Описание
Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork
This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues:
Docker was updated to 19.03.11-ce runc was updated to version 1.0.0-rc10 containerd was updated to version 1.2.13
- CVE-2020-13401: Fixed an issue where an attacker with CAP_NET_RAW capability, could have crafted IPv6 router advertisements, and spoof external IPv6 hosts, resulting in obtaining sensitive information or causing denial of service (bsc#1172377).
This update was imported from the SUSE:SLE-15:Update update project.
Список пакетов
openSUSE Leap 15.1
containerd-1.2.13-lp151.2.12.1
containerd-ctr-1.2.13-lp151.2.12.1
docker-19.03.11_ce-lp151.2.18.1
docker-bash-completion-19.03.11_ce-lp151.2.18.1
docker-libnetwork-0.7.0.1+gitr2902_153d0769a118-lp151.2.12.1
docker-runc-1.0.0rc10+gitr3981_dc9208a3303f-lp151.3.21.1
docker-test-19.03.11_ce-lp151.2.18.1
docker-zsh-completion-19.03.11_ce-lp151.2.18.1
golang-github-docker-libnetwork-0.7.0.1+gitr2902_153d0769a118-lp151.2.12.1
Ссылки
- E-Mail link for openSUSE-SU-2020:0846-1
- SUSE Security Ratings
- SUSE Bug 1172377
- SUSE CVE CVE-2020-13401 page
Описание
An issue was discovered in Docker Engine before 19.03.11. An attacker in a container, with the CAP_NET_RAW capability, can craft IPv6 router advertisements, and consequently spoof external IPv6 hosts, obtain sensitive information, or cause a denial of service.
Затронутые продукты
openSUSE Leap 15.1:containerd-1.2.13-lp151.2.12.1
openSUSE Leap 15.1:containerd-ctr-1.2.13-lp151.2.12.1
openSUSE Leap 15.1:docker-19.03.11_ce-lp151.2.18.1
openSUSE Leap 15.1:docker-bash-completion-19.03.11_ce-lp151.2.18.1
Ссылки
- CVE-2020-13401
- SUSE Bug 1172375
- SUSE Bug 1172377