container-tools:ol8 security, bug fix, and enhancement update

2021-05-2500:00:00

linux.oracle.com

0.005 Low

EPSS

Percentile

77.5%

JSON

cockpit-podman
[29-2]

fix gating test failure for cockpit-podman
Related: #1914884
[29-1]
update to https://github.com/cockpit-project/cockpit-podman/releases/tag/29
Related: #1883490
conmon
[2:2.0.26-1]
update to https://github.com/containers/conmon/releases/tag/v2.0.26
Related: #1883490
container-selinux
[2:2.158.0-1]
update to https://github.com/containers/container-selinux/releases/tag/v2.158.0
Related: #1883490
crun
[0.18-1]
allow to build without glibc-static (thanks to Giuseppe Scrivano)
Related: #1883490
[0.17-2]
reverting back to 0.17 as theres no glibc-static in RHEL
Related: #1883490
[0.18-1]
update to https://github.com/containers/crun/releases/tag/0.18
Related: #1883490
fuse-overlayfs
[1.4.0-2]
disable openat2 syscall again - still unsupported in current RHEL8 kernel
Related: #1883490
[1.4.0-1]
update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.4.0
Related: #1883490
oci-seccomp-bpf-hook
[1.2.0-2]
revert back to 1.2.0 - build issues
Related: #1883490
podman
[3.0.1-6]
update to the latest content of https://github.com/containers/podman/tree/v3.0.1-rhel
(https://github.com/containers/podman/commit/ad1aaba)
Resolves: #1921128
Resolves: #1936927
Resolves: #1938234
[3.0.1-5]
update to the latest content of https://github.com/containers/podman/tree/v3.0.1-rhel
(https://github.com/containers/podman/commit/fcca86d)
Resolves: #1936927
[3.0.1-4]
update to the latest content of https://github.com/containers/podman/tree/v3.0.1-rhel
(https://github.com/containers/podman/commit/c67172a)
Resolves: #1935376
[3.0.1-3]
update to the latest content of https://github.com/containers/podman/tree/v3.0.1-rhel
(https://github.com/containers/podman/commit/7a71903)
Resolves: #1931545
[3.0.1-2]
update to the latest content of https://github.com/containers/podman/tree/v3.0
(https://github.com/containers/podman/commit/9a2fc37)
Related: #1883490
[3.0.1-1]
update to the latest content of https://github.com/containers/podman/tree/v3.0
(https://github.com/containers/podman/commit/7e286bc)
Related: #1883490
runc
[1.0.0-70.rc92]
add missing Provides: oci-runtime = 1
Related: #1883490
[1.0.0-69.rc92]
still use ExcludeArch as go_arches macro is broken for 8.4
Related: #1883490
[1.0.0-68.rc92]
update to https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc92
propagate proper CFLAGS to CGO_CFLAGS to assure code hardening and optimization
Related: #1821193
[1.0.0-67.rc91]
update to https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc91
Related: #1821193
[1.0.0-66.rc10]
synchronize containter-tools 8.3.0 with 8.2.1
Related: #1821193
[1.0.0-65.rc10]
address CVE-2019-19921 by updating to rc10
Resolves: #1801887
[1.0.0-64.rc9]
use no_openssl in BUILDTAGS (no vendored crypto in runc)
Related: RHELPLAN-25139
skopeo
[1.2.2-8.0.1]
Ignore rhel-shortnames.conf [JIRA: OLDIS-3902]
Temporarily update shortnames.conf for oraclelinux to point to docker [JIRA: OLDIS-3902]
Handling redirect from the docker registry [Orabug: 29874238] (Nikita Gerasimov)
Add oracle registry into the conf file [Orabug: 29845934 31306708]
[1:1.2.2-8]
use runc as default OCI runtime in RHEL8
Resolves: #1940854
[1:1.2.2-7]
update documentation and configs according to the current
versions of vendored projects
Related: #1938234
[1:1.2.2-6]
update to the latest content of https://github.com/containers/skopeo/tree/release-1.2
(https://github.com/containers/skopeo/commit/e7880c4)
Related: #1938234
[1:1.2.2-5]
use infra_image = registry.redhat.io/ubi8/pause in contiainers.conf
(unlike previous one ubi8/pause doesnt require authentication)
Related: #1934947
[1:1.2.2-4]
quote infra_image registry, otherwise it cant be parsed
Related: #1934947
[1:1.2.2-3]
use infra_image = registry.redhat.io/rhel8/pause in contiainers.conf
Resolves: #1934947
[1:1.2.2-2]
update rhel-shortnames.conf to include only trusted registries
Resolves: #1931785
[1:1.2.2-1]
update to the latest content of https://github.com/containers/skopeo/tree/release-1.2
(https://github.com/containers/skopeo/commit/e72dd9c)
Related: #1883490
udica
[0.2.4-1]
update to https://github.com/containers/udica/releases/tag/v0.2.4
Related: #1883490

