Описание
ELSA-2026-3428: container-tools:ol8 security update (IMPORTANT)
aardvark-dns [2:1.10.1-2]
- build off the RHEL maintenance branch
- Resolves: RHEL-59129
buildah [2:1.33.14-2]
- rebuild for CVE-2025-61729
- Resolves: RHEL-140529
cockpit-podman [84.1-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/84.1
- Related: Jira:RHEL-25557
conmon [3:2.1.10-1]
- update to https://github.com/containers/conmon/releases/tag/v2.1.10
- Related: Jira:RHEL-2110
containernetworking-plugins [1:1.4.0-6]
- rebuild for CVE-2025-22871
- Resolves: RHEL-89244
containers-common [1-82.0.1]
- Updated removed references [Orabug: 33473101] (Alex Burmashev)
- Adjust registries.conf (Nikita Gerasimov)
- remove references to RedHat registry (Nikita Gerasimov)
container-selinux [2:2.229.0-2]
- remove watch statements properly for RHEL8 and lower
- Related: Jira:RHEL-2110
criu [3.18-5]
- rebuild to preserve upgrade path
- Related: RHEL-32671
crun [1.14.3-2]
- remove BR libgcrypt-devel, no longer needed
- Related: Jira:RHEL-2110
fuse-overlayfs [1.13-1]
- update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.13
- Related: Jira:RHEL-2110
libslirp [4.4.0-2]
- rebuild to preserve upgrade path 8.9 -> 8.10
- Related: RHEL-32671
netavark [2:1.10.3-1]
- update to https://github.com/containers/netavark/releases/tag/v1.10.3
- Related: Jira:RHEL-2110
oci-seccomp-bpf-hook [1.2.10-1]
- update to https://github.com/containers/oci-seccomp-bpf-hook/releases/tag/v1.2.10
- Related: Jira:RHEL-2110
podman [4.9.4-27.0.1]
- Fixes issue of container created in cgroupv2 not start in cgroupv1 [Orabug: 36136813]
- Fixes container memory limit not set after host is rebooted with cgroupv2 [Orabug: 36136802]
- Fixes issue of podman execvp error while using podmansh [Orabug: 36756665]
python-podman [4.9.0-3]
- sync with release-4.9 branch
- Resolves: RHEL-31069
runc [4:1.2.9-3]
- rebuild for CVE-2025-61729
- Resolves: RHEL-140533
skopeo [2:1.14.5-6]
- rebuild for CVE-2025-61729
- Resolves: RHEL-140534
slirp4netns [1.2.3-1]
- update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.2.3
- Related: Jira:RHEL-2110
udica [0.2.6-21]
- bump release to preserve update path
- Resolves: RHEL-32671
Обновленные пакеты
Oracle Linux 8
Oracle Linux aarch64
Module container-tools:ol8 is enabled
aardvark-dns
1.10.1-2.module+el8.10.0+90820+1c0b9746
buildah
1.33.14-2.module+el8.10.0+90820+1c0b9746
buildah-tests
1.33.14-2.module+el8.10.0+90820+1c0b9746
cockpit-podman
84.1-1.module+el8.10.0+90820+1c0b9746
conmon
2.1.10-1.module+el8.10.0+90820+1c0b9746
container-selinux
2.229.0-2.module+el8.10.0+90820+1c0b9746
containernetworking-plugins
1.4.0-6.module+el8.10.0+90820+1c0b9746
containers-common
1-82.0.1.module+el8.10.0+90820+1c0b9746
crit
3.18-5.module+el8.10.0+90820+1c0b9746
criu
3.18-5.module+el8.10.0+90820+1c0b9746
criu-devel
3.18-5.module+el8.10.0+90820+1c0b9746
criu-libs
3.18-5.module+el8.10.0+90820+1c0b9746
crun
1.14.3-2.module+el8.10.0+90820+1c0b9746
fuse-overlayfs
1.13-1.module+el8.10.0+90820+1c0b9746
