[SECURITY] Fedora 25 Update: docker-latest-1.12.6-2.git51ef5a8.fc25

Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Docker containers can encapsulate any payload, and will run consistently on and between virtually any server. The same container...

CVE-2016-9962

The runc component used by docker exec feature of docker allowed additional container processes to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain low-level access to these new processes during initialization. An attacker can,...

[SECURITY] Fedora 25 Update: docker-1.12.6-3.git51ef5a8.fc25

Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that will run virtually anywhere. Docker containers can encapsulate any payload, and will run consistently on and between virtually any server. The same container...

docker-engine docker-engine-selinux security and bugfix update

1.12.6-1.0.1 - Enable configuration of Docker daemon via sysconfig orabug 21804877 - Require UEK4 for docker 1.9 orabug 22235639 22235645 - Add docker.conf for prelink orabug 25147708 1.12.6 - the systemd unit file /usr/lib/systemd/system/docker.service contains local changes, or - a systemd...

[ASA-201701-19] docker: privilege escalation

Arch Linux Security Advisory ASA-201701-19 ========================================== Severity: High Date : 2017-01-13 CVE-ID : CVE-2016-9962 Package : docker Type : privilege escalation Remote : No Link : https://security.archlinux.org/AVG-133 Summary ======= The package docker before version...

Fedora Update for docker FEDORA-2017-dbc2b618eb

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 25 : 2:docker (2017-dbc2b618eb)

Fix CVE-2016-9962 Insecure opening of file-descriptor allows privilege Fix BZ1412148 - containerd: container did not start before the specified timeout ---- use container-selinux = 2:2.0-2 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora...

Moderate: Red Hat Security Advisory: Red Hat Mobile Application Platform 4.2.1 Security Update - SDKs and RPMs

Updated packages that provide Red Hat Mobile Application Platform 4.2.1, fixed several bugs, and added various enhancements that are now available from the Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring Syste...

Docker Engine Detection (Linux/Unix SSH Login)

SSH login-based detection of Docker Engine. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Docker < 1.12.6 Local Privilege Escalation Vulnerability

Docker is prone to a local privilege escalation vulnerability. Copyright C 2017 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software...

Amazon Linux AMI : docker (ALAS-2017-783)

It was discovered that runC allowed additional container processes via runc exec to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file descriptors of these new processes during the initialization, which can lead to...

Important: docker

Issue Overview: It was discovered that runC allowed additional container processes via runc exec to be ptraced by the pid 1 of the container. This allows the main processes of the container, if running as root, to gain access to file descriptors of these new processes during the initialization,...

Docker Swarmki Local Denial of Service Vulnerability

Docker is an open source application container engine from Docker Inc. that supports creating a container lightweight virtual machine and deploying and running applications on Linux systems, as well as automating the installation, deployment, and upgrade of applications through configuration file...

CVE-2016-6595

The SwarmKit toolkit 1.12.0 for Docker allows remote authenticated users to cause a denial of service prevention of cluster joins via a long sequence of join and quit actions. NOTE: the vendor disputes this issue, stating that this sequence is not "removing the state that is left by old nodes. At...

CVE-2016-6595

The SwarmKit toolkit 1.12.0 for Docker allows remote authenticated users to cause a denial of service prevention of cluster joins via a long sequence of join and quit actions. NOTE: the vendor disputes this issue, stating that this sequence is not "removing the state that is left by old nodes. At...

Design/Logic Flaw

The SwarmKit toolkit 1.12.0 for Docker allows remote authenticated users to cause a denial of service prevention of cluster joins via a long sequence of join and quit actions. NOTE: the vendor disputes this issue, stating that this sequence is not "removing the state that is left by old nodes. At...

CVE-2016-6595

The SwarmKit toolkit 1.12.0 for Docker allows remote authenticated users to cause a denial of service prevention of cluster joins via a long sequence of join and quit actions. NOTE: the vendor disputes this issue, stating that this sequence is not "removing the state that is left by old nodes. At...

CVE-2016-6595

The SwarmKit toolkit 1.12.0 for Docker allows remote authenticated users to cause a denial of service prevention of cluster joins via a long sequence of join and quit actions. NOTE: the vendor disputes this issue, stating that this sequence is not "removing the state that is left by old nodes. At...

CVE-2016-6595

CVE-2016-6595 affects the SwarmKit toolkit 1.12.0 for Docker, where remote authenticated users can cause a denial of service by issuing a long sequence of join and quit actions (prevention of cluster joins). The description is disputed by the vendor, which argues that the behavior is a resource p...

CVE-2016-6595

The SwarmKit toolkit 1.12.0 for Docker allows remote authenticated users to cause a denial of service prevention of cluster joins via a long sequence of join and quit actions. NOTE: the vendor disputes this issue, stating that this sequence is not "removing the state that is left by old nodes. At...