Security update for docker (important)

2014-12-08T17:07:52
ID OPENSUSE-SU-2014:1596-1
Type suse
Reporter Suse
Modified 2014-12-08T17:07:52

Description

docker was updated to version 1.3.2 to fix two security issues.

These security issues were fixed: - Symbolic and hardlink issues leading to privilege escalation (CVE-2014-6407). - Potential container escalation (CVE-2014-6408).

There non-security issues were fixed: - Fix deadlock in docker ps -f exited=1 - Fix a bug when --volumes-from references a container that failed to start - --insecure-registry now accepts CIDR notation such as 10.1.0.0/16 - Private registries whose IPs fall in the 127.0.0.0/8 range do no need the --insecure-registry flag - Skip the experimental registry v2 API when mirroring is enabled - Fixed minor packaging issues.