Source: libpod Version: 1.6.4+dfsg1-2 Severity: grave Tags: security upstream Forwarded: https://github.com/containers/libpod/pull/5168
Hi, The following vulnerability was published for libpod. CVE-2020-1726[0]: | A flaw was discovered in Podman where it incorrectly allows containers | when created to overwrite existing files in volumes, even if they are | mounted as read-only. When a user runs a malicious container or a | container based on a malicious image with an attached volume that is | used for the first time, it is possible to trigger the flaw and | overwrite files in the volume.This issue was introduced in version | 1.6.0. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2020-1726 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1726 [1] https://github.com/containers/libpod/pull/5168 [2] https://github.com/containers/libpod/commit/c140ecdc9b416ab4efd4d21d14acd63b6adbdd42 Regards, Salvatore