Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2019-3403

Опубликовано: 14 нояб. 2019
Источник: oracle-oval
Платформа: Oracle Linux 8

Описание

ELSA-2019-3403: container-tools:ol8 security, bug fix, and enhancement update (IMPORTANT)

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

Module container-tools:ol8 is enabled

buildah

1.9.0-5.0.1.module+el8.1.0+5440+994fc847

buildah-tests

1.9.0-5.0.1.module+el8.1.0+5440+994fc847

cockpit-podman

4-1.module+el8.1.0+5440+994fc847

container-selinux

2.107-2.module+el8.1.0+5440+994fc847

containernetworking-plugins

0.8.1-2.0.1.module+el8.1.0+5440+994fc847

containers-common

0.1.37-5.0.2.module+el8.1.0+5440+994fc847

fuse-overlayfs

0.4.1-1.module+el8.1.0+5440+994fc847

oci-systemd-hook

0.1.15-2.git2d0b8a3.module+el8.1.0+5440+994fc847

oci-umount

2.3.4-2.git87f9237.module+el8.1.0+5440+994fc847

podman

1.4.2-5.0.2.module+el8.1.0+5440+994fc847

podman-docker

1.4.2-5.0.2.module+el8.1.0+5440+994fc847

podman-manpages

1.4.2-5.0.2.module+el8.1.0+5440+994fc847

podman-remote

1.4.2-5.0.2.module+el8.1.0+5440+994fc847

podman-tests

1.4.2-5.0.2.module+el8.1.0+5440+994fc847

python-podman-api

1.2.0-0.1.gitd0a45fe.module+el8.1.0+5440+994fc847

runc

1.0.0-60.rc8.module+el8.1.0+5440+994fc847

skopeo

0.1.37-5.0.2.module+el8.1.0+5440+994fc847

skopeo-tests

0.1.37-5.0.2.module+el8.1.0+5440+994fc847

slirp4netns

0.3.0-4.module+el8.1.0+5440+994fc847

Oracle Linux x86_64

Module container-tools:ol8 is enabled

buildah

1.9.0-5.0.1.module+el8.1.0+5440+994fc847

buildah-tests

1.9.0-5.0.1.module+el8.1.0+5440+994fc847

cockpit-podman

4-1.module+el8.1.0+5440+994fc847

container-selinux

2.107-2.module+el8.1.0+5440+994fc847

containernetworking-plugins

0.8.1-2.0.1.module+el8.1.0+5440+994fc847

containers-common

0.1.37-5.0.2.module+el8.1.0+5440+994fc847

fuse-overlayfs

0.4.1-1.module+el8.1.0+5440+994fc847

oci-systemd-hook

0.1.15-2.git2d0b8a3.module+el8.1.0+5440+994fc847

oci-umount

2.3.4-2.git87f9237.module+el8.1.0+5440+994fc847

podman

1.4.2-5.0.2.module+el8.1.0+5440+994fc847

podman-docker

1.4.2-5.0.2.module+el8.1.0+5440+994fc847

podman-manpages

1.4.2-5.0.2.module+el8.1.0+5440+994fc847

podman-remote

1.4.2-5.0.2.module+el8.1.0+5440+994fc847

podman-tests

1.4.2-5.0.2.module+el8.1.0+5440+994fc847

python-podman-api

1.2.0-0.1.gitd0a45fe.module+el8.1.0+5440+994fc847

runc

1.0.0-60.rc8.module+el8.1.0+5440+994fc847

skopeo

0.1.37-5.0.2.module+el8.1.0+5440+994fc847

skopeo-tests

0.1.37-5.0.2.module+el8.1.0+5440+994fc847

slirp4netns

0.3.0-4.module+el8.1.0+5440+994fc847

Связанные CVE

CVE-2019-10214
CVE-2019-14378

Ссылки на источники

Связанные уязвимости

rocky логотип

RLSA-2019:3494

rocky
больше 5 лет назад

Important: container-tools:1.0 security and bug fix update

oracle-oval логотип

ELSA-2019-3494

oracle-oval
больше 5 лет назад

ELSA-2019-3494: container-tools:1.0 security and bug fix update (IMPORTANT)

rocky логотип

RLSA-2019:3403

rocky
больше 5 лет назад

Important: container-tools:rhel8 security, bug fix, and enhancement update

ubuntu логотип

CVE-2019-10214

CVSS3: 5.9
ubuntu
больше 5 лет назад

The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launch a MiTM attack and steal login credentials or bearer tokens.

redhat логотип

CVE-2019-10214

CVSS3: 6.4
redhat
почти 6 лет назад

The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launch a MiTM attack and steal login credentials or bearer tokens.