File _patchinfo of Package patchinfo.23789

Overview Repositories Revisions Requests Users Attributes Meta

File _patchinfo of Package patchinfo.23789

<patchinfo incident="23789">
  <issue tracker="bnc" id="1197517">VUL-0: CVE-2022-24769: docker, containerd: moby: Default inheritable capabilities for linux container should be empty</issue>
  <issue tracker="bnc" id="1196441">VUL-0: CVE-2022-23648: containerd: directory traversal issue</issue>
  <issue tracker="bnc" id="1193930">VUL-0: CVE-2021-43565: kubernetes,docker,kubernetes-1.18,kubevirt: golang.org/x/crypto: empty plaintext packet causes panic</issue>
  <issue tracker="bnc" id="1197284">VUL-0: CVE-2022-27191: go1.15,go1.16,go1.17,go1.18,go1.14: crash in a golang.org/x/crypto/ssh server</issue>  
  <issue tracker="cve" id="2022-23648"/>
  <issue tracker="cve" id="2022-24769"/>
  <issue tracker="cve" id="2022-27191"/>
  <issue tracker="cve" id="2021-43565"/>
  <packager>cyphar</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for containerd, docker</summary>
  <description>This update for containerd, docker fixes the following issues:

- CVE-2022-24769: Fixed incorrect default inheritable capabilities (bsc#1197517).
- CVE-2022-23648: Fixed directory traversal issue (bsc#1196441).
- CVE-2022-27191: Fixed a crash in a golang.org/x/crypto/ssh server (bsc#1197284).
- CVE-2021-43565: Fixed a panic in golang.org/x/crypto by empty plaintext packet (bsc#1193930).
</description>
<message>Updating docker will restart the docker service, which may stop some of your docker containers. Do you want to proceed with the update?</message>
</patchinfo>

Places

File _patchinfo of Package patchinfo.23789

Places