Описание
Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork
This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues: Docker was updated to 19.03.11-ce runc was updated to version 1.0.0-rc10 containerd was updated to version 1.2.13
- CVE-2020-13401: Fixed an issue where an attacker with CAP_NET_RAW capability, could have crafted IPv6 router advertisements, and spoof external IPv6 hosts, resulting in obtaining sensitive information or causing denial of service (bsc#1172377).
Список пакетов
Image SLES12-SP5-Azure-Basic-On-Demand
containerd-1.2.13-16.29.1
docker-19.03.11_ce-98.54.1
Image SLES12-SP5-Azure-Standard-On-Demand
containerd-1.2.13-16.29.1
docker-19.03.11_ce-98.54.1
Image SLES12-SP5-EC2-ECS-On-Demand
containerd-1.2.13-16.29.1
docker-19.03.11_ce-98.54.1
Image SLES12-SP5-EC2-On-Demand
containerd-1.2.13-16.29.1
docker-19.03.11_ce-98.54.1
Image SLES12-SP5-GCE-On-Demand
containerd-1.2.13-16.29.1
docker-19.03.11_ce-98.54.1
SUSE Linux Enterprise Module for Containers 12
containerd-1.2.13-16.29.1
docker-19.03.11_ce-98.54.1
docker-libnetwork-0.7.0.1+gitr2902_153d0769a118-31.1
docker-runc-1.0.0rc10+gitr3981_dc9208a3303f-1.46.1
Ссылки
- Link for SUSE-SU-2020:1664-1
- E-Mail link for SUSE-SU-2020:1664-1
- SUSE Security Ratings
- SUSE Bug 1172377
- SUSE CVE CVE-2020-13401 page
Описание
An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAP_NET_RAW capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain sensitive information, or cause a denial of service.
Затронутые продукты
Image SLES12-SP5-Azure-Basic-On-Demand:containerd-1.2.13-16.29.1
Image SLES12-SP5-Azure-Basic-On-Demand:docker-19.03.11_ce-98.54.1
Image SLES12-SP5-Azure-Standard-On-Demand:containerd-1.2.13-16.29.1
Image SLES12-SP5-Azure-Standard-On-Demand:docker-19.03.11_ce-98.54.1
Ссылки
- CVE-2020-13401
- SUSE Bug 1172375
- SUSE Bug 1172377