Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-changes@lists.debian.org>
Subject: Accepted docker.io 20.10.5+dfsg1-1+deb11u1 (source) into proposed-updates->stable-new, proposed-updates
Date: Sun, 12 Dec 2021 12:17:09 +0000
Signed by: Shengjing Zhu <zhsj@debian.org>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sat, 04 Dec 2021 18:53:03 +0800
Source: docker.io
Architecture: source
Version: 20.10.5+dfsg1-1+deb11u1
Distribution: bullseye
Urgency: medium
Maintainer: Debian Go Packaging Team <team+pkg-go@tracker.debian.org>
Changed-By: Shengjing Zhu <zhsj@debian.org>
Closes: 995191 998292
Changes:
 docker.io (20.10.5+dfsg1-1+deb11u1) bullseye; urgency=medium
 .
   * Backport patches for CVE-2021-41089 CVE-2021-41091 CVE-2021-41092
     + CVE-2021-41089: Create parent directories inside a chroot during docker
       cp to prevent a specially crafted container from changing permissions of
       existing files in the host’s filesystem.
     + CVE-2021-41091: Lock down file permissions to prevent unprivileged users
       from discovering and executing programs in /var/lib/docker.
     + CVE-2021-41092: Ensure default auth config has address field set, to
       prevent credentials being sent to the default registry. (Closes: #998292)
   * Backport "clone3" syscall workaround in default seccomp policy
     (Closes: #995191)
Checksums-Sha1:
 cb5491b6ba7f0167d5bce5093a206402e8dac33e 6920 docker.io_20.10.5+dfsg1-1+deb11u1.dsc
 2a9b433938b37fb3ea940ed1095fbd977d77819f 49064 docker.io_20.10.5+dfsg1-1+deb11u1.debian.tar.xz
 cd7be6e57208eeb2dbc348639d4e8d0f314bcdea 24822 docker.io_20.10.5+dfsg1-1+deb11u1_amd64.buildinfo
Checksums-Sha256:
 2b9287a8181b0d86dfc2d8530d755af8b456c3934aae1584a2b054f6e7c5291d 6920 docker.io_20.10.5+dfsg1-1+deb11u1.dsc
 3afbf5ca09171518d4b84e6f68413d3b2b9e8c890d5f2827e8fc7477999f7697 49064 docker.io_20.10.5+dfsg1-1+deb11u1.debian.tar.xz
 077ca89bcd4f9ba08c2bb06199d33fe6c37f7a8168e0a47ef2fbcfdf0692ea6d 24822 docker.io_20.10.5+dfsg1-1+deb11u1_amd64.buildinfo
Files:
 9c77caf09311023231a297c747543a07 6920 admin optional docker.io_20.10.5+dfsg1-1+deb11u1.dsc
 651e7d9d99571eb1afd45aefe0e65623 49064 admin optional docker.io_20.10.5+dfsg1-1+deb11u1.debian.tar.xz
 fb193f8c80bd66124a38441c658f9ea6 24822 admin optional docker.io_20.10.5+dfsg1-1+deb11u1_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iIYEARYIAC4WIQSRhdT1d2eu7mxV1B5/RPol6lUUywUCYbTqpRAcemhzakBkZWJp
YW4ub3JnAAoJEH9E+iXqVRTL1HQBAPP3X37+7wxCdMybkof9XhRdNPjMo28QpOEB
KZE8L0BlAP0XtD6tYiK4tcAAx9Q15FkJYgaIj1sZPv0ChNqlqv1qBw==
=qsdn
-----END PGP SIGNATURE-----

News for package docker.io