[ubuntu/lunar-updates] containerd 1.6.12-0ubuntu3.1 (Accepted)

Ubuntu Archive Robot ubuntu-archive-robot at lists.canonical.com
Wed Jul 5 07:58:19 UTC 2023

containerd (1.6.12-0ubuntu3.1) lunar-security; urgency=medium

  * SECURITY UPDATE: Denial of service through image processing
    - debian/patches/CVE-2023-25153.patch: limit the amount of
      bytes read to 20Mb in images/archive/importer.go.
    - CVE-2023-25153
  * SECURITY UPDATE: Incorrect supplementary group access control
    - debian/patches/CVE-2023-25173.patch: ensure that primary GID
      is included in the list of additionals GIDs in oci/spec_opts.go.
    - CVE-2023-25173

Date: 2023-07-04 11:25:10.625436+00:00
Changed-By: David Fernandez Gonzalez <david.fernandezgonzalez at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the lunar-changes mailing list