github.com/codemac/docker@v1.2.1-0.20150518222241-6a18412d5b9c/docs/sources/docker-hub-enterprise/release-notes.md (about)

     1  page_title: Docker Hub Enterprise: Release notes
     2  page_description: Release notes for Docker Hub Enterprise
     3  page_keywords: docker, documentation, about, technology, understanding, enterprise, hub, registry, release
     4  
     5  # Release Notes
     6  
     7  ## Docker Hub Enterprise
     8  
     9  ### DHE 1.0.1
    10  (11 May 2015)
    11  
    12  - Addresses compatibility issue with 1.6.1 CS Docker Engine
    13  
    14  ### DHE 1.0.0
    15  (23 Apr 2015)
    16  
    17  - First release
    18  
    19  ## Commercialy Supported Docker Engine
    20  
    21  ### CS Docker Engine 1.6.2
    22  (13 May 2015)
    23  
    24  Fix mount regression for `/sys`.
    25  
    26  
    27  ### CS Docker Engine 1.6.1
    28  (11 May 2015)
    29  
    30  Docker Engine version 1.6.1 has been released to address several vulnerabilities
    31  and is immediately available for all supported platforms. Users are advised to
    32  upgrade existing installations of the Docker Engine and use 1.6.1 for new installations.
    33  
    34  It should be noted that each of the vulnerabilities allowing privilege escalation
    35  may only be exploited by a malicious Dockerfile or image.  Users are advised to
    36  run their own images and/or images built by trusted parties, such as those in
    37  the official images library.
    38  
    39  Please send any questions to security@docker.com.
    40  
    41  
    42  #### **[CVE-2015-3629](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3629) Symlink traversal on container respawn allows local privilege escalation**
    43  
    44  Libcontainer version 1.6.0 introduced changes which facilitated a mount namespace
    45  breakout upon respawn of a container. This allowed malicious images to write
    46  files to the host system and escape containerization.
    47  
    48  Libcontainer and Docker Engine 1.6.1 have been released to address this
    49  vulnerability. Users running untrusted images are encouraged to upgrade Docker Engine.
    50  
    51  Discovered by Tõnis Tiigi.
    52  
    53  
    54  #### **[CVE-2015-3627](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3627) Insecure opening of file-descriptor 1 leading to privilege escalation**
    55  
    56  The file-descriptor passed by libcontainer to the pid-1 process of a container
    57  has been found to be opened prior to performing the chroot, allowing insecure
    58  open and symlink traversal. This allows malicious container images to trigger
    59  a local privilege escalation.
    60  
    61  Libcontainer and Docker Engine 1.6.1 have been released to address this
    62  vulnerability. Users running untrusted images are encouraged to upgrade
    63  Docker Engine.
    64  
    65  Discovered by Tõnis Tiigi.
    66  
    67  #### **[CVE-2015-3630](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3630) Read/write proc paths allow host modification & information disclosure**
    68  
    69  Several paths underneath /proc were writable from containers, allowing global
    70  system manipulation and configuration. These paths included `/proc/asound`,
    71  `/proc/timer_stats`, `/proc/latency_stats`, and `/proc/fs`.
    72  
    73  By allowing writes to `/proc/fs`, it has been noted that CIFS volumes could be
    74  forced into a protocol downgrade attack by a root user operating inside of a
    75  container. Machines having loaded the timer_stats module were vulnerable to
    76  having this mechanism enabled and consumed by a container.
    77  
    78  We are releasing Docker Engine 1.6.1 to address this vulnerability. All
    79  versions up to 1.6.1 are believed vulnerable. Users running untrusted
    80  images are encouraged to upgrade.
    81  
    82  Discovered by Eric Windisch of the Docker Security Team.
    83  
    84  #### **[CVE-2015-3631](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3631) Volume mounts allow LSM profile escalation**
    85  
    86  By allowing volumes to override files of `/proc` within a mount namespace, a user
    87  could specify arbitrary policies for Linux Security Modules, including setting
    88  an unconfined policy underneath AppArmor, or a `docker_t` policy for processes
    89  managed by SELinux. In all versions of Docker up until 1.6.1, it is possible for
    90  malicious images to configure volume mounts such that files of proc may be overridden.
    91  
    92  We are releasing Docker Engine 1.6.1 to address this vulnerability. All versions
    93  up to 1.6.1 are believed vulnerable. Users running untrusted images are encouraged
    94  to upgrade.
    95  
    96  Discovered by Eric Windisch of the Docker Security Team.
    97  
    98  #### **AppArmor policy improvements**
    99  
   100  The 1.6.1 release also marks preventative additions to the AppArmor policy.
   101  Recently, several CVEs against the kernel have been reported whereby mount
   102  namespaces could be circumvented through the use of the sys_mount syscall from
   103  inside of an unprivileged Docker container. In all reported cases, the
   104  AppArmor policy included in libcontainer and shipped with Docker has been
   105  sufficient to deflect these attacks. However, we have deemed it prudent to
   106  proactively tighten the policy further by outright denying the use of the
   107  `sys_mount` syscall.
   108  
   109  Because this addition is preventative, no CVE-ID is requested.
   110  
   111  ### CS Docker Engine 1.6.0
   112  (23 Apr 2015)
   113  
   114  - First release, please see the [Docker Engine 1.6.0 Release notes](/release-notes/)
   115    for more details.