kumquat-buildroot/package/docker-engine
Peter Korsgaard 3f1c6740ea package/docker-engine: security bump to version 18.09.7
Fixes CVE-2018-15664: API endpoints behind the 'docker cp' command are
vulnerable to a symlink-exchange attack with Directory Traversal, giving
attackers arbitrary read-write access to the host filesystem with root
privileges, because daemon/archive.go does not do archive operations on a
frozen filesystem (or from within a chroot).

And includes additional post-18.09.6 fixes:

Builder
- Fixed a panic error when building dockerfiles that contain only comments.
  moby/moby#38487
- Added a workaround for GCR authentication issue. moby/moby#38246
- Builder-next: Fixed a bug in the GCR token cache implementation
  workaround.  moby/moby#39183

Runtime
- Added performance optimizations in aufs and layer store that helps in
  massively parallel container creation and removal.  moby/moby#39107,
  moby/moby#39135
- daemon: fixed a mirrors validation issue. moby/moby#38991
- Docker no longer supports sorting UID and GID ranges in ID maps.
  moby/moby#39288

Logging
- Added a fix that now allows large log lines for logger plugins.
  moby/moby#39038

Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Arnout Vandecappelle (Essensium/Mind) <arnout@mind.be>
(cherry picked from commit 13cf6f0c0b)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2019-07-07 08:29:30 +02:00
..
0001-Fix-faulty-runc-version-commit-scrape.patch docker-engine: fix runc version check warning 2019-02-12 20:21:44 +01:00
Config.in Revert "runc: depend on linux headers >= 3.11 for O_TMPFILE" 2019-04-14 23:12:07 +02:00
docker-engine.hash package/docker-engine: security bump to version 18.09.7 2019-07-07 08:29:30 +02:00
docker-engine.mk package/docker-engine: security bump to version 18.09.7 2019-07-07 08:29:30 +02:00
S60dockerd packages: update sysv S* scripts to 644 2019-02-08 11:35:22 +01:00