Docker is an open platform for distributing software application in containers. It utilizes operating system-level virtualization for process and full resource isolation through cgroups, capabilities, SELinux, AppArmor, netfilter, and Linux kernel namespaces. Its libcontainer is based on libvirt and lxc. Docker Engine is the application and environment packaging tool. And Docker Hub is a cloud service for sharing prepackaged containers.
major bugfix: IMPORTANT: Starting with this release, Docker is on a monthly release cycle and uses a new YY.MM versioning scheme to reflect this. Two channels are available: monthly and quarterly. Any given monthly release will only receive security and until the next monthly release is available. Quarterly releases receive security and for 4 months after initial release. This release includes for 1.13.1 but there are no major feature additions and the API version stays the same. Upgrading from Docker 1.13.1 to 17.03.0 is expected to be simple and low-risk. Client: panic in `docker stats --format`. Contrib: Update various `bash` and `zsh` completion scripts, and more. Block obsolete socket families in default seccomp profile - mitigates unpatched kernels' CVE-2017-6074. Networking: on overlay encryption keys rotation in cross-datacenter swarm. side effect panic in overlay encryption and network control plane communication failure ("No installed keys could decrypt the message") on frequent swarm leader re-election. Several around system responsiveness and datapath programming when using overlay network with external kv-store docker/libnetwork#1639, docker/libnetwork#1632 and more. Discard incoming plain vxlan packets for encrypted overlay network. Release the network attachment on allocation failure. port allocation when multiple published ports map to the same target port docker/swarmkit#1835. Runtime: a deadlock in docker logs. cpu spin waiting for log write events. a possible crash when using journald. a panic on of nil channel. duplicate mount point for `--volumes-from` in `docker run`. `--cache-from` does not cache last step. Swarm Mode: Shutdown leaks an error when the container was never started. possibility of tasks getting stuck in the "NEW" state during a leader failover docker/swarmkit#1938. extraneous task creations for global services that led to confusing replica counts in `docker service ls` docker/swarmkit#1957. problem that m