Ce mail provient de l'extérieur, restons vigilants

=====================================================================

                            CERT-Renater

                Note d'Information No. 2026/VULN342
_____________________________________________________________________

DATE                : 30/03/2026

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running Docker Desktop versions prior
                                         to 4.67.0.

=====================================================================
https://github.com/langflow-ai/langflow/security/advisories/GHSA-v8hw-mh8c-jxfc
_____________________________________________________________________

Docker Desktop release notes


4.67.0

2026-03-30

    Download Docker Desktop

        Windows (checksum)
        Windows ARM Early Access (checksum)

        Mac with Apple chip (checksum)
        Mac with Intel chip (checksum)

        Debian - RPM - Arch (checksum)

New

    Docker MCP Toolkit now has MCP profile template cards and an
onboarding tour accessible via the Profiles tab.

Updates

    Docker Compose v5.1.1
    Docker Agent v1.34.0
    Docker Scout CLI v1.20.3
    Docker Model v1.1.25

Bug fixes and minor changes
For all platforms

    Docker Model Runner now supports Qwen3.5.
    With the new Logs (Beta) view, you can now filter container logs
by Compose stack.
    Improved interaction with Settings while the Docker engine or
Kubernetes is starting or stopping.
    Fixed a bug where random UDP port bindings reported port 0 instead
of the actual assigned port.
    Fixed an issue with the Docker Desktop shortcut not reopening the
Dashboard when Docker Desktop was already running.
    Fixed an issue where the Add to existing profile dialog showed
profiles that already contained all selected MCP servers in the dropdown.


For Mac

    Fixed intermittent exec format error when starting amd64 containers
on Apple Silicon Macs due to a race condition between Rosetta binfmt
registration and virtiofs device availability.

For Windows

    Fixed Hyper-V being silently re-enabled on every EXE upgrade for
WSL 2 users.
    Fixed an MSI installer bug where Docker Desktop processes could be
left running after uninstall.
    Fixed an issue on Windows where installations or updates using
--installation-dir would fail due to the installer archive being extracted
into the custom installation directory.
    Improved Docker Desktop startup time on Windows by several seconds when
using WSL 2.
    Fixed a bug on the Models > Logs screen which caused docker-model
processes to accumulate on Windows each time the screen was visited.


Security

    Addressed CVE-2026-33990, SSRF in Docker Model Runner OCI Registry Client


=========================================================
+ CERT-RENATER        |    tel : 01-53-94-20-44         +
+ 23/25 Rue Daviel    |    fax : 01-53-94-20-41         +
+ 75013 Paris         |   email:cert@support.renater.fr +
=========================================================