it-securitynotifies AT lists.piratenpartei.de

Betreff: Sicherheitsankündigungen

Listenarchiv

[IT-SecNots] [SECURITY] [DSA 5162-1] containerd security update

From: Moritz Muehlenhoff <jmm AT debian.org>
To: debian-security-announce AT lists.debian.org
Subject: [IT-SecNots] [SECURITY] [DSA 5162-1] containerd security update
Date: Sun, 12 Jun 2022 17:51:32 +0000
Authentication-results: mail.piratenpartei.de; dkim=none; dmarc=none; spf=none (mail.piratenpartei.de: domain of "bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org" has no SPF policy when checking 82.195.75.100) smtp.mailfrom="bounce-debian-security-announce=it-securitynotifies=lists.piratenpartei.de AT lists.debian.org"
List-archive: https://lists.debian.org/msgid-search/20220612175132.GA32211 AT seger.debian.org
List-id: <debian-security-announce.lists.debian.org>
List-url: <http://lists.debian.org/debian-security-announce/>
Old-dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=debian.org; s=smtpauto.seger; h=Content-Type:MIME-Version:Message-ID:Subject:To:From: Date:Reply-To:Cc:Content-Transfer-Encoding:Content-ID:Content-Description: In-Reply-To:References; bh=8YOt3bWOsgYGT/QK5RdyzdcBR4EjeTr2LlfXmaRU7vI=; b=PC AGJCJ0XR+m0fgmXDbIDsLJaL1T7dpYYkazy8jAU4eyw4vfeI1Ecv2T6SJEpj0SYupJM8J/O8eUY9k r2jrbHiX2b4uQ2W7j3DJQA9FNqOCNFpvzfgnz+AD3cRWptNl8nwtxE9jlt2+uFsfW7zEK3buPytFe kfF1rMR7cV/SmZlGFMhc4rUr+TVK7MMB66ugtgK6l75Id6OKVd7AGOd/eqlBbrBCd4Og72X9OgkAX rOyKLYAuLoSwdpjvLbH57+4U2HO2HuOmeSKqVY/SxSXtF86dRqFwD7J+MVhmdFQ4PMoMYq9cwcDsH +nG7ImdJ71SCJKFxcdkQe4RlwEKw9LWQ==;
Old-return-path: <jmm AT seger.debian.org>
Priority: urgent
Resent-date: Sun, 12 Jun 2022 17:51:55 +0000 (UTC)
Resent-from: debian-security-announce AT lists.debian.org
Resent-message-id: <qJHLBH2rIXH.A.lEC.7eipiB@bendel>
Resent-sender: debian-security-announce-request AT lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5162-1 security AT debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
June 12, 2022 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : containerd
CVE ID : CVE-2022-24769 CVE-2022-31030

Two vulnerabilities were discovered that the containerd container
runtime, which could result in denial of service or incomplete restriction
of capabilities.

For the stable distribution (bullseye), these problems have been fixed in
version 1.4.13~ds1-1~deb11u2.

We recommend that you upgrade your containerd packages.

For the detailed security status of containerd please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/containerd

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce AT lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmKmJoAACgkQEMKTtsN8
TjbHZw//UA5oEDWNpcFSsWXk1Dzt7jykxc5fNySJYq+053cgliMfs6O2uOvxwadv
5BCn34Md3fkiGZoeEzMnoTkfiMrkh4hgbg+8uUuIultXeK5/cW590lsNDkiGG103
yDjkfMklUfLBN+ZDeIwL+dtHQCXNep97UnCCwe2ghA0LKdGed/Z8i/QOmsWicXnF
q4av9/64sIy/dr+eh8ZgTKRo20HqKHh9/Mi8QRB/IRKkchNX8+weFKJCKnDkeMB+
1ijiW7jPd8cyOhf5PiYEI5DscZirjfj7ev4rETZdTGikPTBVAjdUvzyYygBqIAya
rpHW/u+DCxKzw4of867SQZ2hcVy2NJk5v7KT6N2veWEgT4QodHjMiJjV38sl7EM3
NWa/ST5JZxqD02hS1uMQ/cBraa+fqMDm9RMcG5hib/8VXmoI5YOFezhze1H60mJr
AlMBFoPlgzos4ZDsHYjTvM6hdSBO66n6JzXzWdZ874GfesiR5vvVb/5CRqkMgj7d
q5qMbuFp+O8kJhdajWb+t2L8yIUuOXFPdaMxX84koS3A/9mf3xT8hXnD54QQmEji
LZOeWlgXQBnbGPCKYB9tYMjUOWuiq/IAK0mtc14PbVPGDodsoczGwouKsvM+FoqZ
GMeqLvp3EGZQ8glo97xVQXkgYzhSJ/5MdPEx04iQ6cXuiA7Kcg0=
=GdJF
-----END PGP SIGNATURE-----

[IT-SecNots] [SECURITY] [DSA 5162-1] containerd security update, Moritz Muehlenhoff, 12.06.2022

Archiv bereitgestellt durch MHonArc 2.6.24.