File _patchinfo of Package patchinfo.27857
<patchinfo incident="27857">
<category>security</category>
<issue tracker="cve" id="2022-36109"/>
<issue tracker="bnc" id="1206065">[trackerbug] Docker 20.10.21-ce update</issue>
<issue tracker="bnc" id="1205375">VUL-0: CVE-2022-36109: docker: supplementary group permissions bypass</issue>
<rating>moderate</rating>
<packager>msmeissn</packager>
<summary>Security update for docker</summary>
<description>
This update for docker fixes the following issues:
Docker was updated to 20.10.23-ce.
See upstream changelog at https://docs.docker.com/engine/release-notes/#201023
Docker was updated to 20.10.21-ce (bsc#1206065)
See upstream changelog at https://docs.docker.com/engine/release-notes/#201021
Security issues fixed:
- CVE-2022-36109: Fixed supplementary group permissions bypass (bsc#1205375)
- Fix wrong After: in docker.service, fixes bsc#1188447
- Add apparmor-parser as a Recommends to make sure that most users will end up
with it installed even if they are primarily running SELinux.
- Allow to install container-selinux instead of apparmor-parser.
- Change to using systemd-sysusers
</description>
<message>Updating docker will restart the docker service, which may stop some of your docker containers. Do you want to proceed with the update?</message>
</patchinfo>