Oval Definition:oval:org.opensuse.security:def:70419
Revision Date:2021-06-11Version:1
Title:Security update for containerd, docker, runc (Important)
Description:

This update for containerd, docker, runc fixes the following issues:

Docker was updated to 20.10.6-ce (bsc#1184768, bsc#1182947, bsc#1181594)

Switch version to use -ce suffix rather than _ce to avoid confusing other tools (bsc#1182476). * CVE-2021-21284: Fixed a potential privilege escalation when the root user in the remapped namespace has access to the host filesystem (bsc#1181732) * CVE-2021-21285: Fixed an issue where pulling a malformed Docker image manifest crashes the dockerd daemon (bsc#1181730). * btrfs quotas being removed by Docker regularly (bsc#1183855, bsc#1175081)

runc was updated to v1.0.0~rc93 (bsc#1182451, bsc#1175821 bsc#1184962).

Use the upstream runc package (bsc#1181641, bsc#1181677, bsc#1175821). * Fixed /dev/null is not available (bsc#1168481). * CVE-2021-30465: Fixed a symlink-exchange attack vulnarability (bsc#1185405).

containerd was updated to v1.4.4

CVE-2021-21334: Fixed a potential information leak through environment variables (bsc#1183397). * Handle a requirement from docker (bsc#1181594).
Family:unixClass:patch
Status:Reference(s):1055857
1059893
1120943
1160770
1168481
1171475
1171847
1172105
1172116
1172121
1175081
1175204
1175821
1176908
1176909
1176910
1181594
1181641
1181677
1181730
1181732
1181749
1182451
1182476
1182947
1183024
1183855
1184768
1184962
1185405
CVE-2016-6328
CVE-2017-7544
CVE-2018-20030
CVE-2019-9278
CVE-2020-0093
CVE-2020-12767
CVE-2020-13112
CVE-2020-13113
CVE-2020-13114
CVE-2020-17498
CVE-2020-25862
CVE-2020-25863
CVE-2020-25866
CVE-2021-21284
CVE-2021-21285
CVE-2021-21334
CVE-2021-30465
SUSE-SU-2020:3166-1
SUSE-SU-2021:1954-1
Platform(s):SUSE Linux Enterprise Module for Basesystem 15 SP2
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Server for SAP Applications 15 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • AND Package Information
  • libwireshark13-3.2.7-3.41 is installed
  • OR libwiretap10-3.2.7-3.41 is installed
  • OR libwsutil11-3.2.7-3.41 is installed
  • OR wireshark-3.2.7-3.41 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed
  • AND Package Information
  • libexif-0.6.22-5.6 is installed
  • OR libexif-devel-32bit-0.6.22-5.6 is installed
  • OR libexif12-32bit-0.6.22-5.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
  • AND Package Information
  • containerd-1.4.4-5.32.1 is installed
  • OR docker-20.10.6_ce-6.49.3 is installed
  • OR docker-bash-completion-20.10.6_ce-6.49.3 is installed
  • OR runc-1.0.0~rc93-1.14.2 is installed
    • BACK