docker-distribution-2.6.2-1.git48294d9.el7

エラータID: AXSA:2017-2274:01

リリース日: 
2017/09/21 Thursday - 17:22
題名: 
docker-distribution-2.6.2-1.git48294d9.el7
影響のあるチャネル: 
Asianux Server 7 for x86_64
Severity: 
High
Description: 

The docker-distribution package provides the tool set to support the Docker
Registry version 2.

The following packages have been upgraded to a later upstream version: docker-
distribution (2.6.2). (BZ#1479494)

Security Fix(es):

* It was found that docker-distribution did not properly restrict memory
allocation size for a registry instance through the manifest endpoint. An
attacker could send a specially crafted request that would exhaust the memory of
the docker-distribution service. (CVE-2017-11468)

CVE-2017-11468
Docker Registry before 2.6.2 in Docker Distribution does not properly
restrict the amount of content accepted from a user, which allows
remote attackers to cause a denial of service (memory consumption) via
the manifest endpoint.

解決策: 

Update packages.

CVE: 
CVE-2017-11468
Docker Registry before 2.6.2 in Docker Distribution does not properly restrict the amount of content accepted from a user, which allows remote attackers to cause a denial of service (memory consumption) via the manifest endpoint.
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. docker-distribution-2.6.2-1.git48294d9.el7.src.rpm
    MD5: b01a8cd039affc860ffdcea5d7a45141
    SHA-256: 8d0efc5cb8187c265353e131858e98ffa954a771fa41aaf8e33141b95c8752c0
    Size: 1.51 MB

Asianux Server 7 for x86_64
  1. docker-distribution-2.6.2-1.git48294d9.el7.x86_64.rpm
    MD5: 2d0e9389b20328dc8e2de47a89a4e72b
    SHA-256: efcd2e729348e89ecd90905dbff3f19ab50b126e98c3773811d7e140ff6911e4
    Size: 3.48 MB