| Summary: | docker new security issue CVE-2020-15257 | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | David Walser <luigiwalser> |
| Component: | Security | Assignee: | Bruno Cornec <bruno> |
| Status: | RESOLVED OLD | QA Contact: | Sec team <security> |
| Severity: | major | ||
| Priority: | Normal | CC: | fri |
| Version: | 7 | ||
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Source RPM: | docker-18.09.9-1.2.mga7.src.rpm | CVE: | |
| Status comment: | |||
| Bug Depends on: | 28282 | ||
| Bug Blocks: | |||
|
Description
David Walser
2020-12-02 16:24:09 CET
David Walser
2020-12-02 16:24:15 CET
Whiteboard:
(none) =>
MGA7TOO docker-19.03.14-1.mga8 uploaded for Cauldron by Bruno. Whiteboard:
MGA7TOO =>
(none) Thanks David ! I've also now pushed docker-containerd as the issue is related to that component. I need to check whether the code is in fact also embedded into docker itself or not, as for mga7 that would chnage stuff.
David Walser
2021-02-02 20:57:44 CET
Depends on:
(none) =>
28282 Debian has issued an advisory for this on February 27: https://www.debian.org/security/2021/dsa-4865 (In reply to David Walser from comment #1) > docker-19.03.14-1.mga8 uploaded for Cauldron by Bruno. A that time Cauldron was Mageia 8, which is now released... Newer 19.03.15-1.mga8 is in Core Release, from Bug 28282 apparently. So I guess this bug can be closed fixed, unless there is stuff to be done/tested for comment 2 ? And now 20.10.5-1.mga8 is in Core Updates Testing, Bug 27251 CC:
(none) =>
fri Ah, this bug is set for mga7 only, latest in mga7 updates is docker-18.09.9-1.2.mga7, and no docker in mga7 updates testing. There is only three weeks left of mga7 support. https://blog.mageia.org/en/2021/06/08/mageia-7-will-reach-end-of-support-on-30th-of-june-the-king-is-dead-long-live-the-king/ Resolution:
(none) =>
OLD |