Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

oracle-oval логотип

ELSA-2019-4269

Опубликовано: 03 янв. 2020
Источник: oracle-oval
Платформа: Oracle Linux 8

Описание

ELSA-2019-4269: container-tools:ol8 security and bug fix update (IMPORTANT)

buildah [1.9.0-5.0.1]

  • Fixes troubles with oracle registry login [Orabug: 29937283]

[1.9.0-5]

  • Use autosetup macro again.

[1.9.0-4]

  • Fix CVE-2019-10214 (#1734653).

[1.9.0-3]

  • Resolves: #1721247 - enable fips mode

[1.9.0-2]

  • Resolves: #1720654 - tests subpackage depends on golang explicitly

[1.9.0-1]

  • Resolves: #1720654 - rebase to v1.9.0

cockpit-podman [4-1]

  • Fix regression in container commit
  • Fix AppStream ID rhbz#1734809

[3-1]

  • Enable Commit button for running containers
  • Fix race condition with container deletion
  • Stop fetching all containers/images for each container/image event

[2-2]

  • Fix podman dependency

[2-1]

  • Update to upstream 2 release
  • Support podman API 1.3
  • Support running commands with arguments
  • Show the default command coming from image
  • Implement filtering of images and containers

containernetworking-plugins [0.8.1-3.0.1]

  • Disable debuginfo

[0.8.1-3]

  • rebuild to address CVE-2019-9514 and CVE-2019-9512
  • Resolves: #1766318, #1766217

container-selinux [2:2.123.0-1]

  • update to 2.123.0
  • Related: #1774382

fuse-overlayfs [0.4.1-1]

  • Resolves: #1720654 - rebase to v0.4.1

[0.3-2]

  • rebase
  • Resolves:#1666510

podman [1.4.2-6.0.1]

  • Ensure patch for Oracle docker registry is applied [Orabug: 30533101]
  • delivering fix for [Orabug: 29874238] by Nikita Gerasimov nikita.gerasimov@oracle.com

[1.4.2-6]

  • update to 1.4.2-stable3
  • Resolves: #1770176

python-podman-api [1.2.0-0.1.gitd0a45fe]

  • Initial package

runc [1.0.0-61.rc8]

  • backport patches for CVE-2019-16884 from upstream
  • Resolves: #1764182

skopeo [1:0.1.37-6.0.1]

  • Ensure patch for Oracle docker registry is applied [Orabug: 30533101]
  • Add oracle registry into the conf file [Orabug: 29845934]
  • Fix oracle registry login issues [Orabug: 29937192]

[1:0.1.37-6]

  • rebuild because of CVE-2019-9512 and CVE-2019-9514
  • Resolves: #1772136, #1772131

slirp4netns [0.3.0-4]

  • Fix CVE-2019-14378 (#1755595).

[0.3.0-3]

  • Resolves: #1683217 - BR: glib2-devel

[0.3.0-2]

  • Resolves: #1683217 - bump slirp4netns to v0.3.0

[0.3.0-1.alpha.2.git30883b5]

  • bump to v0.3.0-alpha.2

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

Module container-tools:ol8 is enabled

buildah

1.9.0-5.0.1.module+el8.1.0+5440+994fc847

buildah-tests

1.9.0-5.0.1.module+el8.1.0+5440+994fc847

cockpit-podman

4-1.module+el8.1.0+5440+994fc847

container-selinux

2.123.0-2.module+el8.1.0+5460+5d763c32

containernetworking-plugins

0.8.1-3.0.1.module+el8.1.0+5460+5d763c32

containers-common

0.1.37-6.0.1.module+el8.1.0+5460+5d763c32

fuse-overlayfs

0.4.1-1.module+el8.1.0+5440+994fc847

oci-systemd-hook

0.1.15-2.git2d0b8a3.module+el8.1.0+5440+994fc847

oci-umount

2.3.4-2.git87f9237.module+el8.1.0+5440+994fc847

podman

1.4.2-6.0.1.module+el8.1.0+5460+5d763c32

podman-docker

1.4.2-6.0.1.module+el8.1.0+5460+5d763c32

podman-manpages

1.4.2-6.0.1.module+el8.1.0+5460+5d763c32

podman-remote

1.4.2-6.0.1.module+el8.1.0+5460+5d763c32

podman-tests

1.4.2-6.0.1.module+el8.1.0+5460+5d763c32

python-podman-api

1.2.0-0.1.gitd0a45fe.module+el8.1.0+5440+994fc847

runc

1.0.0-61.rc8.module+el8.1.0+5460+5d763c32

skopeo

0.1.37-6.0.1.module+el8.1.0+5460+5d763c32

skopeo-tests

0.1.37-6.0.1.module+el8.1.0+5460+5d763c32

slirp4netns

0.3.0-4.module+el8.1.0+5440+994fc847

Oracle Linux x86_64

Module container-tools:ol8 is enabled

buildah

1.9.0-5.0.1.module+el8.1.0+5440+994fc847

buildah-tests

1.9.0-5.0.1.module+el8.1.0+5440+994fc847

cockpit-podman

4-1.module+el8.1.0+5440+994fc847

container-selinux

2.123.0-2.module+el8.1.0+5460+5d763c32

containernetworking-plugins

0.8.1-3.0.1.module+el8.1.0+5460+5d763c32

containers-common

0.1.37-6.0.1.module+el8.1.0+5460+5d763c32

fuse-overlayfs

0.4.1-1.module+el8.1.0+5440+994fc847

oci-systemd-hook

0.1.15-2.git2d0b8a3.module+el8.1.0+5440+994fc847

oci-umount

2.3.4-2.git87f9237.module+el8.1.0+5440+994fc847

podman

1.4.2-6.0.1.module+el8.1.0+5460+5d763c32

podman-docker

1.4.2-6.0.1.module+el8.1.0+5460+5d763c32

podman-manpages

1.4.2-6.0.1.module+el8.1.0+5460+5d763c32

podman-remote

1.4.2-6.0.1.module+el8.1.0+5460+5d763c32

podman-tests

1.4.2-6.0.1.module+el8.1.0+5460+5d763c32

python-podman-api

1.2.0-0.1.gitd0a45fe.module+el8.1.0+5440+994fc847

runc

1.0.0-61.rc8.module+el8.1.0+5460+5d763c32

skopeo

0.1.37-6.0.1.module+el8.1.0+5460+5d763c32

skopeo-tests

0.1.37-6.0.1.module+el8.1.0+5460+5d763c32

slirp4netns

0.3.0-4.module+el8.1.0+5440+994fc847

Связанные CVE

CVE-2019-9512
CVE-2019-9514
CVE-2019-16884

Ссылки на источники

Связанные уязвимости

rocky логотип

RLSA-2019:4269

rocky
больше 5 лет назад

Important: container-tools:rhel8 security and bug fix update

rocky логотип

RLSA-2019:4273

rocky
больше 5 лет назад

Important: container-tools:1.0 security update

oracle-oval логотип

ELSA-2019-4273

oracle-oval
больше 5 лет назад

ELSA-2019-4273: container-tools:1.0 security update (IMPORTANT)

oracle-oval логотип

ELSA-2019-2726

oracle-oval
почти 6 лет назад

ELSA-2019-2726: go-toolset:rhel8 security and bug fix update (IMPORTANT)

fstec логотип

BDU:2019-02996

CVSS3: 7.5
fstec
почти 6 лет назад

Уязвимость реализации сетевого протокола HTTP/2 операционных систем Windows, веб-сервера Apache Traffic Server, веб-сервера H2O, сетевых программных средств netty, SwiftNIO, Envoy, программной платформы Node.js позволяющая нарушителю вызвать отказ в обслуживании