What Are You Looking For?

Popular Tags

Sign Up
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5414-1                   [email protected]
https://www.debian.org/security/                       Moritz Muehlenhoff
May 27, 2023                          https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : docker-registry
CVE ID         : CVE-2023-2253
Debian Bug     : 1035956

Jose Gomez discovered that the Catalog API endpoint in the Docker
registry implementation did not sufficiently enforce limits, which
could result in denial of service.

For the stable distribution (bullseye), this problem has been fixed in
version 2.7.1+ds2-7+deb11u1.

We recommend that you upgrade your docker-registry packages.

For the detailed security status of docker-registry please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/docker-registry

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

Debian: DSA-5414-1: docker-registry security update

May 27, 2023
Jose Gomez discovered that the Catalog API endpoint in the Docker registry implementation did not sufficiently enforce limits, which could result in denial of service

Summary

Jose Gomez discovered that the Catalog API endpoint in the Docker
registry implementation did not sufficiently enforce limits, which
could result in denial of service.

For the stable distribution (bullseye), this problem has been fixed in
version 2.7.1+ds2-7+deb11u1.

We recommend that you upgrade your docker-registry packages.

For the detailed security status of docker-registry please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/docker-registry

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: [email protected]

Severity
Package : docker-registry
CVE ID : CVE-2023-2253
Debian Bug : 1035956

Related News

Kubernetes vs. Docker: Exploring the Synergy in Containerization

Apr 10, 2023

AWS Plugs Holes in ECR APIs

Dec 18, 2022

Top 8 Free Tools for Security Testing and Audit of Your Kubernetes Cluster in 2022

Dec 14, 2022

Microsoft Upgrades Defender to Lock Down Linux Gear for its Own Good

Feb 11, 2023

News

Advisories

HOWTOs

Features

The Unseen Potential of Wake-on-LAN
Linux Vulnerabilities: The Antidote to This Linux Security Poison
Preventing Linux DDoS Attacks with Minimal Cybersecurity Knowledge
Navigating Software Scalability: A Practical Guide to Building Scalable Systems with Linux
Unlocking the Secrets of Linux Security: An Expert Analysis

About Us

Powered By

Footer Logo

Feedback