Ubuntu
containerd package

containerd 1.5.9-0ubuntu1~20.04.6 source package in Ubuntu

Changelog

containerd (1.5.9-0ubuntu1~20.04.6) focal-security; urgency=medium

  * SECURITY UPDATE: Memory exhaustion through Exec
    - debian/patches/CVE-2022-23471.patch: Prevent goroutine leak in Exec
      in pkg/cri/streaming/remotecommand/httpstream.go.
    - CVE-2022-23471
  * SECURITY UPDATE: Privilege escalation by inheritable file capabilities.
    - debian/patches/CVE-2022-24769.patch: Unassign the Inheritable
      capability in oci/spec.go and oci/spec_opts.go.
    - CVE-2022-24769
  * SECURITY UPDATE: Improper access to images due to imgcrypt.
    - debian/patches/CVE-2022-24778.patch: perform proper
      authentication by adding platforms in
      vendor/github.com/containerd/imgcrypt/images/
      encryption/encryption.go.
    - CVE-2022-24778
  * SECURITY UPDATE: Memory exhaustion through ExecSync.
    - debian/patches/CVE-2022-31030.patch: limit the response size
      of ExecSync in pkg/cri/server/container_execsync.go.
    - CVE-2022-31030

 -- David Fernandez Gonzalez <email address hidden>  Mon, 12 Dec 2022 10:14:54 +0100

Upload details

Uploaded by:
David Fernandez Gonzalez
Uploaded to:
Focal
Original maintainer:
Ubuntu Developers
Architectures:
linux-any all
Section:
admin
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
containerd_1.5.9.orig.tar.gz 7.3 MiB 40c9767af3e87f2c36adf2f563f0a8374e80b30bd2b7aa80058c85912406cef4
containerd_1.5.9-0ubuntu1~20.04.6.debian.tar.xz 24.7 KiB a198def41a3074b7893b75eddc05ea2f34ef1f1e01d5bcf88eb84ec07d2abe89
containerd_1.5.9-0ubuntu1~20.04.6.dsc 2.4 KiB abe93451e9cb823f5f3f0353258b5d0b0f04a3f18dfba4b7f0c2dedf1b37b629

View changes file

Binary packages built by this source

containerd: daemon to control runC

 Containerd is a daemon to control runC, built for performance and density.
 Containerd leverages runC's advanced features such as seccomp and user
 namespace support as well as checkpoint and restore for cloning and live
 migration of containers.
 .
 This package contains the binaries.

containerd-dbgsym: debug symbols for containerd
golang-github-containerd-containerd-dev: runC develpoment files

 Containerd is a daemon to control runC, built for performance and density.
 Containerd leverages runC's advanced features such as seccomp and user
 namespace support as well as checkpoint and restore for cloning and live
 migration of containers.
 .
 This package provides development files.