drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Preisgabe von Informationen in docker.io
Name: |
Preisgabe von Informationen in docker.io |
|
ID: |
DSA-4716-1 |
|
Distribution: |
Debian |
|
Plattformen: |
Debian buster |
|
Datum: |
Fr, 3. Juli 2020, 07:14 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-13401 |
|
Applikationen: |
Docker |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512
- ------------------------------------------------------------------------- Debian Security Advisory DSA-4716-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff July 02, 2020 https://www.debian.org/security/faq - -------------------------------------------------------------------------
Package : docker.io CVE ID : CVE-2020-13401 Debian Bug : 962141
Etienne Champetier discovered that Docker, a Linux container runtime, created network bridges which by default accept IPv6 router advertisements. This could allow an attacker with the CAP_NET_RAW capability in a container to spoof router advertisements, resulting in information disclosure or denial of service.
For the stable distribution (buster), this problem has been fixed in version 18.09.1+dfsg1-7.1+deb10u2.
We recommend that you upgrade your docker.io packages.
For the detailed security status of docker.io please refer to its security tracker page at: https://security-tracker.debian.org/tracker/docker.io
Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/
Mailing list: debian-security-announce@lists.debian.org -----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl7+KBwACgkQEMKTtsN8 TjbyYBAAg+O+0IgB1qBQyB11lKb7t0MGrqo35/MOnYgQK8jbcqBGPQ0eDAfU9z7R C7ixPlMZvu90S+pXNonfOTCwZQ+UrlSzM6wc2HNI2mjp+BId0rpPtxIqr1hcDNGz IAu+hqxFEZhTu6+olK5qyXCRbz38d2Kg/8uS8YznO6IEvhcAjygnSGRR9EfsaC4R jYMD3tJ8vUgEkJRZmZucicCswqC8WczN8a6fHH6Glbs3eIT2vlFINhFZM8PWQ4E/ vtjf8+JPkfrTe7Y2/SMnBkE082gS1/WjYrKXj8RAMJ2M2Y61O9RdGX+wD3NOwjS0 /6PVf2T9+/QbNAQrQFGcnw3uvsSbSiFgaFGhGuI+DJ6yJfrgXSO1Iis9wrCZ0DlK MLJrDP+u+ZQm7U6GNYNiwBnHocl9s4cYNhTj5QaEM76O51Wt2MVuj4t777W9Zdp9 Jt1lFwHJb1KHizYSxySEp3AJcAcSXv89JA2dxtSdEZGojaPoXouRfXqvybWNu2hP wvpWqYeRHlXw32kpq7xrb1uEMkMBlkh6O/d8JeNpFI/Hd3Cl610JbGIYLhTK5A9w m5q4nGADFF0SDEFQmZEVKFJNIlIQKX7MspdAc7nPBfGWQ8Xhttx4Vag0z6HvSxDS ST2wwG0W5O4NNjr3ibdm6JpEgGcZjWDPgqFSH5UkKgDC712SyUc= =vIL3 -----END PGP SIGNATURE-----
|
|
|
|