Sicherheit: Mangelnde Rechteprüfung in docker-latest
Aktuelle Meldungen Distributionen
Name: Mangelnde Rechteprüfung in docker-latest
ID: FEDORA-2018-160b3d2f6c
Distribution: Fedora
Plattformen: Fedora 27
Datum: Mo, 20. August 2018, 08:29
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10892
Applikationen: Docker


Fedora Update Notification
2018-08-19 21:29:12.787651

Name : docker-latest
Product : Fedora 27
Version : 1.13.1
Release : 37.git9cb56fd.fc27
URL : https://github.com/projectatomic/docker
Summary : Automates deployment of containerized applications
Description :
Docker is an open-source engine that automates the deployment of any
application as a lightweight, portable, self-sufficient container that will
run virtually anywhere.

Docker containers can encapsulate any payload, and will run consistently on
and between virtually any server. The same container that a developer builds
and tests on a laptop will run at scale, in production*, on VMs, bare-metal
servers, OpenStack clusters, public instances, or combinations of the above.

Update Information:

Resolves: #1598581, #1598582 - CVE-2018-10892

* Sun Jul 8 2018 Lokesh Mandvekar <lsm5@fedoraproject.org> -
- Resolves: #1598581, #1598582 - CVE-2018-10892
- built docker @projectatomic/docker-1.13.1 commit 9cb56fd
- built docker-runc @projectatomic/docker-1.13.1 commit b425831
- built docker-containerd @projectatomic/docker-1.13.1 commit 42e825a
- built docker-init commit fec3683
- built libnetwork commit d00ceed
* Wed Feb 7 2018 Fedora Release Engineering <releng@fedoraproject.org> -
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild
* Tue Jan 23 2018 Karsten Hopp <karsten@redhat.com> - 1.13-35.git
- make sure epoch is always defined before using it

[ 1 ] Bug #1598581 - CVE-2018-10892 docker: container breakout without
selinux in enforcing mode

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2018-160b3d2f6c' at the command
line. For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DW75UQDNPSNU5K7M6NCSXWVPUAVQDCDO/
Pro-Linux @Facebook
Neue Nachrichten