openSUSE-SU-2019:2021-1

See a problem?
Import Source
https://ftp.suse.com/pub/projects/security/osv/openSUSE-SU-2019:2021-1.json
JSON Data
https://api.osv.dev/v1/vulns/openSUSE-SU-2019:2021-1
Related
Published
2019-08-29T16:21:56Z
Modified
2019-08-29T16:21:56Z
Summary
Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork
Details

This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues:

Docker:

  • CVE-2019-14271: Fixed a code injection if the nsswitch facility dynamically loaded a library inside a chroot (bsc#1143409).
  • CVE-2019-13509: Fixed an information leak in the debug log (bsc#1142160).
  • Update to version 19.03.1-ce, see changelog at /usr/share/doc/packages/docker/CHANGELOG.md (bsc#1142413, bsc#1139649).

runc:

  • Use %config(noreplace) for /etc/docker/daemon.json (bsc#1138920).
  • Update to runc 425e105d5a03, which is required by Docker (bsc#1139649).

containerd:

  • CVE-2019-5736: Fixed a container breakout vulnerability (bsc#1121967).
  • Update to containerd v1.2.6, which is required by docker (bsc#1139649).

golang-github-docker-libnetwork:

  • Update to version git.fc5a7d91d54cc98f64fc28f9e288b46a0bee756c, which is required by docker (bsc#1142413, bsc#1139649).

This update was imported from the SUSE:SLE-15:Update update project.

References

Affected packages

openSUSE:Leap 15.0 / containerd

Package

Name
containerd
Purl
purl:rpm/suse/containerd&distro=openSUSE%20Leap%2015.0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.2.6-lp151.2.6.1

Ecosystem specific

{
    "binaries": [
        {
            "containerd-ctr": "1.2.6-lp151.2.6.1",
            "docker-zsh-completion": "19.03.1_ce-lp151.2.12.1",
            "golang-github-docker-libnetwork": "0.7.0.1+gitr2800_fc5a7d91d54c-lp151.2.6.1",
            "containerd": "1.2.6-lp151.2.6.1",
            "docker-libnetwork": "0.7.0.1+gitr2800_fc5a7d91d54c-lp151.2.6.1",
            "docker-bash-completion": "19.03.1_ce-lp151.2.12.1",
            "docker-runc": "1.0.0rc8+gitr3826_425e105d5a03-lp151.3.6.1",
            "docker": "19.03.1_ce-lp151.2.12.1",
            "docker-test": "19.03.1_ce-lp151.2.12.1"
        }
    ]
}

openSUSE:Leap 15.0 / docker

Package

Name
docker
Purl
purl:rpm/suse/docker&distro=openSUSE%20Leap%2015.0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
19.03.1_ce-lp151.2.12.1

Ecosystem specific

{
    "binaries": [
        {
            "containerd-ctr": "1.2.6-lp151.2.6.1",
            "docker-zsh-completion": "19.03.1_ce-lp151.2.12.1",
            "golang-github-docker-libnetwork": "0.7.0.1+gitr2800_fc5a7d91d54c-lp151.2.6.1",
            "containerd": "1.2.6-lp151.2.6.1",
            "docker-libnetwork": "0.7.0.1+gitr2800_fc5a7d91d54c-lp151.2.6.1",
            "docker-bash-completion": "19.03.1_ce-lp151.2.12.1",
            "docker-runc": "1.0.0rc8+gitr3826_425e105d5a03-lp151.3.6.1",
            "docker": "19.03.1_ce-lp151.2.12.1",
            "docker-test": "19.03.1_ce-lp151.2.12.1"
        }
    ]
}

openSUSE:Leap 15.0 / docker-runc

Package

Name
docker-runc
Purl
purl:rpm/suse/docker-runc&distro=openSUSE%20Leap%2015.0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.0rc8+gitr3826_425e105d5a03-lp151.3.6.1

Ecosystem specific

{
    "binaries": [
        {
            "containerd-ctr": "1.2.6-lp151.2.6.1",
            "docker-zsh-completion": "19.03.1_ce-lp151.2.12.1",
            "golang-github-docker-libnetwork": "0.7.0.1+gitr2800_fc5a7d91d54c-lp151.2.6.1",
            "containerd": "1.2.6-lp151.2.6.1",
            "docker-libnetwork": "0.7.0.1+gitr2800_fc5a7d91d54c-lp151.2.6.1",
            "docker-bash-completion": "19.03.1_ce-lp151.2.12.1",
            "docker-runc": "1.0.0rc8+gitr3826_425e105d5a03-lp151.3.6.1",
            "docker": "19.03.1_ce-lp151.2.12.1",
            "docker-test": "19.03.1_ce-lp151.2.12.1"
        }
    ]
}

openSUSE:Leap 15.0 / golang-github-docker-libnetwork

Package

Name
golang-github-docker-libnetwork
Purl
purl:rpm/suse/golang-github-docker-libnetwork&distro=openSUSE%20Leap%2015.0

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.7.0.1+gitr2800_fc5a7d91d54c-lp151.2.6.1

