1. Forum
  2. Usenet
  3. LINUX.DEBIAN.ANNOUNCE.SEC

  • [SECURITY] [DSA 5091-1] containerd security update

    From Moritz Muehlenhoff@21:1/5 to All on Sun Mar 6 22:20:01 2022
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5091-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff
    March 06, 2022 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : containerd
    CVE ID : CVE-2022-23648

    Felix Wilhelm discovered that the containerd container runtime was
    susceptible to information disclosure via malformed container images.

    For the stable distribution (bullseye), this problem has been fixed in
    version 1.4.13~ds1-1~deb11u1.

    We recommend that you upgrade your containerd packages.

    For the detailed security status of containerd please refer to
    its security tracker page at: https://security-tracker.debian.org/tracker/containerd

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmIlIqEACgkQEMKTtsN8 TjYo/BAAgKWU5L7BF9WJBbf+MB331m9ygdXfnSV4U4E0Z7jFgWpvBx3EjdWPqtsn 22jl18hEdKE7JKI4FYR5YM+3Ej+rJA5jUMbU2j2rWSsK93/rqiJ5cE0YvwIx0Kbj udW22nXUcsjasOyisLtkZS5mw6QlruuIlgogYibt9c/ifa5gAdXZlxN2RX/hJQ0h TJWb1HlOWoLMh+dNTlMxfH0/OW84aIYZFuvVAQ3tqxDNw/B4xgNSh+HN6Z5YEEBY NwITBnYwjCX48fMNqlbGeIy0rVVT5JL5CiU+3L09jfQlinHFxMhgo9yXt0OqjyuE Ov7y26ZzDca0G6MFJnwIC7duEJL3ZvAj2r7nL7BbsLk3JuMsLLatVl6bfxnjSdwW +bV+pNaw+eCoGZGjCPJ6kKRLg75PmQLl+wAoEEIThDKkbxzKvz6BogFEQ+EFQX1V Lz8btYaGe1ikfCVw3UDcsquJ0c1rMv68tDI4sfHzDT6eWjOgBkAk6BL1ZJ00i7sd VkKaZ4v7LCH/3SPMtM6+fu4mHPXFYfb+x170F9Jp5uWBPBgxn8TA4Z+sUaAXTzND gvXREEN+jZwHb/XS0eFg9LNNwe9VPNfnxUITQMbTCTyKxYTKC0Xcm/wS1D61ydYV KN2KgyLnUFv+35G2coEkj4Q/Q+9J3k4pxAdoVNxNAXiMSQ1D5tM=
    =lqWm
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)