This update for docker, docker-runc, containerd,
golang-github-docker-libnetwork fixes several issues.
These security issues were fixed:
CVE-2017-16539: The DefaultLinuxSpec function in oci/defaults.go docker
did not block /proc/scsi pathnames, which allowed attackers to trigger
data loss (when certain older Linux kernels are used) by leveraging
Docker container access to write a "scsi remove-single-device" line to
/proc/scsi/scsi, aka SCSI MICDROP (bnc#1066801)
CVE-2017-14992: Lack of content verification in docker allowed a remote
attacker to cause a Denial of Service via a crafted image layer payload,
aka gzip bombing. (bnc#1066210)
These non-security issues were fixed:
docker info
.Please note that the "docker-runc" package is just a rename of the old
"runc" package to match that we now ship the Docker fork of runc.
bugzilla.suse.com/1021227
bugzilla.suse.com/1029320
bugzilla.suse.com/1032287
bugzilla.suse.com/1045628
bugzilla.suse.com/1046024
bugzilla.suse.com/1048046
bugzilla.suse.com/1051429
bugzilla.suse.com/1053532
bugzilla.suse.com/1055676
bugzilla.suse.com/1057743
bugzilla.suse.com/1058173
bugzilla.suse.com/1059011
bugzilla.suse.com/1064926
bugzilla.suse.com/1065109
bugzilla.suse.com/1066210
bugzilla.suse.com/1066801
bugzilla.suse.com/1069468
bugzilla.suse.com/1069758
bugzilla.suse.com/1072798