Ecosystem specific

{
    "binaries": [
        {
            "containerd-ctr": "1.2.6-lp151.2.6.1",
            "docker-zsh-completion": "19.03.1_ce-lp151.2.12.1",
            "golang-github-docker-libnetwork": "0.7.0.1+gitr2800_fc5a7d91d54c-lp151.2.6.1",
            "containerd": "1.2.6-lp151.2.6.1",
            "docker-libnetwork": "0.7.0.1+gitr2800_fc5a7d91d54c-lp151.2.6.1",
            "docker-bash-completion": "19.03.1_ce-lp151.2.12.1",
            "docker-runc": "1.0.0rc8+gitr3826_425e105d5a03-lp151.3.6.1",
            "docker": "19.03.1_ce-lp151.2.12.1",
            "docker-test": "19.03.1_ce-lp151.2.12.1"
        }
    ]
}

openSUSE:Leap 15.1 / containerd

Package

Name
containerd
Purl
purl:rpm/suse/containerd&distro=openSUSE%20Leap%2015.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.2.6-lp151.2.6.1

Ecosystem specific

{
    "binaries": [
        {
            "containerd-ctr": "1.2.6-lp151.2.6.1",
            "docker-zsh-completion": "19.03.1_ce-lp151.2.12.1",
            "golang-github-docker-libnetwork": "0.7.0.1+gitr2800_fc5a7d91d54c-lp151.2.6.1",
            "containerd": "1.2.6-lp151.2.6.1",
            "docker-libnetwork": "0.7.0.1+gitr2800_fc5a7d91d54c-lp151.2.6.1",
            "docker-bash-completion": "19.03.1_ce-lp151.2.12.1",
            "docker-runc": "1.0.0rc8+gitr3826_425e105d5a03-lp151.3.6.1",
            "docker": "19.03.1_ce-lp151.2.12.1",
            "docker-test": "19.03.1_ce-lp151.2.12.1"
        }
    ]
}

openSUSE:Leap 15.1 / docker

Package

Name
docker
Purl
purl:rpm/suse/docker&distro=openSUSE%20Leap%2015.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
19.03.1_ce-lp151.2.12.1

Ecosystem specific

{
    "binaries": [
        {
            "containerd-ctr": "1.2.6-lp151.2.6.1",
            "docker-zsh-completion": "19.03.1_ce-lp151.2.12.1",
            "golang-github-docker-libnetwork": "0.7.0.1+gitr2800_fc5a7d91d54c-lp151.2.6.1",
            "containerd": "1.2.6-lp151.2.6.1",
            "docker-libnetwork": "0.7.0.1+gitr2800_fc5a7d91d54c-lp151.2.6.1",
            "docker-bash-completion": "19.03.1_ce-lp151.2.12.1",
            "docker-runc": "1.0.0rc8+gitr3826_425e105d5a03-lp151.3.6.1",
            "docker": "19.03.1_ce-lp151.2.12.1",
            "docker-test": "19.03.1_ce-lp151.2.12.1"
        }
    ]
}

openSUSE:Leap 15.1 / docker-runc

Package

Name
docker-runc
Purl
purl:rpm/suse/docker-runc&distro=openSUSE%20Leap%2015.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.0rc8+gitr3826_425e105d5a03-lp151.3.6.1

Ecosystem specific

{
    "binaries": [
        {
            "containerd-ctr": "1.2.6-lp151.2.6.1",
            "docker-zsh-completion": "19.03.1_ce-lp151.2.12.1",
            "golang-github-docker-libnetwork": "0.7.0.1+gitr2800_fc5a7d91d54c-lp151.2.6.1",
            "containerd": "1.2.6-lp151.2.6.1",
            "docker-libnetwork": "0.7.0.1+gitr2800_fc5a7d91d54c-lp151.2.6.1",
            "docker-bash-completion": "19.03.1_ce-lp151.2.12.1",
            "docker-runc": "1.0.0rc8+gitr3826_425e105d5a03-lp151.3.6.1",
            "docker": "19.03.1_ce-lp151.2.12.1",
            "docker-test": "19.03.1_ce-lp151.2.12.1"
        }
    ]
}

openSUSE:Leap 15.1 / golang-github-docker-libnetwork

Package

Name
golang-github-docker-libnetwork
Purl
purl:rpm/suse/golang-github-docker-libnetwork&distro=openSUSE%20Leap%2015.1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.7.0.1+gitr2800_fc5a7d91d54c-lp151.2.6.1

Ecosystem specific

{
    "binaries": [
        {
            "containerd-ctr": "1.2.6-lp151.2.6.1",
            "docker-zsh-completion": "19.03.1_ce-lp151.2.12.1",
            "golang-github-docker-libnetwork": "0.7.0.1+gitr2800_fc5a7d91d54c-lp151.2.6.1",
            "containerd": "1.2.6-lp151.2.6.1",
            "docker-libnetwork": "0.7.0.1+gitr2800_fc5a7d91d54c-lp151.2.6.1",
            "docker-bash-completion": "19.03.1_ce-lp151.2.12.1",
            "docker-runc": "1.0.0rc8+gitr3826_425e105d5a03-lp151.3.6.1",
            "docker": "19.03.1_ce-lp151.2.12.1",
            "docker-test": "19.03.1_ce-lp151.2.12.1"
        }
    ]
}