Test ID:	1.3.6.1.4.1.25623.1.0.131216
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2016-0043)
Summary:	The remote host is missing an update for the 'docker, golang' package(s) announced via the MGASA-2016-0043 advisory.
Description:	Summary: The remote host is missing an update for the 'docker, golang' package(s) announced via the MGASA-2016-0043 advisory. Vulnerability Insight: Manipulated layer IDs could have lead to local graph poisoning (CVE-2014-8178). Manifest validation and parsing logic errors allowed pull-by-digest validation bypass (CVE-2014-8179). To fix these issues, the golang package has been updated to version 1.4.3 and the docker package has been updated to version 1.9.1. Affected Software/OS: 'docker, golang' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2014-8178 http://lists.opensuse.org/opensuse-security-announce/2015-10/msg00014.html http://lists.opensuse.org/opensuse-updates/2015-10/msg00036.html https://github.com/docker/docker/blob/master/CHANGELOG.md#183-2015-10-12 https://groups.google.com/forum/#%21msg/docker-dev/bWVVtLNbFy8/UaefOqMOCAAJ https://www.docker.com/legal/docker-cve-database Common Vulnerability Exposure (CVE) ID: CVE-2014-8179 https://blog.docker.com/2015/10/security-release-docker-1-8-3-1-6-2-cs7/
Copyright	Copyright (C) 2016 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.