Skip to content

@deviantony deviantony released this Oct 11, 2019


This release addresses multiple security issues in Portainer and aims to increase the stability of endpoints in Portainer, particularly agent enabled endpoints as discussed in this issue: #2535


  • Prevent non-admin management of admin only docker resources: #3224
  • Prevent non-admin access to admin API endpoints: #3226
  • Patched XSS vulnerability in the multi-select component: #3228
  • Patched XSS vulnerability in the volume browser: #3229
  • Prevent Bind-mount restriction bypass: #3231
  • Prevent host filesystem management bypass: #3234
  • Added admin setting to mitigate potential volume browse vulnerability: #3236


  • Mark endpoint down, only when it is unreachable [Backend]: #2940
  • Refresh the view after failing to connect to an endpoint: #3083
  • Ping triggered by frontend now brings endpoint up when previously marked as down: #3088


  • Fixed issue where --admin-password-file does not set up the admin user correctly: #2816
  • Fixed issue where OKTA was not working with Portainer: #2957
  • Fixed issue with large JWT breaking authentication when Portainer is behind a reverse proxy: #2960
  • Fixed issue with private registry auth preventing setting access to users/teams: #3034
  • Fixed panic with internal auth when Oauth enabled: #3171

Improved User Experience

  • Introduced Portainer version update notification: #1649
  • Display a single overlay network instead of one per host: #2021
  • Show ENTRYPOINT in container details: #2924
  • Improve the search functionality within Portainer: #3053
  • Added error message for an agent already paired to another instance: #3098
  • Update endpoint creation screen to reflect recommended deployment: #3147

Stack creation

  • Fixed error preventing access to git repo with https: #1845


  • Add the service rollback feature to service details view: #3005
  • Fixed issue where mounted volumes are not persisted in the UI: #3062


  • Prevent MAC address collisions: #1645
  • Prevent container table sort from reverting to default setting: #3049

Swarm Information

  • Display node labels in Swarm Visualizer view: #1740

Minor Changes

  • Fix error when building Portainer locally with Yarn: #3007
Assets 14
You can’t perform that action at this time.