This script is Copyright (C) 2014 Tenable Network Security, Inc.
The remote openSUSE host is missing a security update.
docker was updated to version 1.3.2 to fix two security issues.
These security issues were fixed :
- Symbolic and hardlink issues leading to privilege
- Potential container escalation (CVE-2014-6408).
There non-security issues were fixed :
- Fix deadlock in docker ps -f exited=1
- Fix a bug when --volumes-from references a container
that failed to start
- --insecure-registry now accepts CIDR notation such as
- Private registries whose IPs fall in the 127.0.0.0/8
range do no need the --insecure-registry flag
- Skip the experimental registry v2 API when mirroring is
- Fixed minor packaging issues.
See also :
Update the affected docker packages.
Risk factor :
High / CVSS Base Score : 7.5