========================================================================== Ubuntu Security Notice USN-4103-2 August 19, 2019 Docker vulnerability ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 19.04 - Ubuntu 18.04 LTS - Ubuntu 16.04 LTS Summary: Docker could be made to crash or run programs as your login. Software Description: - docker.io: Linux container runtime Details: Jasiel Spelman discovered that a double free existed in the docker-credential- helpers dependency of Docker. A local attacker could use this to cause a denial of service (crash) or possibly execute arbitrary code. Original advisory details: Jasiel Spelman discovered that a double free existed in docker-credential- helpers. A local attacker could use this to cause a denial of service (crash) or possibly execute arbitrary code. Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 19.04: docker.io 18.09.7-0ubuntu1~19.04.5 Ubuntu 18.04 LTS: docker.io 18.09.7-0ubuntu1~18.04.4 Ubuntu 16.04 LTS: docker.io 18.09.7-0ubuntu1~16.04.5 In general, a standard system update will make all the necessary changes. References: https://usn.ubuntu.com/4103-2 https://usn.ubuntu.com/4103-1 CVE-2019-1020014 Package Information: https://launchpad.net/ubuntu/+source/docker.io/18.09.7-0ubuntu1~19.04.5 https://launchpad.net/ubuntu/+source/docker.io/18.09.7-0ubuntu1~18.04.4 https://launchpad.net/ubuntu/+source/docker.io/18.09.7-0ubuntu1~16.04.5