Bug 1114811
Summary: | CVE-2014-3499 docker-io: docker: systemd socket activation results in privilege escalation [epel-6] | ||
---|---|---|---|
Product: | [Fedora] Fedora EPEL | Reporter: | Trevor Jay <tjay> |
Component: | docker-io | Assignee: | Lokesh Mandvekar <lsm5> |
Status: | CLOSED NOTABUG | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | el6 | CC: | admiller, golang-updates, hushan.jia, lsm5, mattdm, mgoldman, s, tjay, vbatts |
Target Milestone: | --- | Keywords: | Security, SecurityTracking |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Release Note | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2014-07-02 04:24:02 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 1111687 |
Description
Trevor Jay
2014-07-01 04:40:12 UTC
Use the following update submission link to create the Bodhi request for this issue as it contains the top-level parent bug(s) as well as this tracking bug. This will ensure that all associated bugs get updated when new packages are pushed to stable. IMPORTANT: ensure that the "Close bugs when update is stable" option remains checked. Bodhi update submission link: https://admin.fedoraproject.org/updates/new/?type_=security&bugs=1111687,1114811 docker-io is already in Fed 20. Recommended fix is to simply pull from EPEL. RHEL6 doesn't ship with systemd, why is this even filed against EPEL-6? (In reply to Adam Miller from comment #3) > RHEL6 doesn't ship with systemd, why is this even filed against EPEL-6? Mea culpa. I was just looking at the package build dates. I have confirmed that the creation script for this package (replacing the systemd integration in other versions) correctly creates the socket in question. Apologies for the waste of time. No worries, I hadn't yet seen all the other BZs opened against the Fedora distgit branches and was confused. I appreciate the update though. |