v25.0.5
25.0.5
For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:
- docker/cli, 25.0.5 milestone
- moby/moby, 25.0.5 milestone
- Deprecated and removed features, see Deprecated Features.
- Changes to the Engine API, see API version history.
Security
This release contains a security fix for CVE-2024-29018, a potential data exfiltration from 'internal' networks via authoritative DNS servers.
Bug fixes and enhancements
- CVE-2024-29018: Do not forward requests to external DNS servers for a container that is only connected to an 'internal' network. Previously, requests were forwarded if the host's DNS server was running on a loopback address, like systemd's 127.0.0.53. moby/moby#47589
- plugin: fix mounting /etc/hosts when running in UserNS. moby/moby#47588
- rootless: fix
open /etc/docker/plugins: permission denied
. moby/moby#47587 - Fix multiple parallel
docker build
runs leaking disk space. moby/moby#47527