Overview

Request 540195 accepted

- Add a backport of https://github.com/moby/moby/pull/35424, which fixes a
security issue where a maliciously crafted image could be used to crash a
Docker daemon. bsc#1066210 CVE-2017-14992
+ bsc1066210-0001-vendor-update-to-github.com-vbatts-tar-split-v0.10.2.patch
- Add a backport of https://github.com/moby/moby/pull/35399, which fixes a
security issue where a Docker container (with a disabled AppArmor profile)
could write to /proc/scsi/... and subsequently DoS the host. bsc#1066801
CVE-2017-16539
+ bsc1066801-0001-oci-add-proc-scsi-to-masked-paths.patch
- Fix bsc#1059011
The systemd service helper script used a timeout of 60 seconds to
start the daemon, which is insufficient in cases where the daemon
takes longer to start. Instead, set the service type from 'simple' to
'notify' and remove the now superfluous helper script.
- fix bsc#1057743: Add a Requires: fix_bsc_1057743 which is provided by the
newer version of docker-libnetwork. This is necessary because of a versioning
bug we found in bsc#1057743.

Loading...
Request History
Aleksa Sarai's avatar

cyphar created request

- Add a backport of https://github.com/moby/moby/pull/35424, which fixes a
security issue where a maliciously crafted image could be used to crash a
Docker daemon. bsc#1066210 CVE-2017-14992
+ bsc1066210-0001-vendor-update-to-github.com-vbatts-tar-split-v0.10.2.patch
- Add a backport of https://github.com/moby/moby/pull/35399, which fixes a
security issue where a Docker container (with a disabled AppArmor profile)
could write to /proc/scsi/... and subsequently DoS the host. bsc#1066801
CVE-2017-16539
+ bsc1066801-0001-oci-add-proc-scsi-to-masked-paths.patch
- Fix bsc#1059011
The systemd service helper script used a timeout of 60 seconds to
start the daemon, which is insufficient in cases where the daemon
takes longer to start. Instead, set the service type from 'simple' to
'notify' and remove the now superfluous helper script.
- fix bsc#1057743: Add a Requires: fix_bsc_1057743 which is provided by the
newer version of docker-libnetwork. This is necessary because of a versioning
bug we found in bsc#1057743.


Factory Auto's avatar

factory-auto added opensuse-review-team as a reviewer

Please review sources


Factory Auto's avatar

factory-auto added repo-checker as a reviewer

Please review build success


Factory Auto's avatar

factory-auto accepted review

Check script succeeded


Dominique Leuenberger's avatar

dimstar_suse set openSUSE:Factory:Staging:K as a staging project

Being evaluated by staging project "openSUSE:Factory:Staging:K"


Dominique Leuenberger's avatar

dimstar_suse accepted review

Picked openSUSE:Factory:Staging:K


Saul Goodman's avatar

licensedigger accepted review

ok


Dominique Leuenberger's avatar

dimstar_suse set openSUSE:Factory:Staging:H as a staging project

Being evaluated by staging project "openSUSE:Factory:Staging:H"


Dominique Leuenberger's avatar

dimstar_suse accepted review

Moved to openSUSE:Factory:Staging:H


Jan Engelhardt's avatar

jengelh accepted review


Repo Checker's avatar

repo-checker accepted review

cycle and install check passed


Dominique Leuenberger's avatar

dimstar_suse accepted review

ready to accept


Dominique Leuenberger's avatar

dimstar_suse approved review

ready to accept


Dominique Leuenberger's avatar

dimstar_suse accepted request

Accept to openSUSE:Factory

openSUSE Build Service is sponsored by