diff --git a/tools/docker/Dockerfile.centos7.2 b/tools/docker/Dockerfile.centos7.5
similarity index 78%
rename from tools/docker/Dockerfile.centos7.2
rename to tools/docker/Dockerfile.centos7.5
index 8024fdd1..9138ed15 100644
--- a/tools/docker/Dockerfile.centos7.2
+++ b/tools/docker/Dockerfile.centos7.5
@@ -1,4 +1,4 @@
-FROM centos:7.2.1511
+FROM centos:7.5.1804
 
 LABEL maintainer="He Sun <bochang.sh@antfin.com>"
 
@@ -35,8 +35,6 @@ RUN yum update -y && \
         ocaml-ocamlbuild \
         openssl \
         openssl-devel \
-        protobuf-compiler \
-        protobuf-devel \
         sudo \
         uuid-devel \
         vim \
@@ -45,6 +43,16 @@ RUN yum update -y && \
     yum install -y golang && \
     yum clean all
 
+# Install Protobuf (version >= 3.0)
+WORKDIR /tmp
+RUN yum install -y https://cbs.centos.org/kojifiles/packages/protobuf/3.6.1/4.el7/x86_64/protobuf-3.6.1-4.el7.x86_64.rpm && \
+    yum install -y https://cbs.centos.org/kojifiles/packages/protobuf/3.6.1/4.el7/x86_64/protobuf-compiler-3.6.1-4.el7.x86_64.rpm && \
+    yum install -y https://cbs.centos.org/kojifiles/packages/protobuf/3.6.1/4.el7/x86_64/protobuf-devel-3.6.1-4.el7.x86_64.rpm
+
+# Upgrade git (version >= 1.8.4)
+RUN yum install -y http://opensource.wandisco.com/centos/7/git/x86_64/wandisco-git-release-7-2.noarch.rpm && \
+    yum install -y git
+
 # Install cpuid tool for tests
 WORKDIR /tmp
 RUN wget http://www.etallen.com/cpuid/cpuid-20200211.x86_64.tar.gz && \
@@ -52,16 +60,23 @@ RUN wget http://www.etallen.com/cpuid/cpuid-20200211.x86_64.tar.gz && \
     cp ./cpuid-20200211/cpuid /usr/bin/ && \
     rm -rf /tmp/cpuid-20200211*
 
+# Upgrade GCC
+# Use Developer Toolset 8 from Software Collections (SCLs) to have a newer gcc (8.3.1) than
+# the native one (4.8.5) and enable it during the build.
+RUN yum install centos-release-scl-rh -y && \
+    yum install devtoolset-8-toolchain -y && \
+    printf "unset BASH_ENV PROMPT_COMMAND ENV\nsource scl_source enable devtoolset-8\n" > /usr/bin/scl_enable && \
+    echo 'source /opt/rh/devtoolset-8/enable' >> /root/.bashrc
+ARG BASH_ENV="/usr/bin/scl_enable"
+ARG ENV="/usr/bin/scl_enable"
+ARG PROMPT_COMMAND=". /usr/bin/scl_enable"
+
 # Install SGX SDK
 WORKDIR /tmp
 RUN git clone -b sgx_2.9.1_for_occlum https://github.com/occlum/linux-sgx && \
     cd linux-sgx && \
     ./download_prebuilt.sh && \
-    cp ./external/toolset/as /usr/local/bin/ && \
-    cp ./external/toolset/ld /usr/local/bin/ && \
-    cp ./external/toolset/ld.gold /usr/local/bin/ && \
-    cp ./external/toolset/objdump /usr/local/bin/ && \
-    ./compile_and_install.sh && \
+    ./compile_and_install.sh no_mitigation && \
     echo 'source /opt/intel/sgxsdk/environment' >> /root/.bashrc && \
     rm -rf /tmp/linux-sgx
 
@@ -73,16 +88,6 @@ RUN curl https://sh.rustup.rs -sSf | \
     rm -rf /root/.cargo/registry && rm -rf /root/.cargo/git && \
     cargo -V
 
-# Upgrade gcc to compile occlum toolchain.
-# Use Developer Toolset 8 from Software Collections (SCLs) to have a newer gcc (8.3.1) than
-# the native one (4.8.5) and enable it during the build.
-RUN yum install centos-release-scl-rh -y && \
-    yum install devtoolset-8-toolchain -y && \
-    printf "unset BASH_ENV PROMPT_COMMAND ENV\nsource scl_source enable devtoolset-8\n" > /usr/bin/scl_enable
-ARG BASH_ENV="/usr/bin/scl_enable"
-ARG ENV="/usr/bin/scl_enable"
-ARG PROMPT_COMMAND=". /usr/bin/scl_enable"
-
 # Install Occlum toolchain
 COPY toolchains/gcc/* /tmp/
 WORKDIR /tmp
@@ -99,6 +104,7 @@ ENV PATH="/usr/local/occlum/golang/bin:$PATH"
 WORKDIR /root
 RUN git clone https://github.com/occlum/occlum && \
     cd occlum && \
+    source /root/.bashrc && \
     make submodule && \
     OCCLUM_RELEASE_BUILD=1 make && \
     make install && \
diff --git a/tools/docker/Dockerfile.ubuntu16.04 b/tools/docker/Dockerfile.ubuntu16.04
deleted file mode 100644
index 612ec727..00000000
--- a/tools/docker/Dockerfile.ubuntu16.04
+++ /dev/null
@@ -1,105 +0,0 @@
-FROM ubuntu:16.04
-
-LABEL maintainer="Tate, Hongliang Tian <tate.thl@antfin.com>"
-
-RUN apt-get update && apt-get install -y --no-install-recommends \
-        alien \
-        autoconf \
-        automake \
-        build-essential \
-        ca-certificates \
-        cmake \
-        curl \
-        debhelper \
-        expect \
-        g++ \
-        gdb \
-        git-core \
-        golang-go \
-        jq \
-        kmod \
-        libboost-system-dev \
-        libboost-thread-dev \
-        libcurl4-openssl-dev \
-        libfuse-dev \
-        libjsoncpp-dev \
-        liblog4cpp5-dev \
-        libprotobuf-c0-dev \
-        libprotobuf-dev \
-        libssl-dev \
-        libtool \
-        libxml2-dev \
-        ocaml \
-        pkg-config \
-        protobuf-compiler \
-        python \
-        python-pip \
-        sudo \
-        unzip \
-        uuid-dev \
-        vim \
-        wget \
-        zip \
-        && \
-    apt-get clean && \
-    rm -rf /var/lib/apt/lists/*
-
-# Install cpuid tool for tests
-WORKDIR /tmp
-RUN wget http://www.etallen.com/cpuid/cpuid-20200211.x86_64.tar.gz && \
-    tar -xf ./cpuid-20200211.x86_64.tar.gz && \
-    cp ./cpuid-20200211/cpuid /usr/bin/ && \
-    rm -rf /tmp/cpuid-20200211*
-
-# Install SGX SDK
-WORKDIR /tmp
-RUN git clone -b sgx_2.9.1_for_occlum https://github.com/occlum/linux-sgx && \
-    cd linux-sgx && \
-    ./download_prebuilt.sh && \
-    cp ./external/toolset/as /usr/local/bin/ && \
-    cp ./external/toolset/ld /usr/local/bin/ && \
-    cp ./external/toolset/ld.gold /usr/local/bin/ && \
-    cp ./external/toolset/objdump /usr/local/bin/ && \
-    ./compile_and_install.sh && \
-    echo 'source /opt/intel/sgxsdk/environment' >> /root/.bashrc && \
-    rm -rf /tmp/linux-sgx
-
-# Install Rust
-ENV PATH="/root/.cargo/bin:$PATH"
-ENV OCCLUM_RUST_VERSION=nightly-2020-04-07
-RUN curl https://sh.rustup.rs -sSf | \
-        sh -s -- --default-toolchain ${OCCLUM_RUST_VERSION} -y && \
-    rm -rf /root/.cargo/registry && rm -rf /root/.cargo/git && \
-    cargo -V
-
-# Install Occlum toolchain
-COPY toolchains/gcc/* /tmp/
-WORKDIR /tmp
-RUN ./build.sh
-ENV PATH="/opt/occlum/build/bin:/usr/local/occlum/bin:$PATH"
-
-# Install Occlum Golang toolchain
-COPY toolchains/golang/* /tmp/
-WORKDIR /tmp
-RUN ./build.sh
-ENV PATH="/usr/local/occlum/golang/bin:$PATH"
-
-# Install the latest version of Occlum
-WORKDIR /root
-RUN git clone https://github.com/occlum/occlum && \
-    cd occlum && \
-    make submodule && \
-    OCCLUM_RELEASE_BUILD=1 make && \
-    make install && \
-    cp -r demos /root/demos && \
-    rm -rf /root/occlum
-
-# Start AESM service automatically
-#
-# To do so, we add the script to ~/.bashrc. We cannot use systemd to run AESM
-# as a "real" service since the pid 1 is not systemd in Docker. So we start
-# up AESM service when an user login with an interative shell.
-COPY docker/start_aesm.sh /opt/occlum/
-RUN echo '/opt/occlum/start_aesm.sh' >> /root/.bashrc
-
-WORKDIR /root
diff --git a/tools/docker/README.md b/tools/docker/README.md
index f120a804..5c478793 100644
--- a/tools/docker/README.md
+++ b/tools/docker/README.md
@@ -4,7 +4,7 @@ This folder contains scripts and Dockerfiles for users to build the Docker image
 for Occlum. An Occlum Docker image sets up the development environment for
 Occlum and also gets Occlum preinstalled.
 
