Lucene search
RedHatRHSA-2020:5055HistoryNov 10, 2020 - 1:33 p.m.
(RHSA-2020:5055) Moderate: buildah security update
2020-11-1013:33:39
access.redhat.com
48
0.001 Low
EPSS
Percentile
45.8%
The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images.
Security Fix(es):
- golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 7 | x86_64 | buildah | <ย 1.11.6-12.el7_9 | buildah-1.11.6-12.el7_9.x86_64.rpm |
| RedHat | 7 | s390x | buildah | <ย 1.11.6-12.el7_9 | buildah-1.11.6-12.el7_9.s390x.rpm |
| RedHat | 7 | s390x | buildah-debuginfo | <ย 1.11.6-12.el7_9 | buildah-debuginfo-1.11.6-12.el7_9.s390x.rpm |
| RedHat | 7 | x86_64 | buildah-debuginfo | <ย 1.11.6-12.el7_9 | buildah-debuginfo-1.11.6-12.el7_9.x86_64.rpm |
| RedHat | 7 | ppc64le | buildah | <ย 1.11.6-12.el7_9 | buildah-1.11.6-12.el7_9.ppc64le.rpm |
| RedHat | 7 | ppc64le | buildah-debuginfo | <ย 1.11.6-12.el7_9 | buildah-debuginfo-1.11.6-12.el7_9.ppc64le.rpm |
Related
osv
osv
Infinite loop when decoding some inputs in golang.org/x/text
2021-04-14 20:04:52
golang.org/x/text Infinite loop
2021-05-18 18:34:35
CVE-2020-14040
2020-06-17 20:15:09
nessus
nessus
RHEL 7 : skopeo (RHSA-2020:5054)
2020-11-11 00:00:00
RHEL 7 : buildah (RHSA-2020:5055)
2020-11-11 00:00:00
RHEL 7 : podman (RHSA-2020:5056)
2020-11-11 00:00:00
redhat
redhat
github
github
golang.org/x/text Infinite loop
2021-05-18 18:34:35
cvelist
cvelist
CVE-2020-14040
2020-06-17 19:22:31
prion
prion
Design/Logic Flaw
2020-06-17 20:15:00
wolfi
wolfi
CVE-2020-14040 vulnerabilities
2024-07-03 09:08:38
cve
cve
CVE-2020-14040
2020-06-17 20:15:09
ibm
ibm
debiancve
debiancve
CVE-2020-14040
2020-06-17 20:15:09
veracode
veracode
Denial Of Service (DoS)
2020-06-17 03:55:36
redhatcve
redhatcve
CVE-2020-14040
2021-06-27 12:24:34
nvd
nvd
CVE-2020-14040
2020-06-17 20:15:09
ubuntucve
ubuntucve
CVE-2020-14040
2020-06-17 00:00:00
gitlab
gitlab
Loop with Unreachable Exit Condition (Infinite Loop)
2020-06-17 00:00:00
Loop with Unreachable Exit Condition ('Infinite Loop')
2021-05-18 00:00:00
cgr
cgr
CVE-2020-14040 vulnerabilities
2024-05-19 03:07:16
amazon
amazon
Medium: golang
2020-09-28 20:57:00
Medium: golang
2020-10-26 18:04:00
openvas
openvas
Fedora: Security Advisory for golang (FEDORA-2020-d75360e2b0)
2020-07-31 00:00:00
Fedora: Security Advisory for golang (FEDORA-2020-9cd1204ba0)
2020-07-31 00:00:00
Fedora: Security Advisory for golang (FEDORA-2020-a55f130272)
2020-09-08 00:00:00
fedora
fedora
[SECURITY] Fedora 31 Update: golang-1.13.14-1.fc31
2020-07-28 15:03:46
[SECURITY] Fedora 32 Update: golang-1.14.6-1.fc32
2020-07-30 17:53:53
[SECURITY] Fedora 32 Update: golang-1.14.7-1.fc32
2020-09-07 17:14:54
oraclelinux
oraclelinux
container-tools:ol8 security, bug fix, and enhancement update
2020-11-10 00:00:00
go-toolset:ol8 security update
2020-09-11 00:00:00
almalinux
almalinux
Moderate: container-tools:rhel8 security, bug fix, and enhancement update
2020-11-03 12:27:37
rocky
rocky
container-tools:rhel8 security, bug fix, and enhancement update
2020-11-03 12:27:37
ubuntu
ubuntu
Go Text vulnerabilities
2023-02-16 00:00:00