Debian Security Advisory 4521-1

Debian Security Advisory 4521-1: Posted Sep 10, 2019; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4521-1 - Three security vulnerabilities have been discovered in the Docker could result in execution of code with root privileges, sensitive data could be logged in debug mode and there was a command injection vulnerability in the "docker build" command.; tags | advisory, root, vulnerability; systems | linux, debian; advisories | CVE-2019-13139, CVE-2019-13509, CVE-2019-14271; SHA-256 | 274ac749445bf349573736ad2b39b65816019952f7db885883af2038e7e816a8; Download | Favorite | View

Debian Security Advisory 4521-1

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-4521-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
September 09, 2019                    https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : docker.io
CVE ID         : CVE-2019-13139 CVE-2019-13509 CVE-2019-14271

Three security vulnerabilities have been discovered in the Docker
container runtime: Insecure loading of NSS libraries in "docker cp"
could result in execution of code with root privileges, sensitive data
could be logged in debug mode and there was a command injection
vulnerability in the "docker build" command.

For the stable distribution (buster), these problems have been fixed in
version 18.09.1+dfsg1-7.1+deb10u1.

We recommend that you upgrade your docker.io packages.

For the detailed security status of docker.io please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/docker.io

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAl12uUoACgkQEMKTtsN8
Tjbx0RAAu9bplVFqk5K95erVGL1fbRnSc/85hhh++TcnUyx6b18DxhbsPrnLvwcX
TdiVBrTUNJtYHQ7ArxI6yL8hidlwcFlEvpkw+4G+2YhJgxE23GylocGlmoOYM4l0
YnM33eCZqHKeek5DOVe04tx8fRDHl84CpXnyXi5yFY+jYHFrmGJiRVr1YQcZY6p/
x+Q5GDB7iE93wxIFN1hv8B+YJWha2R1u+3K0Jcw+/nNroeGHvQx41EWQMz++YlU5
bYL/f4nNWtwKeL0nbgDQpEXGJTb2bF4BGGhVQtZFdHdUWIXkrgqCrNm08zM7ZlDJ
Y3z7nzeFlXhbRb8VDhuMmanh+bmjGfDytrqummdjninLmWEVimXSeyn57i43AZGC
Web3cVA1d0gxnx2t/oa++egiQREEhwFTeyn3r7o6tOz+WCBLmShuppfhqJHCQgz5
XbmuzlXDUJXRhjPA5chGMDmOTgMMbGseQOjQ3phvUTAJXTBFRtIurD2EYCeFF5g1
y/cIYpTvQWAMYCEe9GRyYfem6lgDtLAoBMlWQCSUYAEUlgwau7rTHHkMThcvCyJz
TFNXDuKQWylJUUY01uNNLqqpf+Q1eF2OjBJ0y4fWfAgCEG1XvrdRZQzY4rWM2cbF
UKMx0QK7KlUhWQReGYeb5UbOnMRmkmZx4CJ2i53afy6l09kn66A=m6VE
-----END PGP SIGNATURE-----

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 59 files
Debian 27 files
Valentin Lobstein 11 files
LiquidWorm 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,318)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,567)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,456)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

Debian Security Advisory 4521-1

Debian Security Advisory 4521-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Debian Security Advisory 4521-1

Share This

Debian Security Advisory 4521-1

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems