[ubuntu/impish-proposed] docker.io 20.10.7-0ubuntu5 (Accepted)
Lucas Kanashiro
kanashiro at ubuntu.com
Tue Oct 5 20:01:04 UTC 2021
docker.io (20.10.7-0ubuntu5) impish; urgency=medium
[ Sergio Durigan Junior ]
* d/t/docker-in-lxd:
Improve dep8 test. Make it run a more complex test against an
ubuntu:devel docker container, especially because glibc updates might
break docker.io. Improve test reliability when running autopkgtest
locally.
[ Steve Beattie ]
* SECURITY UPDATE: insufficiently restricted directory permissions
- d/p/CVE-2021-41091.patch: Lock down docker root dir perms.
- CVE-2021-41091
* SECURITY UPDATE: permissions modifications outside of install directory
- d/p/CVE-2021-41089.patch: chrootarchive: don't create parent dirs
outside of chroot.
- CVE-2021-41089
Date: Tue, 05 Oct 2021 16:45:26 -0300
Changed-By: Lucas Kanashiro <kanashiro at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Signed-By: Lucas Kanashiro <kanashiro at riseup.net>
https://launchpad.net/ubuntu/+source/docker.io/20.10.7-0ubuntu5
-------------- next part --------------
Format: 1.8
Date: Tue, 05 Oct 2021 16:45:26 -0300
Source: docker.io
Built-For-Profiles: noudeb
Architecture: source
Version: 20.10.7-0ubuntu5
Distribution: impish
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Lucas Kanashiro <kanashiro at ubuntu.com>
Changes:
docker.io (20.10.7-0ubuntu5) impish; urgency=medium
.
[ Sergio Durigan Junior ]
* d/t/docker-in-lxd:
Improve dep8 test. Make it run a more complex test against an
ubuntu:devel docker container, especially because glibc updates might
break docker.io. Improve test reliability when running autopkgtest
locally.
.
[ Steve Beattie ]
* SECURITY UPDATE: insufficiently restricted directory permissions
- d/p/CVE-2021-41091.patch: Lock down docker root dir perms.
- CVE-2021-41091
* SECURITY UPDATE: permissions modifications outside of install directory
- d/p/CVE-2021-41089.patch: chrootarchive: don't create parent dirs
outside of chroot.
- CVE-2021-41089
Checksums-Sha1:
043ce227955a651b4e522af4c262bd74fb6cb30e 4041 docker.io_20.10.7-0ubuntu5.dsc
4d8d313c8e7137a5dc06e5d5b63ca7fefe9e3610 40220 docker.io_20.10.7-0ubuntu5.debian.tar.xz
Checksums-Sha256:
88976c532c0921eef9578081b6fe7ee120ca77f86c136669a6250ad78611af16 4041 docker.io_20.10.7-0ubuntu5.dsc
09fb0376dfb43f6c303af4102c142aec030a303bed7ca03ed47d9a3416a6cc96 40220 docker.io_20.10.7-0ubuntu5.debian.tar.xz
Files:
3deddbc47e2bc1b62c7566733aa601b5 4041 admin optional docker.io_20.10.7-0ubuntu5.dsc
165e254ea81ec0d611da528cbc5d5072 40220 admin optional docker.io_20.10.7-0ubuntu5.debian.tar.xz
Original-Maintainer: Paul Tagliamonte <paultag at debian.org>
More information about the impish-changes
mailing list