openSUSE Security Update: Security update for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork
______________________________________________________________________________

Announcement ID:    openSUSE-SU-2019:1444-1
Rating:             important
References:         #1114209 #1114832 #1118897 #1118898 #1118899 
                    #1121397 #1121967 #1123013 #1128376 #1128746 
                    #1134068 
Cross-References:   CVE-2018-16873 CVE-2018-16874 CVE-2018-16875
                    CVE-2019-5736 CVE-2019-6486
Affected Products:
                    openSUSE Leap 15.1
______________________________________________________________________________

   An update that solves 5 vulnerabilities and has 6 fixes is
   now available.

Description:

   This update for containerd, docker, docker-runc, go, go1.11, go1.12,
   golang-github-docker-libnetwork fixes the following issues:

   Security issues fixed:

   - CVE-2019-5736: containerd: Fixing container breakout vulnerability
     (bsc#1121967).
   - CVE-2019-6486: go security release, fixing crypto/elliptic CPU DoS
     vulnerability affecting P-521 and P-384 (bsc#1123013).
   - CVE-2018-16873: go secuirty release, fixing cmd/go remote command
     execution (bsc#1118897).
   - CVE-2018-16874: go security release, fixing cmd/go directory traversal
     (bsc#1118898).
   - CVE-2018-16875: go security release, fixing crypto/x509 CPU denial of
     service (bsc#1118899).

   Other changes and bug fixes:

   - Update to containerd v1.2.5, which is required for v18.09.5-ce
     (bsc#1128376, bsc#1134068).
   - Update to runc 2b18fe1d885e, which is required for Docker v18.09.5-ce
     (bsc#1128376, bsc#1134068).
   - Update to Docker 18.09.5-ce see upstream changelog in the packaged
     (bsc#1128376, bsc#1134068).
   - docker-test: Improvements to test packaging (bsc#1128746).
   - Move daemon.json file to /etc/docker directory (bsc#1114832).
   - Revert golang(API) removal since it turns out this breaks >= requires in
     certain cases (bsc#1114209).
   - Fix go build failures (bsc#1121397).

   This update was imported from the SUSE:SLE-15:Update update project.


Patch Instructions:

   To install this openSUSE Security Update use the SUSE recommended installation methods
   like YaST online_update or "zypper patch".

   Alternatively you can run the command listed for your product:

   - openSUSE Leap 15.1:

      zypper in -t patch openSUSE-2019-1444=1



Package List:

   - openSUSE Leap 15.1 (i586 x86_64):

      go-1.12-lp151.2.3.1
      go-doc-1.12-lp151.2.3.1

   - openSUSE Leap 15.1 (x86_64):

      containerd-1.2.5-lp151.2.3.1
      containerd-ctr-1.2.5-lp151.2.3.1
      docker-18.09.6_ce-lp151.2.3.1
      docker-debuginfo-18.09.6_ce-lp151.2.3.1
      docker-debugsource-18.09.6_ce-lp151.2.3.1
      docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-lp151.2.3.1
      docker-libnetwork-debuginfo-0.7.0.1+gitr2726_872f0a83c98a-lp151.2.3.1
      docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-lp151.3.3.1
      docker-runc-debuginfo-1.0.0rc6+gitr3804_2b18fe1d885e-lp151.3.3.1
      docker-test-18.09.6_ce-lp151.2.3.1
      docker-test-debuginfo-18.09.6_ce-lp151.2.3.1
      go-race-1.12-lp151.2.3.1
      go1.11-1.11.9-lp151.2.3.1
      go1.11-doc-1.11.9-lp151.2.3.1
      go1.11-race-1.11.9-lp151.2.3.1
      go1.12-1.12.4-lp151.2.3.1
      go1.12-doc-1.12.4-lp151.2.3.1
      go1.12-race-1.12.4-lp151.2.3.1
      golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-lp151.2.3.1

   - openSUSE Leap 15.1 (noarch):

      containerd-test-1.2.5-lp151.2.3.1
      docker-bash-completion-18.09.6_ce-lp151.2.3.1
      docker-runc-test-1.0.0rc6+gitr3804_2b18fe1d885e-lp151.3.3.1
      docker-zsh-completion-18.09.6_ce-lp151.2.3.1


References:

   https://www.suse.com/security/cve/CVE-2018-16873.html
   https://www.suse.com/security/cve/CVE-2018-16874.html
   https://www.suse.com/security/cve/CVE-2018-16875.html
   https://www.suse.com/security/cve/CVE-2019-5736.html
   https://www.suse.com/security/cve/CVE-2019-6486.html
   https://bugzilla.suse.com/1114209
   https://bugzilla.suse.com/1114832
   https://bugzilla.suse.com/1118897
   https://bugzilla.suse.com/1118898
   https://bugzilla.suse.com/1118899
   https://bugzilla.suse.com/1121397
   https://bugzilla.suse.com/1121967
   https://bugzilla.suse.com/1123013
   https://bugzilla.suse.com/1128376
   https://bugzilla.suse.com/1128746
   https://bugzilla.suse.com/1134068

--

openSUSE: 2019:1444-1: important: containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork

May 27, 2019
An update that solves 5 vulnerabilities and has 6 fixes is now available.

