SUSE-SU-2024:4205-1

See a problem?
Please try reporting it to the source first.
Source
https://www.suse.com/support/update/announcement/2024/suse-su-20244205-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2024:4205-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2024:4205-1
Related
Published
2024-12-05T14:58:02Z
Modified
2024-12-05T14:58:02Z
Summary
Security update for docker-stable
Details

This update for docker-stable fixes the following issues:

  • Remove DOCKERNETWORKOPTS from docker.service. This was removed from sysconfig a long time ago, and apparently this causes issues with systemd in some cases.

  • Update --add-runtime to point to correct binary path.

  • Further merge docker and docker-stable specfiles to minimise the differences. The main thing is that we now include both halves of the Conflicts/Provides/Obsoletes dance in both specfiles.

  • Update to docker-buildx v0.17.1 to match standalone docker-buildx package we are replacing. See upstream changelog online at https://github.com/docker/buildx/releases/tag/v0.17.1

  • Allow users to disable SUSE secrets support by setting DOCKERSUSESECRETS_ENABLE=0 in /etc/sysconfig/docker. bsc#1231348

  • Import specfile changes for docker-buildx as well as the changes to help reduce specfile differences between docker-stable and docker. bsc#1230331 bsc#1230333

  • Backport patch for CVE-2024-41110. bsc#1228324

  • Initial docker-stable release, forked from Docker 24.0.6-ce release (packaged on 2023-10-11).

  • Update to Docker 24.0.9-ce, which is the latest version of the 24.0.x branch. It seems likely this will be the last upstream version of the 24.0.x branch (it seems Mirantis is going to do LTS for 23.0.x, not 24.0.x). https://docs.docker.com/engine/release-notes/24.0/#2409

  • Fix BuildKit's symlink resolution logic to correctly handle non-lexical symlinks. Backport of https://github.com/moby/buildkit/pull/4896 and https://github.com/moby/buildkit/pull/5060. bsc#1221916
  • Write volume options atomically so sudden system crashes won't result in future Docker starts failing due to empty files. Backport of https://github.com/moby/moby/pull/48034. bsc#1214855
References

Affected packages

SUSE:Linux Enterprise Server 12 SP5-LTSS / docker-stable

Package

Name
docker-stable
Purl
pkg:rpm/suse/docker-stable&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5-LTSS

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
24.0.9_ce-1.5.1

Ecosystem specific 

{
    "binaries": [
        {
            "docker-stable": "24.0.9_ce-1.5.1",
            "docker-stable-bash-completion": "24.0.9_ce-1.5.1"
        }
    ]
}

SUSE:Linux Enterprise Server LTSS Extended Security 12 SP5 / docker-stable

Package

Name
docker-stable
Purl
pkg:rpm/suse/docker-stable&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
24.0.9_ce-1.5.1

Ecosystem specific 

{
    "binaries": [
        {
            "docker-stable": "24.0.9_ce-1.5.1",
            "docker-stable-bash-completion": "24.0.9_ce-1.5.1"
        }
    ]
}