- Added a mitigation to the classic Builder and updated BuildKit to [v0.8.3-31-gc0149372](https://github.com/moby/buildkit/commit/c014937225cba29cfb1d5161fd134316c0e9bdaa),
for [CVE-2022-39253](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-39253).
## 20.10.19
{{< release-date date="2022-10-14" >}}
This release of Docker Engine comes with some bug-fixes, and an updated version
of Docker Compose.
### Updates
- Update Docker Compose to [v2.11.2](https://github.com/docker/compose/releases/tag/v2.11.2).
- Update Go runtime to [1.18.7](https://go.dev/doc/devel/release#go1.18.minor),
which contains fixes for [CVE-2022-2879](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2879),
[CVE-2022-2880](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2880),
and [CVE-2022-41715](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-41715).
### Bug fixes and enhancements
- Fix an issue that could result in a panic during `docker builder prune` or
`docker system prune` [moby/moby#44122](https://github.com/moby/moby/pull/44122).
- Fix a bug where using `docker volume prune` would remove volumes that were
still in use if the daemon was running with "live restore" and was restarted
[moby/moby#44238](https://github.com/moby/moby/pull/44238).
## 20.10.18
{{< release-date date="2022-09-09" >}}
This release of Docker Engine comes with a fix for a low-severity security issue,
some minor bug fixes, and updated versions of Docker Compose, Docker Buildx,
`containerd`, and `runc`.
### Updates
- Update Docker Buildx to [v0.9.1](https://github.com/docker/buildx/releases/tag/v0.9.1).
- Update Docker Compose to [v2.10.2](https://github.com/docker/compose/releases/tag/v2.10.2).
- Update containerd (`containerd.io` package) to [v1.6.8](https://github.com/containerd/containerd/releases/tag/v1.6.8).
- Update runc version to [v1.1.4](https://github.com/opencontainers/runc/releases/tag/v1.1.4).
- Update Go runtime to [1.18.6](https://go.dev/doc/devel/release#go1.18.minor),
which contains fixes for [CVE-2022-27664](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-27664) and
[CVE-2022-32190](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32190).
### Bug fixes and enhancements
- Add Bash completion for Docker Compose [docker/cli#3752](https://github.com/docker/cli/pull/3752).
- Fix an issue where file-capabilities were not preserved during build
[moby/moby#43876](https://github.com/moby/moby/pull/43876).
- Fix an issue that could result in a panic caused by a concurrent map read and
map write [moby/moby#44067](https://github.com/moby/moby/pull/44067).
- Fix a security vulnerability relating to supplementary group permissions, which
could allow a container process to bypass primary group restrictions within the
container [CVE-2022-36109](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-36109),
[GHSA-rc4r-wh2q-q6c4](https://github.com/moby/moby/security/advisories/GHSA-rc4r-wh2q-q6c4).
- seccomp: add support for Landlock syscalls in default policy [moby/moby#43991](https://github.com/moby/moby/pull/43991).
- seccomp: update default policy to support new syscalls introduced in kernel 5.12 - 5.16 [moby/moby#43991](https://github.com/moby/moby/pull/43991).
- Fix an issue where cache lookup for image manifests would fail, resulting
in a redundant round-trip to the image registry [moby/moby#44109](https://github.com/moby/moby/pull/44109).
- Fix an issue where `exec` processes and healthchecks were not terminated
when they timed out [moby/moby#44018](https://github.com/moby/moby/pull/44018).
## 20.10.17
{{< release-date date="2022-06-06" >}}
This release of Docker Engine comes with updated versions of Docker Compose and the
`containerd`, and `runc` components, as well as some minor bug fixes.
### Updates
- Update Docker Compose to [v2.6.0](https://github.com/docker/compose/releases/tag/v2.6.0).
- Update containerd (`containerd.io` package) to [v1.6.6](https://github.com/containerd/containerd/releases/tag/v1.6.6),