File _patchinfo of Package patchinfo.12164

<patchinfo incident="12164">
  <issue tracker="cve" id="2018-10892"/>
  <issue tracker="bnc" id="1100331">VUL-1: CVE-2018-10892: docker: container breakout without selinux in enforcing  mode</issue>
  <issue tracker="cve" id="2019-5736"/>
  <issue tracker="cve" id="2019-13509"/>
  <issue tracker="cve" id="2019-14271"/>
  <issue tracker="bnc" id="1142160">VUL-0: CVE-2019-13509: docker: In Docker CE and EE before 18.09.8 (as well as Docker EE before 17.06.2-ee-23 and 18.x before 18.03.1-ee-10), Docker Engine in debug mode may sometimes add secrets to the debug log. This applies to a scenario</issue>
  <issue tracker="bnc" id="1142413">[trackerbug] Docker 19.03.0 update</issue>
  <issue tracker="bnc" id="1138920">EMU: old configs in daemon.json were removed</issue>
  <issue tracker="bnc" id="1121967">VUL-0: CVE-2019-5736: docker-runc: container breakout vulnerability</issue>
  <issue tracker="bnc" id="1143409">VUL-1: CVE-2019-14271: docker: code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container</issue>
  <issue tracker="bnc" id="1139649">[trackerbug] Docker 18.09.7 update</issue>
  <packager>cyphar</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork</summary>
  <description>This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues:

Docker:

- CVE-2019-14271: Fixed a code injection if the nsswitch facility dynamically loaded a library inside a chroot (bsc#1143409).
- CVE-2019-13509: Fixed an information leak in the debug log (bsc#1142160).
- Update to version 19.03.1-ce, see changelog at /usr/share/doc/packages/docker/CHANGELOG.md (bsc#1142413, bsc#1139649).

runc:

- Use %config(noreplace) for /etc/docker/daemon.json (bsc#1138920).
- Update to runc 425e105d5a03, which is required by Docker (bsc#1139649).

containerd:

- CVE-2019-5736: Fixed a container breakout vulnerability (bsc#1121967).
- Update to containerd v1.2.6, which is required by docker (bsc#1139649).

golang-github-docker-libnetwork:

- Update to version git.fc5a7d91d54cc98f64fc28f9e288b46a0bee756c, which is required by docker (bsc#1142413, bsc#1139649).
</description>
<message>Updating docker will restart the docker service, which may stop some of your docker containers. Do you want to proceed with the update?</message>
</patchinfo>
openSUSE Build Service is sponsored by