[El-errata] ELBA-2016-3532 Oracle Linux 6 docker-engine bug fix update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Mon Apr 11 14:39:39 PDT 2016

Oracle Linux Bug Fix Advisory ELBA-2016-3532


The following updated rpms for Oracle Linux 6 have been uploaded to the 
Unbreakable Linux Network:



Description of changes:

- Enable configuration of Docker daemon via sysconfig [orabug 21804877]
- Require UEK4 for docker 1.9 [orabug 22235639 22235645]

- Fix Docker client exiting with an "Unrecognized input header" error 
- Fix Docker exiting if Exec is started with both AttachStdin and Detach 
- Fix a crash when pushing multiple images sharing the same layers to 
the same repository in parallel 
- Fix a panic when pushing images to a registry which uses a 
misconfigured token service 
- Fix issue preventing volume plugins to start when SELinux is enabled 
- Prevent Docker from exiting if a volume plugin returns a null response 
for Get requests [#20682](https://github.com/docker/docker/pull/20682)
- Fix plugin system leaking file descriptors if a plugin has an error 
- Fix linux32 emulation to fail during docker build 
- Fix Oracle XE 10g failing to start in a container 
- Fix user namespaces not working on Linux From Scratch 
- Fix issue preventing daemon to start if userns is enabled and the 
subuid or subgid files contain comments 

- Prevent systemd from deleting containers' cgroups when its 
configuration is reloaded 
- Fix SELinux issues by disregarding --read-only when mounting 
/dev/mqueue [#20333](https://github.com/docker/docker/pull/20333)
- Fix chown permissions used during docker cp when userns is used 
- Fix configuration loading issue with all booleans defaulting to true 
- Fix occasional panic with docker logs -f 
- Keep layer reference if deletion failed to avoid a badly inconsistent 
state [#20513](https://github.com/docker/docker/pull/20513)
- Handle gracefully a corner case when canceling migration 
- Fix docker import on compressed data 
- Fix tar-split files corruption during migration that later cause 
docker push and docker save to fail 
- Fix daemon crash if embedded DNS is sent garbage 
- Fix issue with multiple volume references with same name 
- Fix potential cache corruption and delegation conflict issues 

- Do not stop daemon on migration hard failure 
- Fix various issues with migration to content-addressable images 
- Fix ZFS permission bug with user namespaces 
- Do not leak /dev/mqueue from the host to all containers, keep it 
container-specific [#19876](https://github.com/docker/docker/pull/19876) 
- Fix docker ps --filter before=... to not show stopped containers 
without providing -a flag 
- Fix issue preventing docker events to work properly with authorization 
plugin [#20002](https://github.com/docker/docker/pull/20002)
- Add additional verifications and prevent from uploading invalid data 
to registries [#20164](https://github.com/docker/docker/pull/20164)
- Fix regression preventing uppercase characters in image reference 
hostname [#20175](https://github.com/docker/docker/pull/20175)
- Fix embedded DNS for user-defined networks in the presence of 
firewalld [#20060](https://github.com/docker/docker/pull/20060)
- Fix issue where removing a network during shutdown left Docker 
inoperable [#20181](https://github.com/docker/docker/issues/20181) 
- Embedded DNS is now able to return compressed results 
- Fix port-mapping issue with userland-proxy=false 
- Fix bug where tcp+tls protocol would be rejected 
- Fix issue whereby older volume drivers would not receive volume 
options [#19983](https://github.com/docker/docker/pull/19983)
- Remove TasksMax from Docker systemd service 

- New docker update command that allows updating resource constraints on 
running containers [#15078](https://github.com/docker/docker/pull/15078)
- Add --tmpfs flag to docker run to create a tmpfs mount in a container 
- Add --format flag to docker images command 
- Allow to set daemon configuration in a file and hot-reload it with the 
SIGHUP signal [#18587](https://github.com/docker/docker/pull/18587)
- Updated docker events to include more meta-data and event types 
- Add --blkio-weight-device flag to docker run 
- Add --device-read-bps and --device-write-bps flags to docker run 
- Add --device-read-iops and --device-write-iops flags to docker run 
- Add --oom-score-adj flag to docker run 
- Add --detach-keys flag to attach, run, start and exec commands to 
override the default key sequence that detaches from a container 
- Add --shm-size flag to run, create and build to set the size of 
/dev/shm [#16168](https://github.com/docker/docker/pull/16168)
- Show the number of running, stopped, and paused containers in docker 
info [#19249](https://github.com/docker/docker/pull/19249)
- Show the OSType and Architecture in docker info 
- Add --cgroup-parent flag on daemon to set cgroup parent for all 
containers [#19062](https://github.com/docker/docker/pull/19062)
- Add -L flag to docker cp to follow symlinks 
- New status=dead filter for docker ps 
- Change docker run exit codes to distinguish between runtime and 
application errors [#14012](https://github.com/docker/docker/pull/14012)
- Enhance docker events --since and --until to support nanoseconds and 
timezones [#17495](https://github.com/docker/docker/pull/17495)
- Add --all/-a flag to stats to include both running and stopped 
containers [#16742](https://github.com/docker/docker/pull/16742)
- Change the default cgroup-driver to cgroupfs 
- Emit a "tag" event when tagging an image with build -t 
- Best effort for linked containers' start order when starting the 
daemon [#18208](https://github.com/docker/docker/pull/18208)
- Add ability to add multiple tags on build 
- Permit OPTIONS request against any url, thus fixing issue with CORS 
- Fix the --quiet flag on docker build to actually be quiet 
- Fix docker images --filter dangling=false to now show all non-dangling 
images [#19326](https://github.com/docker/docker/pull/19326)
- Fix race condition causing autorestart turning off on restart 
- Recognize GPFS filesystems 
- Fix obscure bug preventing to start containers 
- Forbid exec during container restart 
- devicemapper: Increasing --storage-opt dm.basesize will now increase 
the base device size on daemon restart 
- Add --userns-remap flag to daemon to support user namespaces 
(previously in experimental) 
- Add support for custom seccomp profiles in --security-opt 
- Add default seccomp profile 
- Add --authorization-plugin flag to daemon to customize ACLs 
- Docker Content Trust now supports the ability to read and write user 
delegations [#18887](https://github.com/docker/docker/pull/18887)
- Allow SELinux to run in a container when using the BTRFS storage 
driver [#16452](https://github.com/docker/docker/pull/16452)
- Use content-addressable storage for images and layers 
- Add support for the new [manifest format 
- Lots of improvements for push and pull: performance++, retries on 
failed downloads, cancelling on client disconnect 
- Limit v1 protocol fallbacks 
- Fix issue where docker could hang indefinitely waiting for a 
nonexistent process to pull an image 
- Use DNS-based discovery instead of /etc/hosts 
- Support for network-scoped alias using --net-alias on run and --alias 
on network connect [#19242](https://github.com/docker/docker/pull/19242)
- Add --ip and --ip6 on run and network connect to support custom IP 
addresses for a container in a network 
- Add --ipam-opt to network create for passing custom IPAM options 
- Add --internal flag to network create to restrict external access to 
and from the network [#19276](https://github.com/docker/docker/pull/19276)
- Add kv.path option to --cluster-store-opt 
- Add discovery.heartbeat and discovery.ttl options to 
--cluster-store-opt to configure discovery TTL and heartbeat timer 
- Add --format flag to network inspect 
- Add --link to network connect to provide a container-local alias 
- Support for Capability exchange with remote IPAM plugins 
- Add --force to network disconnect to force container to be 
disconnected from network 
- Support for multi-host networking using built-in overlay driver for 
all engine supported kernels: 3.10+ 
- --link is now supported on docker run for containers in user-defined 
network [#19229](https://github.com/docker/docker/pull/19229)
- Enhance docker network rm to allow removing multiple networks 
- Include container names in network inspect 
- Include auto-generated subnets for user-defined networks in network 
inspect [#17316](https://github.com/docker/docker/pull/17316)
- Add --filter flag to network ls to hide predefined networks 
- Add support for network connect/disconnect to stopped containers 
- Add network ID to container inspect 
- Fix MTU issue where Docker would not start with two or more default 
routes [#18108](https://github.com/docker/docker/pull/18108)
- Fix duplicate IP address for containers 
- Fix issue preventing sometimes docker from creating the bridge network 
- Do not substitute name server when using --net=host 
- New logging driver for Splunk 
- Add support for syslog over TCP+TLS 
- Enhance docker logs --since and --until to support nanoseconds and 
time [#17495](https://github.com/docker/docker/pull/17495)
- Enhance AWS logs to auto-detect region 
- Add support to set the mount propagation mode for a volume 
- Add ls and inspect endpoints to volume plugin API 
- Fix data not being copied to named volumes 
- Fix issues preventing volume drivers from being containerized 
- Fix docker volumes ls --dangling=false to now show all non-dangling 
volumes [#19671](https://github.com/docker/docker/pull/19671)
- Do not remove named volumes on container removal 
- Allow external volume drivers to host anonymous volumes 
- Add support for ** in .dockerignore to wildcard multiple levels of 
directories [#17090](https://github.com/docker/docker/pull/17090)
- Fix handling of UTF-8 characters in Dockerfiles 
- Fix permissions problem when reading from STDIN 
- Add support for overriding the API version to use via an 
DOCKER_API_VERSION environment-variable 
- Fix a bug preventing Windows clients to log in to Docker Hub 
- systemd: Set TasksMax in addition to LimitNPROC in systemd service 
file [#19391](https://github.com/docker/docker/pull/19391)
- Remove LXC support. The LXC driver was deprecated in Docker 1.8, and 
has now been removed [#17700](https://github.com/docker/docker/pull/17700)
- Remove --exec-driver daemon flag, because it is no longer in use 
- Remove old deprecated single-dashed long CLI flags (such as -rm; use 
--rm instead) [#17724](https://github.com/docker/docker/pull/17724)
- Deprecate HostConfig at API container start 
- Deprecate docker packages for newly EOL'd Linux distributions: Fedora 
21 and Ubuntu 15.04 (Vivid) 
- Deprecate -f flag for docker tag 

More information about the El-errata mailing list