RedHat has issued an advisory on May 12: https://rhn.redhat.com/errata/RHSA-2016-1034.html Mageia 5 may also be affected.
Whiteboard: (none) => MGA5TOO
I've update cauldron with docker 1.11.1 I've as a consequence also uploaded runc and containerd which are now required when docker is >= 1.11 My docker install (on mga5) is working fine with these updates. It just needs to be noted that the first time I launched docker, it computed checksums for my exiting images, and systemd timed out :-( There should be a way to avoid that, but I don't have time to look at that now, if womeone wnats to do it, welcome ! Relaunching docker, it finished to compute them, and thus launched it correctly finally. Not sure it's worth putting in mga5 that version, so I'll look at backporting the patches that our frinds at SuSE have cooked: https://bugzilla.suse.com/show_bug.cgi?id=976777
Status: NEW => ASSIGNED
I derived a patch from the commit da38ac6c79fe902ed0687afc73d731c95c6d491a which is fixing the issue in order for our version to build. Hopefully this doesn't break anything else. If yes, then I'd recommend to baclport the version 1.11 I updated into cooker.
Assignee: bruno => qa-bugsTarget Milestone: --- => Mageia 6
Advisory provided
CC: (none) => bruno
Advisory in SVN updated. type: security subject: Updated docker package fixes CVE-2016-3697 CVE: - CVE-2016-3697 src: 5: core: - docker-1.9.1-1.1.mga5 description: | Updated docker packages fix security vulnerability: It was found that Docker would launch containers under the specified UID instead of a username. An attacker able to launch a container could use this flaw to escalate their privileges to root within the launched container (CVE-2016-3697). references: - https://bugs.mageia.org/show_bug.cgi?id=18456 - https://bugzilla.suse.com/show_bug.cgi?id=976777 - https://rhn.redhat.com/errata/RHSA-2016-1034.html Updated packages: ================ docker-1.9.1-1.1.mga5 docker-devel-1.9.1-1.1.mga5 docker-fish-completion-1.9.1-1.1.mga5 docker-logrotate-1.9.1-1.1.mga5 docker-unit-test-1.9.1-1.1.mga5 docker-vim-1.9.1-1.1.mga5 docker-zsh-completion-1.9.1-1.1.mga5
Version: Cauldron => 5Whiteboard: MGA5TOO => advisory
Testing procedure: https://bugs.mageia.org/show_bug.cgi?id=16984#c10
Target Milestone: Mageia 6 => ---Whiteboard: advisory => has_procedure advisory
Testing complete mga5 64 # docker run hello-world Hello from Docker. This message shows that your installation appears to be working correctly. ...etc
Whiteboard: has_procedure advisory => has_procedure advisory mga5-64-ok
Keywords: (none) => validated_updateCC: (none) => davidwhodgins, sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. http://advisories.mageia.org/MGASA-2016-0209.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED