Release v2.6.2: Docker Registry 2.6.2 · deepsourcelabs/distribution

This repository has been archived by the owner on Jul 26, 2022. It is now read-only.

v2.6.2
48294d9
Verified

This tag was signed with the committer’s verified signature.

stevvooe Stephen Day

GPG key ID: 67B3DED84EDC823F

Verified
Learn about vigilant mode
Compare

Choose a tag to compare

Loading

View all tags

v2.6.2
48294d9
Compare

Choose a tag to compare

Loading

View all tags
Verified

This tag was signed with the committer’s verified signature.

stevvooe Stephen Day

GPG key ID: 67B3DED84EDC823F

Verified
Learn about vigilant mode

stevvooe tagged this 20 Jul 21:13

This release is a special security release to address an issue allowing
an attacker to force arbitrarily-sized memory allocations in a registry
instance through the manifest endpoint. The problem has been mitigated
by limiting the size of reads for image manifest content.

Details for mitigation are in 29fa466d

CVE-2017-11468 has been assigned for this issue.

Changelog

48294d92 Merge pull request #2343 from stevvooe/prepare-2.6.2
04ce6865 release: prepare for 2.6.2 release
c829241c Merge pull request #2341 from stevvooe/limit-payload-size-26
29fa466d registry/{storage,handlers}: limit content sizes
42ea75ca Merge pull request #2284 from mstanleyjones/release/2.6
ed2b6867 Put architecture.md back into distribution repo

Assets 2

Provide feedback

Saved searches

Use saved searches to filter your results more quickly