Fedora 26: FEDORA-2017-3976710f1e Critical: Docker Content Verification

Docker is an open-source engine that automates the deployment of any

application as a lightweight, portable, self-sufficient container that will

run virtually anywhere.

Docker containers can encapsulate any payload, and will run consistently on

and between virtually any server. The same container that a developer builds

and tests on a laptop will run at scale, in production*, on VMs, bare-metal

servers, OpenStack clusters, public instances, or combinations of the above.

Resolves: #1510351 - CVE-2017-14992 built docker

@projectatomic/docker-1.13.1 commit 584d391 built docker-novolume-plugin

commit 385ec70 built rhel-push-plugin commit af9107b built docker-lvm-plugin commit 8647404 built docker-runc @projectatomic/docker-1.13.1 commit

1c91122 built docker-containerd @projectatomic/docker-1.13.1 commit 62a9c60

built docker-init commit 0effd37 built libnetwork commit 460ac8f ----make /etc/sysconfig/docker-storage-setup ghost but not config,

https://bugzilla.redhat.com/show_bug.cgi?id=1508376

[ 1 ] Bug #1510351 - CVE-2017-14992 docker: Lack of content verification [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1510351

[ 2 ] Bug #1508376 - docker-storage-setup fails to start

https://bugzilla.redhat.com/show_bug.cgi?id=1508376

su -c 'dnf upgrade docker' at the command line.

For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org