A vulnerability in Docker could lead to the escalation of privileges.
|Package||app-emulation/docker on all architectures|
|Affected versions||< 1.11.0|
|Unaffected versions||>= 1.11.0|
Docker is the world’s leading software containerization platform.
Docker does not properly distinguish between numeric UIDs and string usernames.
Local attackers could possibly escalate their privileges.
There is no known workaround at this time.
All Docker users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-emulation/docker-1.11.0"
December 11, 2016
December 11, 2016: 1