Docker Registry 2.6.2
This release is a special security release to address an issue allowing
an attacker to force arbitrarily-sized memory allocations in a registry
instance through the manifest endpoint. The problem has been mitigated
by limiting the size of reads for image manifest content.
Details for mitigation are in 29fa466d
CVE-2017-11468 has been assigned for this issue.
Changelog
48294d92 Merge pull request #2343 from stevvooe/prepare-2.6.2
04ce6865 release: prepare for 2.6.2 release
c829241c Merge pull request #2341 from stevvooe/limit-payload-size-26
29fa466d registry/{storage,handlers}: limit content sizes
42ea75ca Merge pull request #2284 from mstanleyjones/release/2.6
ed2b6867 Put architecture.md back into distribution repo