MGASA-2019-0180

Advisory lineage Upstream: 3 Downstream: 0
Published: 19 May 2019, 11:27
Last modified:16 Apr 2026, 04:26

Vulnerability Summary

Overall Risk (default)
minimal
0/100
CVSS Score
No data
EPSS Score
No data
KEV
Not listed
Ransomware
No reports
Public exploits
None found
Dark Web
Not detected

Timeline

19 May 2019, 11:27
Published
Vulnerability first disclosed
16 Apr 2026, 04:26
Last Modified
Vulnerability information updated

Description

Updated docker packages fix security vulnerability Security issues fixed for containerd, docker, docker-runc and golang-github-docker-libnetwork: CVE-2018-16873: cmd/go: remote command execution during "go get -u" (bsc#1118897) CVE-2018-16874: cmd/go: directory traversal in "go get" via curly braces in import paths (bsc#1118898) CVE-2018-16875: crypto/x509: CPU denial of service (bsc#1118899) Non-security issues fixed for docker: Disable leap based builds for kubic flavor (bsc#1121412) Allow users to explicitly specify the NIS domainname of a container (bsc#1001161) Update docker.service to match upstream and avoid rlimit problems (bsc#1112980) Allow docker images larger then 23GB (bsc#1118990) Docker version update to version 18.09.0-ce (bsc#1115464)

Affected Systems

  • mageiadocker

    < 18.06.3-1.2.mga6

References (4)