Fedora Linux 8784 Published by

A moby-engine security update has been released for Fedora 34.



SECURITY: Fedora 34 Update: moby-engine-20.10.9-1.fc34


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2021-df975338d4
2021-10-19 00:36:08.674370
--------------------------------------------------------------------------------

Name : moby-engine
Product : Fedora 34
Version : 20.10.9
Release : 1.fc34
URL :   https://www.docker.com
Summary : The open-source application container engine
Description :
Docker is an open source project to build, ship and run any application as a
lightweight container.

Docker containers are both hardware-agnostic and platform-agnostic. This means
they can run anywhere, from your laptop to the largest EC2 compute instance and
everything in between - and they don't require you to use a particular
language, framework or packaging system. That makes them great building blocks
for deploying and scaling web apps, databases, and backend services without
depending on a particular stack or provider.

--------------------------------------------------------------------------------
Update Information:

Security fixes for moby-engine and containerd containerd: - fixes
CVE-2021-41103 - Fix insufficiently restricted permissions on container root and
plugin directories - update to upstream 1.5.7 moby-engine: - fixes
CVE-2021-41092, CVE-2021-41089 and CVE-2021-41091 - patches seccomp policy to
fix clone3() issue - update to upstream 20.10.9
--------------------------------------------------------------------------------
ChangeLog:

* Fri Oct 8 2021 Maxwell G - 20.10.9-1
- Update to 20.10.9 (fixes rhbz#2010508)
- Patch seccomp policy to fix clone3() issue (fixes rhbz#2011523 and rhbz#1988199)
--------------------------------------------------------------------------------
References:

[ 1 ] Bug #2011007 - CVE-2021-41103 containerd: insufficiently restricted permissions on container root and plugin directories
  https://bugzilla.redhat.com/show_bug.cgi?id=2011007
--------------------------------------------------------------------------------

This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2021-df975338d4' at the command
line. For more information, refer to the dnf documentation available at
  http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
  https://fedoraproject.org/keys