rkt: add CVEs
https://www.twistlock.com/labs-blog/breaking-out-of-coresos-rkt-3-new-cves/
This commit is contained in:
parent
db4ccde60d
commit
c4c936f2f7
@ -69,5 +69,10 @@ in stdenv.mkDerivation rec {
|
||||
license = licenses.asl20;
|
||||
maintainers = with maintainers; [ ragge steveej ];
|
||||
platforms = [ "x86_64-linux" ];
|
||||
knownVulnerabilities = [
|
||||
"CVE-2019-10144: processes run with `rkt enter` are given all capabilities during stage 2"
|
||||
"CVE-2019-10145: processes run with `rkt enter` do not have seccomp filtering during stage 2"
|
||||
"CVE-2019-10147: processes run with `rkt enter` are not limited by cgroups during stage 2"
|
||||
];
|
||||
};
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user