RLSA-2022:7822 --- cockpit-podmanID: oval:org.secpod.oval:def:4500973 | Date: (C)2023-04-03 (M)2023-12-11 |
Class: PATCH | Family: unix |
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * podman: possible information disclosure and modification * buildah: possible information disclosure and modification For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. Bug Fix: * podman creates lock file in /etc/cni/net.d/cni.lock instead of /run/lock/ * does not support the new trust type "sigstoreSigned " * podman kill may deadlock * Error: runc: exec failed: unable to start container process: open /dev/pts/0: operation not permitted: OCI permission denied [Rocky Linux 8.7] * containers-common-1-44 is missing RPM-GPG-KEY-redhat-beta [Rocky Linux 8.7] * ADD Dockerfile reference is not validating HTTP status code [Rocky Linux8-8.7.0] * Two aardvark-dns instances trying to use the same port on the same interface. [Rocky Linux-8.7.0.z] * containers config.json gets empty after sudden power loss * PANIC podman API service endpoint handler panic * Podman container got global IPv6 address unexpectedly even when macvlan network is created for pure IPv4 network * Skopeo push image to redhat quay with sigstore was failed * Podman push image to redhat quay with sigstore was failed * Buildah push image to redhat quay with sigstore was failed * Two aardvark-dns instances trying to use the same port on the same interface. [Rocky Linux-8.8] Enhancement: * [RFE]Podman support to perform custom actions on unhealthy containers * [RFE] python-podman: Podman support to perform custom actions on unhealthy containers * Podman volume plugin timeout should be configurable
Product: |
cockpit-podman |
libslirp |
conmon |
crun |
fuse-overlayfs |
netavark |
aardvark-dns |
containernetworking-plugins |
oci-seccomp-bpf-hook |
udica |
podman |
runc |
slirp4netns |
container-selinux |
containers-common |
criu |
buildah |
skopeo |
python3-podman |
crit |
python3-criu |
toolbox |