Publishing details

Published on 2024-02-28

Changelog

docker.io (20.10.21-0ubuntu1~20.04.6~test1) focal-security; urgency=medium

  * SECURITY UPDATE: denial-of-service
    - debian/patches/CVE-2024-23650.patch: Add more validations for nil
      values
    - CVE-2024-23650
  * SECURITY UPDATE: race condition with accessing subpaths from cache mounts
    - debian/patches/CVE-2024-23651.patch: add extra validation for submount
      sources
    - CVE-2024-23651
  * SECURITY UPDATE: container escape vulnerability
    - debian/patches/CVE-2024-23652.patch: recheck mount stub path within
      root after container run
    - CVE-2024-23652
  * SECURITY UPDATE: run a container with elevated privileges issue
    - debian/patches/CVE-2024-23653.patch: make sure interactive container
      API validates entitlements
    - CVE-2024-23653

 -- Nishit Majithia <email address hidden>  Wed, 28 Feb 2024 14:17:24 +0530

Publishing details

Changelog

Available diffs

Builds

Package files