[ubuntu/lunar-security] containerd 1.6.12-0ubuntu3.1 (Accepted)
David Fernandez Gonzalez
david.fernandezgonzalez at canonical.com
Wed Jul 5 07:02:49 UTC 2023
containerd (1.6.12-0ubuntu3.1) lunar-security; urgency=medium
* SECURITY UPDATE: Denial of service through image processing
- debian/patches/CVE-2023-25153.patch: limit the amount of
bytes read to 20Mb in images/archive/importer.go.
- CVE-2023-25153
* SECURITY UPDATE: Incorrect supplementary group access control
- debian/patches/CVE-2023-25173.patch: ensure that primary GID
is included in the list of additionals GIDs in oci/spec_opts.go.
- CVE-2023-25173
Date: 2023-07-04 11:25:10.625436+00:00
Changed-By: David Fernandez Gonzalez <david.fernandezgonzalez at canonical.com>
https://launchpad.net/ubuntu/+source/containerd/1.6.12-0ubuntu3.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the lunar-changes
mailing list