Amazon Linux 2 Security Advisory: ALAS2DOCKER-2021-013
Advisory Released Date: 2021-11-18
Advisory Updated Date: 2021-11-18
Severity:
Medium
Issue Overview:
A flaw was found in containerd. Credentials may be leaked during an image pull. (CVE-2020-15157)
Affected Packages:
containerd
Note:
This advisory is applicable to Amazon Linux 2 - Docker Extra. Visit this page to learn more about Amazon Linux 2 (AL2) Extras and this FAQ section for the difference between AL2 Core and AL2 Extras advisories.
Issue Correction:
Run yum update containerd to update your system.
New Packages:
aarch64:
containerd-1.3.2-1.amzn2.aarch64
containerd-stress-1.3.2-1.amzn2.aarch64
containerd-debuginfo-1.3.2-1.amzn2.aarch64
src:
containerd-1.3.2-1.amzn2.src
x86_64:
containerd-1.3.2-1.amzn2.x86_64
containerd-stress-1.3.2-1.amzn2.x86_64
containerd-debuginfo-1.3.2-1.amzn2.x86_64