[El-errata] ELSA-2014-3110 Important: Oracle Linux 7 docker security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Tue Dec 30 14:17:00 PST 2014


Oracle Linux Security Advisory ELSA-2014-3110

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:


x86_64:
docker-1.3.3-1.0.1.el7.x86_64.rpm
docker-devel-1.3.3-1.0.1.el7.x86_64.rpm
docker-pkg-devel-1.3.3-1.0.1.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/docker-1.3.3-1.0.1.el7.src.rpm



Description of changes:

[1.3.3-1.0.1]
- Add symlink/LICENSE.BSD and symlink/LICENSE.APACHE under %files macro 
for docker-pkg-devel
- Rename requirement of docker-io-pkg-devel in %package devel as 
docker-pkg-devel
- Rename as docker
- Restore SysV init scripts for Oracle Linux 6

[1.3.3-1]
- Update source to 1.3.3 from 
https://github.com/docker/docker/releases/tag/v1.3.3
   Path traversal during processing of absolute symlinks (CVE-2014-9356)
   Escalation of privileges during decompression of LZMA (.xz) archives 
(CVE-2014-9357)
   Path traversal and spoofing opportunities presented through image 
identifiers (CVE-2014-9358)





More information about the El-errata mailing list