ELSA-2021-4222

Опубликовано: 16 нояб. 2021

Источник: oracle-oval

Платформа: Oracle Linux 8

Описание

ELSA-2021-4222: container-tools:3.0 security and bug fix update (MODERATE)

buildah [1.19.9-1]

update to the latest content of https://github.com/containers/buildah/tree/release-1.19 (https://github.com/containers/buildah/commit/c1d6200)
fixes CVE-2021-3602
Related: #1977943

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

Module container-tools:3.0 is enabled

buildah

1.19.9-1.module+el8.5.0+20341+152f6d53

buildah-tests

1.19.9-1.module+el8.5.0+20341+152f6d53

cockpit-podman

29-2.module+el8.5.0+20341+152f6d53

conmon

2.0.26-1.module+el8.5.0+20341+152f6d53

container-selinux

2.167.0-1.module+el8.5.0+20408+23b8328e

containernetworking-plugins

0.9.1-1.module+el8.5.0+20341+152f6d53

containers-common

1.2.2-10.0.1.module+el8.5.0+20341+152f6d53

crit

3.15-1.module+el8.5.0+20341+152f6d53

criu

3.15-1.module+el8.5.0+20341+152f6d53

crun

0.18-2.module+el8.5.0+20341+152f6d53

fuse-overlayfs

1.4.0-2.module+el8.5.0+20341+152f6d53

libslirp

4.3.1-1.module+el8.5.0+20341+152f6d53

libslirp-devel

4.3.1-1.module+el8.5.0+20341+152f6d53

oci-seccomp-bpf-hook

1.2.0-3.module+el8.5.0+20341+152f6d53

podman

3.0.1-6.0.1.module+el8.5.0+20408+23b8328e

podman-catatonit

3.0.1-6.0.1.module+el8.5.0+20408+23b8328e

podman-docker

3.0.1-6.0.1.module+el8.5.0+20408+23b8328e

podman-plugins

3.0.1-6.0.1.module+el8.5.0+20408+23b8328e

podman-remote

3.0.1-6.0.1.module+el8.5.0+20408+23b8328e

podman-tests

3.0.1-6.0.1.module+el8.5.0+20408+23b8328e

python3-criu

3.15-1.module+el8.5.0+20341+152f6d53

runc

1.0.0-72.rc92.module+el8.5.0+20341+152f6d53

skopeo

1.2.2-10.0.1.module+el8.5.0+20341+152f6d53

skopeo-tests

1.2.2-10.0.1.module+el8.5.0+20341+152f6d53

slirp4netns

1.1.8-1.module+el8.5.0+20341+152f6d53

udica

0.2.4-1.module+el8.5.0+20341+152f6d53

Oracle Linux x86_64

Module container-tools:3.0 is enabled

buildah

1.19.9-1.module+el8.5.0+20341+152f6d53

buildah-tests

1.19.9-1.module+el8.5.0+20341+152f6d53

cockpit-podman

29-2.module+el8.5.0+20341+152f6d53

conmon

2.0.26-1.module+el8.5.0+20341+152f6d53

container-selinux

2.167.0-1.module+el8.5.0+20408+23b8328e

containernetworking-plugins

0.9.1-1.module+el8.5.0+20341+152f6d53

containers-common

1.2.2-10.0.1.module+el8.5.0+20341+152f6d53

crit

3.15-1.module+el8.5.0+20341+152f6d53

criu

3.15-1.module+el8.5.0+20341+152f6d53

crun

0.18-2.module+el8.5.0+20341+152f6d53

fuse-overlayfs

1.4.0-2.module+el8.5.0+20341+152f6d53

libslirp

4.3.1-1.module+el8.5.0+20341+152f6d53

libslirp-devel

4.3.1-1.module+el8.5.0+20341+152f6d53

oci-seccomp-bpf-hook

1.2.0-3.module+el8.5.0+20341+152f6d53

podman

3.0.1-6.0.1.module+el8.5.0+20408+23b8328e

podman-catatonit

3.0.1-6.0.1.module+el8.5.0+20408+23b8328e

podman-docker

3.0.1-6.0.1.module+el8.5.0+20408+23b8328e

podman-plugins

3.0.1-6.0.1.module+el8.5.0+20408+23b8328e

podman-remote

3.0.1-6.0.1.module+el8.5.0+20408+23b8328e

podman-tests

3.0.1-6.0.1.module+el8.5.0+20408+23b8328e

python3-criu

3.15-1.module+el8.5.0+20341+152f6d53

runc

1.0.0-72.rc92.module+el8.5.0+20341+152f6d53

skopeo

1.2.2-10.0.1.module+el8.5.0+20341+152f6d53

skopeo-tests

1.2.2-10.0.1.module+el8.5.0+20341+152f6d53

slirp4netns

1.1.8-1.module+el8.5.0+20341+152f6d53

udica

0.2.4-1.module+el8.5.0+20341+152f6d53

Связанные CVE

CVE-2021-3602

Ссылки на источники

Связанные уязвимости

CVE-2021-3602

CVSS3: 5.5

ubuntu

больше 3 лет назад

An information disclosure flaw was found in Buildah, when building containers using chroot isolation. Running processes in container builds (e.g. Dockerfile RUN commands) can access environment variables from parent and grandparent processes. When run in a container in a CI/CD environment, environment variables may include sensitive information that was shared with the container in order to be used only by Buildah itself (e.g. container registry credentials).