OSVersionArchitecturePackageVersionFilename
oracle linux8srcbuildah< 1.19.7-1.0.1.modulebuildah-1.19.7-1.0.1.module+el8.4.0+20157+b6591bfb.src.rpm
oracle linux8srccockpit-podman< 29-2.modulecockpit-podman-29-2.module+el8.4.0+20157+b6591bfb.src.rpm
oracle linux8srcconmon< 2.0.26-1.moduleconmon-2.0.26-1.module+el8.4.0+20157+b6591bfb.src.rpm
oracle linux8srccontainer-selinux< 2.158.0-1.modulecontainer-selinux-2.158.0-1.module+el8.4.0+20157+b6591bfb.src.rpm
oracle linux8srccontainernetworking-plugins< 0.9.1-1.modulecontainernetworking-plugins-0.9.1-1.module+el8.4.0+20157+b6591bfb.src.rpm
oracle linux8srccriu< 3.15-1.modulecriu-3.15-1.module+el8.4.0+20157+b6591bfb.src.rpm
oracle linux8srccrun< 0.18-1.modulecrun-0.18-1.module+el8.4.0+20157+b6591bfb.src.rpm
oracle linux8srcfuse-overlayfs< 1.4.0-2.modulefuse-overlayfs-1.4.0-2.module+el8.4.0+20157+b6591bfb.src.rpm
oracle linux8srclibslirp< 4.3.1-1.modulelibslirp-4.3.1-1.module+el8.4.0+20157+b6591bfb.src.rpm
oracle linux8srcoci-seccomp-bpf-hook< 1.2.0-2.moduleoci-seccomp-bpf-hook-1.2.0-2.module+el8.4.0+20157+b6591bfb.src.rpm

OS	Version	Architecture	Package	Version	Filename
oracle linux	8	src	buildah	< 1.19.7-1.0.1.module	buildah-1.19.7-1.0.1.module+el8.4.0+20157+b6591bfb.src.rpm
oracle linux	8	src	cockpit-podman	< 29-2.module	cockpit-podman-29-2.module+el8.4.0+20157+b6591bfb.src.rpm
oracle linux	8	src	conmon	< 2.0.26-1.module	conmon-2.0.26-1.module+el8.4.0+20157+b6591bfb.src.rpm
oracle linux	8	src	container-selinux	< 2.158.0-1.module	container-selinux-2.158.0-1.module+el8.4.0+20157+b6591bfb.src.rpm
oracle linux	8	src	containernetworking-plugins	< 0.9.1-1.module	containernetworking-plugins-0.9.1-1.module+el8.4.0+20157+b6591bfb.src.rpm
oracle linux	8	src	criu	< 3.15-1.module	criu-3.15-1.module+el8.4.0+20157+b6591bfb.src.rpm
oracle linux	8	src	crun	< 0.18-1.module	crun-0.18-1.module+el8.4.0+20157+b6591bfb.src.rpm
oracle linux	8	src	fuse-overlayfs	< 1.4.0-2.module	fuse-overlayfs-1.4.0-2.module+el8.4.0+20157+b6591bfb.src.rpm
oracle linux	8	src	libslirp	< 4.3.1-1.module	libslirp-4.3.1-1.module+el8.4.0+20157+b6591bfb.src.rpm
oracle linux	8	src	oci-seccomp-bpf-hook	< 1.2.0-2.module	oci-seccomp-bpf-hook-1.2.0-2.module+el8.4.0+20157+b6591bfb.src.rpm