Publishing details

• Published on 2024-02-28

Changelog

docker.io (20.10.24+dfsg1-1ubuntu2.2~test1) mantic-security; urgency=medium

  * SECURITY UPDATE: denial-of-service
    - debian/patches/CVE-2024-23650.patch: Add more validations for nil
      values
    - CVE-2024-23650
  * SECURITY UPDATE: race condition with accessing subpaths from cache mounts
    - debian/patches/CVE-2024-23651.patch: add extra validation for submount
      sources
    - CVE-2024-23651
  * SECURITY UPDATE: container escape vulnerability
    - debian/patches/CVE-2024-23652.patch: recheck mount stub path within
      root after container run
    - CVE-2024-23652
  * SECURITY UPDATE: run a container with elevated privileges issue
    - debian/patches/CVE-2024-23653.patch: make sure interactive container
      API validates entitlements
    - CVE-2024-23653

 -- Nishit Majithia <email address hidden>  Fri, 23 Feb 2024 08:54:28 +0530

Builds

• amd64

Package files

• docker.io_20.10.24+dfsg1-1ubuntu2.2~test1.debian.tar.xz (50.1 KiB)
• docker.io_20.10.24+dfsg1-1ubuntu2.2~test1.dsc (7.2 KiB)
• docker.io_20.10.24+dfsg1.orig-cli.tar.xz (1.8 MiB)
• docker.io_20.10.24+dfsg1.orig-libnetwork.tar.xz (640.9 KiB)
• docker.io_20.10.24+dfsg1.orig-swarmkit.tar.xz (757.4 KiB)
• docker.io_20.10.24+dfsg1.orig.tar.xz (2.2 MiB)