Описание
ELSA-2024-3968: container-tools:ol8 bug fix and enhancement update (MODERATE)
aardvark-dns [2:1.10.0-1]
- update to https://github.com/containers/aardvark-dns/releases/tag/v1.10.0
- Related: Jira:RHEL-2110
[2:1.9.0-1]
- update to https://github.com/containers/aardvark-dns/releases/tag/v1.9.0
- Related: Jira:RHEL-2110
[2:1.8.0-1]
- update to https://github.com/containers/aardvark-dns/releases/tag/v1.8.0
- Related: Jira:RHEL-2110
buildah [2:1.33.7-2]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.33 (https://github.com/containers/buildah/commit/997beea)
- Resolves: RHEL-28725
cockpit-podman [84.1-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/84.1
- Related: Jira:RHEL-25557
[84-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/84
- Related: Jira:RHEL-2110
[83-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/83
- Related: Jira:RHEL-2110
[82-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/82
- Related: Jira:RHEL-2110
[81-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/81
- Related: Jira:RHEL-2110
[80-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/80
- Related: Jira:RHEL-2110
[79-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/79
- Related: Jira:RHEL-2110
[78-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/78
- Related: Jira:RHEL-2110
[77-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/77
- Related: Jira:RHEL-2110
[75-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/75
- Related: #2176055
conmon [3:2.1.10-1]
- update to https://github.com/containers/conmon/releases/tag/v2.1.10
- Related: Jira:RHEL-2110
[3:2.1.8-1]
- update to https://github.com/containers/conmon/releases/tag/v2.1.8
- Related: #2176055
containernetworking-plugins [1:1.4.0-2]
- rebuild
- Resolves: RHEL-18390
[1:1.4.0-1]
- update to https://github.com/containernetworking/plugins/releases/tag/v1.4.0
- Related: Jira:RHEL-2110
containers-common [2:1-81.0.1]
- Updated removed references [Orabug: 33473101] (Alex Burmashev)
- Adjust registries.conf (Nikita Gerasimov)
- remove references to RedHat registry (Nikita Gerasimov)
[2:1-81]
- Update shortnames from Pyxis
- Related: Jira:RHEL-2110
[2:1-80]
- bump release to preserve upgrade path
- Resolves: Jira:RHEL-12277
container-selinux [2:2.229.0-2]
- remove watch statements properly for RHEL8 and lower
- Related: Jira:RHEL-2110
[2:2.229.0-1]
- update to https://github.com/containers/container-selinux/releases/tag/v2.229.0
- Related: Jira:RHEL-2110
[2:2.228.1-1]
- update to https://github.com/containers/container-selinux/releases/tag/v2.228.1
- Related: Jira:RHEL-2110
[2:2.228.0-1]
- update to https://github.com/containers/container-selinux/releases/tag/v2.228.0
- Related: Jira:RHEL-2110
[2:2.227.0-1]
- update to https://github.com/containers/container-selinux/releases/tag/v2.227.0
- Related: Jira:RHEL-2110
[2:2.226.0-1]
- update to https://github.com/containers/container-selinux/releases/tag/v2.226.0
- remove dependency on policycoreutils-python-utils as it pulls in python
- Related: Jira:RHEL-2110
[2:2.224.0-1]
- update to https://github.com/containers/container-selinux/releases/tag/v2.224.0
- Related: Jira:RHEL-2110
[2:2.222.0-1]
- update to https://github.com/containers/container-selinux/releases/tag/v2.222.0
- Related: Jira:RHEL-2110
criu [3.18-5]
- rebuild to preserve upgrade path
- Related: RHEL-32671
[3.18-4]
- switch to egg-info on 8.9
- Related: #2176055
[3.18-3]
- remove --progress-bar option
- Related: #2176055
[3.18-2]
- update to 3.18
- Related: #2176055
[3.17-1]
- update to 3.17
- Resolves: #2175794
crun [1.14.3-2]
- remove BR libgcrypt-devel, no longer needed
- Related: Jira:RHEL-2110
[1.14.3-1]
- update to https://github.com/containers/crun/releases/tag/1.14.3
- Related: Jira:RHEL-2110
[1.14.1-1]
- update to https://github.com/containers/crun/releases/tag/1.14.1
- Related: Jira:RHEL-2110
[1.14-1]
