Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2019-3494

Опубликовано: 14 нояб. 2019
Источник: oracle-oval
Платформа: Oracle Linux 8

Описание

ELSA-2019-3494: container-tools:1.0 security and bug fix update (IMPORTANT)

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

Module container-tools:1.0 is enabled

buildah

1.5-5.0.1.gite94b4f9.module+el8.1.0+5440+42cffa37

container-selinux

2.94-1.git1e99f1d.module+el8.1.0+5440+42cffa37

containernetworking-plugins

0.7.4-3.git9ebe139.module+el8.1.0+5440+42cffa37

containers-common

0.1.32-5.0.2.git1715c90.module+el8.1.0+5440+42cffa37

fuse-overlayfs

0.3-5.module+el8.1.0+5440+42cffa37

oci-systemd-hook

0.1.15-2.git2d0b8a3.module+el8.1.0+5440+42cffa37

oci-umount

2.3.4-2.git87f9237.module+el8.1.0+5440+42cffa37

podman

1.0.0-3.git921f98f.module+el8.1.0+5440+42cffa37

podman-docker

1.0.0-3.git921f98f.module+el8.1.0+5440+42cffa37

runc

1.0.0-55.rc5.dev.git2abd837.module+el8.1.0+5440+42cffa37

skopeo

0.1.32-5.0.2.git1715c90.module+el8.1.0+5440+42cffa37

slirp4netns

0.1-3.dev.gitc4e1bc5.module+el8.1.0+5440+42cffa37

Oracle Linux x86_64

Module container-tools:1.0 is enabled

buildah

1.5-5.0.1.gite94b4f9.module+el8.1.0+5440+42cffa37

container-selinux

2.94-1.git1e99f1d.module+el8.1.0+5440+42cffa37

containernetworking-plugins

0.7.4-3.git9ebe139.module+el8.1.0+5440+42cffa37

containers-common

0.1.32-5.0.2.git1715c90.module+el8.1.0+5440+42cffa37

fuse-overlayfs

0.3-5.module+el8.1.0+5440+42cffa37

oci-systemd-hook

0.1.15-2.git2d0b8a3.module+el8.1.0+5440+42cffa37

oci-umount

2.3.4-2.git87f9237.module+el8.1.0+5440+42cffa37

podman

1.0.0-3.git921f98f.module+el8.1.0+5440+42cffa37

podman-docker

1.0.0-3.git921f98f.module+el8.1.0+5440+42cffa37

runc

1.0.0-55.rc5.dev.git2abd837.module+el8.1.0+5440+42cffa37

skopeo

0.1.32-5.0.2.git1715c90.module+el8.1.0+5440+42cffa37

slirp4netns

0.1-3.dev.gitc4e1bc5.module+el8.1.0+5440+42cffa37

Связанные CVE

CVE-2019-10214
CVE-2019-14378

Ссылки на источники

Связанные уязвимости

rocky логотип

RLSA-2019:3494

rocky
больше 5 лет назад

Important: container-tools:1.0 security and bug fix update

oracle-oval логотип

ELSA-2019-3403

oracle-oval
больше 5 лет назад

ELSA-2019-3403: container-tools:ol8 security, bug fix, and enhancement update (IMPORTANT)

rocky логотип

RLSA-2019:3403

rocky
больше 5 лет назад

Important: container-tools:rhel8 security, bug fix, and enhancement update

ubuntu логотип

CVE-2019-10214

CVSS3: 5.9
ubuntu
больше 5 лет назад

The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launch a MiTM attack and steal login credentials or bearer tokens.

redhat логотип

CVE-2019-10214

CVSS3: 6.4
redhat
почти 6 лет назад

The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launch a MiTM attack and steal login credentials or bearer tokens.