Updated docker package fixes CVE-2016-3697
Publication date: 29 May 2016Type: security
Affected Mageia releases : 5
CVE: CVE-2016-3697
Description
Updated docker packages fix security vulnerability: It was found that Docker would launch containers under the specified UID instead of a username. An attacker able to launch a container could use this flaw to escalate their privileges to root within the launched container (CVE-2016-3697).
References
SRPMS
5/core
- docker-1.9.1-1.1.mga5