Docker
Engine Release Notes
The engine sharpened its focus on reliability and security while laying groundwork for hardware-aware container orchestration. A trio of critical security fixes in 29.3.1 addressed authorization bypass vulnerabilities in AuthZ plugins and BuildKit, followed by refinements to resource management and networking stability across subsequent releases. The team expanded GPU support to AMD devices via CDI-based injection, lowered the minimum API version to v1.40 to broaden compatibility, and shipped the experimental NRI framework for container runtime integration—signaling a longer-term push toward more granular control over container lifecycle events.
Focused on security hardening and API stability. The month shipped two releases anchored by four security fixes across AuthZ plugins, the plugin installer, and BuildKit's Git URL and frontend isolation handling—plus a daemon crash fix for malformed .dockerignore patterns in 29.3.1. The earlier 29.3.0 expanded the mount API with bind-create-src, added command-failure hooks for CLI plugins, and lowered the minimum API version to v1.40, while fixing DNS corruption on daemon reload and GPU injection for AMD hardware.
Stabilization dominated February, with BuildKit upgraded to v0.27.1 and a series of concurrency and networking fixes shipped. The release addressed race conditions in docker system df and docker system prune, resolved encrypted overlay network traffic failures affecting older Engine versions, and patched daemon initialization panics.