Oval Definition:oval:org.opensuse.security:def:64883
Revision Date:2021-06-11Version:1
Title:Security update for containerd, docker, runc (Important)
Description:

This update for containerd, docker, runc fixes the following issues:

Docker was updated to 20.10.6-ce (bsc#1184768, bsc#1182947, bsc#1181594)

Switch version to use -ce suffix rather than _ce to avoid confusing other tools (bsc#1182476). * CVE-2021-21284: Fixed a potential privilege escalation when the root user in the remapped namespace has access to the host filesystem (bsc#1181732) * CVE-2021-21285: Fixed an issue where pulling a malformed Docker image manifest crashes the dockerd daemon (bsc#1181730). * btrfs quotas being removed by Docker regularly (bsc#1183855, bsc#1175081)

runc was updated to v1.0.0~rc93 (bsc#1182451, bsc#1175821 bsc#1184962).

Use the upstream runc package (bsc#1181641, bsc#1181677, bsc#1175821). * Fixed /dev/null is not available (bsc#1168481). * CVE-2021-30465: Fixed a symlink-exchange attack vulnarability (bsc#1185405).

containerd was updated to v1.4.4

CVE-2021-21334: Fixed a potential information leak through environment variables (bsc#1183397). * Handle a requirement from docker (bsc#1181594).
Family:unixClass:patch
Status:Reference(s):1144656
1144675
1168481
1172021
1173595
1175081
1175821
1176179
1177901
1181594
1181641
1181677
1181730
1181732
1181749
1182451
1182476
1182947
1183024
1183855
1184768
1184962
1185405
CVE-2019-13104
CVE-2019-13106
CVE-2019-19956
CVE-2020-14983
CVE-2020-15229
CVE-2020-24977
CVE-2021-21284
CVE-2021-21285
CVE-2021-21334
CVE-2021-30465
openSUSE-SU-2020:0928-1
openSUSE-SU-2020:1465-1
openSUSE-SU-2020:1770-1
SUSE-SU-2019:2475-1
SUSE-SU-2020:1532-1
SUSE-SU-2021:1954-1
Platform(s):openSUSE Leap 15.1
openSUSE Leap 15.2
SUSE Linux Enterprise High Performance Computing 15 SP2
SUSE Linux Enterprise Module for Basesystem 15 SP1
SUSE Linux Enterprise Module for Containers 15 SP2
SUSE Linux Enterprise Server 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP2
SUSE Linux Enterprise Storage 7
SUSE Manager Proxy 4.1
SUSE Manager Server 4.1
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • chocolate-doom-3.0.1-lp151.3.3 is installed
  • OR chocolate-doom-bash-completion-3.0.1-lp151.3.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • libxml2-2.9.7-lp152.10.3 is installed
  • OR libxml2-2-2.9.7-lp152.10.3 is installed
  • OR libxml2-2-32bit-2.9.7-lp152.10.3 is installed
  • OR libxml2-devel-2.9.7-lp152.10.3 is installed
  • OR libxml2-devel-32bit-2.9.7-lp152.10.3 is installed
  • OR libxml2-doc-2.9.7-lp152.10.3 is installed
  • OR libxml2-tools-2.9.7-lp152.10.3 is installed
  • OR python-libxml2-python-2.9.7-lp152.10.3 is installed
  • OR python2-libxml2-python-2.9.7-lp152.10.3 is installed
  • OR python3-libxml2-python-2.9.7-lp152.10.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Containers 15 SP2 is installed
  • AND Package Information
  • containerd-1.4.4-5.32.1 is installed
  • OR docker-20.10.6_ce-6.49.3 is installed
  • OR docker-bash-completion-20.10.6_ce-6.49.3 is installed
  • OR runc-1.0.0~rc93-1.14.2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
  • AND Package Information
  • u-boot-2019.01-7.3 is installed
  • OR u-boot-rpi3-2019.01-7.3 is installed
  • OR u-boot-tools-2019.01-7.3 is installed
    • BACK