Windows is back! Docker CTO Justin Cormack talks about this and other takeaways from Microsoft Build 2024, including recently announced (and long-awaited) Docker Desktop support for Windows on Arm.
Justin Cormack
OpenSSH and XZ/liblzma: A Nation-State Attack Was Thwarted, What Did We Learn?
Docker CTO Justin Cormack looks at what we can learn from malicious code in upstream tarballs of xz targeted at a subset of OpenSSH servers. “It is hard to overstate how lucky we were here, as there are no tools that will detect this vulnerability.”
Docker Acquires Mutagen for Continued Investment in Performance and Flexibility of Docker Desktop
I’m excited to announce that Docker, voted the most-used and most-desired tool in Stack Overflow’s 2023 Developer Survey, has acquired Mutagen IO, Inc., the company behind the open source Mutagen file synchronization and networking technologies that enable...
Announcing Docker SBOM: A step towards more visibility into Docker images
Today, Docker takes its first step in making what is inside your container images more visible so that you can better secure your software supply chain. Included in Docker Desktop 4.7.0 is a new, experimental docker sbom CLI command that displays the SBOM (Software...
Investing In Performance, Trust and Great Experiences for Developers
Docker is nine years old? Seems both like yesterday and a long time ago! The technology world has changed a lot since then, and Docker has played a key role in making it easy for developers to build and ship applications wherever they’re needed. What were the key...
Apache Log4j 2 CVE-2021-44228
Update: 13 December 2021 As an update to CVE-2021-44228, the fix made in version 2.15.0 was incomplete in certain non-default configurations. An additional issue was identified and is tracked with CVE-2021-45046. For a more complete fix to this vulnerability, it’s...
Docker Verified Publisher: Trusted Sources, Trusted Content
November 2024 update: Announcing Upgraded Docker Plans: Simpler, More Value, Better Development and Productivity --- Six months since its launch at DockerCon, the Docker Verified Publisher program delivers on its promise to developers and partners alike The Docker...
News from AWS re:Invent – Docker Official Images on Amazon ECR Public
We are happy to announce today that, in partnership with Amazon, Docker Official Images are now available on AWS ECR Public. This is especially exciting because Docker Official Images are some of the most popularly used images on Docker Hub, acting as a key and...
Notary v2 Project Update
Supply chain security is something that has been increasingly important to all of us in the last few years. Almost as important as the global supply chains that are having problems distributing goods around the world! There have been many attacks via the supply chain....