Package: runc
Severity: important
Tags: security


the following vulnerability was published for runc.

| Docker Engine 1.12.2 enabled ambient capabilities with misconfigured
| capability policies. This allowed malicious images to bypass user
| permissions to access files within the container filesystem or mounted
| volumes.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

Please adjust the affected versions in the BTS as needed.

Pkg-go-maintainers mailing list

Reply via email to