Overview

File _patchinfo of Package patchinfo.614

<patchinfo incident="614">
  <issue id="930235" tracker="bnc">VUL-0: CVE-2015-3630, CVE-2015-3631, CVE-2015-3627,CVE-2015-3629: docker: various security issues</issue>
  <issue id="931301" tracker="bnc">Fix regression introduced by docker 1.6.1</issue>
  <issue id="CVE-2015-3631" tracker="cve" />
  <issue id="CVE-2015-3630" tracker="cve" />
  <issue id="CVE-2015-3629" tracker="cve" />
  <issue id="CVE-2015-3627" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>flavio_castelli</packager>
  <description>The Linux container runtime environment Docker was updated to version 1.6.2
to fix several security and non-security issues.

- Security:
  - Fix read/write /proc paths. (CVE-2015-3630)
  - Prohibit VOLUME /proc and VOLUME /. (CVE-2015-3631)
  - Fix opening of file-descriptor 1. (CVE-2015-3627)
  - Fix symlink traversal on container respawn allowing local privilege
    escalation. (CVE-2015-3629)

- Runtime:
  - Update Apparmor policy to not allow mounts.
</description>
  <summary>Security update for docker</summary>
</patchinfo>
openSUSE Build Service is sponsored by
Places