ELSA-2023-12578

Опубликовано: 19 июл. 2023

Источник: oracle-oval

Платформа: Oracle Linux 8

Описание

ELSA-2023-12578: buildah security update (IMPORTANT)

runc [1:1.1.4-1.0.1]

rootless: fix /sys/fs/cgroup mounts to prevent CVE-2023-25809
rootfs: prohibit symlinks that conflicts with readonlyPaths and/or maskedPaths to prevent CVE-2023-27561
Prohibit /proc and /sys to be symlinks to prevent CVE-2023-28642
JIRA: OLDIS-25589

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

Module container-tools:4.0 is enabled

aardvark-dns

1.0.1-37.0.1.module+el8.8.0+20984+ab6ce66c

buildah

1.24.6-5.module+el8.8.0+20984+ab6ce66c

buildah-tests

1.24.6-5.module+el8.8.0+20984+ab6ce66c

cockpit-podman

46-1.module+el8.8.0+20984+ab6ce66c

conmon

2.1.4-1.module+el8.8.0+20984+ab6ce66c

container-selinux

2.199.0-1.module+el8.8.0+20984+ab6ce66c

containernetworking-plugins

1.1.1-2.module+el8.8.0+20984+ab6ce66c

containers-common

1-37.0.1.module+el8.8.0+20984+ab6ce66c

crit

3.15-3.module+el8.8.0+20984+ab6ce66c

criu

3.15-3.module+el8.8.0+20984+ab6ce66c

criu-devel

3.15-3.module+el8.8.0+20984+ab6ce66c

criu-libs

3.15-3.module+el8.8.0+20984+ab6ce66c

crun

1.6-1.module+el8.8.0+20984+ab6ce66c

fuse-overlayfs

1.9-1.module+el8.8.0+20984+ab6ce66c

libslirp

4.4.0-1.module+el8.8.0+20984+ab6ce66c

libslirp-devel

4.4.0-1.module+el8.8.0+20984+ab6ce66c

netavark

1.0.1-37.0.1.module+el8.8.0+20984+ab6ce66c

oci-seccomp-bpf-hook

1.2.5-2.module+el8.8.0+20984+ab6ce66c

podman

4.0.2-20.module+el8.8.0+20984+ab6ce66c

podman-catatonit

4.0.2-20.module+el8.8.0+20984+ab6ce66c

podman-docker

4.0.2-20.module+el8.8.0+20984+ab6ce66c

podman-gvproxy

4.0.2-20.module+el8.8.0+20984+ab6ce66c

podman-plugins

4.0.2-20.module+el8.8.0+20984+ab6ce66c

podman-remote

4.0.2-20.module+el8.8.0+20984+ab6ce66c

podman-tests

4.0.2-20.module+el8.8.0+20984+ab6ce66c

python3-criu

3.15-3.module+el8.8.0+20984+ab6ce66c

python3-podman

4.0.0-1.module+el8.8.0+20984+ab6ce66c

runc

1.1.4-1.0.1.module+el8.8.0+21118+db7590d7

skopeo

1.6.2-6.module+el8.8.0+20984+ab6ce66c

skopeo-tests

1.6.2-6.module+el8.8.0+20984+ab6ce66c

slirp4netns

1.1.8-2.module+el8.8.0+20984+ab6ce66c

udica

0.2.6-3.module+el8.8.0+20984+ab6ce66c

Oracle Linux x86_64

Module container-tools:4.0 is enabled

aardvark-dns

1.0.1-37.0.1.module+el8.8.0+20984+ab6ce66c

buildah

1.24.6-5.module+el8.8.0+20984+ab6ce66c

buildah-tests

1.24.6-5.module+el8.8.0+20984+ab6ce66c

cockpit-podman

46-1.module+el8.8.0+20984+ab6ce66c

conmon

2.1.4-1.module+el8.8.0+20984+ab6ce66c

container-selinux

2.199.0-1.module+el8.8.0+20984+ab6ce66c

containernetworking-plugins

1.1.1-2.module+el8.8.0+20984+ab6ce66c

containers-common

1-37.0.1.module+el8.8.0+20984+ab6ce66c

crit

3.15-3.module+el8.8.0+20984+ab6ce66c

criu

3.15-3.module+el8.8.0+20984+ab6ce66c

criu-devel

3.15-3.module+el8.8.0+20984+ab6ce66c

criu-libs

3.15-3.module+el8.8.0+20984+ab6ce66c

crun

1.6-1.module+el8.8.0+20984+ab6ce66c

fuse-overlayfs

1.9-1.module+el8.8.0+20984+ab6ce66c

libslirp

4.4.0-1.module+el8.8.0+20984+ab6ce66c

libslirp-devel

4.4.0-1.module+el8.8.0+20984+ab6ce66c

netavark

1.0.1-37.0.1.module+el8.8.0+20984+ab6ce66c

oci-seccomp-bpf-hook

1.2.5-2.module+el8.8.0+20984+ab6ce66c

podman

4.0.2-20.module+el8.8.0+20984+ab6ce66c

podman-catatonit

4.0.2-20.module+el8.8.0+20984+ab6ce66c

podman-docker

4.0.2-20.module+el8.8.0+20984+ab6ce66c

podman-gvproxy

4.0.2-20.module+el8.8.0+20984+ab6ce66c

podman-plugins

4.0.2-20.module+el8.8.0+20984+ab6ce66c

podman-remote

4.0.2-20.module+el8.8.0+20984+ab6ce66c

podman-tests

4.0.2-20.module+el8.8.0+20984+ab6ce66c

python3-criu

3.15-3.module+el8.8.0+20984+ab6ce66c

python3-podman

4.0.0-1.module+el8.8.0+20984+ab6ce66c

runc

1.1.4-1.0.1.module+el8.8.0+21118+db7590d7

skopeo

1.6.2-6.module+el8.8.0+20984+ab6ce66c

skopeo-tests

1.6.2-6.module+el8.8.0+20984+ab6ce66c

slirp4netns

1.1.8-2.module+el8.8.0+20984+ab6ce66c

udica

0.2.6-3.module+el8.8.0+20984+ab6ce66c

Связанные CVE

CVE-2023-28642

CVE-2023-25809

CVE-2023-27561

Ссылки на источники

Связанные уязвимости

SUSE-SU-2023:2003-1

suse-cvrf

около 2 лет назад

Security update for runc

SUSE-SU-2023:1726-1

suse-cvrf

около 2 лет назад

Security update for runc

ELSA-2023-12579

oracle-oval

почти 2 года назад

ELSA-2023-12579: aardvark-dns security update (IMPORTANT)

ELSA-2023-6380

oracle-oval

больше 1 года назад

ELSA-2023-6380: runc security update (MODERATE)

ELSA-2023-6938

oracle-oval

больше 1 года назад

ELSA-2023-6938: container-tools:4.0 security and bug fix update (MODERATE)