Commit 47e98bef authored by Kåre Thor Olsen's avatar Kåre Thor Olsen

[SECURITY] [DSA 4521-1] docker.io security update

parent d8e78256
<define-tag pagetitle>DSA-4521-1 docker.io</define-tag>
<define-tag report_date>2019-9-09</define-tag>
<define-tag secrefs>CVE-2019-13139 CVE-2019-13509 CVE-2019-14271</define-tag>
<define-tag packages>docker.io</define-tag>
<define-tag isvulnerable>yes</define-tag>
<define-tag fixed>yes</define-tag>
<define-tag fixed-section>no</define-tag>
#use wml::debian::security
</dl>
<define-tag description>security update</define-tag>
<define-tag moreinfo>
<p>Three security vulnerabilities have been discovered in the Docker
container runtime: Insecure loading of NSS libraries in <q>docker cp</q>
could result in execution of code with root privileges, sensitive data
could be logged in debug mode and there was a command injection
vulnerability in the <q>docker build</q> command.</p>
<p>For the stable distribution (buster), these problems have been fixed in
version 18.09.1+dfsg1-7.1+deb10u1.</p>
<p>We recommend that you upgrade your docker.io packages.</p>
<p>For the detailed security status of docker.io please refer to
its security tracker page at:
<a href="https://security-tracker.debian.org/tracker/docker.io">\
https://security-tracker.debian.org/tracker/docker.io</a></p>
</define-tag>
# do not modify the following line
#include "$(ENGLISHDIR)/security/2019/dsa-4521.data"
# $Id: $
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment