SUSE_ALP_Standard/patchinfo.20240911114904504757.269002615871826/_patchinfo

<patchinfo incident="64">
  <!-- generated from request(s) 344279 -->
  <issue tracker="bnc" id="1210141">docker.socket systemd configurations dosn't exist</issue>
  <issue tracker="bnc" id="1214855">umarshalling volume options for volume: unexpected end of JSON input</issue>
  <issue tracker="bnc" id="1215323">[trackerbug] docker 24.0.6-ce update</issue>
  <issue tracker="bnc" id="1217513">VUL-0: docker: mitigate power-based side channel attacks (advisory GHSA-jq35-85cj-fj4p)</issue>
  <issue tracker="bnc" id="1219267">VUL-0: CVE-2024-23651: docker: race condition in mount</issue>
  <issue tracker="bnc" id="1219268">VUL-0: CVE-2024-23652: docker: arbitrary deletion of files</issue>
  <issue tracker="bnc" id="1219438">VUL-0: CVE-2024-23653: buildkit: BuildKit API doesn't validate entitlement on container creation</issue>
  <issue tracker="bnc" id="1220339">docker-24.0.7 makes docker overlay files world writable [ref:_00D1igLOd._500Tr634Oc:ref]</issue>
  <issue tracker="bnc" id="1221916">L3: SLES15-SP4: Docker buildx build fails to COPY from build stage using nested links</issue>
  <issue tracker="bnc" id="1223409">[trackerbug] docker 25.0.5 update</issue>
  <issue tracker="bnc" id="1228324">VUL-0: CVE-2024-41110: docker: Authz zero length regression</issue>
  <issue tracker="cve" id="2024-23651"/>
  <issue tracker="cve" id="2024-23652"/>
  <issue tracker="cve" id="2024-23653"/>
  <issue tracker="cve" id="2024-41110"/>
  <packager>cyphar</packager>
  <rating>critical</rating>
  <category>security</category>
  <summary>Security update for docker</summary>
  <description>This update for docker fixes the following issues:

Security fixes:

- CVE-2024-23651: Fixed arbitrary files write due to race condition on mounts (bsc#1219267)
- CVE-2024-23652: Fixed insufficient validation of parent directory on mount (bsc#1219268)
- CVE-2024-23653: Fixed insufficient validation on entitlement on container creation via buildkit (bsc#1219438)
- CVE-2024-41110: A Authz zero length regression that could lead to authentication bypass was fixed (bsc#1228324)

Other changes:

- Update to Docker 25.0.6-ce.
- Fix BuildKit's symlink resolution logic to correctly handle non-lexical
  symlinks. (bsc#1221916)
- Write volume options atomically so sudden system crashes won't result in
  future Docker starts failing due to empty files. (bsc#1214855)
- Fixed world writable docker overlay files (bsc#1220339)
</description>
  <package>docker</package>
  <message>Updating docker will restart the docker service, which may stop some of your docker containers. Do you want to proceed with the update?</message>
  <seperate_build_arch/>
</patchinfo>
Update incident numbers 2024-10-15 13:37:56 +02:00			`<patchinfo incident="64">`
Adding patchinfo patchinfo.20240911114904504757.269002615871826 2024-10-14 13:25:07 +02:00			`<!-- generated from request(s) 344279 -->`
			`<issue tracker="bnc" id="1210141">docker.socket systemd configurations dosn't exist</issue>`
			`<issue tracker="bnc" id="1214855">umarshalling volume options for volume: unexpected end of JSON input</issue>`
			`<issue tracker="bnc" id="1215323">[trackerbug] docker 24.0.6-ce update</issue>`
			`<issue tracker="bnc" id="1217513">VUL-0: docker: mitigate power-based side channel attacks (advisory GHSA-jq35-85cj-fj4p)</issue>`
			`<issue tracker="bnc" id="1219267">VUL-0: CVE-2024-23651: docker: race condition in mount</issue>`
			`<issue tracker="bnc" id="1219268">VUL-0: CVE-2024-23652: docker: arbitrary deletion of files</issue>`
			`<issue tracker="bnc" id="1219438">VUL-0: CVE-2024-23653: buildkit: BuildKit API doesn't validate entitlement on container creation</issue>`
			`<issue tracker="bnc" id="1220339">docker-24.0.7 makes docker overlay files world writable [ref:_00D1igLOd._500Tr634Oc:ref]</issue>`
			`<issue tracker="bnc" id="1221916">L3: SLES15-SP4: Docker buildx build fails to COPY from build stage using nested links</issue>`
			`<issue tracker="bnc" id="1223409">[trackerbug] docker 25.0.5 update</issue>`
			`<issue tracker="bnc" id="1228324">VUL-0: CVE-2024-41110: docker: Authz zero length regression</issue>`
			`<issue tracker="cve" id="2024-23651"/>`
			`<issue tracker="cve" id="2024-23652"/>`
			`<issue tracker="cve" id="2024-23653"/>`
			`<issue tracker="cve" id="2024-41110"/>`
			`<packager>cyphar</packager>`
			`<rating>critical</rating>`
			`<category>security</category>`
			`<summary>Security update for docker</summary>`
			`<description>This update for docker fixes the following issues:`

			`Security fixes:`

			`- CVE-2024-23651: Fixed arbitrary files write due to race condition on mounts (bsc#1219267)`
			`- CVE-2024-23652: Fixed insufficient validation of parent directory on mount (bsc#1219268)`
			`- CVE-2024-23653: Fixed insufficient validation on entitlement on container creation via buildkit (bsc#1219438)`
			`- CVE-2024-41110: A Authz zero length regression that could lead to authentication bypass was fixed (bsc#1228324)`

			`Other changes:`

			`- Update to Docker 25.0.6-ce.`
			`- Fix BuildKit's symlink resolution logic to correctly handle non-lexical`
			`symlinks. (bsc#1221916)`
			`- Write volume options atomically so sudden system crashes won't result in`
			`future Docker starts failing due to empty files. (bsc#1214855)`
			`- Fixed world writable docker overlay files (bsc#1220339)`
			`</description>`
			`<package>docker</package>`
			`<message>Updating docker will restart the docker service, which may stop some of your docker containers. Do you want to proceed with the update?</message>`
			`<seperate_build_arch/>`
Update incident numbers 2024-10-15 13:37:56 +02:00			`</patchinfo>`