Overview

File _patchinfo of Package patchinfo.1282

<patchinfo incident="1282">
  <issue id="949660" tracker="bnc">VUL-0: CVE-2014-8178 CVE-2014-8179: docker: 1.8.3 fixes security issues</issue>
  <issue id="CVE-2014-8178" tracker="cve" />
  <issue id="CVE-2014-8179" tracker="cve" />
  <category>security</category>
  <rating>important</rating>
  <packager>jordimassaguerpla</packager>
  <description>docker was updated to version 1.8.3 to fix two security issues.

These security issues were fixed:
- CVE-2014-8178: Manipulated layer IDs could have lead to local graph poisoning (bsc#949660).
- CVE-2014-8179: Manifest validation and parsing logic errors allowed pull-by-digest validation bypass (bsc#949660).

This non-security issues was fixed:
- Add `--disable-legacy-registry` to prevent a daemon from using a v1 registry

More information about docker 1.8.3 can be found at 
https://blog.docker.com/2015/10/security-release-docker-1-8-3-1-6-2-cs7/
</description>
  <summary>Security update for docker</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places