[El-errata] ELSA-2014-3110 Important: Oracle Linux 7 docker security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Tue Dec 30 14:17:00 PST 2014
Oracle Linux Security Advisory ELSA-2014-3110
The following updated rpms for Oracle Linux 7 have been uploaded to the
Unbreakable Linux Network:
x86_64:
docker-1.3.3-1.0.1.el7.x86_64.rpm
docker-devel-1.3.3-1.0.1.el7.x86_64.rpm
docker-pkg-devel-1.3.3-1.0.1.el7.x86_64.rpm
SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/docker-1.3.3-1.0.1.el7.src.rpm
Description of changes:
[1.3.3-1.0.1]
- Add symlink/LICENSE.BSD and symlink/LICENSE.APACHE under %files macro
for docker-pkg-devel
- Rename requirement of docker-io-pkg-devel in %package devel as
docker-pkg-devel
- Rename as docker
- Restore SysV init scripts for Oracle Linux 6
[1.3.3-1]
- Update source to 1.3.3 from
https://github.com/docker/docker/releases/tag/v1.3.3
Path traversal during processing of absolute symlinks (CVE-2014-9356)
Escalation of privileges during decompression of LZMA (.xz) archives
(CVE-2014-9357)
Path traversal and spoofing opportunities presented through image
identifiers (CVE-2014-9358)
More information about the El-errata
mailing list