Browse code
Bump version to v1.3.3
Conflicts:
VERSION
Signed-off-by: Cristian Staretu <cristian.staretu@gmail.com>
Signed-off-by: Tibor Vass <teabee89@gmail.com>
unclejack authored on 2014/12/01 20:00:44Showing 2 changed files
| ... | ... |
@@ -1,5 +1,19 @@ |
| 1 | 1 |
# Changelog |
| 2 | 2 |
|
| 3 |
+## 1.3.3 (2014-12-11) |
|
| 4 |
+ |
|
| 5 |
+#### Security |
|
| 6 |
+- Fix path traversal vulnerability in processing of absolute symbolic links (CVE-2014-9356) |
|
| 7 |
+- Fix decompression of xz image archives, preventing privilege escalation (CVE-2014-9357) |
|
| 8 |
+- Validate image IDs (CVE-2014-9358) |
|
| 9 |
+ |
|
| 10 |
+#### Runtime |
|
| 11 |
+- Fix an issue when image archives are being read slowly |
|
| 12 |
+ |
|
| 13 |
+#### Client |
|
| 14 |
+- Fix a regression related to stdin redirection |
|
| 15 |
+- Fix a regression with `docker cp` when destination is the current directory |
|
| 16 |
+ |
|
| 3 | 17 |
## 1.3.2 (2014-11-20) |
| 4 | 18 |
|
| 5 | 19 |
#### Security |