ELSA-2014-3110

ELSA-2014-3110 - docker security update

Type:SECURITY
Severity:IMPORTANT
Release Date:2014-12-30

Description


[1.3.3-1.0.1]
- Rename requirement of docker-io-pkg-devel in %package devel as docker-pkg-devel
- Restore SysV init scripts for Oracle Linux 6
- Require Oracle Unbreakable Enterprise Kernel Release 3 or higher
- Rename as docker.
- Re-enable btrfs graphdriver support

[1.3.3-1]
- Update source to 1.3.3 from https://github.com/docker/docker/releases/tag/v1.3.3
Path traversal during processing of absolute symlinks (CVE-2014-9356)
Escalation of privileges during decompression of LZMA (.xz) archives (CVE-2014-9357)


Related CVEs


CVE-2014-9356
CVE-2014-9357
CVE-2014-9358

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By Advisory
Oracle Linux 6 (x86_64) docker-1.3.3-1.0.1.el6.src.rpma5b7ff6fef5a2a8a6a2b2e8c9a54b625ELSA-2015-3037
docker-1.3.3-1.0.1.el6.x86_64.rpmff35dc0506c4d4865a4459796bcbf84eELSA-2015-3037
docker-devel-1.3.3-1.0.1.el6.x86_64.rpm7a00f67f07a55033b7eed2346ad47efaELSA-2015-3037
docker-pkg-devel-1.3.3-1.0.1.el6.x86_64.rpmdd4e2c208784d0281bfa1abff55e4121ELSA-2015-3037
Oracle Linux 7 (x86_64) docker-1.3.3-1.0.1.el7.src.rpm31834990525c1964b68f9528248e8d75ELSA-2015-3037
docker-1.3.3-1.0.1.el7.x86_64.rpm779a050f4e08aaae4165c9fd7f3896d0ELSA-2015-3037
docker-devel-1.3.3-1.0.1.el7.x86_64.rpm156b3bb78b1866ea602ee7e509a61ddcELSA-2015-3037
docker-pkg-devel-1.3.3-1.0.1.el7.x86_64.rpmf5d83242836f58ce50a92df29f32e95cELSA-2015-3037



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete