container-tools:3.0 security update

2022-11-1500:00:00

linux.oracle.com

buildah

cockpit-podman

conmon

containernetworking-plugins

criu

crun

fuse-overlayfs

libslirp

oci-seccomp-bpf-hook

podman

security-update

cve-2021-3602

cve-2022-1708

cve-2022-27650

rhel8-kernel

0.005 Low

EPSS

Percentile

75.8%

JSON

buildah
[1.19.9-6]

update to the latest content of https://github.com/containers/buildah/tree/release-1.19
(https://github.com/containers/buildah/commit/6d7f496)
Related: #2061390
[1.19.9-5]
update to the latest content of https://github.com/containers/buildah/tree/release-1.19
(https://github.com/containers/buildah/commit/d69ac6e)
Related: #2061390
[1.19.9-4]
update to the latest content of https://github.com/containers/buildah/tree/release-1.19
(https://github.com/containers/buildah/commit/7c6701d)
Related: #2061390
[1.19.9-3]
update to the latest content of https://github.com/containers/buildah/tree/release-1.19
(https://github.com/containers/buildah/commit/3808e27)
Related: #2061390
[1.19.9-2]
update to the latest content of https://github.com/containers/buildah/tree/release-1.19
(https://github.com/containers/buildah/commit/ff5434f)
Related: #2001445
[1.19.9-1]
update to the latest content of https://github.com/containers/buildah/tree/release-1.19
(https://github.com/containers/buildah/commit/c1d6200)
fixes CVE-2021-3602
Related: #1977943
cockpit-podman
[29-2]
fix gating test failure for cockpit-podman
Related: #1934415
[29-1]
update to https://github.com/cockpit-project/cockpit-podman/releases/tag/29
Related: #1883490
conmon
[2:2.0.26-3]
amend CVE-2022-1708
Related: #2093390
[2:2.0.26-2]
fix CVE-2022-1708 - thanks to Peter Hunt
Related: #2061390
[2:2.0.26-1]
update to https://github.com/containers/conmon/releases/tag/v2.0.26
Related: #1883490
containernetworking-plugins
[0.9.1-1]
update to https://github.com/containernetworking/plugins/releases/tag/v0.9.1
Related: #1883490
criu
[3.15-1]
update to https://github.com/checkpoint-restore/criu/releases/tag/v3.15
Related: #1883490
crun
[0.18-3]
fix CVE-2022-27650
Related: #2061390
[0.18-2]
allow to build without glibc-static (thanks to Giuseppe Scrivano)
Related: #1883490
[0.18-1]
update to https://github.com/containers/crun/releases/tag/0.18
Related: #1883490
fuse-overlayfs
[1.4.0-2]
disable openat2 syscall again - still unsupported in current RHEL8 kernel
Related: #1883490
[1.4.0-1]
update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.4.0
Related: #1883490
libslirp
[4.3.1-1]
update to https://gitlab.freedesktop.org/slirp/libslirp/-/releases/v4.3.1
Related: #1821193
oci-seccomp-bpf-hook
[1.2.0-3]
actually apply the build fix patch
Related: #1934415
[1.2.0-2]
resolve build issue
Related: #1934415
[1.2.0-1]
revert back to 1.2.0 - build issues
Related: #1883490
podman
[3.0.1-13]
update to the latest content of https://github.com/containers/podman/tree/v3.0.1-rhel
(https://github.com/containers/podman/commit/37cd5bf)
Related: #2061390
[3.0.1-12]
update to the latest content of https://github.com/containers/podman/tree/v3.0.1-rhel
(https://github.com/containers/podman/commit/1c4d1a7)
Related: #2061390
[3.0.1-11]
update to the latest content of https://github.com/containers/podman/tree/v3.0.1-rhel
(https://github.com/containers/podman/commit/4cd74c2)
Related: #2061390
[3.0.1-10]
update to the latest content of https://github.com/containers/podman/tree/v3.0.1-rhel
(https://github.com/containers/podman/commit/47b310e)
Related: #2061390
[3.0.1-9]
update to the latest content of https://github.com/containers/podman/tree/v3.0.1-rhel
(https://github.com/containers/podman/commit/801b7e8)
Resolves: #2074144
[3.0.1-8]
update to the latest content of https://github.com/containers/podman/tree/v3.0.1-rhel
(https://github.com/containers/podman/commit/c5d8129)
Related: #2061390
[3.0.1-7]
add missing docker man pages
Related: #2009106
[3.0.1-6]
update to the latest content of https://github.com/containers/podman/tree/v3.0.1-rhel
(https://github.com/containers/podman/commit/4f91b37)
Related: #2009106
[3.0.1-5]
update to the latest content of https://github.com/containers/podman/tree/v3.0.1-rhel
(https://github.com/containers/podman/commit/2bed76e)
fixes CVE-2021-3602
Related: #1977943
[3.0.1-4]
update to the latest content of https://github.com/containers/podman/tree/v3.0.1-rhel
(https://github.com/containers/podman/commit/eebd611)
Related: #1934415
[3.0.1-3]
remove docker man page as it was removed upstream
Related: #1934415
[3.0.1-2]
update to the latest content of https://github.com/containers/podman/tree/v3.0
(https://github.com/containers/podman/commit/9a2fc37)
Related: #1883490
[3.0.1-1]
update to the latest content of https://github.com/containers/podman/tree/v3.0
(https://github.com/containers/podman/commit/7e286bc)
Related: #1883490
runc
[1.0.0-73.rc95]
fix podman run --pid=host command causes OCI permission error
rc95 fixes CVE-2021-30465
Related: #2001445
skopeo
[1.2.4-2.0.1]
Ignore rhel-shortnames.conf [JIRA: OLDIS-3902]
Handling redirect from the docker registry [Orabug: 29874238] (Nikita Gerasimov)
Add oracle registry into the conf file [Orabug: 29845934 31306708]
[1:1.2.4-2]
update to the latest content of https://github.com/containers/skopeo/tree/release-1.2
(https://github.com/containers/skopeo/commit/7300333)
Related: #2061390
[1:1.2.4-1]
update to the latest content of https://github.com/containers/skopeo/tree/release-1.2
(https://github.com/containers/skopeo/commit/9921983)
Related: #2001445
slirp4netns
[1.1.8-1]
update to
https://github.com/rootless-containers/slirp4netns/releases/tag/v1.1.8
Related: #1883490
udica
[0.2.4-1]
update to https://github.com/containers/udica/releases/tag/v0.2.4
Related: #1883490

OSVersionArchitecturePackageVersionFilename
oracle linux8srcbuildah< 1.19.9-6.modulebuildah-1.19.9-6.module+el8.7.0+20785+0180d035.src.rpm
oracle linux8srccockpit-podman< 29-2.modulecockpit-podman-29-2.module+el8.7.0+20785+0180d035.src.rpm
oracle linux8srcconmon< 2.0.26-3.moduleconmon-2.0.26-3.module+el8.7.0+20785+0180d035.src.rpm
oracle linux8srccontainer-selinux< 2.189.0-1.modulecontainer-selinux-2.189.0-1.module+el8.7.0+20785+0180d035.src.rpm
oracle linux8srccontainernetworking-plugins< 0.9.1-1.modulecontainernetworking-plugins-0.9.1-1.module+el8.7.0+20785+0180d035.src.rpm
oracle linux8srccriu< 3.15-1.modulecriu-3.15-1.module+el8.7.0+20785+0180d035.src.rpm
oracle linux8srccrun< 0.18-3.modulecrun-0.18-3.module+el8.7.0+20785+0180d035.src.rpm
oracle linux8srcfuse-overlayfs< 1.4.0-2.modulefuse-overlayfs-1.4.0-2.module+el8.7.0+20785+0180d035.src.rpm
oracle linux8srclibslirp< 4.3.1-1.modulelibslirp-4.3.1-1.module+el8.7.0+20785+0180d035.src.rpm
oracle linux8srcoci-seccomp-bpf-hook< 1.2.0-3.moduleoci-seccomp-bpf-hook-1.2.0-3.module+el8.7.0+20785+0180d035.src.rpm

OS	Version	Architecture	Package	Version	Filename
oracle linux	8	src	buildah	< 1.19.9-6.module	buildah-1.19.9-6.module+el8.7.0+20785+0180d035.src.rpm
oracle linux	8	src	cockpit-podman	< 29-2.module	cockpit-podman-29-2.module+el8.7.0+20785+0180d035.src.rpm
oracle linux	8	src	conmon	< 2.0.26-3.module	conmon-2.0.26-3.module+el8.7.0+20785+0180d035.src.rpm
oracle linux	8	src	container-selinux	< 2.189.0-1.module	container-selinux-2.189.0-1.module+el8.7.0+20785+0180d035.src.rpm
oracle linux	8	src	containernetworking-plugins	< 0.9.1-1.module	containernetworking-plugins-0.9.1-1.module+el8.7.0+20785+0180d035.src.rpm
oracle linux	8	src	criu	< 3.15-1.module	criu-3.15-1.module+el8.7.0+20785+0180d035.src.rpm
oracle linux	8	src	crun	< 0.18-3.module	crun-0.18-3.module+el8.7.0+20785+0180d035.src.rpm
oracle linux	8	src	fuse-overlayfs	< 1.4.0-2.module	fuse-overlayfs-1.4.0-2.module+el8.7.0+20785+0180d035.src.rpm
oracle linux	8	src	libslirp	< 4.3.1-1.module	libslirp-4.3.1-1.module+el8.7.0+20785+0180d035.src.rpm
oracle linux	8	src	oci-seccomp-bpf-hook	< 1.2.0-3.module	oci-seccomp-bpf-hook-1.2.0-3.module+el8.7.0+20785+0180d035.src.rpm