{"affected":[{"ecosystem_specific":{"binaries":[{"containerd":"1.2.10-5.19.1","docker":"19.03.5_ce-6.31.1","docker-bash-completion":"19.03.5_ce-6.31.1","docker-libnetwork":"0.7.0.1+gitr2877_3eb39382bfa6-4.18.1","docker-runc":"1.0.0rc8+gitr3917_3e425f80a8c9-6.27.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Containers 15","name":"containerd","purl":"pkg:rpm/suse/containerd&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.2.10-5.19.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"containerd":"1.2.10-5.19.1","docker":"19.03.5_ce-6.31.1","docker-bash-completion":"19.03.5_ce-6.31.1","docker-libnetwork":"0.7.0.1+gitr2877_3eb39382bfa6-4.18.1","docker-runc":"1.0.0rc8+gitr3917_3e425f80a8c9-6.27.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Containers 15","name":"docker","purl":"pkg:rpm/suse/docker&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"19.03.5_ce-6.31.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"containerd":"1.2.10-5.19.1","docker":"19.03.5_ce-6.31.1","docker-bash-completion":"19.03.5_ce-6.31.1","docker-libnetwork":"0.7.0.1+gitr2877_3eb39382bfa6-4.18.1","docker-runc":"1.0.0rc8+gitr3917_3e425f80a8c9-6.27.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Containers 15","name":"docker-runc","purl":"pkg:rpm/suse/docker-runc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.0.0rc8+gitr3917_3e425f80a8c9-6.27.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"containerd":"1.2.10-5.19.1","docker":"19.03.5_ce-6.31.1","docker-bash-completion":"19.03.5_ce-6.31.1","docker-libnetwork":"0.7.0.1+gitr2877_3eb39382bfa6-4.18.1","docker-runc":"1.0.0rc8+gitr3917_3e425f80a8c9-6.27.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Containers 15","name":"golang-github-docker-libnetwork","purl":"pkg:rpm/suse/golang-github-docker-libnetwork&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.7.0.1+gitr2877_3eb39382bfa6-4.18.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"containerd":"1.2.10-5.19.1","docker":"19.03.5_ce-6.31.1","docker-bash-completion":"19.03.5_ce-6.31.1","docker-libnetwork":"0.7.0.1+gitr2877_3eb39382bfa6-4.18.1","docker-runc":"1.0.0rc8+gitr3917_3e425f80a8c9-6.27.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Containers 15 SP1","name":"containerd","purl":"pkg:rpm/suse/containerd&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.2.10-5.19.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"containerd":"1.2.10-5.19.1","docker":"19.03.5_ce-6.31.1","docker-bash-completion":"19.03.5_ce-6.31.1","docker-libnetwork":"0.7.0.1+gitr2877_3eb39382bfa6-4.18.1","docker-runc":"1.0.0rc8+gitr3917_3e425f80a8c9-6.27.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Containers 15 SP1","name":"docker","purl":"pkg:rpm/suse/docker&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"19.03.5_ce-6.31.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"containerd":"1.2.10-5.19.1","docker":"19.03.5_ce-6.31.1","docker-bash-completion":"19.03.5_ce-6.31.1","docker-libnetwork":"0.7.0.1+gitr2877_3eb39382bfa6-4.18.1","docker-runc":"1.0.0rc8+gitr3917_3e425f80a8c9-6.27.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Containers 15 SP1","name":"docker-runc","purl":"pkg:rpm/suse/docker-runc&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"1.0.0rc8+gitr3917_3e425f80a8c9-6.27.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"containerd":"1.2.10-5.19.1","docker":"19.03.5_ce-6.31.1","docker-bash-completion":"19.03.5_ce-6.31.1","docker-libnetwork":"0.7.0.1+gitr2877_3eb39382bfa6-4.18.1","docker-runc":"1.0.0rc8+gitr3917_3e425f80a8c9-6.27.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Containers 15 SP1","name":"golang-github-docker-libnetwork","purl":"pkg:rpm/suse/golang-github-docker-libnetwork&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.7.0.1+gitr2877_3eb39382bfa6-4.18.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for containerd, docker, docker-runc, golang-github-docker-libnetwork fixes the following issues:\n\nSecurity issue fixed:\n\n- CVE-2019-16884: Fixed incomplete patch for LSM bypass via malicious Docker image that mount over a /proc directory (bsc#1152308). \n\nBug fixes:\n\n- Update to Docker 19.03.5-ce (bsc#1158590).\n- Update to Docker 19.03.3-ce (bsc#1153367).\n- Update to Docker 19.03.2-ce (bsc#1150397).\n- Fixed default installation such that --userns-remap=default works properly (bsc#1143349).\n- Fixed nginx blocked by apparmor (bsc#1122469).\n","id":"SUSE-SU-2020:0035-1","modified":"2020-01-08T08:06:36Z","published":"2020-01-08T08:06:36Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2020/suse-su-20200035-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1122469"},{"type":"REPORT","url":"https://bugzilla.suse.com/1143349"},{"type":"REPORT","url":"https://bugzilla.suse.com/1150397"},{"type":"REPORT","url":"https://bugzilla.suse.com/1152308"},{"type":"REPORT","url":"https://bugzilla.suse.com/1153367"},{"type":"REPORT","url":"https://bugzilla.suse.com/1158590"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-16884"}],"related":["CVE-2019-16884"],"summary":"Security update for containerd, docker, docker-runc, golang-github-docker-libnetwork","upstream":["CVE-2019-16884"]}