10 matches found
CVE-2014-9356 affecting package moby-buildx 0.4.1-3
CVE-2014-9356 affecting package moby-buildx 0.4.1-3. An upgraded version of the package is available that resolves this issue...
CVE-2014-9356
CVE-2014-9356 is a path-traversal vulnerability in Docker prior to 1.3.3 that allows remote attackers to write to arbitrary host files by using a full pathname in an absolute symlink inside an image or during a Dockerfile build, effectively bypassing container protections. Public-branch advisorie...
Amazon Linux: Security Advisory (ALAS-2014-461)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RHEL 7 : docker (RHSA-2015:0623)
Updated docker packages that fix two security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having Low security impact. Common Vulnerability Scoring System CVSS base scores, which give...
Fedora 20 : docker-io-1.4.1-6.fc20 (2015-1128)
run tests inside a docker repo allow unitfile to use /etc/sysconfig/docker-network Security fix for CVE-2014-9357, CVE-2014-9358, CVE-2014-9356 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to...
Oracle Linux 6 / 7 : docker (ELSA-2014-3110)
The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2014-3110 advisory. 1.3.3-1.0.1 - Rename requirement of docker-io-pkg-devel in %package devel as docker-pkg-devel - Restore SysV init scripts for Oracle Linux 6 -...
docker security update
1.3.3-1.0.1 - Rename requirement of docker-io-pkg-devel in %package devel as docker-pkg-devel - Restore SysV init scripts for Oracle Linux 6 - Require Oracle Unbreakable Enterprise Kernel Release 3 or higher - Rename as docker. - Re-enable btrfs graphdriver support 1.3.3-1 - Update source to 1.3....
openSUSE Security Update : docker (openSUSE-SU-2014:1722-1)
This docker version update fixes the following security and non security issues and adds additional features. - Updated to 1.4.0 2014-12-11 : - Notable Features since 1.3.0 : - Set key=value labels to the daemon displayed in docker info, applied with new -label daemon flag - Add support for ENV i...
Amazon Linux AMI : docker (ALAS-2014-461)
Path traversal attacks are possible in the processing of absolute symlinks. In checking symlinks for traversals, only relative links were considered. This allowed path traversals to exist where they should have otherwise been prevented. This was exploitable via both archive extraction and through...
Fedora 21 : docker-io-1.4.0-1.fc21 (2014-16839)
Security fix for CVE-2014-9357, CVE-2014-9358, CVE-2014-9356 Revert to using upstream v1.3.2 release Resolves: rhbz1169035, rhbz1169151 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatical...