From 7b9a0ef2841121a3591b1acaa4abbe5cc71802c8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Adrian=20Schr=C3=B6ter?= Date: Mon, 6 Jan 2025 14:07:03 +0100 Subject: [PATCH] Adding patchinfo patchinfo.20241217144212590502.90520734224245 --- docker | 2 +- .../_patchinfo | 66 +++++++++++++++++++ 2 files changed, 67 insertions(+), 1 deletion(-) create mode 100644 patchinfo.20241217144212590502.90520734224245/_patchinfo diff --git a/docker b/docker index 28da6e0..939bc3c 160000 --- a/docker +++ b/docker @@ -1 +1 @@ -Subproject commit 28da6e001ec650560f2a0b31703a8e7bbcec24ea +Subproject commit 939bc3c78b531091a0061f7024342de81b41a58f diff --git a/patchinfo.20241217144212590502.90520734224245/_patchinfo b/patchinfo.20241217144212590502.90520734224245/_patchinfo new file mode 100644 index 0000000..56f30ff --- /dev/null +++ b/patchinfo.20241217144212590502.90520734224245/_patchinfo @@ -0,0 +1,66 @@ + + + VUL-0: CVE-2023-47108: TRACKERBUG: otelgrpc: DoS vulnerability in otelgrpc (uncontrolled resource consumption) due to unbound cardinality metrics + VUL-0: CVE-2024-41110: docker: Authz zero length regression + VUL-0: CVE-2023-45142: TRACKERBUG: otelhttp,otelhttptrace,otelrestful: DoS vulnerability + CVE-L3: OpenTelemetry-Go related vulnerabilities in dockerd and containerd [ ref:_00D1igLOd._500TrEscMs:ref ] + [trackerbug] docker 26.1.5 update + docker: add Requires for docker-buildx + docker-buildx: move to be a subpackage of Docker + Issues on remount of tmpfs mount/secrets + Issues on Remount of tmpfs for Docker Secrets Directory + docker-buildx doesn't work with containers-suseconnect + + + + cyphar + critical + security + Security update for docker + This update for docker fixes the following issues: + +- Update docker-buildx to v0.19.2. See upstream changelog online at + <https://github.com/docker/buildx/releases/tag/v0.19.2>. + + Some notable changelogs from the last update: + * <https://github.com/docker/buildx/releases/tag/v0.19.0> + * <https://github.com/docker/buildx/releases/tag/v0.18.0> + +- Add a new toggle file /etc/docker/suse-secrets-enable which allows users to + disable the SUSEConnect integration with Docker (which creates special mounts + in /run/secrets to allow container-suseconnect to authenticate containers + with registries on registered hosts). bsc#1231348 bsc#1232999 + + In order to disable these mounts, just do + + echo 0 > /etc/docker/suse-secrets-enable + + and restart Docker. In order to re-enable them, just do + + echo 1 > /etc/docker/suse-secrets-enable + + and restart Docker. Docker will output information on startup to tell you + whether the SUSE secrets feature is enabled or not. + +- Remove DOCKER_NETWORK_OPTS from docker.service. This was removed from + sysconfig a long time ago, and apparently this causes issues with systemd in + some cases. + +- Update to docker-buildx v0.17.1 to match standalone docker-buildx package we + are replacing. See upstream changelog online at + <https://github.com/docker/buildx/releases/tag/v0.17.1> + +- Add %{_sysconfdir}/audit/rules.d to filelist. + +- Update to Docker 26.1.5-ce. See upstream changelog online at + <https://docs.docker.com/engine/release-notes/26.1/#2615> + bsc#1230294 +- This update includes fixes for: + * CVE-2024-41110. bsc#1228324 + * CVE-2023-47108. bsc#1217070 + * CVE-2023-45142. bsc#1228553 + + docker + + Updating docker will restart the docker service, which may stop some of your docker containers. Do you want to proceed with the update? +