From e87742cadd5b76d3a6347e46b17aadf86f4bf390 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pawe=C5=82=20Gronowski?= Date: Fri, 26 Jun 2026 13:12:23 +0200 Subject: [PATCH] engine: 29.6.1 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Paweł Gronowski --- content/manuals/engine/release-notes/29.md | 24 ++++++++++++++++++++++ hugo.yaml | 4 ++-- 2 files changed, 26 insertions(+), 2 deletions(-) diff --git a/content/manuals/engine/release-notes/29.md b/content/manuals/engine/release-notes/29.md index 08d98a8be7b9..f68e8c45a82f 100644 --- a/content/manuals/engine/release-notes/29.md +++ b/content/manuals/engine/release-notes/29.md @@ -22,6 +22,30 @@ For more information about: - Deprecated and removed features, see [Deprecated Engine Features](../deprecated.md). - Changes to the Engine API, see [Engine API version history](/reference/api/engine/version-history/). +## 29.6.1 + +{{< release-date date="2026-06-26" >}} + +For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones: + +- [docker/cli, 29.6.1 milestone](https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A29.6.1) +- [moby/moby, 29.6.1 milestone](https://github.com/moby/moby/issues?q=is%3Aclosed+milestone%3A29.6.1) + +### Security + +This release includes fixes for multiple security vulnerabilities affecting Docker Engine. + +- A malicious image could supply a malicious `/etc/passwd` or `/etc/group`-style file causing excessive memory consumption, potentially resulting in process termination due to Out Of Memory (OOM) conditions. [GHSA-mjcv-p78q-w5fw](https://github.com/moby/sys/security/advisories/GHSA-mjcv-p78q-w5fw), [GHSA-jpcc-p29g-p8mq](https://github.com/containerd/containerd/security/advisories/GHSA-jpcc-p29g-p8mq), [GHSA-72x6-4j93-7w86](https://github.com/moby/buildkit/security/advisories/GHSA-72x6-4j93-7w86) +- A custom frontend could send a crafted build request that disabled Seccomp and AppArmor protections for the build container, even if the user did not explicitly allow the security.insecure entitlement. Other security measures, like Linux capabilities were still applied to these containers. [GHSA-7236-3392-c5c6](https://github.com/moby/buildkit/security/advisories/GHSA-7236-3392-c5c6) + +### Bug fixes and enhancements + +- Update containerd (static binaries) to [v2.2.5](https://github.com/containerd/containerd/releases/tag/v2.2.5). [moby/moby#52950](https://github.com/moby/moby/pull/52950) + +### Packaging updates + +- Update BuildKit to [v0.31.1](https://github.com/moby/buildkit/releases/tag/v0.31.1). [moby/moby#52954](https://github.com/moby/moby/pull/52954) + ## 29.6.0 {{< release-date date="2026-06-18" >}} diff --git a/hugo.yaml b/hugo.yaml index 76fa1c47dd32..ebdac3290a0f 100644 --- a/hugo.yaml +++ b/hugo.yaml @@ -162,10 +162,10 @@ params: # Latest version of the Docker Engine API latest_engine_api_version: "1.55" # Latest version of Docker Engine - docker_ce_version: "29.6.0" + docker_ce_version: "29.6.1" # Previous version of the Docker Engine # (Used to show e.g., "latest" and "latest"-1 in engine install examples - docker_ce_version_prev: "29.5.3" + docker_ce_version_prev: "29.6.0" # Latest Docker Compose version compose_version: "v5.1.2" # Latest BuildKit version