Описание
Security update for podman
This update for podman fixes the following issues:
- CVE-2022-2989: Fixed possible information disclosure and modification (bsc#1202809).
Список пакетов
Container rancher/elemental-teal-rt/5.4:latest
podman-3.4.7-150400.4.6.1
Container rancher/elemental-teal/5.4:latest
podman-3.4.7-150400.4.6.1
SUSE Linux Enterprise Micro 5.3
podman-3.4.7-150400.4.6.1
podman-cni-config-3.4.7-150400.4.6.1
SUSE Linux Enterprise Module for Containers 15 SP4
podman-3.4.7-150400.4.6.1
podman-cni-config-3.4.7-150400.4.6.1
podman-docker-3.4.7-150400.4.6.1
podman-remote-3.4.7-150400.4.6.1
openSUSE Leap 15.4
podman-3.4.7-150400.4.6.1
podman-cni-config-3.4.7-150400.4.6.1
podman-docker-3.4.7-150400.4.6.1
podman-remote-3.4.7-150400.4.6.1
Ссылки
- Link for SUSE-SU-2022:3820-1
- E-Mail link for SUSE-SU-2022:3820-1
- SUSE Security Ratings
- SUSE Bug 1202809
- SUSE CVE CVE-2022-2989 page
Описание
An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
Затронутые продукты
Container rancher/elemental-teal-rt/5.4:latest:podman-3.4.7-150400.4.6.1
Container rancher/elemental-teal/5.4:latest:podman-3.4.7-150400.4.6.1
SUSE Linux Enterprise Micro 5.3:podman-3.4.7-150400.4.6.1
SUSE Linux Enterprise Micro 5.3:podman-cni-config-3.4.7-150400.4.6.1
Ссылки
- CVE-2022-2989
- SUSE Bug 1202809