Download
| Alert*
oval:org.secpod.oval:def:89045758
This update for containerd, docker, runc fixes the following issues: Docker was updated to 20.10.9-ce. See upstream changelog in the packaged /usr/share/doc/packages/docker/CHANGELOG.md. CVE-2021-41092 CVE-2021-41089 CVE-2021-41091 CVE-2021-41103 container was updated to v1.4.11, to fix CVE-2021-41 ... oval:org.secpod.oval:def:1701941 A flaw was found in containerd where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host's filesystem. Changes to file permissions can deny access to the expected owner of the file, widen access to others, or set extend ... oval:org.secpod.oval:def:1700752 A flaw was found in containerd where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host#39;s filesystem. Changes to file permissions can deny access to the expected owner of the file, widen access to others, or set ext ... oval:org.secpod.oval:def:1601462 A bug was discovered in containerd where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host"s filesystem. Changes to file permissions can deny access to the expected owner of the file or widen access to others. A flaw ... oval:org.secpod.oval:def:120667 Containerd is an industry-standard container runtime with an emphasis on simplicity, robustness and portability. It is available as a daemon for Linux and Windows, which can manage the complete container lifecycle of its host system: image transfer and storage, container execution and supervision, l ... oval:org.secpod.oval:def:1505267 containerd [1.4.8-1] - Address CVE-2021-32760 docker-cli [19.03.11-13] - updated containerd minimum version to 1.4.8 to address CVE-2021-32760. docker-engine [19.03.11-13] - updated containerd minimum version to 1.4.8 to address CVE-2021-32760. oval:org.secpod.oval:def:1505035 containerd [1.4.8-1] - Address CVE-2021-32760 docker-cli [19.03.11-13] - updated containerd minimum version to 1.4.8 to address CVE-2021-32760. docker-engine [19.03.11-13] - updated containerd minimum version to 1.4.8 to address CVE-2021-32760. oval:org.secpod.oval:def:1700777 A flaw was found in containerd where pulling and extracting a specially-crafted container image can result in Unix file permission changes for existing files in the host#39;s filesystem. Changes to file permissions can deny access to the expected owner of the file, widen access to others, or set ext ... oval:org.secpod.oval:def:706074 containerd: daemon to control runC containerd could be made to overwrite file permissions. oval:org.secpod.oval:def:74541 containerd: daemon to control runC containerd could be made to overwrite file permissions. |