AZL-54345 CVE-2024-45337 affecting package docker-buildx for versions less than 0.14.0-2

Applications and libraries which misuse connection.serverAuthenticate via callback field ServerConfig.PublicKeyCallback may be susceptible to an authorization bypass. The documentation for ServerConfig.PublicKeyCallback says that "A call to this function does not guarantee that the key offered is...

SUSE SLES12 Security Update : docker-stable (SUSE-SU-2024:4205-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2024:4205-1 advisory. - Remove DOCKERNETWORKOPTS from docker.service. This was removed from sysconfig a long time ago, and apparently this causes issues with systemd in some...

Security update for docker-stable

This update for docker-stable fixes the following issues: Remove DOCKERNETWORKOPTS from docker.service. This was removed from sysconfig a long time ago, and apparently this causes issues with systemd in some cases. Update --add-runtime to point to correct binary path. Further merge docker and...

SUSE-SU-2024:4205-1 Security update for docker-stable

This update for docker-stable fixes the following issues: - Remove DOCKERNETWORKOPTS from docker.service. This was removed from sysconfig a long time ago, and apparently this causes issues with systemd in some cases. - Update --add-runtime to point to correct binary path. - Further merge docker a...

Security update for docker-stable

This update for docker-stable fixes the following issues: CVE-2024-41110: Fixed Authz zero length regression bsc1228324. Bug fixes: Allow users to disable SUSE secrets support by setting DOCKERSUSESECRETSENABLE=0 in /etc/sysconfig/docker bsc1231348. Import specfile changes for docker-buildx as we...

SUSE-SU-2024:4204-1 Security update for docker-stable

This update for docker-stable fixes the following issues: - CVE-2024-41110: Fixed Authz zero length regression bsc1228324. Bug fixes: - Allow users to disable SUSE secrets support by setting DOCKERSUSESECRETSENABLE=0 in /etc/sysconfig/docker bsc1231348. - Import specfile changes for docker-buildx...

CBL Mariner 2.0 Security Update: cf-cli / cri-o / gh / libcontainers-common (CVE-2021-43565)

The version of cf-cli / cri-o / gh / libcontainers-common installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2021-43565 advisory. - The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of...

CVE-2021-43565 affecting package moby-buildx for versions less than 0.7.1-20

CVE-2021-43565 affecting package moby-buildx for versions less than 0.7.1-20. A patched version of the package is available...

CBL Mariner 2.0 Security Update: cri-tools / docker-buildx / kubernetes / opa / prometheus (CVE-2023-45142)

The version of cri-tools / docker-buildx / kubernetes / opa / prometheus installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-45142 advisory. - OpenTelemetry-Go Contrib is a collection of third-party...

CBL Mariner 2.0 Security Update: application-gateway-kubernetes-ingress / azcopy / blobfuse2 / cert-manager / coredns (CVE-2023-45288)

The version of application-gateway-kubernetes-ingress / azcopy / blobfuse2 / cert-manager / coredns installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-45288 advisory. - An attacker May cause an HTTP/...

CBL Mariner 2.0 Security Update: containerd / cri-tools / docker-buildx / docker-compose / moby-containerd-cc (CVE-2023-47108)

The version of containerd / cri-tools / docker-buildx / docker-compose / moby-containerd-cc installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-47108 advisory. - OpenTelemetry-Go Contrib is a collecti...

CBL Mariner 2.0 Security Update: cert-manager / cf-cli / docker-buildx / erlang / kubernetes / kubevirt (CVE-2023-48795)

The version of cert-manager / cf-cli / docker-buildx / erlang / kubernetes / kubevirt installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-48795 advisory. - The SSH transport protocol with certain...

CBL Mariner 2.0 Security Update: docker-buildx / docker-compose / moby-compose / moby-engine (CVE-2024-23650)

The version of docker-buildx / docker-compose / moby-compose / moby-engine installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-23650 advisory. - BuildKit is a toolkit for converting source code to bui...

CBL Mariner 2.0 Security Update: docker-compose / moby-engine / docker-buildx / moby-cli (CVE-2024-23653)

The version of docker-compose / moby-engine / docker-buildx / moby-cli installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-23653 advisory. - BuildKit is a toolkit for converting source code to build...

CVE-2023-44487 affecting package docker-buildx for versions less than 0.14.0-1

CVE-2023-44487 affecting package docker-buildx for versions less than 0.14.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-45288 affecting package docker-buildx for versions less than 0.14.0-1

CVE-2023-45288 affecting package docker-buildx for versions less than 0.14.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2024-24786 affecting package docker-buildx for versions less than 0.14.0-1

CVE-2024-24786 affecting package docker-buildx for versions less than 0.14.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-47108 affecting package docker-buildx for versions less than 0.14.0-1

CVE-2023-47108 affecting package docker-buildx for versions less than 0.14.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2024-23650 affecting package docker-buildx for versions less than 0.14.0-1

CVE-2024-23650 affecting package docker-buildx for versions less than 0.14.0-1. An upgraded version of the package is available that resolves this issue...

CVE-2023-45142 affecting package docker-buildx for versions less than 0.14.0-1

CVE-2023-45142 affecting package docker-buildx for versions less than 0.14.0-1. An upgraded version of the package is available that resolves this issue...