From bf98fa37d09bd566dd58bbb283ac2c2add1de2ed Mon Sep 17 00:00:00 2001 From: David Scott Date: Tue, 31 Aug 2021 17:07:32 +0100 Subject: [PATCH] Credit Alessio Dalla Piazza for discovering and analysing CVE-2021-37841 (#13414) * Thank Alessio Dalla Piazza for discovering CVE-2021-37841 Signed-off-by: David Scott * Also thank kevpar for useful discussion about the CVE Signed-off-by: David Scott --- desktop/windows/release-notes.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/desktop/windows/release-notes.md b/desktop/windows/release-notes.md index dd5d353dc7..e9f1e7b6a2 100644 --- a/desktop/windows/release-notes.md +++ b/desktop/windows/release-notes.md @@ -85,7 +85,7 @@ The updated [Docker Subscription Service Agreement](https://www.docker.com/lega - Fixed slowness when adding multiple ports forwarding option. - Fixed bug where the WSL 2 synchonization code creates dangling symlinks if the WSL 2 home directory if it is the same as the Windows home directory. Fixes [docker/for-win#11668](https://github.com/docker/for-win/issues/11668). - Fixed `docker context ls` after upgrade from 3.5.x when the Linux WSL 2 home directory is the same as the Windows home directory. -- Fixed the permissions on `%PROGRAMDATA%\Docker` to avoid a potential Windows containers compromise. See [CVE-2021-37841](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37841){:target="_blank" rel="noopener" class="_"}. +- Fixed the permissions on `%PROGRAMDATA%\Docker` to avoid a potential Windows containers compromise. See [CVE-2021-37841](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-37841){:target="_blank" rel="noopener" class="_"}. Thanks to [Alessio Dalla Piazza](http://it.linkedin.com/in/alessiodallapiazza) for discovering the issue and to @kevpar for helpful discussion. - Fixed bug where the Linux home directory under WSL 2 was set to the Windows home directory e.g. `/mnt/c/Users/...`. - Fixed bug where Desktop would fail to start if it could not parse CLI contexts. Fixes [docker/for-win#11601](https://github.com/docker/for-win/issues/11601). - Fixed an issue related to log display inside a container [docker/for-win#11251](https://github.com/docker/for-win/issues/11251).