Security update for docker
Announcement ID: | SUSE-SU-2023:0795-2 |
---|---|
Rating: | moderate |
References: | |
Cross-References: | |
CVSS scores: |
|
Affected Products: |
|
An update that solves one vulnerability and has one security fix can now be installed.
Description:
This update for docker fixes the following issues:
Docker was updated to 20.10.23-ce.
See upstream changelog at https://docs.docker.com/engine/release-notes/#201023
Docker was updated to 20.10.21-ce (bsc#1206065)
See upstream changelog at https://docs.docker.com/engine/release-notes/#201021
Security issues fixed:
-
CVE-2022-36109: Fixed supplementary group permissions bypass (bsc#1205375)
-
Fix wrong After: in docker.service, fixes bsc#1188447
- Add apparmor-parser as a Recommends to make sure that most users will end up with it installed even if they are primarily running SELinux.
- Allow to install container-selinux instead of apparmor-parser.
- Change to using systemd-sysusers
Patch Instructions:
To install this SUSE update use the SUSE recommended
installation methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
-
SUSE Linux Enterprise Micro for Rancher 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2023-795=1
-
SUSE Linux Enterprise Micro 5.4
zypper in -t patch SUSE-SLE-Micro-5.4-2023-795=1
Package List:
-
SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64)
- docker-debuginfo-20.10.23_ce-150000.175.1
- docker-20.10.23_ce-150000.175.1
-
SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64)
- docker-debuginfo-20.10.23_ce-150000.175.1
- docker-20.10.23_ce-150000.175.1