Overview

File _patchinfo of Package patchinfo.4086

<patchinfo incident="4086">
  <packager>jordimassaguerpla</packager>
  <issue tracker="cve" id="CVE-2014-8179"></issue>
  <issue tracker="cve" id="CVE-2014-8178"></issue>
  <issue tracker="bnc" id="949660">VUL-0: CVE-2014-8178 CVE-2014-8179: docker: 1.8.3 fixes security issues</issue>
  <category>security</category>
  <rating>moderate</rating>
  <summary>Security update for docker</summary>
  <description>Docker was updated to 1.8.3 to fix two security issues.

The following vulnerabilities were fixed:

* CVE-2014-8178: layer IDs lead to local graph poisoning (boo#949660)
* CVE-2014-8179: manifest validation and parsing logic errors allow pull-by-digest validation bypass

In addition, the following change is included:

* --disable-legacy-registry to prevent a daemon from using a v1 registry</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places