From 807ded0b0df21c37239e895943a8b77c6efdd0cc Mon Sep 17 00:00:00 2001
From: Himanshu Pandey <hpandey@pivotal.io>
Date: Mon, 11 Feb 2019 15:01:05 -0800
Subject: [PATCH 1/2] Updated Recommended docker version

---
 content/en/docs/setup/cri.md | 12 ++++++++++--
 1 file changed, 10 insertions(+), 2 deletions(-)

diff --git a/content/en/docs/setup/cri.md b/content/en/docs/setup/cri.md
index 6f16f6a8f6644..fb40af69539d0 100644
--- a/content/en/docs/setup/cri.md
+++ b/content/en/docs/setup/cri.md
@@ -45,7 +45,7 @@ Use the following commands to install Docker on your system:
     stable"
 
 ## Install docker ce.
-apt-get update && apt-get install docker-ce=18.06.0~ce~3-0~ubuntu
+apt-get update && apt-get install docker-ce=18.06.2~ce~3-0~ubuntu
 
 # Setup daemon.
 cat > /etc/docker/daemon.json <<EOF
@@ -78,7 +78,7 @@ yum-config-manager \
     https://download.docker.com/linux/centos/docker-ce.repo
 
 ## Install docker ce.
-yum update && yum install docker-ce-18.06.1.ce
+yum update && yum install docker-ce-18.06.2.ce
 
 ## Create /etc/docker directory.
 mkdir /etc/docker
@@ -109,6 +109,14 @@ systemctl restart docker
 Refer to the [official Docker installation guides](https://docs.docker.com/engine/installation/)
 for more information.
 
+Please Note: 
+A flaw was found in the way runc handled system file descriptors when running containers.
+A malicious container could use this flaw to overwrite contents of the runc binary and 
+consequently run arbitrary commands on the container host system.
+
+Please refer to this link for more information about this issue 
+[cve-2019-5736 : runc vulnerability ] (https://access.redhat.com/security/cve/cve-2019-5736)
+
 ## CRI-O
 
 This section contains the necessary steps to install `CRI-O` as CRI runtime.

From 11e65cb55582ecde9d9c337c5ed17d82ab26f2f4 Mon Sep 17 00:00:00 2001
From: Himanshu Pandey <hpandey@pivotal.io>
Date: Mon, 11 Feb 2019 16:34:12 -0800
Subject: [PATCH 2/2] minor changes

---
 content/en/docs/setup/cri.md | 19 ++++++++++---------
 1 file changed, 10 insertions(+), 9 deletions(-)

diff --git a/content/en/docs/setup/cri.md b/content/en/docs/setup/cri.md
index fb40af69539d0..78d80fa0a1b8a 100644
--- a/content/en/docs/setup/cri.md
+++ b/content/en/docs/setup/cri.md
@@ -17,10 +17,19 @@ This page contains installation instruction for various runtimes.
 Please proceed with executing the following commands based on your OS as root.
 You may become the root user by executing `sudo -i` after SSH-ing to each host.
 
+{{< caution >}}
+A flaw was found in the way runc handled system file descriptors when running containers.
+A malicious container could use this flaw to overwrite contents of the runc binary and 
+consequently run arbitrary commands on the container host system.
+
+Please refer to this link for more information about this issue 
+[cve-2019-5736 : runc vulnerability ] (https://access.redhat.com/security/cve/cve-2019-5736)
+{{< /caution >}}
+
 ## Docker
 
 On each of your machines, install Docker.
-Version 18.06 is recommended, but 1.11, 1.12, 1.13, 17.03 and 18.09 are known to work as well.
+Version 18.06.2 is recommended, but 1.11, 1.12, 1.13, 17.03 and 18.09 are known to work as well.
 Keep track of the latest verified Docker version in the Kubernetes release notes.
 
 Use the following commands to install Docker on your system:
@@ -109,14 +118,6 @@ systemctl restart docker
 Refer to the [official Docker installation guides](https://docs.docker.com/engine/installation/)
 for more information.
 
-Please Note: 
-A flaw was found in the way runc handled system file descriptors when running containers.
-A malicious container could use this flaw to overwrite contents of the runc binary and 
-consequently run arbitrary commands on the container host system.
-
-Please refer to this link for more information about this issue 
-[cve-2019-5736 : runc vulnerability ] (https://access.redhat.com/security/cve/cve-2019-5736)
-
 ## CRI-O
 
 This section contains the necessary steps to install `CRI-O` as CRI runtime.