shutdown if terminate called. docker/engine#31

• Windows: Select polling-based watcher for Windows log watcher. docker/engine#34

Swarm Mode

• Fix the condition used for skipping over running tasks. docker/swarmkit#2677
• Fix task sorting. docker/swarmkit#2712

18.06.0-ce (2018-07-18)

Important notes about this release

• Docker 18.06 CE will be the last release with a 4-month maintenance lifecycle. The planned Docker 18.09 CE release will be supported for 7 months with Docker 19.03 CE being the next release in line. More details about the release process can be found here.

Builder

• Builder: fix layer leak on multi-stage wildcard copy. moby/moby#37178
• Fix parsing of invalid environment variable substitution . moby/moby#37134
• Builder: use the arch info from base image. moby/moby#36816 moby/moby#37197

• New experimental builder backend based on BuildKit. To enable, run daemon in experimental mode and set DOCKER_BUILDKIT=1 environment variable on the docker CLI. moby/moby#37151 docker/cli#1111

• Fix handling uppercase targets names in multi-stage builds. moby/moby#36960

Client

• Bump spf13/cobra to v0.0.3, pflag to v1.0.1. moby/moby#37106
• Add support for the new Stack API for Kubernetes v1beta2. docker/cli#899
• K8s: more robust stack error detection on deploy. docker/cli#948
• Support for rollback config in compose 3.7. docker/cli#409
• Update Cobra and pflag, and use built-in --version feature. docker/cli#1069
• Fix docker stack deploy --prune with empty name removing all services. docker/cli#1088
• [Kubernetes] stack services filters. docker/cli#1023

• Only show orchestrator flag in root, stack and version commands in help. docker/cli#1106
• Add an Extras field on the compose config types. docker/cli#1126
• Add options to the compose loader. docker/cli#1128

• Fix always listing nodes in docker stack ps command on Kubernetes. docker/cli#1093
• Fix output being shown twice on stack rm error message. docker/cli#1093

• Extend client API with custom HTTP requests. moby/moby#37071
• Changed error message for unreadable files to clarify possibility of a .Dockerignore entry. docker/cli#1053
• Restrict kubernetes.allNamespaces value to 'enabled' or 'disabled' in configuration file. docker/cli#1087
• Check errors when initializing the docker client in the help command. docker/cli#1119
• Better namespace experience with Kubernetes. Fix using namespace defined in ~/.kube/config for stack commands. Add a NAMESPACE column for docker stack ls command. Add a --all-namespaces flag for docker stack ls command. docker/cli#991
• Export Push and Save. docker/cli#1123
• Export pull as a public function. docker/cli#1026
• Remove Kubernetes commands from experimental. docker/cli#1068
• Adding configs/secrets to service inspect pretty. docker/cli#1006

• Fix service filtering by name on Kubernetes. docker/cli#1101
• Fix component information alignment in docker version. docker/cli#1065
• Fix cpu/memory limits and reservations being reset on service update. docker/cli#1079

• Manifest list: request specific permissions. docker/cli#1024
• Setting --orchestrator=all also sets --all-namespaces unless specific --namespace are set. docker/cli#1059

• Fix panics when --compress and --stream are used together. docker/cli#1105

• Switch from x/net/context to context. docker/cli#1038

• Add --init option to docker service create. docker/cli#479
• Fixed bug displaying garbage output for build command when --stream and --quiet flags combined. docker/cli#1090
• Add init support in 3.7 schema. docker/cli#1129

• Fix docker trust signer removal. docker/cli#1112
• Fix error message from docker inspect. docker/cli#1071

• Allow x-* extension on 3rd level objects. docker/cli#1097
• An invalid orchestrator now generates an error instead of being silently ignored. docker/cli#1055
• Added ORCHESTRATOR column to docker stack ls command. docker/cli#973
• Warn when using host-ip for published ports for services. docker/cli#1017

• Added the option to enable experimental cli features through the DOCKER_CLI_EXPERIMENTAL environment variable. docker/cli#1138
• Add exec_die to the list of known container events. docker/cli#1028

• [K8s] Do env-variable expansion on the uninterpreted Config files. docker/cli#974

• Print warnings on stderr for each unsupported features while parsing a compose file for deployment on Kubernetes. docker/cli#903
• Added description about pids count. docker/cli#1045

• Warn user of filter when pruning. docker/cli#1043
• Fix --rollback-* options overwriting --update-* options. docker/cli#1052

• Update Attach, Build, Commit, Cp, Create subcommand fish completions. docker/cli#1005

• Add bash completion for dockerd --default-address-pool. docker/cli#1173
• Add bash completion for exec_die event. docker/cli#1173

• Update docker-credential-helper so pass is not called on every docker command. docker/cli#1184
• Fix for rotating swarm external CA. docker/cli#1199
• Improve version output alignment. docker/cli#1207

• Add bash completion for service create|update --init. docker/cli#1210

Deprecation

• Document reserved namespaces deprecation. docker/cli#1040

Logging

• Allow awslogs to use non-blocking mode. moby/moby#36522
• Improve logging of long log lines on fluentd log driver.. moby/moby#36159
• Re-order CHANGELOG.md to pass make validate test. moby/moby#37047
• Update Events, Exec, Export...

18.09.2

Changelog

For official release notes for Docker Engine CE and Docker Engine EE, visit the release notes page.

18.09.2 (2019-02-11)

Security

• Update runc to address a critical vulnerability that allows specially-crafted containers to gain administrative privileges on the host. (CVE-2019-5736)

18.09.1 (2019-01-09)

Builder

• Fix inefficient networking config. docker/engine#123
• Fix docker system prune doesn't accept until filter. docker/engine#122
• Avoid unset credentials in containerd. docker/engine#122

• Update to BuildKit 0.3.3. docker/engine#122

• Additional warnings for use of deprecated legacy overlay and devicemapper storage dirvers. docker/engine#85

Client

• Add bash completion for experimental CLI commands (manifest). docker/cli#1542

• Fix yamldocs outputing [flags] in usage output. docker/cli#1540
• Fix setting default schema to tcp for docker host. docker/cli#1454
• prune: perform image pruning before build cache pruning. docker/cli#1532
• Fix bash completion for service update --force. docker/cli#1526

Networking

• Fix iptables compatibility on debian. docker/engine#107

Packaging

• Add docker.socket requirement for docker.service. docker/docker-ce-packaging#276
• Add socket activation for RHEL-based distributions. docker/docker-ce-packaging#274

• Add libseccomp requirement for RPM packages. docker/docker-ce-packaging#266

Runtime

• Add /proc/asound to masked paths. docker/engine#126
• Update to containerd 1.2.1-rc.0. docker/engine#121

• Windows: allow process isolation. docker/engine#81

• Windows: DetachVhd attempt in cleanup docker/engine#113
• API: properly handle invalid JSON to return a 400 status. docker/engine#110
• API: ignore default address-pools on API < 1.39. docker/engine#118
• API: add missing default address pool fields to swagger. docker/engine#119
• awslogs: account for UTF-8 normalization in limits. docker/engine#112
• Prohibit reading more than 1MB in HTTP error responses. docker/engine#114
• apparmor: allow receiving of signals from docker kill. docker/engine#116
• overlay2: use index=off if possible (fix EBUSY on mount). docker/engine#84

18.09.0 (2018-11-08)

Deprecation

For more information on the list of deprecated flags and APIs, have a look at
https://docs.docker.com/engine/deprecated/ where you can find the target removal dates

• Deprecate devicemapper storage driver docker/cli#1455 / docker/cli#1424
• Deprecate legacy overlay storage driver docker/cli#1455 / docker/cli#1425
• Remove support for TLS < 1.2 moby/moby#37660
• Remove Ubuntu 14.04 "Trusty Tahr" as a supported platform docker-ce-packaging#255 / docker-ce-packaging#254
• Remove Debian 8 "Jessie" as a supported platform docker-ce-packaging#255 / docker-ce-packaging#254

API

• Update API version to 1.39 moby/moby#37640
• Add support for remote connections using SSH docker/cli#1014
• Builder: add prune options to the API moby/moby#37651
• Add "Warnings" to /info endpoint, and move detection to the daemon moby/moby#37502

• Do not return "<unknown>" in /info response moby/moby#37472

Builder

• Allow BuildKit builds to run without experimental mode enabled. Buildkit can now be configured with an option in daemon.json moby/moby#37593 moby/moby#37686 moby/moby#37692 docker/cli#1303 docker/cli#1275
• Add support for build-time secrets using a --secret flag when using BuildKit docker/cli#1288
• Add SSH agent socket forwarder (docker build --ssh $SSHMOUNTID=$SSH_AUTH_SOCK) when using BuildKit docker/cli#1438 / docker/cli#1419
• Add --chown flag support for ADD and COPY commands on Windows moby/moby#35521
• Add builder prune subcommand to prune BuildKit build cache docker/cli#1295 docker/cli#1334
• BuildKit: Add configurable garbage collection policy for the BuildKit build cache docker/engine#59 / moby/moby#37846
• BuildKit: Add support for docker build --pull ... when using BuildKit moby/moby#37613
• BuildKit: Add support or "registry-mirrors" and "insecure-registries" when using BuildKit docker-archive/engine#59](docker-archive/engine#59) / moby/moby#37852
• BuildKit: Enable net modes and bridge. moby/moby#37620

