Recommended update for docker, docker-image-migrator
| Announcement ID: | SUSE-RU-2016:1125-1 |
|---|---|
| Rating: | moderate |
| References: | |
| Affected Products: |
|
An update that has eight fixes can now be installed.
Description:
This update provides Docker 1.10.3, bringing several fixes and enhancements:
- Add usernamespace support.
- Add support for custom seccomp profiles.
- Improvements in network and volume management.
- Let docker manage the cgroups of the processes that it launches without systemd. (bsc#968972)
- Recommend docker-image-migrator. (bsc#968933)
- Register /run/secrets as a mountpoint, so that it is unmounted properly when the container is removed and thus container removal works. (bsc#963142)
- Add no-downtime migration package "docker-image-migrator". (bsc#968937, fate#320637)
Runtime:
- Fix Docker client exiting with an "Unrecognized input header" error.
- Fix Docker exiting if Exec is started with both AttachStdin and Detach.
- Prevent systemd from deleting containers' cgroups when its configuration is reloaded.
- Fix SELinux issues by disregarding --read-only when mounting /dev/mqueue.
- Fix chown permissions used during docker cp when userns is used.
- Fix configuration loading issue with all booleans defaulting to true.
- Fix occasional panic with docker logs -f.
Distribution:
- Fix a crash when pushing multiple images sharing the same layers to the same repository in parallel.
- Fix a panic when pushing images to a registry which uses a misconfigured token service.
- Keep layer reference if deletion failed to avoid a badly inconsistent state.
- Handle gracefully a corner case when canceling migration.
- Fix docker import on compressed data.
- Fix tar-split files corruption during migration that later cause docker push and docker save to fail.
Networking:
- Fix daemon crash if embedded DNS is sent garbage.
Plugin system:
- Fix issue preventing volume plugins to start when SELinux is enabled.
- Prevent Docker from exiting if a volume plugin returns a null response for Get requests.
- Fix plugin system leaking file descriptors if a plugin has an error.
Volumes:
- Fix issue with multiple volume references with same name.
Security:
- Fix linux32 emulation to fail during docker build.
- Fix Oracle XE 10g failing to start in a container.
- Fix issue preventing daemon to start if userns is enabled and the subuid or subgid files contain comments.
- Fix potential cache corruption and delegation conflict issues.
For a comprehensive list of changes, please refer to the following Release Notes:
- https://github.com/docker/docker/releases/tag/v1.10.3
- https://github.com/docker/docker/releases/tag/v1.10.2
- https://github.com/docker/docker/releases/tag/v1.10.1
- https://github.com/docker/docker/releases/tag/v1.10.0
Patch Instructions:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
-
SUSE OpenStack Cloud 6
zypper in -t patch SUSE-OpenStack-Cloud-6-2016-660=1 -
Containers Module 12
zypper in -t patch SUSE-SLE-Module-Containers-12-2016-660=1
Package List:
-
SUSE OpenStack Cloud 6 (x86_64)
- docker-image-migrator-1.0.2-2.2
- docker-debugsource-1.10.3-63.1
- docker-image-migrator-debugsource-1.0.2-2.2
- docker-debuginfo-1.10.3-63.1
- docker-image-migrator-debuginfo-1.0.2-2.2
- docker-1.10.3-63.1
-
Containers Module 12 (ppc64le s390x x86_64)
- docker-image-migrator-1.0.2-2.2
- docker-debugsource-1.10.3-63.1
- docker-image-migrator-debugsource-1.0.2-2.2
- docker-debuginfo-1.10.3-63.1
- docker-image-migrator-debuginfo-1.0.2-2.2
- docker-1.10.3-63.1
References:
- https://bugzilla.suse.com/show_bug.cgi?id=963142
- https://bugzilla.suse.com/show_bug.cgi?id=964468
- https://bugzilla.suse.com/show_bug.cgi?id=965600
- https://bugzilla.suse.com/show_bug.cgi?id=965918
- https://bugzilla.suse.com/show_bug.cgi?id=968933
- https://bugzilla.suse.com/show_bug.cgi?id=968937
- https://bugzilla.suse.com/show_bug.cgi?id=968972
- https://bugzilla.suse.com/show_bug.cgi?id=970637