Overview

File _patchinfo of Package patchinfo.9399

<patchinfo incident="9399">
  <binary>_buildenv</binary>
  <binary>_statistics</binary>
  <binary>containerd</binary>
  <binary>containerd-ctr</binary>
  <binary>containerd-kubic</binary>
  <binary>containerd-kubic-ctr</binary>
  <binary>containerd-kubic-test</binary>
  <binary>containerd-test</binary>
  <binary>docker</binary>
  <binary>docker-bash-completion</binary>
  <binary>docker-debuginfo</binary>
  <binary>docker-debugsource</binary>
  <binary>docker-kubic</binary>
  <binary>docker-kubic-bash-completion</binary>
  <binary>docker-kubic-debuginfo</binary>
  <binary>docker-kubic-debugsource</binary>
  <binary>docker-kubic-test</binary>
  <binary>docker-kubic-test-debuginfo</binary>
  <binary>docker-kubic-zsh-completion</binary>
  <binary>docker-libnetwork</binary>
  <binary>docker-libnetwork-debuginfo</binary>
  <binary>docker-libnetwork-kubic</binary>
  <binary>docker-libnetwork-kubic-debuginfo</binary>
  <binary>docker-runc</binary>
  <binary>docker-runc-debuginfo</binary>
  <binary>docker-runc-kubic</binary>
  <binary>docker-runc-kubic-debuginfo</binary>
  <binary>docker-runc-kubic-test</binary>
  <binary>docker-runc-test</binary>
  <binary>docker-test</binary>
  <binary>docker-test-debuginfo</binary>
  <binary>docker-zsh-completion</binary>
  <binary>go</binary>
  <binary>go-doc</binary>
  <binary>go-race</binary>
  <binary>go1.10</binary>
  <binary>go1.10-doc</binary>
  <binary>go1.10-race</binary>
  <binary>golang-github-docker-libnetwork</binary>
  <binary>golang-github-docker-libnetwork-kubic</binary>
  <binary>golang-packaging</binary>
  <packager>cyphar</packager>
  <issue tracker="bnc" id="1104821">Make cri-o default for kubernetes on Kubic</issue>
  <issue tracker="bnc" id="1118898">VUL-0: CVE-2018-16874: go: cmd/go: directory traversal</issue>
  <issue tracker="bnc" id="1108038">docker hard-requires git-core</issue>
  <issue tracker="bnc" id="1114209">go: provides(API) causes "have option" unresolveable builds</issue>
  <issue tracker="bnc" id="1118897">VUL-0: CVE-2018-16873: go: cmd/go: remote command execution</issue>
  <issue tracker="bnc" id="1118899">VUL-0: CVE-2018-16875: go: crypto/x509: CPU denial of service</issue>
  <issue tracker="bnc" id="1105000">harmonise docker and docker-kubic packaging</issue>
  <issue tracker="bnc" id="1094680">Pod in terminating status</issue>
  <issue tracker="bnc" id="1080978">caasp v2 to v3 upgrade fails</issue>
  <issue tracker="bnc" id="1095817">containers packages fail randomly due to %check</issue>
  <issue tracker="bnc" id="1084533">3rd party registries used the default Docker certificate instead of the one specified for the registry</issue>
  <issue tracker="bnc" id="1113978">go 1.10 fails to build on ppc64le</issue>
  <issue tracker="bnc" id="1102522">Docker v18.06-ce upgrade.</issue>
  <issue tracker="bnc" id="1047218">trackerbug: packages do not build reproducibly from including build time</issue>
  <issue tracker="bnc" id="1098017">go1.10 fails to rebuild on Leap15 ppc64le</issue>
  <issue tracker="bnc" id="1113313">need SLE12 containers module docker update to 18.06.1-ce as soon as possible</issue>
  <issue tracker="bnc" id="1086185">Kubelet: reserve compute resources for system daemons</issue>
  <issue tracker="bnc" id="1074971">[TRACKERBUG] Enabling mirroring of private
  registries with docker</issue>
  <issue tracker="bnc" id="1081495">golang: arbitrary command execution via VCS path</issue>
  <issue tracker="fate" id="325877"></issue>
  <issue tracker="cve" id="2018-16873"></issue>
  <issue tracker="cve" id="2018-16875"></issue>
  <issue tracker="cve" id="2018-16874"></issue>
  <issue tracker="cve" id="2018-7187"></issue>
  <issue tracker="bnc" id="1119634">go: multi-version installation is broken on version switch</issue>
  <issue tracker="bnc" id="1119706">go get broken for   import path patterns containing "..."</issue>
  <category>security</category>
  <rating>important</rating>
  <summary>Security update for containerd, docker and go</summary>
  <description>
This update for containerd, docker and go fixes the following issues:

containerd and docker:

- Add backport for building containerd (bsc#1102522, bsc#1113313)
- Upgrade to containerd v1.1.2, which is required for Docker v18.06.1-ce.
  (bsc#1102522)
- Enable seccomp support (fate#325877)
- Update to containerd v1.1.1, which is the required version for the Docker
  v18.06.0-ce upgrade. (bsc#1102522)
- Put containerd under the podruntime slice (bsc#1086185) 
- 3rd party registries used the default Docker certificate (bsc#1084533)
- Handle build breakage due to missing 'export GOPATH' (caused by resolution of
  boo#1119634). I believe Docker is one of the only packages with this problem.

go:
  
- golang: arbitrary command execution via VCS path (bsc#1081495, CVE-2018-7187)
- Make profile.d/go.sh no longer set GOROOT=, in order to make switching
  between versions no longer break. This ends up removing the need for go.sh
  entirely (because GOPATH is also set automatically) (boo#1119634)
- Fix a regression that broke go get for import path patterns containing "..."
  (bsc#1119706)

Additionally, the package go1.10 has been added.

This update was imported from the SUSE:SLE-15:Update update project.</description>
  <message>Updating docker will restart the docker service, which may stop some of your docker containers. Do you want to proceed with the update?</message>
</patchinfo>
openSUSE Build Service is sponsored by
Places