Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 758137 (CVE-2020-15257) - <app-emulation/containerd-1.3.9: containerd-shim API exposed to host network containers (CVE-2020-15257)
Summary: <app-emulation/containerd-1.3.9: containerd-shim API exposed to host network ...
Status: RESOLVED FIXED
Alias: CVE-2020-15257
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major
Assignee: Gentoo Security
URL: https://github.com/containerd/contain...
Whiteboard: B1 [glsa+ cve]
Keywords:
: 757597 (view as bug list)
Depends on:
Blocks:
 
Reported: 2020-12-02 19:53 UTC by Georgy Yakovlev
Modified: 2021-05-26 10:30 UTC (History)
4 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Georgy Yakovlev archtester gentoo-dev 2020-12-02 19:53:59 UTC 
Arches please do your thing
minimal changes from previous version, just a bugfix release
Comment 1 Mikle Kolyada (RETIRED) archtester Gentoo Infrastructure gentoo-dev Security 2020-12-02 20:10:40 UTC 
*** Bug 757597 has been marked as a duplicate of this bug. ***
Comment 2 Georgy Yakovlev archtester gentoo-dev 2020-12-02 20:38:33 UTC 
amd64 arm64 ppc64 done
Comment 3 Georgy Yakovlev archtester gentoo-dev 2020-12-02 20:39:47 UTC 
cleanup of old versions will be done later to give people chance to roll-back properly in case of regressions
Comment 4 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2021-01-06 22:44:50 UTC 
(In reply to Georgy Yakovlev from comment #2)
> amd64 arm64 ppc64 done

Thanks!

(In reply to Georgy Yakovlev from comment #3)
> cleanup of old versions will be done later to give people chance to
> roll-back properly in case of regressions

How about now?
Comment 5 Thomas Deutschmann (RETIRED) gentoo-dev 2021-05-25 19:38:27 UTC 
New GLSA request filed.
Comment 6 GLSAMaker/CVETool Bot gentoo-dev 2021-05-26 10:30:12 UTC 
This issue was resolved and addressed in
 GLSA 202105-33 at https://security.gentoo.org/glsa/202105-33
by GLSA coordinator Thomas Deutschmann (whissi).