[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DSA 5091-1] containerd security update



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-5091-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
March 06, 2022                        https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : containerd
CVE ID         : CVE-2022-23648

Felix Wilhelm discovered that the containerd container runtime was
susceptible to information disclosure via malformed container images.

For the stable distribution (bullseye), this problem has been fixed in
version 1.4.13~ds1-1~deb11u1.

We recommend that you upgrade your containerd packages.

For the detailed security status of containerd please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/containerd

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAmIlIqEACgkQEMKTtsN8
TjYo/BAAgKWU5L7BF9WJBbf+MB331m9ygdXfnSV4U4E0Z7jFgWpvBx3EjdWPqtsn
22jl18hEdKE7JKI4FYR5YM+3Ej+rJA5jUMbU2j2rWSsK93/rqiJ5cE0YvwIx0Kbj
udW22nXUcsjasOyisLtkZS5mw6QlruuIlgogYibt9c/ifa5gAdXZlxN2RX/hJQ0h
TJWb1HlOWoLMh+dNTlMxfH0/OW84aIYZFuvVAQ3tqxDNw/B4xgNSh+HN6Z5YEEBY
NwITBnYwjCX48fMNqlbGeIy0rVVT5JL5CiU+3L09jfQlinHFxMhgo9yXt0OqjyuE
Ov7y26ZzDca0G6MFJnwIC7duEJL3ZvAj2r7nL7BbsLk3JuMsLLatVl6bfxnjSdwW
+bV+pNaw+eCoGZGjCPJ6kKRLg75PmQLl+wAoEEIThDKkbxzKvz6BogFEQ+EFQX1V
Lz8btYaGe1ikfCVw3UDcsquJ0c1rMv68tDI4sfHzDT6eWjOgBkAk6BL1ZJ00i7sd
VkKaZ4v7LCH/3SPMtM6+fu4mHPXFYfb+x170F9Jp5uWBPBgxn8TA4Z+sUaAXTzND
gvXREEN+jZwHb/XS0eFg9LNNwe9VPNfnxUITQMbTCTyKxYTKC0Xcm/wS1D61ydYV
KN2KgyLnUFv+35G2coEkj4Q/Q+9J3k4pxAdoVNxNAXiMSQ1D5tM=
=lqWm
-----END PGP SIGNATURE-----


Reply to: