Oval Definition:oval:org.opensuse.security:def:68478
Revision Date:2020-12-01Version:1
Title:Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork (Important)
Description:

This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues:

Docker:

- CVE-2019-14271: Fixed a code injection if the nsswitch facility dynamically loaded a library inside a chroot (bsc#1143409). - CVE-2019-13509: Fixed an information leak in the debug log (bsc#1142160). - Update to version 19.03.1-ce, see changelog at /usr/share/doc/packages/docker/CHANGELOG.md (bsc#1142413, bsc#1139649).

runc:

- Use %config(noreplace) for /etc/docker/daemon.json (bsc#1138920). - Update to runc 425e105d5a03, which is required by Docker (bsc#1139649).

containerd:

- CVE-2019-5736: Fixed a container breakout vulnerability (bsc#1121967). - Update to containerd v1.2.6, which is required by docker (bsc#1139649).

golang-github-docker-libnetwork:

- Update to version git.fc5a7d91d54cc98f64fc28f9e288b46a0bee756c, which is required by docker (bsc#1142413, bsc#1139649).
Family:unixClass:patch
Status:Reference(s):1100331
1121967
1138920
1139649
1142160
1142413
1143409
1177895
CVE-2018-10892
CVE-2019-13509
CVE-2019-14271
CVE-2019-5736
CVE-2020-27153
SUSE-SU-2019:2117-1
SUSE-SU-2020:3165-1
Platform(s):SUSE Linux Enterprise Module for Containers 15 SP1
SUSE Linux Enterprise Module for Desktop Applications 15 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Containers 15 SP1 is installed
  • AND Package Information
  • containerd-1.2.6-5.16 is installed
  • OR docker-19.03.1_ce-6.26 is installed
  • OR docker-bash-completion-19.03.1_ce-6.26 is installed
  • OR docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15 is installed
  • OR docker-runc-1.0.0rc8+gitr3826_425e105d5a03-6.21 is installed
  • OR golang-github-docker-libnetwork-0.7.0.1+gitr2800_fc5a7d91d54c-4.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed
  • AND Package Information
  • bluez-5.48-5.28 is installed
  • OR bluez-devel-5.48-5.28 is installed
    • BACK