First published: Tue Mar 31 2020(Updated: )
Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that runs virtually anywhere. <br>Security Fix(es):<br><li> runc: AppArmor/SELinux bypass with malicious image that specifies a volume at /proc (CVE-2019-16884)</li> <li> proglottis/gpgme: Use-after-free in GPGME bindings during container image pull (CVE-2020-8945)</li> <li> containers/image: Container images read entire image manifest into memory (CVE-2020-1702)</li> For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.<br>Bug Fix(es):<br><li> Whitelist statx(2) in docker (BZ#1784228)</li> <li> Upgrading docker resulting into increase Systemd logs (BZ#1791870)</li> <li> docker should be linked against gpgme-pthread (BZ#1792243)</li> <li> docker cannot be updated to 108 on rhos13 as a container fails to start with "pivot_root invalid argument" error. (BZ#1795376)</li> <li> OVS pods are unable to stop when running under docker version 1.13.1-108 (BZ#1796451)</li>
Affected Software | Affected Version | How to fix |
---|---|---|
redhat/docker | <1.13.1-161.git64e9980.el7_8 | 1.13.1-161.git64e9980.el7_8 |
redhat/docker | <1.13.1-161.git64e9980.el7_8 | 1.13.1-161.git64e9980.el7_8 |
redhat/docker-client | <1.13.1-161.git64e9980.el7_8 | 1.13.1-161.git64e9980.el7_8 |
redhat/docker-common | <1.13.1-161.git64e9980.el7_8 | 1.13.1-161.git64e9980.el7_8 |
redhat/docker-debuginfo | <1.13.1-161.git64e9980.el7_8 | 1.13.1-161.git64e9980.el7_8 |
redhat/docker-logrotate | <1.13.1-161.git64e9980.el7_8 | 1.13.1-161.git64e9980.el7_8 |
redhat/docker-lvm-plugin | <1.13.1-161.git64e9980.el7_8 | 1.13.1-161.git64e9980.el7_8 |
redhat/docker-novolume-plugin | <1.13.1-161.git64e9980.el7_8 | 1.13.1-161.git64e9980.el7_8 |
redhat/docker-rhel-push-plugin | <1.13.1-161.git64e9980.el7_8 | 1.13.1-161.git64e9980.el7_8 |
redhat/docker-v1.10-migrator | <1.13.1-161.git64e9980.el7_8 | 1.13.1-161.git64e9980.el7_8 |
redhat/docker-client | <1.13.1-161.git64e9980.el7_8 | 1.13.1-161.git64e9980.el7_8 |
redhat/docker-common | <1.13.1-161.git64e9980.el7_8 | 1.13.1-161.git64e9980.el7_8 |
redhat/docker-debuginfo | <1.13.1-161.git64e9980.el7_8 | 1.13.1-161.git64e9980.el7_8 |
redhat/docker-logrotate | <1.13.1-161.git64e9980.el7_8 | 1.13.1-161.git64e9980.el7_8 |
redhat/docker-lvm-plugin | <1.13.1-161.git64e9980.el7_8 | 1.13.1-161.git64e9980.el7_8 |
redhat/docker-novolume-plugin | <1.13.1-161.git64e9980.el7_8 | 1.13.1-161.git64e9980.el7_8 |
redhat/docker-rhel-push-plugin | <1.13.1-161.git64e9980.el7_8 | 1.13.1-161.git64e9980.el7_8 |
redhat/docker-v1.10-migrator | <1.13.1-161.git64e9980.el7_8 | 1.13.1-161.git64e9980.el7_8 |
redhat/docker | <1.13.1-161.git64e9980.el7_8 | 1.13.1-161.git64e9980.el7_8 |
redhat/docker-client | <1.13.1-161.git64e9980.el7_8 | 1.13.1-161.git64e9980.el7_8 |
redhat/docker-common | <1.13.1-161.git64e9980.el7_8 | 1.13.1-161.git64e9980.el7_8 |
redhat/docker-debuginfo | <1.13.1-161.git64e9980.el7_8 | 1.13.1-161.git64e9980.el7_8 |
redhat/docker-logrotate | <1.13.1-161.git64e9980.el7_8 | 1.13.1-161.git64e9980.el7_8 |
redhat/docker-lvm-plugin | <1.13.1-161.git64e9980.el7_8 | 1.13.1-161.git64e9980.el7_8 |
redhat/docker-novolume-plugin | <1.13.1-161.git64e9980.el7_8 | 1.13.1-161.git64e9980.el7_8 |
redhat/docker-rhel-push-plugin | <1.13.1-161.git64e9980.el7_8 | 1.13.1-161.git64e9980.el7_8 |
redhat/docker-v1.10-migrator | <1.13.1-161.git64e9980.el7_8 | 1.13.1-161.git64e9980.el7_8 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.