Docker security upgrade [CVE-2019-5736]
![Docker security upgrade [CVE-2019-5736]](/_next/image?url=%2Fblog%2Fthumbnails%2Fdocker-security-cover.png&w=1920&q=75)
With the release v2.2.3, we have raised the Docker services to v18.09.2.
The update fixes the recently detected privilege escalation vulnerability, which allowed attackers to overwrite the host runc binary (and consequently obtain host root access) by leveraging the ability to execute a command as root within new and existing containers.
Warning
We strongly advise Enterprise users to update Docker and docker-compose on their machine. The upgrade is required to download Buddy v2.2.3.
Tip
Cloud users don't have to do anything as the issue has already been addressed in the release.
Hint
You can read more about the issue and best practices on securing Docker images on the official Docker blog.
Jarek Dylewski
Customer Support
A journalist and an SEO specialist trying to find himself in the unforgiving world of coders. Gamer, a non-fiction literature fan and obsessive carnivore. Jarek uses his talents to convert the programming lingo into a cohesive and approachable narration.
Feb 20th 2019
Share