Ofufuza a Cisco Security Chidziwitso chazowopsa (CVE-2019-5021) mkati Kugawa kwa Alpine kwa Docker Container isolation system. Chofunikira pavuto lomwe lazindikirika ndikuti mawu achinsinsi achinsinsi a wogwiritsa ntchito mizu adakhazikitsidwa ku mawu achinsinsi opanda kanthu popanda kutsekereza kulowa mwachindunji ngati mizu. Tikumbukire kuti Alpine imagwiritsidwa ntchito kupanga zithunzi zovomerezeka kuchokera ku projekiti ya Docker (yomwe idamangidwa kale idakhazikitsidwa ndi Ubuntu, koma pamenepo panali. pa Alpine).
Vutoli lidakhalapo kuyambira pomwe Alpine Docker 3.3 idamangidwa ndipo idayamba chifukwa chakusintha kosinthika komwe kudawonjezeredwa mu 2015 (pambuyo pa 3.3, /etc/shadow adagwiritsa ntchito mzere "root:!::0:::::", ndipo pambuyo pa kuchotsedwa kwa mbendera "-d" mzere "root:::0:::::" anayamba kuwonjezeredwa. Vutolo lidadziwika poyamba ndipo mu November 2015, koma mu December molakwitsa kachiwiri m'mafayilo omanga a nthambi yoyesera, kenako adasamutsidwa ku zomanga zokhazikika.
Zomwe zili pachiwopsezo zimati vutoli likuwonekeranso munthambi yaposachedwa ya Alpine Docker 3.9. Opanga Alpine mu Marichi chigamba ndi kusatetezeka kuyambira amamanga 3.9.2, 3.8.4, 3.7.3 ndi 3.6.5, koma amakhalabe mu nthambi zakale 3.4.x ndi 3.5.x, amene anasiya kale. Kuonjezera apo, okonzawo amanena kuti vector yowukirayo ndi yochepa kwambiri ndipo imafuna kuti wowukirayo akhale ndi mwayi wogwiritsa ntchito zipangizo zomwezo.
Source: opennet.ru