SUSE-SU-2025:02366-2 Security update for docker

This update for docker fixes the following issues: Update to Docker 28.2.2-ce bsc1243833, bsc1242114: - CVE-2025-22872: golang.org/x/net/html: incorrectly interpreted tags can cause content to be placed wrong scope during DOM construction bsc1241830. Other bugfixes: - Always clear SUSEConnect sus...

SUSE-SU-2025:1102-1 Security update for docker, docker-stable

This update for docker, docker-stable fixes the following issues: - CVE-2025-22868: Fixed unexpected memory consumption during token parsing in golang.org/x/oauth2 bsc1239185. - CVE-2025-22869: Fixed Denial of Service in the Key Exchange of golang.org/x/crypto/ssh bsc1239322. - CVE-2024-29018:...

SUSE-SU-2025:0776-1 Security update for docker

This update for docker fixes the following issues: Update to Docker 27.5.1-ce bsc1237335: - CVE-2024-29018: External DNS requests from 'internal' networks could lead to data exfiltration bsc1234089...

OPENSUSE-SU-2024:14571-1 docker-stable-24.0.9_ce-4.1 on GA media

These are all security issues fixed in the docker-stable-24.0.9ce-4.1 package on the GA media of openSUSE Tumbleweed...

RHSA-2019:0487 Red Hat Security Advisory: docker security and bug fix update

Bulletin has no description...

RHSA-2019:0304 Red Hat Security Advisory: docker security update

Bulletin has no description...

SUSE-SU-2024:0586-2 Security update for docker

This update for docker fixes the following issues: Vendor latest buildkit v0.11 including bugfixes for the following: CVE-2024-23653: BuildKit API doesn't validate entitlement on container creation bsc1219438. CVE-2024-23652: Fixed arbitrary deletion of files bsc1219268. CVE-2024-23651: Fixed rac...

SUSE-SU-2024:0587-1 Security update for docker

This update for docker fixes the following issues: Vendor latest buildkit v0.11 including bugfixes for the following: CVE-2024-23653: BuildKit API doesn't validate entitlement on container creation bsc1219438. CVE-2024-23652: Fixed arbitrary deletion of files bsc1219268. CVE-2024-23651: Fixed rac...

SUSE-SU-2024:0586-1 Security update for docker

This update for docker fixes the following issues: Vendor latest buildkit v0.11 including bugfixes for the following: CVE-2024-23653: BuildKit API doesn't validate entitlement on container creation bsc1219438. CVE-2024-23652: Fixed arbitrary deletion of files bsc1219268. CVE-2024-23651: Fixed rac...

SUSE-SU-2022:1689-1 Security update for containerd, docker

This update for containerd, docker fixes the following issues: - CVE-2022-24769: Fixed incorrect default inheritable capabilities bsc1197517. - CVE-2022-23648: Fixed directory traversal issue bsc1196441. - CVE-2022-27191: Fixed a crash in a golang.org/x/crypto/ssh server bsc1197284. -...

SUSE-SU-2022:0334-1 Security update for containerd, docker

This update for containerd, docker fixes the following issues: - CVE-2021-41089: Fixed 'cp' can chmod host files bsc1191015. - CVE-2021-41091: Fixed flaw that could lead to data directory traversal in moby bsc1191434. - CVE-2021-41092: Fixed exposed user credentials with a misconfigured...

SUSE-SU-2019:2786-1 Security update for docker-runc

This update for docker-runc fixes the following issues: - CVE-2019-16884: Fixed an LSM bypass via malicious Docker images that mount over a /proc directory. bsc1152308...

OPENSUSE-SU-2019:0189-1 Security update for docker

This update for containerd, docker, docker-runc and golang-github-docker-libnetwork fixes the following issues: Security issues fixed for containerd, docker, docker-runc and golang-github-docker-libnetwork: - CVE-2018-16873: cmd/go: remote command execution during 'go get -u' bsc1118897 -...

Updated docker packages fix security vulnerabilities

Updated docker packages fix security vulnerabilities: Lack of content verification in docker allowed a remote attacker to cause a Denial of Service via a crafted image layer payload, aka gzip bombing CVE-2017-14992. The DefaultLinuxSpec function in oci/defaults.go docker did not block /proc/scsi...