Alerts This Week
Warning Icon 1 923
Alerts This Week
Warning Icon 1 923

Fedora 29 docker-latest Critical: Memory Exhaustion Threat Resolved

fedora
Calendar Grey January 31, 2019
Dist Fedora Esm H88
--------------------------------------------------------------------------------Fedora Update Notifi
- Resolves: #1666565, #1667625 - CVE-2018-20699 - Resolves: #1663068, #1667626 - umount all procfs and sysfs with --no-pivot - built docker @projectatomic/docker-1.13.1 commit 1185...

Summary

Docker is an open-source engine that automates the deployment of any

application as a lightweight, portable, self-sufficient container that will

run virtually anywhere.

Docker containers can encapsulate any payload, and will run consistently on

and between virtually any server. The same container that a developer builds

and tests on a laptop will run at scale, in production*, on VMs, bare-metal

servers, OpenStack clusters, public instances, or combinations of the above.

- Resolves: #1666565, #1667625 - CVE-2018-20699 - Resolves: #1663068, #1667626 -umount all procfs and sysfs with --no-pivot - built docker

@projectatomic/docker-1.13.1 commit 1185cfd - built docker-runc

@projectatomic/docker-1.13.1 commit e4ffe43

* Sat Jan 19 2019 Lokesh Mandvekar - 2:1.13.1-40.git1185cfd

- Resolves: #1666565, #1667625 - CVE-2018-20699

- Resolves: #1663068, #1667626 - umount all procfs and sysfs with --no-pivot

- built docker @projectatomic/docker-1.13.1 commit 1185cfd

- built docker-runc @projectatomic/docker-1.13.1 commit e4ffe43

* Thu Jul 12 2018 Fedora Release Engineering - 2:1.13.1-38.git9cb56fd

- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild

[ 1 ] Bug #1663068 - runc: not using pivot_root allows mounting of /proc

https://bugzilla.redhat.com/show_bug.cgi?id=1663068

[ 2 ] Bug #1666565 - CVE-2018-20699 docker: Memory exhaustion via large integer used with --cpuset-mems or --cpuset-cpus

https://bugzilla.redhat.com/show_bug.cgi?id=1666565

su -c 'dnf upgrade --advisory FEDORA-2019-f5b57646b7' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

Topics%20covered

Topics Covered

security advisory critical issue Fedora memory exhaustion docker container management

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 29
Version: 1.13.1
Release: 40.git1185cfd.fc29
URL: https://github.com/projectatomic/docker
Summary: Automates deployment of containerized applications

Topics%20covered

Topics Covered

security advisory critical issue Fedora memory exhaustion docker container management

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here