SUSE-SU-2015:0984-1: moderate: Security update for docker

sle-updates at sle-updates at
Tue Jun 2 03:04:53 MDT 2015

   SUSE Security Update: Security update for docker

Announcement ID:    SUSE-SU-2015:0984-1
Rating:             moderate
References:         #930235 #931301 
Cross-References:   CVE-2015-3627 CVE-2015-3629 CVE-2015-3630
Affected Products:
                    SUSE Linux Enterprise Server 12

   An update that fixes four vulnerabilities is now available.


   The Linux container runtime environment Docker was updated to version
   1.6.2 to fix several security and non-security issues.

   - Security:
     - Fix read/write /proc paths. (CVE-2015-3630)
     - Prohibit VOLUME /proc and VOLUME /. (CVE-2015-3631)
     - Fix opening of file-descriptor 1. (CVE-2015-3627)
     - Fix symlink traversal on container respawn allowing local privilege
       escalation. (CVE-2015-3629)

   - Runtime:
     - Update Apparmor policy to not allow mounts.

Patch Instructions:

   To install this SUSE Security Update use YaST online_update.
   Alternatively you can run the command listed for your product:

   - SUSE Linux Enterprise Server 12:

      zypper in -t patch SUSE-SLE-SERVER-12-2015-230=1

   To bring your system up-to-date, use "zypper patch".

Package List:

   - SUSE Linux Enterprise Server 12 (x86_64):



More information about the sle-updates mailing list