Publishing details

• Published on 2022-12-13
• Copied from ubuntu bionic in PPA for Ubuntu Security Proposed by David Fernandez Gonzalez

Changelog

containerd (1.5.9-0ubuntu1~18.04.2) bionic-security; urgency=medium

  * SECURITY UPDATE: Memory exhaustion through Exec
    - debian/patches/CVE-2022-23471.patch: Prevent goroutine leak in Exec
      in pkg/cri/streaming/remotecommand/httpstream.go.
    - CVE-2022-23471
  * SECURITY UPDATE: Privilege escalation by inheritable file capabilities.
    - debian/patches/CVE-2022-24769.patch: Unassign the Inheritable
      capability in oci/spec.go and oci/spec_opts.go.
    - CVE-2022-24769
  * SECURITY UPDATE: Improper access to images due to imgcrypt.
    - debian/patches/CVE-2022-24778.patch: perform proper
      authentication by adding platforms in
      vendor/github.com/containerd/imgcrypt/images/
      encryption/encryption.go.
    - CVE-2022-24778
  * SECURITY UPDATE: Memory exhaustion through ExecSync.
    - debian/patches/CVE-2022-31030.patch: limit the response size
      of ExecSync in pkg/cri/server/container_execsync.go.
    - CVE-2022-31030

 -- David Fernandez Gonzalez <email address hidden>  Mon, 12 Dec 2022 16:33:42 +0100

Builds

• amd64
• arm64
• armhf
• i386
• ppc64el
• s390x

Built packages

• containerd daemon to control runC

• containerd-dbgsym debug symbols for containerd

• golang-github-containerd-containerd-dev runC develpoment files

Package files

• containerd-dbgsym_1.5.9-0ubuntu1~18.04.2_amd64.ddeb (19.2 MiB)
• containerd-dbgsym_1.5.9-0ubuntu1~18.04.2_arm64.ddeb (16.2 MiB)
• containerd-dbgsym_1.5.9-0ubuntu1~18.04.2_armhf.ddeb (15.5 MiB)
• containerd-dbgsym_1.5.9-0ubuntu1~18.04.2_i386.ddeb (17.4 MiB)
• containerd-dbgsym_1.5.9-0ubuntu1~18.04.2_ppc64el.ddeb (16.2 MiB)
• containerd-dbgsym_1.5.9-0ubuntu1~18.04.2_s390x.ddeb (17.1 MiB)
• containerd_1.5.9-0ubuntu1~18.04.2.debian.tar.xz (24.7 KiB)
• containerd_1.5.9-0ubuntu1~18.04.2.dsc (2.4 KiB)
• containerd_1.5.9-0ubuntu1~18.04.2_amd64.deb (31.5 MiB)
• containerd_1.5.9-0ubuntu1~18.04.2_arm64.deb (23.6 MiB)
• containerd_1.5.9-0ubuntu1~18.04.2_armhf.deb (22.6 MiB)
• containerd_1.5.9-0ubuntu1~18.04.2_i386.deb (26.2 MiB)
• containerd_1.5.9-0ubuntu1~18.04.2_ppc64el.deb (23.0 MiB)
• containerd_1.5.9-0ubuntu1~18.04.2_s390x.deb (24.5 MiB)
• containerd_1.5.9.orig.tar.gz (7.3 MiB)
• golang-github-containerd-containerd-dev_1.5.9-0ubuntu1~18.04.2_all.deb (1.3 MiB)