• BuildKit: Change --console=[auto,false,true] to --progress=[auto,plain,tty] docker/cli#1276
• BuildKit: Set BuildKit's ExportedProduct variable to show useful errors in the future. moby/moby#37439

• BuildKit: Do not cancel buildkit status request. moby/moby#37597
• Fix no error is shown if build args are missing during docker build moby/moby#37396
• Fix error "unexpected EOF" when adding an 8GB file moby/moby#37771
• LCOW: Ensure platform is populated on COPY/ADD. moby/moby#37563

Client

• Add docker engine subcommand to manage the lifecycle of a Docker Engine running as a privileged container on top of containerd, and to allow upgrades to Docker Engine Enterprise docker/cli#1260
• Expose product license in docker info output docker/cli#1313
• Show warnings produced by daemon in docker info output docker/cli#1225

• Hide --data-path-addr flags when connected to a daemon that doesn't support this option docker/docker/cli#1240
• Only show buildkit-specific flags if BuildKit is enabled docker/cli#1438 / docker/cli#1427
• Improve version output alignment docker/cli#1204
• Sort plugin names and networks in a natural order docker/cli#1166, docker/cli#1266
• Updated bash and zsh completion scripts

• Fix mapping a range of host ports to a single container port docker/cli#1102
• Fix trust inspect typo: "AdminstrativeKeys" docker/cli#1300
• Fix environment file parsing for imports of absent variables and those with no name. docker/cli#1019
• Fix a potential "out of memory exception" when running docker image prune with a large list of dangling images docker/cli#1432 / docker/cli#1423
• Fix pipe handling in ConEmu and ConsoleZ on Windows moby/moby#37600
• Fix long startup on windows, with non-hns governed Hyper-V networks docker/engine#67 / moby/moby#37774

Daemon

• Fix daemon won't start when "runtimes" option is defined both in config file and cli docker/engine#57 / [moby/moby#37871](https://gith...

18.06.2-ce

Changelog

For more information on the list of deprecated flags and APIs, have a look at
https://docs.docker.com/engine/deprecated/ where you can find the target removal dates

18.06.2-ce (2019-02-11)

Security

• Update runc to address a critical vulnerability that allows specially-crafted containers to gain administrative privileges on the host. (CVE-2019-5736)

18.06.1-ce (2018-08-21)

Builder

• Fix no error if build args are missing during docker build. docker/engine#25

• Set BuildKit's ExportedProduct variable to show useful errors. docker/engine#21

Client

• Various shell completion script updates. docker/cli#1229 docker/cli#1268 docker/cli#1272

• Fix DOCKER_CONFIG warning message and fallback search. docker/cli#1241
• Fix help message flags on docker stack commands and sub-commands. docker/cli#1267

Runtime

• Disable CRI plugin listening on port 10010 by default. docker/engine#29
• Update containerd to v1.1.2. docker/engine#33

• Windows: Do not invoke HCS shutdown if terminate called. docker/engine#31

• Windows: Select polling-based watcher for Windows log watcher. docker/engine#34

Swarm Mode

• Fix the condition used for skipping over running tasks. docker/swarmkit#2677
• Fix task sorting. docker/swarmkit#2712

18.06.0-ce (2018-07-18)

Important notes about this release

• Docker 18.06 CE will be the last release with a 4-month maintenance lifecycle. The planned Docker 18.09 CE release will be supported for 7 months with Docker 19.03 CE being the next release in line. More details about the release process can be found here.