- update to https://github.com/containers/crun/releases/tag/1.14
- Related: Jira:RHEL-2110
[1.13-1]
- update to https://github.com/containers/crun/releases/tag/1.13
- Related: Jira:RHEL-2110
[1.12-1]
- update to https://github.com/containers/crun/releases/tag/1.12
- Related: Jira:RHEL-2110
[1.11.2-1]
- update to https://github.com/containers/crun/releases/tag/1.11.2
- Related: Jira:RHEL-2110
[1.11.1-1]
- update to https://github.com/containers/crun/releases/tag/1.11.1
- Related: Jira:RHEL-2110
[1.11-1]
- update to https://github.com/containers/crun/releases/tag/1.11
- Related: Jira:RHEL-2110
[1.9.2-1]
- update to https://github.com/containers/crun/releases/tag/1.9.2
- Related: Jira:RHEL-2110
[1.9.1-1]
- update to https://github.com/containers/crun/releases/tag/1.9.1
- Related: Jira:RHEL-2110
[1.9-1]
- update to https://github.com/containers/crun/releases/tag/1.9
- Related: Jira:RHEL-2110
fuse-overlayfs [1.13-1]
- update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.13
- Related: Jira:RHEL-2110
libslirp [4.4.0-2]
- rebuild to preserve upgrade path 8.9 -> 8.10
- Related: RHEL-32671
netavark [2:1.10.3-1]
- update to https://github.com/containers/netavark/releases/tag/v1.10.3
- Related: Jira:RHEL-2110
[2:1.10.2-1]
- update to https://github.com/containers/netavark/releases/tag/v1.10.2
- Related: Jira:RHEL-2110
[2:1.10.1-1]
- update to https://github.com/containers/netavark/releases/tag/v1.10.1
- Related: Jira:RHEL-2110
[2:1.10.0-1]
- update to https://github.com/containers/netavark/releases/tag/v1.10.0
- Related: Jira:RHEL-2110
[2:1.9.0-1]
- update to https://github.com/containers/netavark/releases/tag/v1.9.0
- Related: Jira:RHEL-2110
[2:1.8.0-2]
- fix directory for systemd units
- Related: Jira:RHEL-2110
[2:1.8.0-1]
- update to https://github.com/containers/netavark/releases/tag/v1.8.0
- Related: Jira:RHEL-2110
oci-seccomp-bpf-hook [1.2.10-1]
- update to https://github.com/containers/oci-seccomp-bpf-hook/releases/tag/v1.2.10
- Related: Jira:RHEL-2110
podman [4:4.9.4-3.0.1]
- Add devices on container startup, not on creation
[4:4.9.4-3]
- BR: /usr/bin/man
- Related: RHEL-28727
[4:4.9.4-2]
- update to the latest content of https://github.com/containers/podman/tree/v4.9-rhel (https://github.com/containers/podman/commit/6464b2c)
- Resolves: RHEL-28727
python-podman [4.9.0-1]
- update to https://github.com/containers/podman-py/releases/tag/v4.9.0
- Related: Jira:RHEL-2110
[4.8.2-1]
- update to https://github.com/containers/podman-py/releases/tag/v4.8.2
- Related: Jira:RHEL-2110
[4.8.0.post1-1]
- update to https://github.com/containers/podman-py/releases/tag/v4.8.0.post1
- Related: Jira:RHEL-2110
[4.7.0-1]
- update to https://github.com/containers/podman-py/releases/tag/v4.7.0
- Related: Jira:RHEL-2110
runc skopeo [2:1.14.3-2]
- update to the latest content of https://github.com/containers/skopeo/tree/release-1.14 (https://github.com/containers/skopeo/commit/5f2b9af)
- Resolves: RHEL-28728
[2:1.14.3-1]
- update to the latest content of https://github.com/containers/skopeo/tree/release-1.14 (https://github.com/containers/skopeo/commit/4a2bc3a)
- Resolves: RHEL-28226
slirp4netns [1.2.3-1]
- update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.2.3
- Related: Jira:RHEL-2110
[1.2.2-1]
- update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.2.2
- Related: Jira:RHEL-2110
udica [0.2.6-21]
- bump release to preserve update path
- Resolves: RHEL-32671
[0.2.6-20]
- bump release to preserve update path
- Related: #2139052
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
Module container-tools:ol8 is enabled
aardvark-dns
1.10.0-1.module+el8.10.0+90298+77a9814d
buildah
1.33.7-2.module+el8.10.0+90352+16362864
buildah-tests
1.33.7-2.module+el8.10.0+90352+16362864
cockpit-podman
84.1-1.module+el8.10.0+90298+77a9814d
conmon
2.1.10-1.module+el8.10.0+90298+77a9814d
container-selinux
2.229.0-2.module+el8.10.0+90298+77a9814d
