Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 758137 (CVE-2020-15257)

Summary: <app-emulation/containerd-1.3.9: containerd-shim API exposed to host network containers (CVE-2020-15257)
Product: Gentoo Security Reporter: Georgy Yakovlev <gyakovlev>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: major CC: admwiggin, gyakovlev, whissi, williamh
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://github.com/containerd/containerd/security/advisories/GHSA-36xw-fx78-c5r4
Whiteboard: B1 [glsa+ cve]
Package list:
Runtime testing required: ---

Description Georgy Yakovlev archtester gentoo-dev 2020-12-02 19:53:59 UTC 
Arches please do your thing
minimal changes from previous version, just a bugfix release
Comment 1 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2020-12-02 20:10:40 UTC 
*** Bug 757597 has been marked as a duplicate of this bug. ***
Comment 2 Georgy Yakovlev archtester gentoo-dev 2020-12-02 20:38:33 UTC 
amd64 arm64 ppc64 done
Comment 3 Georgy Yakovlev archtester gentoo-dev 2020-12-02 20:39:47 UTC 
cleanup of old versions will be done later to give people chance to roll-back properly in case of regressions
Comment 4 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2021-01-06 22:44:50 UTC 
(In reply to Georgy Yakovlev from comment #2)
> amd64 arm64 ppc64 done

Thanks!

(In reply to Georgy Yakovlev from comment #3)
> cleanup of old versions will be done later to give people chance to
> roll-back properly in case of regressions

How about now?
Comment 5 Thomas Deutschmann (RETIRED) gentoo-dev 2021-05-25 19:38:27 UTC 
New GLSA request filed.
Comment 6 GLSAMaker/CVETool Bot gentoo-dev 2021-05-26 10:30:12 UTC 
This issue was resolved and addressed in
 GLSA 202105-33 at https://security.gentoo.org/glsa/202105-33
by GLSA coordinator Thomas Deutschmann (whissi).