RHSA-2020:1230-01 -- Redhat skopeoID: oval:org.secpod.oval:def:503634 | Date: (C)2020-04-06 (M)2022-11-30 |
Class: PATCH | Family: unix |
The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. Security Fix: * proglottis/gpgme: Use-after-free in GPGME bindings during container image pull For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Bug Fix: * Skopeo doesn"t handle HTTP 429 errors properly * skopeo does not show manifest manifest.list.v2 for special cases * skopeo inspect results in panic: runtime error: invalid memory address or nil pointer dereference * skopeo should be linked against gpgme-pthread * docker won"t start because registries service won"t start
Platform: |
Red Hat Enterprise Linux 7 |