-Currently, Three Linux OS distributions are supported: Ubuntu 16.04, Ubuntu 18.04 and CentOS 7.2.
+Currently, Two Linux OS distributions are supported: Ubuntu 18.04 and CentOS 7.5.
 
 ## How to Build
 
@@ -14,9 +14,9 @@ To build an Occlum Docker image, run the following command
 ```
 where `<OCCLUM_LABEL>` is an arbitrary string chosen by the user to
 describe the version of Occlum preinstalled in the Docker image
-(e.g., "latest", "0.9.0", and "prerelease") and `<OS_NAME>` is the
+(e.g., "latest", "0.12.0", and "prerelease") and `<OS_NAME>` is the
 name of the OS distribution that the Docker image is based on.
 Currently, `<OS_NAME>` must be one of the following values:
-`ubuntu16.04`, `ubuntu18.04` and `centos7.2`.
+`ubuntu18.04` and `centos7.5`.
 
 The resulting Docker image will have `occlum/occlum:<OCCLUM_LABEL>-<OS_NAME>` as its label.
diff --git a/tools/docker/build_image.sh b/tools/docker/build_image.sh
index e55c6e23..bd184967 100755
--- a/tools/docker/build_image.sh
+++ b/tools/docker/build_image.sh
@@ -15,13 +15,12 @@ USAGE:
     build_image.sh <OCCLUM_LABEL> <OS_NAME>
 
 <OCCLUM_LABEL>:
-    An arbitrary string chosen by the user to describe the version of Occlum preinstalled in the Docker image, e.g., "latest", "0.9.0", "prerelease", and etc.
+    An arbitrary string chosen by the user to describe the version of Occlum preinstalled in the Docker image, e.g., "latest", "0.12.0", "prerelease", and etc.
 
 <OS_NAME>:
     The name of the OS distribution that the Docker image is based on. Currently, <OS_NAME> must be one of the following values:
-        ubuntu16.04         Use Ubuntu 16.04 as the base image
         ubuntu18.04         Use Ubuntu 18.04 as the base image
-        centos7.2           Use CentOS 7.2 as the base image
+        centos7.5           Use CentOS 7.5 as the base image
 
 The resulting Docker image will have "occlum/occlum:<OCCLUM_LABEL>-<OS_NAME>" as its label.
 EOF
@@ -43,7 +42,7 @@ function check_item_in_list() {
     [[ $list =~ (^|[[:space:]])$item($|[[:space:]]) ]]
 }
 
-check_item_in_list "$os_name" "ubuntu16.04 ubuntu18.04 centos7.2" || report_error
+check_item_in_list "$os_name" "ubuntu18.04 centos7.5" || report_error
 
 cd "$script_dir/.."
 docker build -f "$script_dir/Dockerfile.$os_name" -t "occlum/occlum:$occlum_label-$os_name" .