Описание
ELSA-2020-1650: container-tools:ol8 security, bug fix, and enhancement update (MODERATE)
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
Module container-tools:ol8 is enabled
buildah
1.11.6-7.0.1.module+el8.2.0+5584+b2b2d3fb
buildah-tests
1.11.6-7.0.1.module+el8.2.0+5584+b2b2d3fb
cockpit-podman
12-1.module+el8.2.0+5584+b2b2d3fb
conmon
2.0.6-1.0.1.module+el8.2.0+5584+b2b2d3fb
container-selinux
2.124.0-1.module+el8.2.0+5584+b2b2d3fb
containernetworking-plugins
0.8.3-5.0.1.module+el8.2.0+5584+b2b2d3fb
containers-common
0.1.40-10.0.1.module+el8.2.0+5584+b2b2d3fb
crit
3.12-9.module+el8.2.0+5584+b2b2d3fb
criu
3.12-9.module+el8.2.0+5584+b2b2d3fb
fuse-overlayfs
0.7.2-5.module+el8.2.0+5584+b2b2d3fb
podman
1.6.4-10.0.1.module+el8.2.0+5584+b2b2d3fb
podman-docker
1.6.4-10.0.1.module+el8.2.0+5584+b2b2d3fb
podman-remote
1.6.4-10.0.1.module+el8.2.0+5584+b2b2d3fb
podman-tests
1.6.4-10.0.1.module+el8.2.0+5584+b2b2d3fb
python-podman-api
1.2.0-0.2.gitd0a45fe.module+el8.2.0+5584+b2b2d3fb
python3-criu
3.12-9.module+el8.2.0+5584+b2b2d3fb
runc
1.0.0-65.rc10.module+el8.2.0+5584+b2b2d3fb
skopeo
0.1.40-10.0.1.module+el8.2.0+5584+b2b2d3fb
skopeo-tests
0.1.40-10.0.1.module+el8.2.0+5584+b2b2d3fb
slirp4netns
0.4.2-3.git21fdece.module+el8.2.0+5584+b2b2d3fb
udica
0.2.1-2.module+el8.2.0+5584+b2b2d3fb
Oracle Linux x86_64
Module container-tools:ol8 is enabled
buildah
1.11.6-7.0.1.module+el8.2.0+5584+b2b2d3fb
buildah-tests
1.11.6-7.0.1.module+el8.2.0+5584+b2b2d3fb
cockpit-podman
12-1.module+el8.2.0+5584+b2b2d3fb
conmon
2.0.6-1.0.1.module+el8.2.0+5584+b2b2d3fb
container-selinux
2.124.0-1.module+el8.2.0+5584+b2b2d3fb
containernetworking-plugins
0.8.3-5.0.1.module+el8.2.0+5584+b2b2d3fb
containers-common
0.1.40-10.0.1.module+el8.2.0+5584+b2b2d3fb
crit
3.12-9.module+el8.2.0+5584+b2b2d3fb
criu
3.12-9.module+el8.2.0+5584+b2b2d3fb
fuse-overlayfs
0.7.2-5.module+el8.2.0+5584+b2b2d3fb
podman
1.6.4-10.0.1.module+el8.2.0+5584+b2b2d3fb
podman-docker
1.6.4-10.0.1.module+el8.2.0+5584+b2b2d3fb
podman-remote
1.6.4-10.0.1.module+el8.2.0+5584+b2b2d3fb
podman-tests
1.6.4-10.0.1.module+el8.2.0+5584+b2b2d3fb
python-podman-api
1.2.0-0.2.gitd0a45fe.module+el8.2.0+5584+b2b2d3fb
python3-criu
3.12-9.module+el8.2.0+5584+b2b2d3fb
runc
1.0.0-65.rc10.module+el8.2.0+5584+b2b2d3fb
skopeo
0.1.40-10.0.1.module+el8.2.0+5584+b2b2d3fb
skopeo-tests
0.1.40-10.0.1.module+el8.2.0+5584+b2b2d3fb
slirp4netns
0.4.2-3.git21fdece.module+el8.2.0+5584+b2b2d3fb
udica
0.2.1-2.module+el8.2.0+5584+b2b2d3fb
Связанные CVE
Связанные уязвимости
Moderate: container-tools:rhel8 security, bug fix, and enhancement update
A flaw was discovered in Podman where it incorrectly allows containers when created to overwrite existing files in volumes, even if they are mounted as read-only. When a user runs a malicious container or a container based on a malicious image with an attached volume that is used for the first time, it is possible to trigger the flaw and overwrite files in the volume.This issue was introduced in version 1.6.0.
A flaw was discovered in Podman where it incorrectly allows containers when created to overwrite existing files in volumes, even if they are mounted as read-only. When a user runs a malicious container or a container based on a malicious image with an attached volume that is used for the first time, it is possible to trigger the flaw and overwrite files in the volume.This issue was introduced in version 1.6.0.
A flaw was discovered in Podman where it incorrectly allows containers when created to overwrite existing files in volumes, even if they are mounted as read-only. When a user runs a malicious container or a container based on a malicious image with an attached volume that is used for the first time, it is possible to trigger the flaw and overwrite files in the volume.This issue was introduced in version 1.6.0.
A flaw was discovered in Podman where it incorrectly allows containers ...