File _patchinfo of Package patchinfo.22477

<patchinfo incident="22477">
  <issue tracker="bnc" id="1191015">VUL-0: CVE-2021-41089: docker: "cp" can chmod host files</issue>
  <issue tracker="bnc" id="1191121">VUL-0: CVE-2021-41103: containerd: file access to local users</issue>
  <issue tracker="bnc" id="1191334">VUL-0: CVE-2021-41092: docker: exposed user credentials with a misconfigured configuration file</issue>
  <issue tracker="bnc" id="1191434">VUL-0: CVE-2021-41091: docker: A bug was found in Moby (Docker Engine) where the data directory (typically `/var/lib/docker`) contained subdirectories wit</issue>
  <issue tracker="bnc" id="1193273">VUL-1: CVE-2021-41190: opencontainers: OCI manifest and index parsing confusion</issue>
  <issue tracker="cve" id="2021-41089"/>
  <issue tracker="cve" id="2021-41091"/>
  <issue tracker="cve" id="2021-41092"/>
  <issue tracker="cve" id="2021-41103"/>
  <issue tracker="cve" id="2021-41190"/>
  <packager>cyphar</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for containerd, docker</summary>
  <description>This update for containerd, docker fixes the following issues:

- CVE-2021-41089: Fixed "cp" can chmod host files (bsc#1191015).
- CVE-2021-41091: Fixed flaw that could lead to data directory traversal in moby (bsc#1191434).
- CVE-2021-41092: Fixed exposed user credentials with a misconfigured configuration file (bsc#1191334).
- CVE-2021-41103: Fixed file access to local users in containerd (bsc#1191121).
- CVE-2021-41190: Fixed OCI manifest and index parsing confusion (bsc#1193273).
</description>
<message>Updating docker will restart the docker service, which may stop some of your docker containers. Do you want to proceed with the update?</message>
</patchinfo>