Overview

File _patchinfo of Package patchinfo.29914

<patchinfo incident="29914">
  <issue tracker="bnc" id="1213120">[trackerbug] docker 24.0.3-ce update</issue>
  <issue tracker="bnc" id="1213500">[trackerbug] docker 24.0.4-ce update</issue>
  <issue tracker="bnc" id="1213229">VUL-0: CVE-2023-29406: go1.19,go1.20: net/http: insufficient sanitization of Host header</issue>
  <issue tracker="bnc" id="1212368">[trackerbug] docker 24.0.2-ce update</issue>
  <issue tracker="bnc" id="1214107">VUL-0: CVE-2023-28840: golang-github-docker-libnetwork,docker: Encrypted overlay network may be unauthenticated</issue>
  <issue tracker="bnc" id="1214109">VUL-0: CVE-2023-28842: docker,golang-github-docker-libnetwork: Encrypted overlay network with a single endpoint is unauthenticated</issue>
  <issue tracker="bnc" id="1214108">VUL-0: CVE-2023-28841: docker,golang-github-docker-libnetwork: Encrypted overlay network traffic may be unencrypted</issue>
  <issue tracker="bnc" id="1210797">Partner-L3: Growing docker mountpoint entries causes data unavailabillity</issue>
  <issue tracker="cve" id="2023-28841"/>
  <issue tracker="cve" id="2023-28842"/>
  <issue tracker="cve" id="2023-28840"/>
  <packager>cyphar</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for docker</summary>
  <description>This update for docker fixes the following issues:

- Update to Docker 24.0.5-ce.

  See upstream changelong online at
  &lt;https://docs.docker.com/engine/release-notes/24.0/#2405&gt; bsc#1213229 

- Update to Docker 24.0.4-ce.

  See upstream changelog online at
  &lt;https://docs.docker.com/engine/release-notes/24.0/#2404&gt;. bsc#1213500

- Update to Docker 24.0.3-ce.

  See upstream changelog online at
  &lt;https://docs.docker.com/engine/release-notes/24.0/#2403&gt;. bsc#1213120

- Recommend docker-rootless-extras instead of Require(ing) it, given
  it's an additional functionality and not inherently required for
  docker to function.

- Add docker-rootless-extras subpackage (https://docs.docker.com/engine/security/rootless)

- Update to Docker 24.0.2-ce. See upstream changelog online at
  &lt;https://docs.docker.com/engine/release-notes/24.0/#2402&gt;. bsc#1212368

  * Includes the upstreamed fix for the mount table pollution issue.
    bsc#1210797

- Add Recommends for docker-buildx, and add /usr/lib/docker/cli-plugins as
  being provided by this package.

- was rebuilt against current GO compiler.

</description>
  <message>Updating docker will restart the docker service, which may stop some of your docker containers. Do you want to proceed with the update?</message>
</patchinfo>
openSUSE Build Service is sponsored by
Places