containernetworking-plugins
1.4.0-2.module+el8.10.0+90298+77a9814d
containers-common
1-81.0.1.module+el8.10.0+90298+77a9814d
crit
3.18-5.module+el8.10.0+90337+0d7b6e74
criu
3.18-5.module+el8.10.0+90337+0d7b6e74
criu-devel
3.18-5.module+el8.10.0+90337+0d7b6e74
criu-libs
3.18-5.module+el8.10.0+90337+0d7b6e74
crun
1.14.3-2.module+el8.10.0+90298+77a9814d
fuse-overlayfs
1.13-1.module+el8.10.0+90298+77a9814d
libslirp
4.4.0-2.module+el8.10.0+90337+0d7b6e74
libslirp-devel
4.4.0-2.module+el8.10.0+90337+0d7b6e74
netavark
1.10.3-1.module+el8.10.0+90298+77a9814d
oci-seccomp-bpf-hook
1.2.10-1.module+el8.10.0+90298+77a9814d
podman
4.9.4-3.0.1.module+el8.10.0+90352+16362864
podman-catatonit
4.9.4-3.0.1.module+el8.10.0+90352+16362864
podman-docker
4.9.4-3.0.1.module+el8.10.0+90352+16362864
podman-gvproxy
4.9.4-3.0.1.module+el8.10.0+90352+16362864
podman-plugins
4.9.4-3.0.1.module+el8.10.0+90352+16362864
podman-remote
4.9.4-3.0.1.module+el8.10.0+90352+16362864
podman-tests
4.9.4-3.0.1.module+el8.10.0+90352+16362864
python3-criu
3.18-5.module+el8.10.0+90337+0d7b6e74
python3-podman
4.9.0-1.module+el8.10.0+90298+77a9814d
runc
1.1.12-1.module+el8.10.0+90298+77a9814d
skopeo
1.14.3-2.module+el8.10.0+90337+0d7b6e74
skopeo-tests
1.14.3-2.module+el8.10.0+90337+0d7b6e74
slirp4netns
1.2.3-1.module+el8.10.0+90298+77a9814d
udica
0.2.6-21.module+el8.10.0+90337+0d7b6e74
Oracle Linux x86_64
Module container-tools:ol8 is enabled
aardvark-dns
1.10.0-1.module+el8.10.0+90298+77a9814d
buildah
1.33.7-2.module+el8.10.0+90352+16362864
buildah-tests
1.33.7-2.module+el8.10.0+90352+16362864
cockpit-podman
84.1-1.module+el8.10.0+90298+77a9814d
conmon
2.1.10-1.module+el8.10.0+90298+77a9814d
container-selinux
2.229.0-2.module+el8.10.0+90298+77a9814d
containernetworking-plugins
1.4.0-2.module+el8.10.0+90298+77a9814d
containers-common
1-81.0.1.module+el8.10.0+90298+77a9814d
crit
3.18-5.module+el8.10.0+90337+0d7b6e74
criu
3.18-5.module+el8.10.0+90337+0d7b6e74
criu-devel
3.18-5.module+el8.10.0+90337+0d7b6e74
criu-libs
3.18-5.module+el8.10.0+90337+0d7b6e74
crun
1.14.3-2.module+el8.10.0+90298+77a9814d
fuse-overlayfs
1.13-1.module+el8.10.0+90298+77a9814d
libslirp
4.4.0-2.module+el8.10.0+90337+0d7b6e74
libslirp-devel
4.4.0-2.module+el8.10.0+90337+0d7b6e74
netavark
1.10.3-1.module+el8.10.0+90298+77a9814d
oci-seccomp-bpf-hook
1.2.10-1.module+el8.10.0+90298+77a9814d
podman
4.9.4-3.0.1.module+el8.10.0+90352+16362864
podman-catatonit
4.9.4-3.0.1.module+el8.10.0+90352+16362864
podman-docker
4.9.4-3.0.1.module+el8.10.0+90352+16362864
podman-gvproxy
4.9.4-3.0.1.module+el8.10.0+90352+16362864
podman-plugins
4.9.4-3.0.1.module+el8.10.0+90352+16362864
podman-remote
4.9.4-3.0.1.module+el8.10.0+90352+16362864
podman-tests
4.9.4-3.0.1.module+el8.10.0+90352+16362864
python3-criu
3.18-5.module+el8.10.0+90337+0d7b6e74
python3-podman
4.9.0-1.module+el8.10.0+90298+77a9814d
runc
1.1.12-1.module+el8.10.0+90298+77a9814d
skopeo
1.14.3-2.module+el8.10.0+90337+0d7b6e74
skopeo-tests
1.14.3-2.module+el8.10.0+90337+0d7b6e74
slirp4netns
1.2.3-1.module+el8.10.0+90298+77a9814d
udica
0.2.6-21.module+el8.10.0+90337+0d7b6e74
Связанные CVE
Связанные уязвимости
ELSA-2024-3827: buildah security and bug fix update (MODERATE)
ELSA-2024-3826: podman security and bug fix update (MODERATE)
jose is JavaScript module for JSON Object Signing and Encryption, providing support for JSON Web Tokens (JWT), JSON Web Signature (JWS), JSON Web Encryption (JWE), JSON Web Key (JWK), JSON Web Key Set (JWKS), and more. A vulnerability has been identified in the JSON Web Encryption (JWE) decryption interfaces, specifically related to the support for decompressing plaintext after its decryption. Under certain conditions it is possible to have the user's environment consume unreasonable amount of CPU time or memory during JWE Decryption operations. This issue has been patched in versions 2.0.7 and 4.15.5.