Mailinglist Archive: opensuse-updates (50 mails)

< Previous Next >
openSUSE-SU-2015:0905-1: moderate: Security update for docker
openSUSE Security Update: Security update for docker
______________________________________________________________________________

Announcement ID: openSUSE-SU-2015:0905-1
Rating: moderate
References: #930235
Cross-References: CVE-2015-3627 CVE-2015-3629 CVE-2015-3630
CVE-2015-3631
Affected Products:
openSUSE 13.2
______________________________________________________________________________

An update that fixes four vulnerabilities is now available.

Description:

docker was updated to version 1.6.1 to fix several security and
non-security issues.

- Updated to version 1.6.1 (2015-05-07) [bnc#930235]
* Security
- Fix read/write /proc paths (CVE-2015-3630)
- Prohibit VOLUME /proc and VOLUME / (CVE-2015-3631)
- Fix opening of file-descriptor 1 (CVE-2015-3627)
- Fix symlink traversal on container respawn allowing local privilege
escalation (CVE-2015-3629)
- Prohibit mount of /sys
* Runtime
- Update Apparmor policy to not allow mounts
- Updated libcontainer-apparmor-fixes.patch: adapt patch to reflect
changes introduced by docker 1.6.1


Patch Instructions:

To install this openSUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:

- openSUSE 13.2:

zypper in -t patch openSUSE-2015-365=1

To bring your system up-to-date, use "zypper patch".


Package List:

- openSUSE 13.2 (x86_64):

docker-1.6.1-28.1
docker-debuginfo-1.6.1-28.1
docker-debugsource-1.6.1-28.1

- openSUSE 13.2 (noarch):

docker-bash-completion-1.6.1-28.1
docker-zsh-completion-1.6.1-28.1


References:

https://www.suse.com/security/cve/CVE-2015-3627.html
https://www.suse.com/security/cve/CVE-2015-3629.html
https://www.suse.com/security/cve/CVE-2015-3630.html
https://www.suse.com/security/cve/CVE-2015-3631.html
https://bugzilla.suse.com/930235


< Previous Next >
This Thread
  • No further messages