Alerts This Week
Warning Icon 1 646
Alerts This Week
Warning Icon 1 646

Fedora 29: FEDORA-2019-a034423db8 High: Memory Exhaustion Threat

fedora
Calendar Grey January 31, 2019
Dist Fedora Esm H88
Bolster your Docker setup on Fedora 29 with essential security updates that tackle memory depletion and various vulnerabilities.
- Resolves: #1666565, #1666566 - CVE-2018-20699 - Resolves: #1663068, #1667622 - umount all procfs and sysfs with --no-pivot - built docker @projectatomic/docker-1.13.1 commit 1185...

Summary

Docker is an open-source engine that automates the deployment of any

application as a lightweight, portable, self-sufficient container that will

run virtually anywhere.

Docker containers can encapsulate any payload, and will run consistently on

and between virtually any server. The same container that a developer builds

and tests on a laptop will run at scale, in production*, on VMs, bare-metal

servers, OpenStack clusters, public instances, or combinations of the above.

- Resolves: #1666565, #1666566 - CVE-2018-20699 - Resolves: #1663068, #1667622

- umount all procfs and sysfs with --no-pivot - built docker

@projectatomic/docker-1.13.1 commit 1185cfd - built docker-runc

@projectatomic/docker-1.13.1 commit e4ffe43

* Sat Jan 19 2019 Lokesh Mandvekar - 2:1.13.1-63.git1185cfd

- Resolves: #1666565, #1666566 - CVE-2018-20699

- Resolves: #1663068, #1667622 - umount all procfs and sysfs with --no-pivot

- built docker @projectatomic/docker-1.13.1 commit 1185cfd

- built docker-runc @projectatomic/docker-1.13.1 commit e4ffe43

[ 1 ] Bug #1663068 - runc: not using pivot_root allows mounting of /proc

https://bugzilla.redhat.com/show_bug.cgi?id=1663068

[ 2 ] Bug #1666565 - CVE-2018-20699 docker: Memory exhaustion via large integer used with --cpuset-mems or --cpuset-cpus

https://bugzilla.redhat.com/show_bug.cgi?id=1666565

su -c 'dnf upgrade --advisory FEDORA-2019-a034423db8' at the command

line. For more information, refer to the dnf documentation available at

http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

Topics%20covered

Topics Covered

security advisory update Fedora application security memory exhaustion docker

Change Log

References

Update Instructions

Product: Fedora 29
Version: 1.13.1
Release: 63.git1185cfd.fc29
URL: https://github.com/projectatomic/docker
Summary: Automates deployment of containerized applications

Topics%20covered

Topics Covered

security advisory update Fedora application security memory exhaustion docker

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here