- Detalji os-a: WN7
- Važnost: IMP
- Operativni sustavi: L
- Kategorije: LUB
==========================================================================
Ubuntu Security Notice USN-4048-1
July 08, 2019
Docker vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
– Ubuntu 19.04
– Ubuntu 18.10
– Ubuntu 18.04 LTS
– Ubuntu 16.04 LTS
Summary:
Docker could be made to overwrite files as the administrator.
Software Description:
– docker.io: Linux container runtime
Details:
Aleksa Sarai discovered that Docker was vulnerable to a directory traversal
attack. An attacker could use this vulnerability to read and write arbitrary
files on the host filesystem as root.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 19.04:
docker.io 18.09.7-0ubuntu1~19.04.4
Ubuntu 18.10:
docker.io 18.09.7-0ubuntu1~18.10.3
Ubuntu 18.04 LTS:
docker.io 18.09.7-0ubuntu1~18.04.3
Ubuntu 16.04 LTS:
docker.io 18.09.7-0ubuntu1~16.04.4
This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.
References:
https://usn.ubuntu.com/4048-1
CVE-2018-15664, CVE-2019-5736
Package Information:
https://launchpad.net/ubuntu/+source/docker.io/18.09.7-0ubuntu1~19.04.4
https://launchpad.net/ubuntu/+source/docker.io/18.09.7-0ubuntu1~18.10.3
https://launchpad.net/ubuntu/+source/docker.io/18.09.7-0ubuntu1~18.04.3
https://launchpad.net/ubuntu/+source/docker.io/18.09.7-0ubuntu1~16.04.4
—–BEGIN PGP SIGNATURE—–
iQIzBAEBCgAdFiEEwZbe96kJeWh2OITRdyg1Qz0oXX0FAl0jbhAACgkQdyg1Qz0o
XX2u7A/+J2djstlGcpM+2q6KZxzRRApwTM69q+wh2p6VCFrhLRB3aqGwiBOtcJrh
EQCVXw6rdqeoadNoLh4T1+Y7m1FSW/Pb0OPs73O39/KV5vXWoyYNJfjioileODIw
egkGXs9yaXRQy0EIbPoIDJjV/6qGPNWUBqO3GqR5axZoIW2nbnBdPAU5bo/uR4yI
kcrFhFruJxxxQzUKMHYsv8/q+C/UOF6kKsIUPJIDaG/2hXkyz6C6LsgQAwRe46hX
de1/hZJphtfHo0gLMGZ+uzwnMgVDN1uQDgqMVnOV8B7nuvrAym+NtqyhwQN8sC5Q
Vo+PapMpewRYhfTy+N/7ePCUFzvp5Bgq50eC/aF20TPFDk96xMdfJc7hAJvCm7PQ
NssYUIbTNC/K1xjVvtoA86eFCOaFmS2qC3vXzdkQJmtLazd8fRytwskWpL5QjD4H
RJpIWLpIp38VjEYLd5gTmNvfH/9zq7KlK2zPKcR8ZSc33/JK/SecT6UEOL3BF7AL
EmC7jhjFTwug2ol9/mfP1YbEESMMx9qp2DO5P8SRWM75MYZ2EHtAds3v+FqybUwX
EBmYi4OqSkixLKSrCoDSF+suHD/ktjBKA+qL3fb+S9qiqWDZrOFwE9UzbLONL8UL
DZJg6i7zDinO0ylqrRSuYrWbk9v3IaaSCXyiiKt1t1MepdCDyiQ=
=zerJ
—–END PGP SIGNATURE—–
—
| Autor | Zvonimir Bosnjak |
| Cert id | NCERT-REF-2019-07-0001-ADV |
| Cve | CERT-CVE-DUMMY |
| ID izvornika | CERT-ORIGID-DUMMY |
| Proizvod | CERT-DUMMY-PRODUCT |
| Izvor | Adobe |
