Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere.
- It was found that Docker would launch containers under the specified UID instead of a username. An attacker able to launch a container could use this flaw to escalate their privileges to root within the launched container. (CVE-2016-3697)
This issue was discovered by Mrunal Patel (Red Hat).
- This update also provides various bug fixes and enhancements. Users are advised to upgrade to these updated packages.