CVE-2021-41092 (https://github.com/docker/cli/commit/893e52cf4ba4b048d72e99748e0f86b2767c6c6b): Docker CLI is the command line interface for the docker container runtime. A bug was found in the Docker CLI where running `docker login my-private-registry.example.com` with a misconfigured configuration file (typically `~/.docker/config.json`) listing a `credsStore` or `credHelpers` that could not be executed would result in any provided credentials being sent to `registry-1.docker.io` rather than the intended private registry. This bug has been fixed in Docker CLI 20.10.9. Users should update to this version as soon as possible. For users unable to update ensure that any configured credsStore or credHelpers entries in the configuration file reference an installed credential helper that is executable and on the PATH.
Please cleanup
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=119eddeda445019d4203d3f3e687290c36cc3245 commit 119eddeda445019d4203d3f3e687290c36cc3245 Author: William Hubbs <williamh@gentoo.org> AuthorDate: 2021-10-06 16:49:17 +0000 Commit: William Hubbs <williamh@gentoo.org> CommitDate: 2021-10-06 16:49:44 +0000 app-emulation/docker-cli: remove old Bug: https://bugs.gentoo.org/816321 Package-Manager: Portage-3.0.20, Repoman-3.0.3 Signed-off-by: William Hubbs <williamh@gentoo.org> app-emulation/docker-cli/Manifest | 2 - app-emulation/docker-cli/docker-cli-20.10.7.ebuild | 64 --------------------- app-emulation/docker-cli/docker-cli-20.10.8.ebuild | 66 ---------------------- 3 files changed, 132 deletions(-)
