Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

SUSE: 2019:1234-2 Important: Docker And Containerd Security Fixes

suse
Calendar Grey June 13, 2019
Dist Suse Esm H88
Red Hat Unveils Security Patch for Podman, Moby, and Rust, Addressing Severe Vulnerabilities.
An update that solves 5 vulnerabilities and has 6 fixes is now available

Summary

This update for containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork fixes the following issues: Security issues fixed: - CVE-2019-5736: containerd: Fixing container breakout vulnerability (bsc#1121967). - CVE-2019-6486: go security release, fixing crypto/elliptic CPU DoS vulnerability affecting P-521 and P-384 (bsc#1123013). - CVE-2018-16873: go secuirty release, fixing cmd/go remote command execution (bsc#1118897). - CVE-2018-16874: go security release, fixing cmd/go directory traversal (bsc#1118898). - CVE-2018-16875: go security release, fixing crypto/x509 CPU denial of service (bsc#1118899). Other changes and bug fixes: - Update to containerd v1.2.5, which is required for v18.09.5-ce (bsc#1128376, bsc#1134068).

Topics%20covered

Topics Covered

security advisory denial of service code execution important docker containerd

References

#1114209 #1114832 #1118897 #1118898 #1118899

#1121397 #1121967 #1123013 #1128376 #1128746

#1134068

Cross- CVE-2018-16873 CVE-2018-16874 CVE-2018-16875

CVE-2019-5736 CVE-2019-6486

Affected Products:

SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1

SUSE Linux Enterprise Module for Containers 15-SP1

https://www.suse.com/security/cve/CVE-2018-16873.html

https://www.suse.com/security/cve/CVE-2018-16874.html

https://www.suse.com/security/cve/CVE-2018-16875.html

https://www.suse.com/security/cve/CVE-2019-5736.html

https://www.suse.com/security/cve/CVE-2019-6486.html

https://bugzilla.suse.com/1114209

https://bugzilla.suse.com/1114832

https://bugzilla.suse.com/1118897

https://bugzilla.suse.com/1118898

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2019:1234-2
Rating: important

Topics%20covered

Topics Covered

security advisory denial of service code execution important docker containerd

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here