SUSE-SU-2020:1657-1

Source
https://www.suse.com/support/update/announcement/2020/suse-su-20201657-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2020:1657-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2020:1657-1
Related
Published
2020-06-18T08:49:58Z
Modified
2020-06-18T08:49:58Z
Summary
Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork
Details

This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues:

Docker was updated to 19.03.11-ce runc was updated to version 1.0.0-rc10 containerd was updated to version 1.2.13

  • CVE-2020-13401: Fixed an issue where an attacker with CAPNETRAW capability, could have crafted IPv6 router advertisements, and spoof external IPv6 hosts, resulting in obtaining sensitive information or causing denial of service (bsc#1172377).
References

Affected packages

SUSE:Linux Enterprise Module for Containers 15 SP1 / containerd

Package

Name
containerd
Purl
purl:rpm/suse/containerd&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.2.13-5.22.2

Ecosystem specific

{
    "binaries": [
        {
            "docker-libnetwork": "0.7.0.1+gitr2902_153d0769a118-4.21.2",
            "docker-bash-completion": "19.03.11_ce-6.34.2",
            "containerd": "1.2.13-5.22.2",
            "docker": "19.03.11_ce-6.34.2",
            "docker-runc": "1.0.0rc10+gitr3981_dc9208a3303f-6.38.2"
        }
    ]
}

SUSE:Linux Enterprise Module for Containers 15 SP1 / docker

Package

Name
docker
Purl
purl:rpm/suse/docker&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
19.03.11_ce-6.34.2

Ecosystem specific

{
    "binaries": [
        {
            "docker-libnetwork": "0.7.0.1+gitr2902_153d0769a118-4.21.2",
            "docker-bash-completion": "19.03.11_ce-6.34.2",
            "containerd": "1.2.13-5.22.2",
            "docker": "19.03.11_ce-6.34.2",
            "docker-runc": "1.0.0rc10+gitr3981_dc9208a3303f-6.38.2"
        }
    ]
}

SUSE:Linux Enterprise Module for Containers 15 SP1 / docker-runc

Package

Name
docker-runc
Purl
purl:rpm/suse/docker-runc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.0.0rc10+gitr3981_dc9208a3303f-6.38.2

Ecosystem specific

{
    "binaries": [
        {
            "docker-libnetwork": "0.7.0.1+gitr2902_153d0769a118-4.21.2",
            "docker-bash-completion": "19.03.11_ce-6.34.2",
            "containerd": "1.2.13-5.22.2",
            "docker": "19.03.11_ce-6.34.2",
            "docker-runc": "1.0.0rc10+gitr3981_dc9208a3303f-6.38.2"
        }
    ]
}

SUSE:Linux Enterprise Module for Containers 15 SP1 / golang-github-docker-libnetwork

Package

Name
golang-github-docker-libnetwork
Purl
purl:rpm/suse/golang-github-docker-libnetwork&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP1

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
0.7.0.1+gitr2902_153d0769a118-4.21.2

Ecosystem specific

{
    "binaries": [
        {
            "docker-libnetwork": "0.7.0.1+gitr2902_153d0769a118-4.21.2",
            "docker-bash-completion": "19.03.11_ce-6.34.2",
            "containerd": "1.2.13-5.22.2",
            "docker": "19.03.11_ce-6.34.2",
            "docker-runc": "1.0.0rc10+gitr3981_dc9208a3303f-6.38.2"
        }
    ]
}