RLSA-2022:1762 --- cockpit-podmanID: oval:org.secpod.oval:def:4500933 | Date: (C)2023-04-03 (M)2023-11-13 |
Class: PATCH | Family: unix |
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * psgo: Privilege escalation in "podman top" * prometheus/client_golang: Denial of service using InstrumentHandlerCounter * podman: Default inheritable capabilities for linux container should be empty * crun: Default inheritable capabilities for linux container should be empty * buildah: Default inheritable capabilities for linux container should be empty For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8.6 Release Notes linked from the References section.
Product: |
cockpit-podman |
libslirp |
conmon |
python-podman |
crun |
fuse-overlayfs |
containernetworking-plugins |
oci-seccomp-bpf-hook |
udica |
podman |
runc |
slirp4netns |
container-selinux |
containers-common |
criu |
buildah |
skopeo |
aardvark-dns |
crit |
netavark |
python3-criu |
toolbox |
python3-podman |