SUSE-SU-2018:4297-1

Source
https://www.suse.com/support/update/announcement/2018/suse-su-20184297-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2018:4297-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2018:4297-1
Related
Published
2018-12-28T17:39:11Z
Modified
2018-12-28T17:39:11Z
Summary
Security update for containerd, docker and go
Details

This update for containerd, docker and go fixes the following issues:

containerd and docker:

  • Add backport for building containerd (bsc#1102522, bsc#1113313)
  • Upgrade to containerd v1.1.2, which is required for Docker v18.06.1-ce. (bsc#1102522)
  • Enable seccomp support on SLE12 (fate#325877)
  • Update to containerd v1.1.1, which is the required version for the Docker v18.06.0-ce upgrade. (bsc#1102522)
  • Put containerd under the podruntime slice (bsc#1086185)
  • 3rd party registries used the default Docker certificate (bsc#1084533)
  • Handle build breakage due to missing 'export GOPATH' (caused by resolution of boo#1119634). I believe Docker is one of the only packages with this problem.

go:

  • golang: arbitrary command execution via VCS path (bsc#1081495, CVE-2018-7187)
  • Make profile.d/go.sh no longer set GOROOT=, in order to make switching between versions no longer break. This ends up removing the need for go.sh entirely (because GOPATH is also set automatically) (boo#1119634)
  • Fix a regression that broke go get for import path patterns containing '...' (bsc#1119706)

Additionally, the package go1.10 has been added.

References

Affected packages

SUSE:Linux Enterprise Module for Containers 15 / containerd

Package

Name
containerd
Purl
pkg:rpm/suse/containerd&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.1.2-5.3.4

Ecosystem specific

{
    "binaries": [
        {
            "docker-libnetwork": "0.7.0.1+gitr2664_3ac297bc7fd0-4.3.5",
            "docker-bash-completion": "18.06.1_ce-6.8.2",
            "containerd": "1.1.2-5.3.4",
            "docker": "18.06.1_ce-6.8.2",
            "docker-runc": "1.0.0rc5+gitr3562_69663f0bd4b6-6.3.4"
        }
    ]
}

SUSE:Linux Enterprise Module for Containers 15 / docker

Package

Name
docker
Purl
pkg:rpm/suse/docker&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
18.06.1_ce-6.8.2

Ecosystem specific

{
    "binaries": [
        {
            "docker-libnetwork": "0.7.0.1+gitr2664_3ac297bc7fd0-4.3.5",
            "docker-bash-completion": "18.06.1_ce-6.8.2",
            "containerd": "1.1.2-5.3.4",
            "docker": "18.06.1_ce-6.8.2",
            "docker-runc": "1.0.0rc5+gitr3562_69663f0bd4b6-6.3.4"
        }
    ]
}

SUSE:Linux Enterprise Module for Containers 15 / docker-runc

Package

Name
docker-runc
Purl
pkg:rpm/suse/docker-runc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.0rc5+gitr3562_69663f0bd4b6-6.3.4

Ecosystem specific

{
    "binaries": [
        {
            "docker-libnetwork": "0.7.0.1+gitr2664_3ac297bc7fd0-4.3.5",
            "docker-bash-completion": "18.06.1_ce-6.8.2",
            "containerd": "1.1.2-5.3.4",
            "docker": "18.06.1_ce-6.8.2",
            "docker-runc": "1.0.0rc5+gitr3562_69663f0bd4b6-6.3.4"
        }
    ]
}

SUSE:Linux Enterprise Module for Containers 15 / golang-github-docker-libnetwork

Package

Name
golang-github-docker-libnetwork
Purl
pkg:rpm/suse/golang-github-docker-libnetwork&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.7.0.1+gitr2664_3ac297bc7fd0-4.3.5

Ecosystem specific

{
    "binaries": [
        {
            "docker-libnetwork": "0.7.0.1+gitr2664_3ac297bc7fd0-4.3.5",
            "docker-bash-completion": "18.06.1_ce-6.8.2",
            "containerd": "1.1.2-5.3.4",
            "docker": "18.06.1_ce-6.8.2",
            "docker-runc": "1.0.0rc5+gitr3562_69663f0bd4b6-6.3.4"
        }
    ]
}