zypper-docker demo for cve-2014-6271

zypper-docker-demo-cve-2014-6271.txt

-----------Dockerfile ---------------------------------------------------------------

FROM suse/sles11sp3:latest
MAINTAINER Jordi Massaguer <[email protected]>

# Import the crt file of our private SMT server
ADD http://docker-smt.suse.de//smt.crt /etc/ssl/certs/smt.pem
RUN c_rehash /etc/ssl/certs

# Refresh the list of repositories
RUN zypper --gpg-auto-import-keys ref -s
RUN zypper -n install --oldpackage bash-3.2-147.17.30

-----------------------------------------------------------------------------

> docker build -t demo-cve-2014-6271 .

> docker run -ti demo-cve-2014-6271 zypper lp --bugzilla=896776

Refreshing service 'container-suseconnect'.
Loading repository data...
Reading installed packages...

Issue    | No.    | Patch             | Category | Status
---------+--------+-------------------+----------+-------
bugzilla | 896776 | slessp3-bash-9740 | security | needed

> docker run -ti demo-cve-2014-6271 zypper lp --cve=2014-6271
Refreshing service 'container-suseconnect'.
Loading repository data...
Reading installed packages...

Issue | No.           | Patch             | Category | Status
------+---------------+-------------------+----------+-------
cve   | CVE-2014-6271 | slessp3-bash-9740 | security | needed

this gist works on a sle12 registered machine using our private smt. If you want to use it, you need to run it on a sles12 registered machine. If it is registered with SCC, you can remove the lines regarding smt. If you are running it with your own smt, then replace the urls.