SUSE-SU-2020:1657-2

See a problem?

Import Source

https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2020:1657-2.json

JSON Data

https://api.osv.dev/v1/vulns/SUSE-SU-2020:1657-2

Related

CVE-2020-13401

Published

2020-07-15T12:30:23Z

Modified

2020-07-15T12:30:23Z

Summary

Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork

Details

This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues:

Docker was updated to 19.03.11-ce runc was updated to version 1.0.0-rc10 containerd was updated to version 1.2.13

CVE-2020-13401: Fixed an issue where an attacker with CAPNETRAW capability, could have crafted IPv6 router advertisements, and spoof external IPv6 hosts, resulting in obtaining sensitive information or causing denial of service (bsc#1172377).

References

Affected packages

SUSE:Linux Enterprise Module for Containers 15 SP2 / containerd

Package

Name: containerd
Purl: purl:rpm/suse/containerd&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.2.13-5.22.2

Ecosystem specific

{
    "binaries": [
        {
            "docker-libnetwork": "0.7.0.1+gitr2902_153d0769a118-4.21.2",
            "docker-bash-completion": "19.03.11_ce-6.34.2",
            "containerd": "1.2.13-5.22.2",
            "docker": "19.03.11_ce-6.34.2",
            "docker-runc": "1.0.0rc10+gitr3981_dc9208a3303f-6.38.2"
        }
    ]
}

SUSE:Linux Enterprise Module for Containers 15 SP2 / docker

Package

Name: docker
Purl: purl:rpm/suse/docker&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

19.03.11_ce-6.34.2

Ecosystem specific

{
    "binaries": [
        {
            "docker-libnetwork": "0.7.0.1+gitr2902_153d0769a118-4.21.2",
            "docker-bash-completion": "19.03.11_ce-6.34.2",
            "containerd": "1.2.13-5.22.2",
            "docker": "19.03.11_ce-6.34.2",
            "docker-runc": "1.0.0rc10+gitr3981_dc9208a3303f-6.38.2"
        }
    ]
}

SUSE:Linux Enterprise Module for Containers 15 SP2 / docker-runc

Package

Name: docker-runc
Purl: purl:rpm/suse/docker-runc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.0.0rc10+gitr3981_dc9208a3303f-6.38.2

Ecosystem specific

{
    "binaries": [
        {
            "docker-libnetwork": "0.7.0.1+gitr2902_153d0769a118-4.21.2",
            "docker-bash-completion": "19.03.11_ce-6.34.2",
            "containerd": "1.2.13-5.22.2",
            "docker": "19.03.11_ce-6.34.2",
            "docker-runc": "1.0.0rc10+gitr3981_dc9208a3303f-6.38.2"
        }
    ]
}

SUSE:Linux Enterprise Module for Containers 15 SP2 / golang-github-docker-libnetwork

Package

Name: golang-github-docker-libnetwork
Purl: purl:rpm/suse/golang-github-docker-libnetwork&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP2

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0.7.0.1+gitr2902_153d0769a118-4.21.2

Ecosystem specific

{
    "binaries": [
        {
            "docker-libnetwork": "0.7.0.1+gitr2902_153d0769a118-4.21.2",
            "docker-bash-completion": "19.03.11_ce-6.34.2",
            "containerd": "1.2.13-5.22.2",
            "docker": "19.03.11_ce-6.34.2",
            "docker-runc": "1.0.0rc10+gitr3981_dc9208a3303f-6.38.2"
        }
    ]
}