MGASA-2021-0484 Updated docker-containerd packages fix security vulnerability

A bug was found in containerd where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host’s filesystem. Changes to file permissions can deny access to the expected owner of the file, widen access to others, or set...

Updated docker-containerd packages fix security vulnerability

In containerd an industry-standard container runtime before versions 1.3.10 and 1.4.4, containers launched through containerd's CRI implementation through Kubernetes, crictl, or any other pod/container client that uses the containerd CRI service that share the same image may receive incorrect...

OPENSUSE-SU-2020:0846-1 Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork

This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues: Docker was updated to 19.03.11-ce runc was updated to version 1.0.0-rc10 containerd was updated to version 1.2.13 - CVE-2020-13401: Fixed an issue where an attacker with CAPNETRAW...

Updated docker packages fix security vulnerabilities

Updated docker packages fix security vulnerabilities: Lack of content verification in docker allowed a remote attacker to cause a Denial of Service via a crafted image layer payload, aka gzip bombing CVE-2017-14992. The DefaultLinuxSpec function in oci/defaults.go docker did not block /proc/scsi...

Fedora 26 : 2:docker (2017-3976710f1e)

Resolves: 1510351 - CVE-2017-14992 built docker @projectatomic/docker-1.13.1 commit 584d391 built docker-novolume-plugin commit 385ec70 built rhel-push-plugin commit af9107b built docker-lvm-plugin commit 8647404 built docker-runc @projectatomic/docker-1.13.1 commit 1c91122 built docker-container...