File _patchinfo of Package patchinfo.12164
<patchinfo incident="12164">
<issue tracker="cve" id="2018-10892"/>
<issue tracker="bnc" id="1100331">VUL-1: CVE-2018-10892: docker: container breakout without selinux in enforcing mode</issue>
<issue tracker="cve" id="2019-5736"/>
<issue tracker="cve" id="2019-13509"/>
<issue tracker="cve" id="2019-14271"/>
<issue tracker="bnc" id="1142160">VUL-0: CVE-2019-13509: docker: In Docker CE and EE before 18.09.8 (as well as Docker EE before 17.06.2-ee-23 and 18.x before 18.03.1-ee-10), Docker Engine in debug mode may sometimes add secrets to the debug log. This applies to a scenario</issue>
<issue tracker="bnc" id="1142413">[trackerbug] Docker 19.03.0 update</issue>
<issue tracker="bnc" id="1138920">EMU: old configs in daemon.json were removed</issue>
<issue tracker="bnc" id="1121967">VUL-0: CVE-2019-5736: docker-runc: container breakout vulnerability</issue>
<issue tracker="bnc" id="1143409">VUL-1: CVE-2019-14271: docker: code injection can occur when the nsswitch facility dynamically loads a library inside a chroot that contains the contents of the container</issue>
<issue tracker="bnc" id="1139649">[trackerbug] Docker 18.09.7 update</issue>
<packager>cyphar</packager>
<rating>important</rating>
<category>security</category>
<summary>Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork</summary>
<description>This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues:
Docker:
- CVE-2019-14271: Fixed a code injection if the nsswitch facility dynamically loaded a library inside a chroot (bsc#1143409).
- CVE-2019-13509: Fixed an information leak in the debug log (bsc#1142160).
- Update to version 19.03.1-ce, see changelog at /usr/share/doc/packages/docker/CHANGELOG.md (bsc#1142413, bsc#1139649).
runc:
- Use %config(noreplace) for /etc/docker/daemon.json (bsc#1138920).
- Update to runc 425e105d5a03, which is required by Docker (bsc#1139649).
containerd:
- CVE-2019-5736: Fixed a container breakout vulnerability (bsc#1121967).
- Update to containerd v1.2.6, which is required by docker (bsc#1139649).
golang-github-docker-libnetwork:
- Update to version git.fc5a7d91d54cc98f64fc28f9e288b46a0bee756c, which is required by docker (bsc#1142413, bsc#1139649).
</description>
<message>Updating docker will restart the docker service, which may stop some of your docker containers. Do you want to proceed with the update?</message>
</patchinfo>