Overview

File _patchinfo of Package patchinfo.27857

<patchinfo incident="27857">
  <category>security</category>
<issue tracker="cve" id="2022-36109"/>
<issue tracker="bnc" id="1206065">[trackerbug] Docker 20.10.21-ce update</issue>
<issue tracker="bnc" id="1205375">VUL-0: CVE-2022-36109: docker: supplementary group permissions bypass</issue>
  <rating>moderate</rating>
  <packager>msmeissn</packager>
  <summary>Security update for docker</summary>
<description>
This update for docker fixes the following issues:

Docker was updated to 20.10.23-ce.

See upstream changelog at https://docs.docker.com/engine/release-notes/#201023

Docker was updated to 20.10.21-ce (bsc#1206065)

See upstream changelog at https://docs.docker.com/engine/release-notes/#201021 

Security issues fixed:

- CVE-2022-36109: Fixed supplementary group permissions bypass (bsc#1205375)

- Fix wrong After: in docker.service, fixes bsc#1188447
- Add apparmor-parser as a Recommends to make sure that most users will end up
  with it installed even if they are primarily running SELinux.
- Allow to install container-selinux instead of apparmor-parser.
- Change to using systemd-sysusers
</description>
<message>Updating docker will restart the docker service, which may stop some of your docker containers. Do you want to proceed with the update?</message>
</patchinfo>
openSUSE Build Service is sponsored by
Places