| Revision Date: | 2020-09-15 | Version: | 1 |
| Title: | Security update for docker-distribution (Moderate) |
| Description: |
This update for docker-distribution fixes the following issues:
- Enable build on %arm (which include armv6), not only on armv7
- Enable ppc64le
- Use correct URL to project - Remove fillup, we don't ship a sysconfig file - Correct systemd requires - Enable build on ARM
- Upgraded to 2.7.1 - Support for OCI images added - Fix upgrade issues from 2.6.x - Update Go version to 1.11 - Switch to multi-stage Dockerfile - Validations enabled by default with new disabled config option - Optimize health check performance - Create separate permission for deleting objects in a repo - Fix storage driver error propagation for manifest GETs - Fix forwarded header resolution - Add prometheus metrics - Disable schema1 manifest by default - Graceful shutdown - TLS: remove ciphers that do not support perfect forward secrecy - Fix registry stripping newlines from manifests - Add bugsnag logrus hook - Support ARM builds
This release is a special security release to address an issue allowing an attacker to force arbitrarily-sized memory allocations in a registry instance through the manifest endpoint. The problem has been mitigated by limiting the size of reads for image manifest content. Details for mitigation are in 29fa466 Fixes boo#1049850 (CVE-2017-11468) Fixes boo#1033172
|
| Family: | unix | Class: | patch |
| Status: | | Reference(s): | 1033172
1049850
CVE-2017-11468
openSUSE-SU-2020:1433-1
|
| Platform(s): | SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Server 4.1
SUSE Package Hub for SUSE Linux Enterprise 15 SP2
| Product(s): | |
| Definition Synopsis |
| SUSE Package Hub for SUSE Linux Enterprise 15 SP2 is installed AND docker-distribution-registry-2.7.1-bp152.4.3.1 is installed
|