Docker Engine 26.1 release notes
This page describes the latest changes, additions, known issues, and fixes for Docker Engine version 26.1.
For more information about:
- Deprecated and removed features, see Deprecated Engine Features.
- Changes to the Engine API, see Engine API version history.
26.1.4
2024-06-05For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:
- docker/cli, 26.1.4 milestone
- moby/moby, 26.1.4 milestone
- Deprecated and removed features, see Deprecated Features.
- Changes to the Engine API, see API version history.
Security
This release updates the Go runtime to 1.21.11 which contains security fixes for:
- CVE-2024-24789
- CVE-2024-24790
- A symlink time of check to time of use race condition during directory removal reported by Addison Crump.
Bug fixes and enhancements
- Fixed an issue where promoting a node immediately after another node was demoted could cause the promotion to fail. moby/moby#47870
- Prevent the daemon log from being spammed with
superfluous response.WriteHeader call ...
messages. moby/moby#47843 - Don't show empty hints when plugins return an empty hook message. docker/cli#5083
- Fix a compatibility issue with Visual Studio Container Tools. docker/cli#5095
Packaging updates
- Update containerd (static binaries only) to v1.7.17. moby/moby#47841
- CVE-2024-24789, CVE-2024-24790: Update Go runtime to 1.21.11. moby/moby#47904
- Update Compose to v2.27.1. docker/docker-ce-packages#1022
- Update Buildx to v0.14.1. docker/docker-ce-packages#1021
26.1.3
2024-05-16For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:
- docker/cli, 26.1.3 milestone
- moby/moby, 26.1.3 milestone
- Deprecated and removed features, see Deprecated Features.
- Changes to the Engine API, see API version history.
Bug fixes and enhancements
- Fix a regression that prevented the use of DNS servers within a
--internal
network. moby/moby#47832 - When the internal DNS server's own address is supplied as an external server address, ignore it to avoid unproductive recursion. moby/moby#47833
Packaging updates
- Allow runc to kill containers when confined to the runc profile in AppArmor version 4.0.0 and later. moby/moby#47829
26.1.2
2024-05-08For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:
- docker/cli, 26.1.2 milestone
- moby/moby, 26.1.2 milestone
- Deprecated and removed features, see Deprecated Features.
- Changes to the Engine API, see API version history.
Bug fixes and enhancements
- Fix an issue where the CLI process would sometimes hang when a container failed to start. docker/cli#5062
Packaging updates
- Update Go runtime to 1.21.10. moby/moby#47806
26.1.1
2024-04-30For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:
- docker/cli, 26.1.1 milestone
- moby/moby, 26.1.1 milestone
- Deprecated and removed features, see Deprecated Features.
- Changes to the Engine API, see API version history.
Bug fixes and enhancements
- Fix
docker run -d
printing ancontext canceled
spurious error when OpenTelemetry is configured. docker/cli#5044 - Experimental environment variable
DOCKER_BRIDGE_PRESERVE_KERNEL_LL=1
will prevent the daemon from removing the kernel-assigned link local address on a Linux bridge. moby/moby#47775 - Resolve an issue preventing container creation on hosts with a read-only
/proc/sys/net
filesystem. If IPv6 cannot be disabled on an interface due to this, either disable IPv6 by default on the host or ensure/proc/sys/net
is read-write. To bypass the error, set the environment variableDOCKER_ALLOW_IPV6_ON_IPV4_INTERFACE=1
before starting the Docker daemon. moby/moby#47769
Note
The
DOCKER_ALLOW_IPV6_ON_IPV4_INTERFACE
is added as a temporary fix and will be phased out in a future major release, when the IPv6 enablement process has been improved.
Packaging updates
- Update BuildKit to v0.13.2. moby/moby#47762
- Update Compose to v2.27.0. docker/docker-ce-packages#1017
26.1.0
2024-04-22For a full list of pull requests and changes in this release, refer to the relevant GitHub milestones:
- docker/cli, 26.1.0 milestone
- moby/moby, 26.1.0 milestone
- Deprecated and removed features, see Deprecated Features.
- Changes to the Engine API, see API version history.
New
- Added configurable OpenTelemetry utilities and basic instrumentation to commands. For more information, see OpenTelemetry for the Docker CLI. docker/cli#4889
Bug fixes and enhancements
-
Native Windows containers are configured with an internal DNS server for container name resolution, and external DNS servers for other lookups. Not all resolvers, including
nslookup
, fall back to the external resolvers when they get aSERVFAIL
answer from the internal server. So, the internal DNS server can now be configured to forward requests to the external resolvers, by setting afeature
option in thedaemon.json
file:{ "features": { "windows-dns-proxy": true } }
Note
- This will be the new default behavior in Docker Engine 27.0.
- The
windows-dns-proxy
feature flag will be removed in a future release.
-
Swarm: Fix
Subpath
not being passed to the container config. moby/moby#47711 -
Classic builder: Fix cache miss on
WORKDIR <directory>/
build step (directory with a trailing slash). moby/moby#47723 -
containerd image store: Fix
docker images
failing when any image in the store has unexpected target. moby/moby#47738