Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This release of Docker Engine comes with a fix for a low-severity security issue,
some minor bug fixes, and updated versions of Docker Compose, Docker Buildx,
containerd, and runc.
Client
Add Bash completion for Docker Compose docker/cli#3752.
Builder
Fix an issue where file-capabilities were not preserved during build moby/moby#43876.
Fix an issue that could result in a panic caused by a concurrent map read and map write moby/moby#44067
Daemon
Fix a security vulnerability relating to supplementary group permissions, which
could allow a container process to bypass primary group restrictions within the
container CVE-2022-36109, GHSA-rc4r-wh2q-q6c4.
seccomp: add support for Landlock syscalls in default policy moby/moby#43991.
seccomp: update default policy to support new syscalls introduced in kernel 5.12 - 5.16 moby/moby#43991.
Fix an issue where cache lookup for image manifests would fail, resulting
in a redundant round-trip to the image registry moby/moby#44109.
Fix an issue where exec processes and healthchecks were not terminated
when they timed out moby/moby#44018.
Packaging
Update Docker Buildx to v0.9.1.
Update Docker Compose to v2.10.2.
Update containerd (containerd.io package) to v1.6.8.
Update runc to v1.1.4.
Update Go runtime to 1.18.6,
which contains fixes for CVE-2022-27664
and CVE-2022-32190.