Bug#765735: unblock: docker.io/1.3.0~dfsg1-1
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
The upload of docker.io (1.3.0~dfsg1-1) that was accepted today includes
a fix for the now public CVE-2014-5282 [1]. Paul mentioned that I ought
to send an unblock to see if we can decrease the transition age. :)
For a little detail of the vuln, it specifically affects people who use
"docker load" and then pull images from a registry, and can result in
the wrong images (especially potentially malicious images) being pulled
and thus run.
I'm happy to provide any other information, of course. :)
♥,
- Tianon
Reply to: