SUSE-SU-2020:1657-2

Source
https://www.suse.com/support/update/announcement/2020/suse-su-20201657-2/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2020:1657-2.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2020:1657-2
Related
Published
2020-07-15T12:30:23Z
Modified
2020-07-15T12:30:23Z
Summary
Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork
Details

This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues:

Docker was updated to 19.03.11-ce runc was updated to version 1.0.0-rc10 containerd was updated to version 1.2.13

  • CVE-2020-13401: Fixed an issue where an attacker with CAPNETRAW capability, could have crafted IPv6 router advertisements, and spoof external IPv6 hosts, resulting in obtaining sensitive information or causing denial of service (bsc#1172377).
References

Affected packages

SUSE:Linux Enterprise Module for Containers 15 SP2 / containerd

Package

Name
containerd
Purl
pkg:rpm/suse/containerd&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.2.13-5.22.2

Ecosystem specific

{
    "binaries": [
        {
            "docker-libnetwork": "0.7.0.1+gitr2902_153d0769a118-4.21.2",
            "docker-bash-completion": "19.03.11_ce-6.34.2",
            "containerd": "1.2.13-5.22.2",
            "docker": "19.03.11_ce-6.34.2",
            "docker-runc": "1.0.0rc10+gitr3981_dc9208a3303f-6.38.2"
        }
    ]
}

SUSE:Linux Enterprise Module for Containers 15 SP2 / docker

Package

Name
docker
Purl
pkg:rpm/suse/docker&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
19.03.11_ce-6.34.2

Ecosystem specific

{
    "binaries": [
        {
            "docker-libnetwork": "0.7.0.1+gitr2902_153d0769a118-4.21.2",
            "docker-bash-completion": "19.03.11_ce-6.34.2",
            "containerd": "1.2.13-5.22.2",
            "docker": "19.03.11_ce-6.34.2",
            "docker-runc": "1.0.0rc10+gitr3981_dc9208a3303f-6.38.2"
        }
    ]
}

SUSE:Linux Enterprise Module for Containers 15 SP2 / docker-runc

Package

Name
docker-runc
Purl
pkg:rpm/suse/docker-runc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.0rc10+gitr3981_dc9208a3303f-6.38.2

Ecosystem specific

{
    "binaries": [
        {
            "docker-libnetwork": "0.7.0.1+gitr2902_153d0769a118-4.21.2",
            "docker-bash-completion": "19.03.11_ce-6.34.2",
            "containerd": "1.2.13-5.22.2",
            "docker": "19.03.11_ce-6.34.2",
            "docker-runc": "1.0.0rc10+gitr3981_dc9208a3303f-6.38.2"
        }
    ]
}

SUSE:Linux Enterprise Module for Containers 15 SP2 / golang-github-docker-libnetwork

Package

Name
golang-github-docker-libnetwork
Purl
pkg:rpm/suse/golang-github-docker-libnetwork&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.7.0.1+gitr2902_153d0769a118-4.21.2

Ecosystem specific

{
    "binaries": [
        {
            "docker-libnetwork": "0.7.0.1+gitr2902_153d0769a118-4.21.2",
            "docker-bash-completion": "19.03.11_ce-6.34.2",
            "containerd": "1.2.13-5.22.2",
            "docker": "19.03.11_ce-6.34.2",
            "docker-runc": "1.0.0rc10+gitr3981_dc9208a3303f-6.38.2"
        }
    ]
}