Recommended update for docker, docker-image-migrator
| Announcement ID: | SUSE-RU-2016:1125-1 |
| Rating: | moderate |
| References: | #963142 #964468 #965600 #965918 #968933 #968937 #968972 #970637 |
| Affected Products: |
An update that has 8 recommended fixes can now be installed.
Description:
This update provides Docker 1.10.3, bringing several fixes and
enhancements:
- Add usernamespace support.
- Add support for custom seccomp profiles.
- Improvements in network and volume management.
- Let docker manage the cgroups of the processes that it launches without
systemd. (bsc#968972)
- Recommend docker-image-migrator. (bsc#968933)
- Register /run/secrets as a mountpoint, so that it is unmounted properly
when the container is removed and thus container removal works.
(bsc#963142)
- Add no-downtime migration package "docker-image-migrator". (bsc#968937,
fate#320637)
Runtime:
- Fix Docker client exiting with an "Unrecognized input header" error.
- Fix Docker exiting if Exec is started with both AttachStdin and Detach.
- Prevent systemd from deleting containers' cgroups when its configuration
is reloaded.
- Fix SELinux issues by disregarding --read-only when mounting /dev/mqueue.
- Fix chown permissions used during docker cp when userns is used.
- Fix configuration loading issue with all booleans defaulting to true.
- Fix occasional panic with docker logs -f.
Distribution:
- Fix a crash when pushing multiple images sharing the same layers to the
same repository in parallel.
- Fix a panic when pushing images to a registry which uses a misconfigured
token service.
- Keep layer reference if deletion failed to avoid a badly inconsistent
state.
- Handle gracefully a corner case when canceling migration.
- Fix docker import on compressed data.
- Fix tar-split files corruption during migration that later cause docker
push and docker save to fail.
Networking:
- Fix daemon crash if embedded DNS is sent garbage.
Plugin system:
- Fix issue preventing volume plugins to start when SELinux is enabled.
- Prevent Docker from exiting if a volume plugin returns a null response
for Get requests.
- Fix plugin system leaking file descriptors if a plugin has an error.
Volumes:
- Fix issue with multiple volume references with same name.
Security:
- Fix linux32 emulation to fail during docker build.
- Fix Oracle XE 10g failing to start in a container.
- Fix issue preventing daemon to start if userns is enabled and the subuid
or subgid files contain comments.
- Fix potential cache corruption and delegation conflict issues.
For a comprehensive list of changes, please refer to the following Release
Notes:
- https://github.com/docker/docker/releases/tag/v1.10.3
- https://github.com/docker/docker/releases/tag/v1.10.2
- https://github.com/docker/docker/releases/tag/v1.10.1
- https://github.com/docker/docker/releases/tag/v1.10.0
Patch Instructions:
To install this SUSE Recommended Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE OpenStack Cloud 6:
zypper in -t patch SUSE-OpenStack-Cloud-6-2016-660=1 - SUSE Linux Enterprise Module for Containers 12:
zypper in -t patch SUSE-SLE-Module-Containers-12-2016-660=1
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE OpenStack Cloud 6 (x86_64):
- docker-1.10.3-63.1
- docker-debuginfo-1.10.3-63.1
- docker-debugsource-1.10.3-63.1
- docker-image-migrator-1.0.2-2.2
- docker-image-migrator-debuginfo-1.0.2-2.2
- docker-image-migrator-debugsource-1.0.2-2.2
- SUSE Linux Enterprise Module for Containers 12 (ppc64le s390x x86_64):
- docker-1.10.3-63.1
- docker-debuginfo-1.10.3-63.1
- docker-debugsource-1.10.3-63.1
- docker-image-migrator-1.0.2-2.2
- docker-image-migrator-debuginfo-1.0.2-2.2
- docker-image-migrator-debugsource-1.0.2-2.2