Builder

• Builder: fix layer leak on multi-stage wildcard copy. moby/moby#37178
• Fix parsing of invalid environment variable substitution . moby/moby#37134
• Builder: use the arch info from base image. moby/moby#36816 moby/moby#37197

• New experimental builder backend based on BuildKit. To enable, run daemon in experimental mode and set DOCKER_BUILDKIT=1 environment variable on the docker CLI. moby/moby#37151 docker/cli#1111

• Fix handling uppercase targets names in multi-stage builds. moby/moby#36960

Client

• Bump spf13/cobra to v0.0.3, pflag to v1.0.1. moby/moby#37106
• Add support for the new Stack API for Kubernetes v1beta2. docker/cli#899
• K8s: more robust stack error detection on deploy. docker/cli#948
• Support for rollback config in compose 3.7. docker/cli#409
• Update Cobra and pflag, and use built-in --version feature. docker/cli#1069
• Fix docker stack deploy --prune with empty name removing all services. docker/cli#1088
• [Kubernetes] stack services filters. docker/cli#1023

• Only show orchestrator flag in root, stack and version commands in help. docker/cli#1106
• Add an Extras field on the compose config types. docker/cli#1126
• Add options to the compose loader. docker/cli#1128

• Fix always listing nodes in docker stack ps command on Kubernetes. docker/cli#1093
• Fix output being shown twice on stack rm error message. docker/cli#1093

• Extend client API with custom HTTP requests. moby/moby#37071
• Changed error message for unreadable files to clarify possibility of a .Dockerignore entry. docker/cli#1053
• Restrict kubernetes.allNamespaces value to 'enabled' or 'disabled' in configuration file. docker/cli#1087
• Check errors when initializing the docker client in the help command. docker/cli#1119
• Better namespace experience with Kubernetes. Fix using namespace defined in ~/.kube/config for stack commands. Add a NAMESPACE column for docker stack ls command. Add a --all-namespaces flag for docker stack ls command. docker/cli#991
• Export Push and Save. docker/cli#1123
• Export pull as a public function. docker/cli#1026
• Remove Kubernetes commands from experimental. docker/cli#1068
• Adding configs/secrets to service inspect pretty. docker/cli#1006

• Fix service filtering by name on Kubernetes. docker/cli#1101
• Fix component information alignment in docker version. docker/cli#1065
• Fix cpu/memory limits and reservations being reset on service update. docker/cli#1079

• Manifest list: request specific permissions. docker/cli#1024
• Setting --orchestrator=all also sets --all-namespaces unless specific --namespace are set. docker/cli#1059

• Fix panics when --compress and --stream are used together. docker/cli#1105

• Switch from x/net/context to context. docker/cli#1038

• Add --init option to docker service create. docker/cli#479
• Fixed bug displaying garbage output for build command when --stream and --quiet flags combined. docker/cli#1090
• Add init support in 3.7 schema. docker/cli#1129

• Fix docker trust signer removal. docker/cli#1112
• Fix error message from docker inspect. docker/cli#1071

• Allow x-* extension on 3rd level objects. docker/cli#1097
• An invalid orchestrator now generates an error instead of being silently ignored. docker/cli#1055
• Added ORCHESTRATOR column to docker stack ls command. docker/cli#973
• Warn when using host-ip for published ports for services. docker/cli#1017

• Added the option to enable experimental cli features through the DOCKER_CLI_EXPERIMENTAL environment variable. docker/cli#1138
• Add exec_die to the list of known container events. docker/cli#1028

• [K8s] Do env-variable expansion on the uninterpreted Config files. docker/cli#974

• Print warnings on stderr for each unsupported features while parsing a compose file for deployment on Kubernetes. docker/cli#903
• Added description about pids count. docker/cli#1045

• Warn user of filter when pruning. docker/cli#1043
• Fix --rollback-* options overwriting --update-* options. docker/cli#1052

• Update Attach, Build, Commit, Cp, Create subcommand fish completions. docker/cli#1005

• Add bash completion for dockerd --default-address-pool. docker/cli#1173
• Add bash completion for exec_die event. docker/cli#1173

• Update docker-credential-helper so pass is not called on every docker command. docker/cli#1184
• Fix for rotating swarm external CA. docker/cli#1199
• Improve version output alignment. docker/cli#1207

• Add bash completion for service create|update --init. docker/cli#1210

Deprecation

• Document reserved namespaces deprecation. docker/cli#1040

Logging

• Allow awslogs to use non-blocking mode. moby/moby#36522
• Improve logging of long log lines on fluentd log driver.. moby/moby#36159
• Re-order CHANGELOG.md to pass make validate test. moby/moby#37047
• Update Events, Exec, Export, History, Images, Import, Inspect, Load, and Login subcommand fish completions. docker/cli#1061
• Update documentation for RingLogger's ring buffer. [mo...