(RHSA-2019:0487) Low: docker security and bug fix update

Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that runs virtually anywhere.

Security Fix(es):

• docker: Memory exhaustion via large integer used with --cpuset-mems or --cpuset-cpus (CVE-2018-20699)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

• docker runc ‘panic: runtime error: invalid memory address or nil pointer dereference’ (BZ#1556901)

• temp files in /var/lib/docker persist (BZ#1645591)

• Docker needs to support PIDs Limit for all containers created. (BZ#1660876)

• dockerd may leak memory resources if uncompressing a layer fails (BZ#1661443)

• Docker may not properly close hijacked streams (BZ#1668042)

• Director deployed OCP 3.11 deployment fails with openshift-ansible getting stuck when restarting docker service on master nodes (BZ#1671861)

• Docker service hang (BZ#1678096)