Описание
ELSA-2024-5258: container-tools:ol8 security update (IMPORTANT)
aardvark-dns buildah [2:1.33.8-4]
- rebuild for golang fixes
- Related: RHEL-28452
cockpit-podman [84.1-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/84.1
- Related: Jira:RHEL-25557
conmon [3:2.1.10-1]
- update to https://github.com/containers/conmon/releases/tag/v2.1.10
- Related: Jira:RHEL-2110
containernetworking-plugins [1:1.4.0-5]
- rebuild for golang fixes
- Related: RHEL-28452
containers-common [1-82.0.1]
- Updated removed references [Orabug: 33473101] (Alex Burmashev)
- Adjust registries.conf (Nikita Gerasimov)
- remove references to RedHat registry (Nikita Gerasimov)
container-selinux [2:2.229.0-2]
- remove watch statements properly for RHEL8 and lower
- Related: Jira:RHEL-2110
criu crun [1.14.3-2]
- remove BR libgcrypt-devel, no longer needed
- Related: Jira:RHEL-2110
fuse-overlayfs [1.13-1]
- update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.13
- Related: Jira:RHEL-2110
libslirp netavark oci-seccomp-bpf-hook [1.2.10-1]
- update to https://github.com/containers/oci-seccomp-bpf-hook/releases/tag/v1.2.10
- Related: Jira:RHEL-2110
podman [4.9.4-12.0.2]
- Fixes issue of podman execvp error while using podmansh [Orabug: 36756665]
python-podman [4.9.0-2]
- depend directly on urllib3
- Resolves: RHEL-43567
runc [1:1.1.12-4]
- rebuild for golang fixes
- Related: RHEL-28452
skopeo [2:1.14.5-3]
- rebuild for golang fixes
- Related: RHEL-28452
slirp4netns [1.2.3-1]
- update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.2.3
- Related: Jira:RHEL-2110
udica
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
Module container-tools:ol8 is enabled
aardvark-dns
1.10.0-1.module+el8.10.0+90384+a78ffc57
buildah
1.33.8-4.module+el8.10.0+90384+a78ffc57
buildah-tests
1.33.8-4.module+el8.10.0+90384+a78ffc57
cockpit-podman
84.1-1.module+el8.10.0+90384+a78ffc57
conmon
2.1.10-1.module+el8.10.0+90384+a78ffc57
container-selinux
2.229.0-2.module+el8.10.0+90384+a78ffc57
containernetworking-plugins
1.4.0-5.module+el8.10.0+90384+a78ffc57
containers-common
1-82.0.1.module+el8.10.0+90384+a78ffc57
crit
3.18-5.module+el8.10.0+90384+a78ffc57
criu
3.18-5.module+el8.10.0+90384+a78ffc57
criu-devel
3.18-5.module+el8.10.0+90384+a78ffc57
criu-libs
3.18-5.module+el8.10.0+90384+a78ffc57
crun
1.14.3-2.module+el8.10.0+90384+a78ffc57
fuse-overlayfs
1.13-1.module+el8.10.0+90384+a78ffc57
libslirp
4.4.0-2.module+el8.10.0+90384+a78ffc57
libslirp-devel
4.4.0-2.module+el8.10.0+90384+a78ffc57
netavark
1.10.3-1.module+el8.10.0+90384+a78ffc57
oci-seccomp-bpf-hook
1.2.10-1.module+el8.10.0+90384+a78ffc57
podman
4.9.4-12.0.2.module+el8.10.0+90384+a78ffc57
podman-catatonit
4.9.4-12.0.2.module+el8.10.0+90384+a78ffc57
podman-docker
4.9.4-12.0.2.module+el8.10.0+90384+a78ffc57
