[SECURITY] Fedora 24 Update: docker-latest-1.12.6-1.git51ef5a8.fc24

Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Docker containers can encapsulate any payload, and will run consistently on and between virtually any server. The same container...

Docker Local Elevation of Privilege Vulnerability (CNVD-2017-00924)

Docker is an open source application container engine from Docker Inc. in the United States, which supports the creation of a container lightweight virtual machine and deployment and running applications on Linux systems, as well as automated installation, deployment and upgrading of applications...

Glue - Application Security Automation

Glue is a framework for running a series of tools. Generally, it is intended as a backbone for automating a security analysis pipeline of tools. Recommended Usage For those wishing to run Glue, we recommend using the docker image because it should have the other tools it uses available already an...

Docker Compliance Check: Skipped

Lists all the Docker Compliance Policy Checks errors. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Docker Compliance Check

Runs the Docker Compliance Check. These tests are inspired by the CIS Docker Benchmark. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...

Docker Compliance Check: Failed

Lists all the Docker Compliance Policy Checks which did NOT pass. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

Docker Compliance Check: Passed

Lists all the Docker Compliance Policy Checks which did pass. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software;...

Docker Compliance Check: Error

Lists all the Docker Compliance Policy Checks errors. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Docker Patches Privilege Escalation Vulnerability

Docker has patched a privilege escalation vulnerability CVE-2016-9962 that could lead to container escapes, allowing a hacker to affect operations of a host from inside a container. The vulnerability is rated high severity by some Linux distributions such as Arch Linux, which traces the problem t...

RHEL 7 : docker-latest (RHSA-2017:0123)

An update for docker-latest is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

RHEL 7 : docker (RHSA-2017:0116)

An update for docker is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Oracle Linux 6 / 7 : docker-engine / docker-engine-selinux (ELSA-2017-3511)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2017-3511 advisory. - Fix runC privilege escalation CVE-2016-9962 - Fix ambient capability usage in containers CVE-2016-8867 27610 Tenable has extracted the preceding descripti...

RHEL 7 : runc (RHSA-2017:0127)

An update for runc is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

docker: insecure opening of file-descriptor allows privilege escalation

The runc component used by docker exec feature of docker allowed additional container processes to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain low-level access to these new processes during initialization. An attacker can,...

Moderate: Red Hat Security Advisory: runc security and bug fix update

An update for runc is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability fro...

Moderate: Red Hat Security Advisory: docker-latest security, bug fix, and enhancement update

An update for docker-latest is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

docker: insecure opening of file-descriptor allows privilege escalation

The runc component used by docker exec feature of docker allowed additional container processes to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain low-level access to these new processes during initialization. An attacker can,...

docker: insecure opening of file-descriptor allows privilege escalation

The runc component used by docker exec feature of docker allowed additional container processes to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain low-level access to these new processes during initialization. An attacker can,...

Moderate: Red Hat Security Advisory: docker security, bug fix, and enhancement update

An update for docker is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

Fedora 25 : 2:docker-latest (2017-fcd02e2c2d)

Fix CVE-2016-9962 - Insecure opening of file-descriptor allows privilege escalation ---- built docker @projectatomic/docker-1.12 commit 6009905 ---- built docker @projectatomic/docker-1.12 commit 97974ae ---- built docker @projectatomic/docker-1.12 commit 7b5044b Note that Tenable Network Securit...