openSUSE Security Update : docker / docker-runc / containerd / etc (openSUSE-2018-152)

This update for docker, docker-runc, containerd, golang-github-docker-libnetwork fixes several issues. These security issues were fixed : - CVE-2017-16539: The DefaultLinuxSpec function in oci/defaults.go docker did not block /proc/scsi pathnames, which allowed attackers to trigger data loss when...

Docker Redirection Vulnerability

Docker is an open source application container engine from Docker Inc. in the United States, which supports the creation of a container lightweight virtual machine and deployment and running applications on Linux systems, as well as automated installation, deployment and upgrading of applications...

Easy Windows and Linux cross-compilers for macOS

tl;dr: you can install cross-compiler toolchains to compile C/C++ for Windows or Linux from macOS with these two Homebrew Formulas. brew install FiloSottile/musl-cross/musl-cross brew install mingw-w64 Cross-compiling C and C++ is dreadful. While in Go you just need to set an environment variable...

Build Your Own IPsec VPN Server: Auto Setup Scripts

Set up your own IPsec VPN server in just a few minutes, with both IPsec/L2TP and Cisco IPsec on Ubuntu, Debian and CentOS. All you need to do is provide your own VPN credentials, and let the scripts handle the rest. An IPsec VPN encrypts your network traffic, so that nobody between you and the VP...

SUSE-SU-2018:0386-1 Version update for docker, docker-runc, containerd, golang-github-docker-libnetwork

This update for docker, docker-runc, containerd, golang-github-docker-libnetwork fixes several issues. These security issues were fixed: - CVE-2017-16539: The DefaultLinuxSpec function in oci/defaults.go docker did not block /proc/scsi pathnames, which allowed attackers to trigger data loss when...

CVE-2014-5282

Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loading of untrusted images via 'docker load'...

DEBIAN-CVE-2014-5282

Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loading of untrusted images via 'docker load'...

Design/Logic Flaw

Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loading of untrusted images via 'docker load'...

Design/Logic Flaw

The Docker daemon managed by boot2docker 1.2 and earlier improperly enables unauthenticated TCP connections by default, which makes it easier for remote attackers to gain privileges or execute arbitrary code from children containers...

CVE-2014-5280

boot2docker 1.2 and earlier allows attackers to conduct cross-site request forgery CSRF attacks by leveraging Docker daemons enabling TCP connections without TLS authentication...

CVE-2014-5282

Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loading of untrusted images via 'docker load'...

CVE-2014-5279

The Docker daemon managed by boot2docker 1.2 and earlier improperly enables unauthenticated TCP connections by default, which makes it easier for remote attackers to gain privileges or execute arbitrary code from children containers...

CVE-2014-5282

Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loading of untrusted images via 'docker load'...

UBUNTU-CVE-2014-5282

Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loading of untrusted images via 'docker load'...

CVE-2014-5279

CVE-2014-5279 affects the Docker daemon used by boot2docker 1.2 and earlier. The issue arises from the daemon improperly enabling unauthenticated TCP connections by default, exposing a network interface that remote attackers can reach. Impact: remote attackers could potentially gain privileges or...

CVE-2014-5279

The Docker daemon managed by boot2docker 1.2 and earlier improperly enables unauthenticated TCP connections by default, which makes it easier for remote attackers to gain privileges or execute arbitrary code from children containers...

CVE-2014-5280

Boot2Docker 1.2 and earlier are affected by CVE-2014-5280, with a CSRF vulnerability exploited by leveraging Docker daemons that accept TCP connections without TLS authentication. This stems from the underlying Docker daemon configuration allowing unauthenticated TCP access, enabling CSRF-related...

CVE-2014-5282

CVE-2014-5282 affects Docker before 1.3. The issue is improper validation of image IDs during docker load, allowing remote attackers to redirect to a different image by loading untrusted images. Public references across multiple feeds confirm the vulnerability and its impact, with no explicit exp...

CVE-2014-5280

boot2docker 1.2 and earlier allows attackers to conduct cross-site request forgery CSRF attacks by leveraging Docker daemons enabling TCP connections without TLS authentication...

CVE-2014-5282

Docker before 1.3 does not properly validate image IDs, which allows remote attackers to redirect to another image through the loading of untrusted images via 'docker load'...