Format: 1.8 Date: Wed, 28 Feb 2024 14:17:24 +0530 Source: docker.io Architecture: source Version: 20.10.21-0ubuntu1~20.04.6~test1 Distribution: focal-security Urgency: medium Maintainer: Ubuntu Developers Changed-By: Nishit Majithia Changes: docker.io (20.10.21-0ubuntu1~20.04.6~test1) focal-security; urgency=medium . * SECURITY UPDATE: denial-of-service - debian/patches/CVE-2024-23650.patch: Add more validations for nil values - CVE-2024-23650 * SECURITY UPDATE: race condition with accessing subpaths from cache mounts - debian/patches/CVE-2024-23651.patch: add extra validation for submount sources - CVE-2024-23651 * SECURITY UPDATE: container escape vulnerability - debian/patches/CVE-2024-23652.patch: recheck mount stub path within root after container run - CVE-2024-23652 * SECURITY UPDATE: run a container with elevated privileges issue - debian/patches/CVE-2024-23653.patch: make sure interactive container API validates entitlements - CVE-2024-23653 Checksums-Sha1: 4c94b513f7667d32e5ff978b8cd5980fd655603d 3678 docker.io_20.10.21-0ubuntu1~20.04.6~test1.dsc 7367e52f4897e629afa382b65b6dd7d6c8b24942 36644 docker.io_20.10.21-0ubuntu1~20.04.6~test1.debian.tar.xz 0b7230bb59512837bed7a68c56cd96148d5ce502 8949 docker.io_20.10.21-0ubuntu1~20.04.6~test1_source.buildinfo Checksums-Sha256: a7fbe61058132a3b3380b69bbf5536df24ad8a1eff4db74139908a81e43384d3 3678 docker.io_20.10.21-0ubuntu1~20.04.6~test1.dsc 9353cee27372f8962aaa4e335db93ba02daf54026715ebae4d456b5d054a79db 36644 docker.io_20.10.21-0ubuntu1~20.04.6~test1.debian.tar.xz 1c9fb2a43f478c7d8795ecbbea6144e68c299a5db80551509246ec0b66c2f937 8949 docker.io_20.10.21-0ubuntu1~20.04.6~test1_source.buildinfo Files: b3c1d2a868aa2b5c326004b2a372b0b1 3678 admin optional docker.io_20.10.21-0ubuntu1~20.04.6~test1.dsc 5c606cc1b963444eced169bb472fbb8d 36644 admin optional docker.io_20.10.21-0ubuntu1~20.04.6~test1.debian.tar.xz 529cdc0cfad23e87dd8a09ed2215dea0 8949 admin optional docker.io_20.10.21-0ubuntu1~20.04.6~test1_source.buildinfo Original-Maintainer: Paul Tagliamonte