What Are You Looking For?

Popular Tags

Sign Up
--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2023-b9c1d0e4c5
2023-09-15 18:36:13.238927
--------------------------------------------------------------------------------

Name        : moby-engine
Product     : Fedora 39
Version     : 24.0.5
Release     : 1.fc39
URL         : https://www.docker.com
Summary     : The open-source application container engine
Description :
Docker is an open source project to build, ship and run any application as a
lightweight container.

Docker containers are both hardware-agnostic and platform-agnostic. This means
they can run anywhere, from your laptop to the largest EC2 compute instance and
everything in between - and they don't require you to use a particular
language, framework or packaging system. That makes them great building blocks
for deploying and scaling web apps, databases, and backend services without
depending on a particular stack or provider.

--------------------------------------------------------------------------------
Update Information:

- Update moby-engine to 24.0.5 - Security fix for CVE-2021-41803 - Security fix
for CVE-2023-28842 - Security fix for CVE-2023-28841 - Security fix for
CVE-2023-28840 - Security fix for CVE-2023-0845 - Security fix for
CVE-2023-26054 - Security fix for CVE-2022-3064 - Security fix for
CVE-2022-40716 - Security fix for CVE-2023-25173
--------------------------------------------------------------------------------
ChangeLog:

* Wed Aug 23 2023 LuK1337  - 24.0.5-1
- Update moby-engine to 24.0.5
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #2156860 - CVE-2022-40716 consul: Consul Service Mesh Intention Bypass with Malicious Certificate Signing Request
        https://bugzilla.redhat.com/show_bug.cgi?id=2156860
  [ 2 ] Bug #2163037 - CVE-2022-3064 go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents
        https://bugzilla.redhat.com/show_bug.cgi?id=2163037
  [ 3 ] Bug #2174485 - CVE-2023-25173 containerd: Supplementary groups are not set up properly
        https://bugzilla.redhat.com/show_bug.cgi?id=2174485
  [ 4 ] Bug #2176447 - CVE-2023-26054 buildkit: Data disclosure in provenance attestation describing a build
        https://bugzilla.redhat.com/show_bug.cgi?id=2176447
  [ 5 ] Bug #2177595 - CVE-2023-0845 hashicorp/consul: Consul Server Panic when Ingress and API Gateways Configured with Peering Connections
        https://bugzilla.redhat.com/show_bug.cgi?id=2177595
  [ 6 ] Bug #2184683 - CVE-2023-28840 moby: Encrypted overlay network may be unauthenticated
        https://bugzilla.redhat.com/show_bug.cgi?id=2184683
  [ 7 ] Bug #2184685 - CVE-2023-28841 moby: Encrypted overlay network traffic may be unencrypted
        https://bugzilla.redhat.com/show_bug.cgi?id=2184685
  [ 8 ] Bug #2184688 - CVE-2023-28842 moby: Encrypted overlay network with a single endpoint is unauthenticated
        https://bugzilla.redhat.com/show_bug.cgi?id=2184688
  [ 9 ] Bug #2189788 - CVE-2021-41803 consul: Consul Auto-Config JWT Authorization Missing Input Validation
        https://bugzilla.redhat.com/show_bug.cgi?id=2189788
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2023-b9c1d0e4c5' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list -- [email protected]
To unsubscribe send an email to [email protected]
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/[email protected]
Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue

Fedora 39: moby-engine 2023-b9c1d0e4c5

September 15, 2023
- Update moby-engine to 24.0.5 - Security fix for CVE-2021-41803 - Security fix for CVE-2023-28842 - Security fix for CVE-2023-28841 - Security fix for CVE-2023-28840 - Security fi...

Summary

Docker is an open source project to build, ship and run any application as a

lightweight container.

Docker containers are both hardware-agnostic and platform-agnostic. This means

they can run anywhere, from your laptop to the largest EC2 compute instance and

everything in between - and they don't require you to use a particular

language, framework or packaging system. That makes them great building blocks

for deploying and scaling web apps, databases, and backend services without

depending on a particular stack or provider.

Update Information:

- Update moby-engine to 24.0.5 - Security fix for CVE-2021-41803 - Security fix for CVE-2023-28842 - Security fix for CVE-2023-28841 - Security fix for CVE-2023-28840 - Security fix for CVE-2023-0845 - Security fix for CVE-2023-26054 - Security fix for CVE-2022-3064 - Security fix for CVE-2022-40716 - Security fix for CVE-2023-25173

Change Log

* Wed Aug 23 2023 LuK1337 - 24.0.5-1 - Update moby-engine to 24.0.5

References

[ 1 ] Bug #2156860 - CVE-2022-40716 consul: Consul Service Mesh Intention Bypass with Malicious Certificate Signing Request https://bugzilla.redhat.com/show_bug.cgi?id=2156860 [ 2 ] Bug #2163037 - CVE-2022-3064 go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents https://bugzilla.redhat.com/show_bug.cgi?id=2163037 [ 3 ] Bug #2174485 - CVE-2023-25173 containerd: Supplementary groups are not set up properly https://bugzilla.redhat.com/show_bug.cgi?id=2174485 [ 4 ] Bug #2176447 - CVE-2023-26054 buildkit: Data disclosure in provenance attestation describing a build https://bugzilla.redhat.com/show_bug.cgi?id=2176447 [ 5 ] Bug #2177595 - CVE-2023-0845 hashicorp/consul: Consul Server Panic when Ingress and API Gateways Configured with Peering Connections https://bugzilla.redhat.com/show_bug.cgi?id=2177595 [ 6 ] Bug #2184683 - CVE-2023-28840 moby: Encrypted overlay network may be unauthenticated https://bugzilla.redhat.com/show_bug.cgi?id=2184683 [ 7 ] Bug #2184685 - CVE-2023-28841 moby: Encrypted overlay network traffic may be unencrypted https://bugzilla.redhat.com/show_bug.cgi?id=2184685 [ 8 ] Bug #2184688 - CVE-2023-28842 moby: Encrypted overlay network with a single endpoint is unauthenticated https://bugzilla.redhat.com/show_bug.cgi?id=2184688 [ 9 ] Bug #2189788 - CVE-2021-41803 consul: Consul Auto-Config JWT Authorization Missing Input Validation https://bugzilla.redhat.com/show_bug.cgi?id=2189788

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-b9c1d0e4c5' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
Name : moby-engine
Product : Fedora 39
Version : 24.0.5
Release : 1.fc39
URL : https://www.docker.com
Summary : The open-source application container engine

Related News

Librem 11: Purism Unveils a Privacy-Focused Linux Tablet

Sep 15, 2023

Long-term Support for Linux Kernel to Be Cut as Maintenance Remains Under Strain

Sep 21, 2023

Multiple Severe, Remotely Exploitable Chromium Vulns Fixed

Sep 15, 2023

Remotely Exploitable Poppler DoS Bugs Fixed - Update Now!

Sep 22, 2023

News

Advisories

HOWTOs

Features

The Unseen Potential of Wake-on-LAN
Linux Vulnerabilities: The Antidote to This Linux Security Poison
Preventing Linux DDoS Attacks with Minimal Cybersecurity Knowledge
Navigating Software Scalability: A Practical Guide to Building Scalable Systems with Linux
Unlocking the Secrets of Linux Security: An Expert Analysis

About Us

Powered By

Footer Logo

Feedback