File _patchinfo of Package patchinfo.6808

<patchinfo incident="6808">
  <issue id="1083474" tracker="bnc">L3: docker-distirbution-registry overwrites configuration file with update</issue>
  <issue id="1033172" tracker="bnc">garbage collector needed - or kindly release  docker-distribution-registry in Version 2.4</issue>
  <issue id="1049850" tracker="bnc">VUL-0: CVE-2017-11468: docker-distribution: denial of service (memory consumption) via the manifest endpoint</issue>
  <issue id="2017-11468" tracker="cve" />
  <category>security</category>
  <rating>moderate</rating>
  <packager>jordimassaguerpla</packager>
  <description>This update for docker-distribution fixes the following issues:

Security issues fixed:

- CVE-2017-11468: Fixed a denial of service (memory consumption) via the manifest endpoint (bsc#1049850).

Bug fixes:

- bsc#1083474: docker-distirbution-registry overwrites configuration file with update.
- bsc#1033172: Garbage collector needed - or kindly release docker-distribution-registry in Version 2.4.
- Add SuSEfirewall2 service file for TCP port 5000.
</description>
  <summary>Security update for docker-distribution</summary>
</patchinfo>
openSUSE Build Service is sponsored by