Ubuntu 4103-1: docker-credential-helpers vulnerability

    Date19 Aug 2019
    CategoryUbuntu
    2948
    Posted ByLinuxSecurity Advisories
    docker-credential-helpers could be made to crash or run programs as your login
    ==========================================================================
    Ubuntu Security Notice USN-4103-1
    August 19, 2019
    
    docker-credential-helpers vulnerability
    ==========================================================================
    
    A security issue affects these releases of Ubuntu and its derivatives:
    
    - Ubuntu 19.04
    
    Summary:
    
    docker-credential-helpers could be made to crash or run programs as your login
    
    Software Description:
    - golang-github-docker-docker-credential-helpers: Use native stores to safeguard
    Docker credentials
    
    Details:
    
    Jasiel Spelman discovered that a double free existed in docker-credential-
    helpers. A local attacker could use this to cause a denial of service
    (crash) or possibly execute arbitrary code.
    
    Update instructions:
    
    The problem can be corrected by updating your system to the following
    package versions:
    
    Ubuntu 19.04:
      golang-docker-credential-helpers  0.6.1-1ubuntu0.1
    
    In general, a standard system update will make all the necessary changes.
    
    References:
      https://usn.ubuntu.com/4103-1
      CVE-2019-1020014
    
    Package Information:
    
    https://launchpad.net/ubuntu/+source/golang-github-docker-docker-credential-helpers/0.6.1-1ubuntu0.1
    
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"23","type":"x","order":"1","pct":53.49,"resources":[]},{"id":"88","title":"Should be more technical","votes":"5","type":"x","order":"2","pct":11.63,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"15","type":"x","order":"3","pct":34.88,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.