Описание
ELSA-2020-1932: container-tools:ol8 security update (IMPORTANT)
buildah [1.11.6-8.0.1]
- Fixes troubles with oracle registry login [Orabug: 29937283]
[1.11.6-8]
- fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file overwriting during image build process'
- Resolves: #1817742
[1.11.6-7]
- fix 'COPY command takes long time with buildah'
- Resolves: #1806120
cockpit-podman [12-1]
- Configure CPU share for system containers
- Translation updates
conmon [2:2.0.6-1.0.1]
- Remove upstream references [Orabug: 30871880]
[2:2.0.6-1]
- update to 2.0.6
- Related: RHELPLAN-25139
containernetworking-plugins [0.8.3-5.0.1]
- Disable debuginfo
[0.8.3-5]
- compile with no_openssl
- Related: RHELPLAN-25139
podman [1.6.4-11.0.1]
- delivering fix for [Orabug: 29874238] by Nikita Gerasimov nikita.gerasimov@oracle.com
[1.6.4-11]
- fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file overwriting during image build process'
- Resolves: #1817747
python-podman-api [1.2.0-0.2.gitd0a45fe]
- revert update to 1.6.0 due to new python3-pbr dependency which is not in RHEL
- Related: RHELPLAN-25139
runc [1.0.0-65.rc10]
- address CVE-2019-19921 by updating to rc10
- Resolves: #1801887
skopeo [0.1.40-11.0.1]
- Add oracle registry into the conf file [Orabug: 29845934 31306708]
- Fix oracle registry login issues [Orabug: 29937192]
[1:0.1.40-11]
- add docker.io into the default registry list
- Related: #1810053
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
Module container-tools:ol8 is enabled
buildah
1.11.6-8.0.1.module+el8.2.0+7615+180dc822
buildah-tests
1.11.6-8.0.1.module+el8.2.0+7615+180dc822
cockpit-podman
12-1.module+el8.2.0+7615+180dc822
conmon
2.0.6-1.0.1.module+el8.2.0+7615+180dc822
container-selinux
2.124.0-1.module+el8.2.0+7615+180dc822
containernetworking-plugins
0.8.3-5.0.1.module+el8.2.0+7615+180dc822
containers-common
0.1.40-11.0.1.module+el8.2.0+7615+180dc822
crit
3.12-9.module+el8.2.0+7615+180dc822
criu
3.12-9.module+el8.2.0+7615+180dc822
fuse-overlayfs
0.7.2-5.module+el8.2.0+7615+180dc822
podman
1.6.4-11.0.1.module+el8.2.0+7615+180dc822
podman-docker
1.6.4-11.0.1.module+el8.2.0+7615+180dc822
podman-remote
1.6.4-11.0.1.module+el8.2.0+7615+180dc822
podman-tests
1.6.4-11.0.1.module+el8.2.0+7615+180dc822
python-podman-api
1.2.0-0.2.gitd0a45fe.module+el8.2.0+7615+180dc822
python3-criu
3.12-9.module+el8.2.0+7615+180dc822
runc
1.0.0-65.rc10.module+el8.2.0+7615+180dc822
skopeo
0.1.40-11.0.1.module+el8.2.0+7615+180dc822
skopeo-tests
0.1.40-11.0.1.module+el8.2.0+7615+180dc822
slirp4netns
0.4.2-3.git21fdece.module+el8.2.0+7615+180dc822
udica
0.2.1-2.module+el8.2.0+7615+180dc822
Oracle Linux x86_64
Module container-tools:ol8 is enabled
buildah
1.11.6-8.0.1.module+el8.2.0+7615+180dc822
buildah-tests
1.11.6-8.0.1.module+el8.2.0+7615+180dc822
cockpit-podman
12-1.module+el8.2.0+7615+180dc822
conmon
2.0.6-1.0.1.module+el8.2.0+7615+180dc822
container-selinux
2.124.0-1.module+el8.2.0+7615+180dc822
containernetworking-plugins
0.8.3-5.0.1.module+el8.2.0+7615+180dc822
containers-common
0.1.40-11.0.1.module+el8.2.0+7615+180dc822
crit
3.12-9.module+el8.2.0+7615+180dc822
criu
3.12-9.module+el8.2.0+7615+180dc822
fuse-overlayfs
0.7.2-5.module+el8.2.0+7615+180dc822
podman
1.6.4-11.0.1.module+el8.2.0+7615+180dc822
podman-docker
1.6.4-11.0.1.module+el8.2.0+7615+180dc822
podman-remote
1.6.4-11.0.1.module+el8.2.0+7615+180dc822
podman-tests
1.6.4-11.0.1.module+el8.2.0+7615+180dc822
python-podman-api
1.2.0-0.2.gitd0a45fe.module+el8.2.0+7615+180dc822
python3-criu
3.12-9.module+el8.2.0+7615+180dc822
runc
1.0.0-65.rc10.module+el8.2.0+7615+180dc822
skopeo
0.1.40-11.0.1.module+el8.2.0+7615+180dc822
skopeo-tests
0.1.40-11.0.1.module+el8.2.0+7615+180dc822
slirp4netns
0.4.2-3.git21fdece.module+el8.2.0+7615+180dc822
udica
0.2.1-2.module+el8.2.0+7615+180dc822
Связанные CVE
Связанные уязвимости
A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to the user's system anywhere that the user has permissions.
A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to the user's system anywhere that the user has permissions.
A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to the user's system anywhere that the user has permissions.
A path traversal flaw was found in Buildah in versions before 1.14.5. ...
