* d/t/control: make basic-smoke do not depend on debian-archive-keyring.
In Bionic, when debian-archive-keyring is installed we are not able to
debootstrap a Debian stable chroot. Removing this dependency make it
work again.
[ Sergio Durigan Junior ]
* d/t/docker-in-lxd:
Improve dep8 test. Make it run a more complex test against an
ubuntu:devel docker container, especially because glibc updates might
break docker.io. Improve test reliability when running autopkgtest
locally.
[ Steve Beattie ]
* SECURITY UPDATE: insufficiently restricted directory permissions
- d/p/CVE-2021-41091.patch: Lock down docker root dir perms.
- CVE-2021-41091
* SECURITY UPDATE: permissions modifications outside of install directory
- d/p/CVE-2021-41089.patch: chrootarchive: don't create parent dirs
outside of chroot.
- CVE-2021-41089
* d/p/seccomp-add-support-for-clone3-syscall-in-default-policy.patch: Fix
failure with new glibc clone3 syscall adding it to the default seccomp
policy (LP: #1943049).
-- Lucas Kanashiro <email address hidden> Thu, 21 Oct 2021 16:55:00 -0300
This bug was fixed in the package docker.io - 20.10.7- 0ubuntu5~ 18.04.2
--------------- 7-0ubuntu5~ 18.04.2) bionic; urgency=medium
docker.io (20.10.
* d/t/control: make basic-smoke do not depend on debian- archive- keyring. archive- keyring is installed we are not able to
In Bionic, when debian-
debootstrap a Debian stable chroot. Removing this dependency make it
work again.
docker.io (20.10. 7-0ubuntu5~ 18.04.1) bionic; urgency=medium
* Backport version 20.10.7-0ubuntu5 from Impish (LP: #1938908).
- d/control: do not b-d on libbtrfs-dev, it is not available in Bionic.
docker.io (20.10.7-0ubuntu5) impish; urgency=medium
[ Sergio Durigan Junior ]
* d/t/docker-in-lxd:
Improve dep8 test. Make it run a more complex test against an
ubuntu:devel docker container, especially because glibc updates might
break docker.io. Improve test reliability when running autopkgtest
locally.
[ Steve Beattie ] 2021-41091. patch: Lock down docker root dir perms. 2021-41089. patch: chrootarchive: don't create parent dirs
* SECURITY UPDATE: insufficiently restricted directory permissions
- d/p/CVE-
- CVE-2021-41091
* SECURITY UPDATE: permissions modifications outside of install directory
- d/p/CVE-
outside of chroot.
- CVE-2021-41089
docker.io (20.10.7-0ubuntu4) impish; urgency=medium
* d/p/seccomp- add-support- for-clone3- syscall- in-default- policy. patch: Fix
failure with new glibc clone3 syscall adding it to the default seccomp
policy (LP: #1943049).
-- Lucas Kanashiro <email address hidden> Thu, 21 Oct 2021 16:55:00 -0300