Ubuntu
containerd package

containerd 1.5.9-0ubuntu3.1 source package in Ubuntu

Changelog

containerd (1.5.9-0ubuntu3.1) jammy-security; urgency=medium

  * SECURITY UPDATE: Memory exhaustion through Exec
    - debian/patches/CVE-2022-23471.patch: Prevent goroutine leak in Exec
      in pkg/cri/streaming/remotecommand/httpstream.go.
    - CVE-2022-23471
  * SECURITY UPDATE: Privilege escalation by inheritable file capabilities.
    - debian/patches/CVE-2022-24769.patch: Unassign the Inheritable
      capability in oci/spec.go and oci/spec_opts.go.
    - CVE-2022-24769
  * SECURITY UPDATE: Improper access to images due to imgcrypt.
    - debian/patches/CVE-2022-24778.patch: perform proper
      authentication by adding platforms in
      vendor/github.com/containerd/imgcrypt/images/
      encryption/encryption.go.
    - CVE-2022-24778
  * SECURITY UPDATE: Memory exhaustion through ExecSync.
    - debian/patches/CVE-2022-31030.patch: limit the response size
      of ExecSync in pkg/cri/server/container_execsync.go.
    - CVE-2022-31030

 -- David Fernandez Gonzalez <email address hidden>  Mon, 12 Dec 2022 11:31:33 +0100

Upload details

Uploaded by:
David Fernandez Gonzalez
Uploaded to:
Jammy
Original maintainer:
Ubuntu Developers
Architectures:
linux-any all
Section:
admin
Urgency:
Medium Urgency

See full publishing history Publishing

Series Pocket Published Component Section

Downloads

File Size SHA-256 Checksum
containerd_1.5.9.orig.tar.gz 7.3 MiB 40c9767af3e87f2c36adf2f563f0a8374e80b30bd2b7aa80058c85912406cef4
containerd_1.5.9-0ubuntu3.1.debian.tar.xz 71.2 KiB fe06d7676dd953fcdb55af8170d37c1301fa53fb6eb2ba17a69496896dd08be8
containerd_1.5.9-0ubuntu3.1.dsc 2.4 KiB 84f4fd34da084071e917125737656ad48e3ab587111978527444ed3832fcaa83

View changes file

Binary packages built by this source

containerd: daemon to control runC

 Containerd is a daemon to control runC, built for performance and density.
 Containerd leverages runC's advanced features such as seccomp and user
 namespace support as well as checkpoint and restore for cloning and live
 migration of containers.
 .
 This package contains the binaries.

containerd-dbgsym: debug symbols for containerd
golang-github-containerd-containerd-dev: runC develpoment files

 Containerd is a daemon to control runC, built for performance and density.
 Containerd leverages runC's advanced features such as seccomp and user
 namespace support as well as checkpoint and restore for cloning and live
 migration of containers.
 .
 This package provides development files.