1. Forum
  2. FSXNet
  3. FSX BOT

  • containerd vulnerability

    From boo_ubuntu@21:4/110 to Ubuntu Users on Thursday, October 15, 2020 20:10:06
    112
    containerd vulnerability

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 16.04 LTS

    Summary

    containerd could be made to expose sensitive information over the
    network.

    Software Description

    * containerd - daemon to control containers

    Details

    It was discovered that containerd could be made to expose
    sensitive information when processing URLs in container image
    manifests. A remote attacker could use this to trick the user and
    obtain the user's registry credentials.

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 16.04 LTS
    containerd - 1.2.6-0ubuntu1~16.04.4

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    After a standard system update you need to restart containerd to
    make all the necessary changes.

    References

    * CVE-2020-15157

    --- Mystic BBS v1.12 A46 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)