[pkg-go] Bug#1000844: libpod: CVE-2021-4024: podman machine spawns gvproxy with port binded to all IPs
Salvatore Bonaccorso
carnil at debian.org
Tue Nov 30 06:17:11 GMT 2021
Source: libpod
Version: 3.4.2+ds1-1
Severity: important
Tags: security upstream
Forwarded: https://github.com/containers/podman/pull/12283
X-Debbugs-Cc: carnil at debian.org, Debian Security Team <team at security.debian.org>
Control: found -1 3.4.1+ds1-2
Hi,
The following vulnerability was published for libpod.
CVE-2021-4024[0]:
| podman machine spawns gvproxy with port binded to all IPs
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2021-4024
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4024
[1] https://github.com/containers/podman/pull/12283
Regards,
Salvatore
More information about the Pkg-go-maintainers
mailing list