[El-errata] ELSA-2014-3110 Important: Oracle Linux 6 docker security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Tue Dec 30 14:17:20 PST 2014


Oracle Linux Security Advisory ELSA-2014-3110

The following updated rpms for Oracle Linux 6 have been uploaded to the 
Unbreakable Linux Network:


x86_64:
docker-1.3.3-1.0.1.el6.x86_64.rpm
docker-devel-1.3.3-1.0.1.el6.x86_64.rpm
docker-pkg-devel-1.3.3-1.0.1.el6.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol6/SRPMS-updates/docker-1.3.3-1.0.1.el6.src.rpm



Description of changes:

[1.3.3-1.0.1]
- Rename requirement of docker-io-pkg-devel in %package devel as 
docker-pkg-devel
- Restore SysV init scripts for Oracle Linux 6
- Require Oracle Unbreakable Enterprise Kernel Release 3 or higher
- Rename as docker.
- Re-enable btrfs graphdriver support

[1.3.3-1]
- Update source to 1.3.3 from 
https://github.com/docker/docker/releases/tag/v1.3.3
   Path traversal during processing of absolute symlinks (CVE-2014-9356)
   Escalation of privileges during decompression of LZMA (.xz) archives 
(CVE-2014-9357)
   Path traversal and spoofing opportunities presented through image 
identifiers (CVE-2014-9358)






More information about the El-errata mailing list