podman-gvproxy
4.9.4-12.0.2.module+el8.10.0+90384+a78ffc57
podman-plugins
4.9.4-12.0.2.module+el8.10.0+90384+a78ffc57
podman-remote
4.9.4-12.0.2.module+el8.10.0+90384+a78ffc57
podman-tests
4.9.4-12.0.2.module+el8.10.0+90384+a78ffc57
python3-criu
3.18-5.module+el8.10.0+90384+a78ffc57
python3-podman
4.9.0-2.module+el8.10.0+90384+a78ffc57
runc
1.1.12-4.module+el8.10.0+90384+a78ffc57
skopeo
1.14.5-3.module+el8.10.0+90384+a78ffc57
skopeo-tests
1.14.5-3.module+el8.10.0+90384+a78ffc57
slirp4netns
1.2.3-1.module+el8.10.0+90384+a78ffc57
udica
0.2.6-21.module+el8.10.0+90384+a78ffc57
Oracle Linux x86_64
Module container-tools:ol8 is enabled
aardvark-dns
1.10.0-1.module+el8.10.0+90384+a78ffc57
buildah
1.33.8-4.module+el8.10.0+90384+a78ffc57
buildah-tests
1.33.8-4.module+el8.10.0+90384+a78ffc57
cockpit-podman
84.1-1.module+el8.10.0+90384+a78ffc57
conmon
2.1.10-1.module+el8.10.0+90384+a78ffc57
container-selinux
2.229.0-2.module+el8.10.0+90384+a78ffc57
containernetworking-plugins
1.4.0-5.module+el8.10.0+90384+a78ffc57
containers-common
1-82.0.1.module+el8.10.0+90384+a78ffc57
crit
3.18-5.module+el8.10.0+90384+a78ffc57
criu
3.18-5.module+el8.10.0+90384+a78ffc57
criu-devel
3.18-5.module+el8.10.0+90384+a78ffc57
criu-libs
3.18-5.module+el8.10.0+90384+a78ffc57
crun
1.14.3-2.module+el8.10.0+90384+a78ffc57
fuse-overlayfs
1.13-1.module+el8.10.0+90384+a78ffc57
libslirp
4.4.0-2.module+el8.10.0+90384+a78ffc57
libslirp-devel
4.4.0-2.module+el8.10.0+90384+a78ffc57
netavark
1.10.3-1.module+el8.10.0+90384+a78ffc57
oci-seccomp-bpf-hook
1.2.10-1.module+el8.10.0+90384+a78ffc57
podman
4.9.4-12.0.2.module+el8.10.0+90384+a78ffc57
podman-catatonit
4.9.4-12.0.2.module+el8.10.0+90384+a78ffc57
podman-docker
4.9.4-12.0.2.module+el8.10.0+90384+a78ffc57
podman-gvproxy
4.9.4-12.0.2.module+el8.10.0+90384+a78ffc57
podman-plugins
4.9.4-12.0.2.module+el8.10.0+90384+a78ffc57
podman-remote
4.9.4-12.0.2.module+el8.10.0+90384+a78ffc57
podman-tests
4.9.4-12.0.2.module+el8.10.0+90384+a78ffc57
python3-criu
3.18-5.module+el8.10.0+90384+a78ffc57
python3-podman
4.9.0-2.module+el8.10.0+90384+a78ffc57
runc
1.1.12-4.module+el8.10.0+90384+a78ffc57
skopeo
1.14.5-3.module+el8.10.0+90384+a78ffc57
skopeo-tests
1.14.5-3.module+el8.10.0+90384+a78ffc57
slirp4netns
1.2.3-1.module+el8.10.0+90384+a78ffc57
udica
0.2.6-21.module+el8.10.0+90384+a78ffc57
Ссылки на источники
Связанные уязвимости
go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7.
go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7.
go-retryablehttp prior to 0.7.7 did not sanitize urls when writing them to its log file. This could lead to go-retryablehttp writing sensitive HTTP basic auth credentials to its log file. This vulnerability, CVE-2024-6104, was fixed in go-retryablehttp 0.7.7.