libslirp
4.4.0-2.module+el8.10.0+90820+1c0b9746
libslirp-devel
4.4.0-2.module+el8.10.0+90820+1c0b9746
netavark
1.10.3-1.module+el8.10.0+90820+1c0b9746
oci-seccomp-bpf-hook
1.2.10-1.module+el8.10.0+90820+1c0b9746
podman
4.9.4-27.0.1.module+el8.10.0+90820+1c0b9746
podman-catatonit
4.9.4-27.0.1.module+el8.10.0+90820+1c0b9746
podman-docker
4.9.4-27.0.1.module+el8.10.0+90820+1c0b9746
podman-gvproxy
4.9.4-27.0.1.module+el8.10.0+90820+1c0b9746
podman-plugins
4.9.4-27.0.1.module+el8.10.0+90820+1c0b9746
podman-remote
4.9.4-27.0.1.module+el8.10.0+90820+1c0b9746
podman-tests
4.9.4-27.0.1.module+el8.10.0+90820+1c0b9746
python3-criu
3.18-5.module+el8.10.0+90820+1c0b9746
python3-podman
4.9.0-3.module+el8.10.0+90820+1c0b9746
runc
1.2.9-3.module+el8.10.0+90820+1c0b9746
skopeo
1.14.5-6.module+el8.10.0+90820+1c0b9746
skopeo-tests
1.14.5-6.module+el8.10.0+90820+1c0b9746
slirp4netns
1.2.3-1.module+el8.10.0+90820+1c0b9746
udica
0.2.6-21.module+el8.10.0+90820+1c0b9746
Oracle Linux x86_64
Module container-tools:ol8 is enabled
aardvark-dns
1.10.1-2.module+el8.10.0+90820+1c0b9746
buildah
1.33.14-2.module+el8.10.0+90820+1c0b9746
buildah-tests
1.33.14-2.module+el8.10.0+90820+1c0b9746
cockpit-podman
84.1-1.module+el8.10.0+90820+1c0b9746
conmon
2.1.10-1.module+el8.10.0+90820+1c0b9746
container-selinux
2.229.0-2.module+el8.10.0+90820+1c0b9746
containernetworking-plugins
1.4.0-6.module+el8.10.0+90820+1c0b9746
containers-common
1-82.0.1.module+el8.10.0+90820+1c0b9746
crit
3.18-5.module+el8.10.0+90820+1c0b9746
criu
3.18-5.module+el8.10.0+90820+1c0b9746
criu-devel
3.18-5.module+el8.10.0+90820+1c0b9746
criu-libs
3.18-5.module+el8.10.0+90820+1c0b9746
crun
1.14.3-2.module+el8.10.0+90820+1c0b9746
fuse-overlayfs
1.13-1.module+el8.10.0+90820+1c0b9746
libslirp
4.4.0-2.module+el8.10.0+90820+1c0b9746
libslirp-devel
4.4.0-2.module+el8.10.0+90820+1c0b9746
netavark
1.10.3-1.module+el8.10.0+90820+1c0b9746
oci-seccomp-bpf-hook
1.2.10-1.module+el8.10.0+90820+1c0b9746
podman
4.9.4-27.0.1.module+el8.10.0+90820+1c0b9746
podman-catatonit
4.9.4-27.0.1.module+el8.10.0+90820+1c0b9746
podman-docker
4.9.4-27.0.1.module+el8.10.0+90820+1c0b9746
podman-gvproxy
4.9.4-27.0.1.module+el8.10.0+90820+1c0b9746
podman-plugins
4.9.4-27.0.1.module+el8.10.0+90820+1c0b9746
podman-remote
4.9.4-27.0.1.module+el8.10.0+90820+1c0b9746
podman-tests
4.9.4-27.0.1.module+el8.10.0+90820+1c0b9746
python3-criu
3.18-5.module+el8.10.0+90820+1c0b9746
python3-podman
4.9.0-3.module+el8.10.0+90820+1c0b9746
runc
1.2.9-3.module+el8.10.0+90820+1c0b9746
skopeo
1.14.5-6.module+el8.10.0+90820+1c0b9746
skopeo-tests
1.14.5-6.module+el8.10.0+90820+1c0b9746
slirp4netns
1.2.3-1.module+el8.10.0+90820+1c0b9746
udica
0.2.6-21.module+el8.10.0+90820+1c0b9746
Связанные CVE
Связанные уязвимости
If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates.
If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates.
If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates.
Errors returned from JSON marshaling may break template escaping in html/template