Oval Definition:oval:org.opensuse.security:def:104133
Revision Date:2019-08-13Version:1
Title:Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork (Important)
Description:

This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues:

Docker:

- CVE-2019-14271: Fixed a code injection if the nsswitch facility dynamically loaded a library inside a chroot (bsc#1143409). - CVE-2019-13509: Fixed an information leak in the debug log (bsc#1142160). - Update to version 19.03.1-ce, see changelog at /usr/share/doc/packages/docker/CHANGELOG.md (bsc#1142413, bsc#1139649).

runc:

- Use %config(noreplace) for /etc/docker/daemon.json (bsc#1138920). - Update to runc 425e105d5a03, which is required by Docker (bsc#1139649).

containerd:

- CVE-2019-5736: Fixed a container breakout vulnerability (bsc#1121967). - Update to containerd v1.2.6, which is required by docker (bsc#1139649).

golang-github-docker-libnetwork:

- Update to version git.fc5a7d91d54cc98f64fc28f9e288b46a0bee756c, which is required by docker (bsc#1142413, bsc#1139649).
Family:unixClass:patch
Status:Reference(s):1100331
1121967
1138920
1139649
1142160
1142413
1143409
CVE-2018-10892
CVE-2019-13509
CVE-2019-14271
CVE-2019-5736
SUSE-SU-2019:2117-1
Platform(s):SUSE Linux Enterprise High Performance Computing 15 SP1
SUSE Linux Enterprise Module for Containers 15 SP1
SUSE Linux Enterprise Server 15 SP1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Linux Enterprise Storage 6
SUSE Manager Proxy 4.0
SUSE Manager Server 4.0
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Containers 15 SP1 is installed
  • AND Package Information
  • containerd-1.2.6-5.16.1 is installed
  • OR docker-19.03.1_ce-6.26.2 is installed
  • OR docker-bash-completion-19.03.1_ce-6.26.2 is installed
  • OR docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15.1 is installed
  • OR docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21.2 is installed
    • BACK