Zum Inhalt springen.
Sympa Menü

it-securitynotifies - [IT-SecNots] [SECURITY] [DSA 5091-1] containerd security update

it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5091-1] containerd security update


Chronologisch Thread 
    < Chronologisch >      < Thread >
  • From: Moritz Muehlenhoff <jmm AT debian.org>
  • To: debian-security-announce AT lists.debian.org
  • Subject: [IT-SecNots] [SECURITY] [DSA 5091-1] containerd security update
  • Date: Sun, 6 Mar 2022 21:11:05 +0000
  • List-archive: https://lists.debian.org/msgid-search/20220306211105.GA22079 AT seger.debian.org
  • List-id: <debian-security-announce.lists.debian.org>
  • List-url: <http://lists.debian.org/debian-security-announce/>
  • Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From: Date:Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=yjWvsZyzX8Kkcr+SPFDPnc1Tis4Z+SqHKkP5J0uMUys=; b=D1 7PHoohQFQcIUBVt9epqATwSeoHhlUrOz+He+SoVRNA11EawRnVQ8PZJZmG2FasPAEB0JtLblZ2NWC 7cFtvVxkJhXVPmAjbZdkzaM9RAiSCv1193HPStUOyzTwYUtblUHm+D7OwEazSsYvDHuclBsvX1Ad6 lOKkO5ZszKJbVDZu5blwxrMqPpXLpPUp0UIYHR4iuY2OTFj74++xUpN/qEktKNsBc+xazZxtLPG+q t0OMhy0DUPU5OWZJWwyTnzryoS7BPxfZtWrnHwROuVNYWao+TUVpFZyyxDjHuGKCBLlx3tCbLaOa9 ACw9A1eNlmEfARrrfg4LsdZIT1U2DVsw==;
  • Old-return-path: <jmm AT seger.debian.org>
  • Priority: urgent
  • Resent-date: Sun, 6 Mar 2022 21:11:22 +0000 (UTC)
  • Resent-from: debian-security-announce AT lists.debian.org
  • Resent-message-id: <T8NRM6lA7tE.A.HgD.6NSJiB@bendel>
  • Resent-sender: debian-security-announce-request AT lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5091-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
March 06, 2022 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : containerd
CVE ID : CVE-2022-23648

Felix Wilhelm discovered that the containerd container runtime was
susceptible to information disclosure via malformed container images.

For the stable distribution (bullseye), this problem has been fixed in
version 1.4.13~ds1-1~deb11u1.

We recommend that you upgrade your containerd packages.

For the detailed security status of containerd please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/containerd

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmIlIqEACgkQEMKTtsN8
TjYo/BAAgKWU5L7BF9WJBbf+MB331m9ygdXfnSV4U4E0Z7jFgWpvBx3EjdWPqtsn
22jl18hEdKE7JKI4FYR5YM+3Ej+rJA5jUMbU2j2rWSsK93/rqiJ5cE0YvwIx0Kbj
udW22nXUcsjasOyisLtkZS5mw6QlruuIlgogYibt9c/ifa5gAdXZlxN2RX/hJQ0h
TJWb1HlOWoLMh+dNTlMxfH0/OW84aIYZFuvVAQ3tqxDNw/B4xgNSh+HN6Z5YEEBY
NwITBnYwjCX48fMNqlbGeIy0rVVT5JL5CiU+3L09jfQlinHFxMhgo9yXt0OqjyuE
Ov7y26ZzDca0G6MFJnwIC7duEJL3ZvAj2r7nL7BbsLk3JuMsLLatVl6bfxnjSdwW
+bV+pNaw+eCoGZGjCPJ6kKRLg75PmQLl+wAoEEIThDKkbxzKvz6BogFEQ+EFQX1V
Lz8btYaGe1ikfCVw3UDcsquJ0c1rMv68tDI4sfHzDT6eWjOgBkAk6BL1ZJ00i7sd
VkKaZ4v7LCH/3SPMtM6+fu4mHPXFYfb+x170F9Jp5uWBPBgxn8TA4Z+sUaAXTzND
gvXREEN+jZwHb/XS0eFg9LNNwe9VPNfnxUITQMbTCTyKxYTKC0Xcm/wS1D61ydYV
KN2KgyLnUFv+35G2coEkj4Q/Q+9J3k4pxAdoVNxNAXiMSQ1D5tM=
=lqWm
-----END PGP SIGNATURE-----


  • [IT-SecNots] [SECURITY] [DSA 5091-1] containerd security update, Moritz Muehlenhoff, 06.03.2022

Archiv bereitgestellt durch MHonArc 2.6.24.

Seitenanfang