Description

This update for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork fixes the following issues: Security issues fixed: - CVE-2019-5736: containerd: Fixing container breakout vulnerability (bsc#1121967). - CVE-2019-6486: go security release, fixing crypto/elliptic CPU DoS vulnerability affecting P-521 and P-384 (bsc#1123013). - CVE-2018-16873: go secuirty release, fixing cmd/go remote command execution (bsc#1118897). - CVE-2018-16874: go security release, fixing cmd/go directory traversal (bsc#1118898). - CVE-2018-16875: go security release, fixing crypto/x509 CPU denial of service (bsc#1118899). Other changes and bug fixes: - Update to containerd v1.2.5, which is required for v18.09.5-ce (bsc#1128376, bsc#1134068). - Update to runc 2b18fe1d885e, which is required for Docker v18.09.5-ce (bsc#1128376, bsc#1134068). - Update to Docker 18.09.5-ce see upstream changelog in the packaged (bsc#1128376, bsc#1134068). - docker-test: Improvements to test packaging (bsc#1128746). - Move daemon.json file to /etc/docker directory (bsc#1114832). - Revert golang(API) removal since it turns out this breaks >= requires in certain cases (bsc#1114209). - Fix go build failures (bsc#1121397). This update was imported from the SUSE:SLE-15:Update update project.

 

Patch

Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Leap 15.1: zypper in -t patch openSUSE-2019-1444=1


Package List

- openSUSE Leap 15.1 (i586 x86_64): go-1.12-lp151.2.3.1 go-doc-1.12-lp151.2.3.1 - openSUSE Leap 15.1 (x86_64): containerd-1.2.5-lp151.2.3.1 containerd-ctr-1.2.5-lp151.2.3.1 docker-18.09.6_ce-lp151.2.3.1 docker-debuginfo-18.09.6_ce-lp151.2.3.1 docker-debugsource-18.09.6_ce-lp151.2.3.1 docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-lp151.2.3.1 docker-libnetwork-debuginfo-0.7.0.1+gitr2726_872f0a83c98a-lp151.2.3.1 docker-runc-1.0.0rc6+gitr3804_2b18fe1d885e-lp151.3.3.1 docker-runc-debuginfo-1.0.0rc6+gitr3804_2b18fe1d885e-lp151.3.3.1 docker-test-18.09.6_ce-lp151.2.3.1 docker-test-debuginfo-18.09.6_ce-lp151.2.3.1 go-race-1.12-lp151.2.3.1 go1.11-1.11.9-lp151.2.3.1 go1.11-doc-1.11.9-lp151.2.3.1 go1.11-race-1.11.9-lp151.2.3.1 go1.12-1.12.4-lp151.2.3.1 go1.12-doc-1.12.4-lp151.2.3.1 go1.12-race-1.12.4-lp151.2.3.1 golang-github-docker-libnetwork-0.7.0.1+gitr2726_872f0a83c98a-lp151.2.3.1 - openSUSE Leap 15.1 (noarch): containerd-test-1.2.5-lp151.2.3.1 docker-bash-completion-18.09.6_ce-lp151.2.3.1 docker-runc-test-1.0.0rc6+gitr3804_2b18fe1d885e-lp151.3.3.1 docker-zsh-completion-18.09.6_ce-lp151.2.3.1


References

https://www.suse.com/security/cve/CVE-2018-16873.html https://www.suse.com/security/cve/CVE-2018-16874.html https://www.suse.com/security/cve/CVE-2018-16875.html https://www.suse.com/security/cve/CVE-2019-5736.html https://www.suse.com/security/cve/CVE-2019-6486.html https://bugzilla.suse.com/1114209 https://bugzilla.suse.com/1114832 https://bugzilla.suse.com/1118897 https://bugzilla.suse.com/1118898 https://bugzilla.suse.com/1118899 https://bugzilla.suse.com/1121397 https://bugzilla.suse.com/1121967 https://bugzilla.suse.com/1123013 https://bugzilla.suse.com/1128376 https://bugzilla.suse.com/1128746 https://bugzilla.suse.com/1134068--


Severity
Announcement ID: openSUSE-SU-2019:1444-1
Rating: important
Affected Products: openSUSE Leap 15.1 le.

Related News

19.Laptop Bed Esm H320
2 - 3 min read
AlmaLinux 9.4 beta has been released and provides compelling reasons to consider it for desktop usage. While AlmaLinux is primarily known as a
32.Lock Code Circular Esm H320
2 - 3 min read
Linux admins and security practitioners face significant challenges in keeping their Linux systems secure amidst the constant threat of kernel bugs.
1.Penguin Landscape Esm H320
2 - 3 min read
A significant security threat, known as the Spectre v2 exploit, has been observed targeting Linux systems running on modern Intel processors. Let's
10.FingerPrint Locks Esm H320
2 - 3 min read
The recent release of I2P 2.5.0 , an anonymous P2P network that protects against online censorship, surveillance, and monitoring, has brought a slew
24.Key Code Esm H320
2 - 3 min read
The Akira ransomware group has extorted approximately $42 million from over 250 victims since January 1, 2024. The group initially focused on
5.ShakingHands Esm H320
2 - 3 min read
At The Linux Foundation's Open Source Summit North America , Linus Torvalds, the creator of Linux, discussed various topics related to Linux
30.Lock Globe Motherboard Esm H320
1 - 2 min read
The SPDX 3.0 release marks a significant milestone in software management, particularly for Linux admins, infosec professionals, internet security
11.Locks IsometricPattern Esm H320
2 - 3 min read
Open Source maintainers and developers have been warned about the continued wave of attacks aimed at project maintainers similar to those recently
Sign Up

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved