[ALSA-2021:4222] container-tools:3.0 security and bug fix update
Severity
Moderate
Affected Packages
39
CVEs
1
An update for the container-tools:3.0 module is now available for AlmaLinux AlmaLinux Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.
Security Fix(es):
- buildah: Host environment variables leaked in build container when using chroot isolation (CVE-2021-3602)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
- ID
- ALSA-2021:4222
- Severity
- moderate
- URL
- https://errata.almalinux.org/ALSA-2021:4222.html
- Published
-
2021-11-09T08:46:34
(2 years ago) - Modified
-
2022-02-02T18:04:53
(2 years ago) - Rights
- Copyright 2022 AlmaLinux OS
- Other Advisories
-
-
ALPINE:CVE-2021-3602
-
ALSA-2021:4154
-
ALSA-2021:4221
-
ELSA-2021-4154
-
ELSA-2021-4221
-
ELSA-2021-4222
-
FEDORA-2021-0c53d8738d
-
FEDORA-2021-112557d2c5
-
FEDORA-2021-440e34200c
-
FEDORA-2021-723a480816
-
GO-2022-0345
-
RHSA-2021:4154
-
RHSA-2021:4221
-
RHSA-2021:4222
-
RLSA-2021:4154
-
RLSA-2021:4221
-
RLSA-2021:4222
-
SUSE-SU-2022:3312-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| CVE | CVE-2021-3602 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/almalinux/udica?arch=noarch&distro=almalinux-8.6 | almalinux |
 udica
|
< 0.2.4-1.module_el8.6.0+2876+9ed4eae2 | almalinux-8.6 | noarch | |
| Affected | pkg:rpm/almalinux/udica?arch=noarch&distro=almalinux-8.5 | almalinux |
udica
|
< 0.2.4-1.module_el8.5.0+2614+87221ce8 | almalinux-8.5 | noarch | |
| Affected | pkg:rpm/almalinux/slirp4netns?arch=x86_64&distro=almalinux-8.6 | almalinux |
slirp4netns
|
< 1.1.8-1.module_el8.6.0+2876+9ed4eae2 | almalinux-8.6 | x86_64 | |
| Affected | pkg:rpm/almalinux/slirp4netns?arch=x86_64&distro=almalinux-8.5 | almalinux |
slirp4netns
|
< 1.1.8-1.module_el8.5.0+2614+87221ce8 | almalinux-8.5 | x86_64 | |
| Affected | pkg:rpm/almalinux/slirp4netns?arch=aarch64&distro=almalinux-8.6 | almalinux |
slirp4netns
|
< 1.1.8-1.module_el8.6.0+2876+9ed4eae2 | almalinux-8.6 | aarch64 | |
| Affected | pkg:rpm/almalinux/runc?arch=x86_64&distro=almalinux-8.5 | almalinux |
runc
|
< 1.0.0-72.rc92.module_el8.5.0+2614+87221ce8 | almalinux-8.5 | x86_64 | |
| Affected | pkg:rpm/almalinux/python3-criu?arch=x86_64&distro=almalinux-8.6 | almalinux |
python3-criu
|
< 3.15-1.module_el8.6.0+2876+9ed4eae2 | almalinux-8.6 | x86_64 | |
| Affected | pkg:rpm/almalinux/python3-criu?arch=x86_64&distro=almalinux-8.5 | almalinux |
python3-criu
|
< 3.15-1.module_el8.5.0+2614+87221ce8 | almalinux-8.5 | x86_64 | |
| Affected | pkg:rpm/almalinux/python3-criu?arch=aarch64&distro=almalinux-8.6 | almalinux |
python3-criu
|
< 3.15-1.module_el8.6.0+2876+9ed4eae2 | almalinux-8.6 | aarch64 | |
| Affected | pkg:rpm/almalinux/oci-seccomp-bpf-hook?arch=x86_64&distro=almalinux-8.6 | almalinux |
oci-seccomp-bpf-hook
|
< 1.2.0-3.module_el8.6.0+2876+9ed4eae2 | almalinux-8.6 | x86_64 | |
| Affected | pkg:rpm/almalinux/oci-seccomp-bpf-hook?arch=x86_64&distro=almalinux-8.5 | almalinux |
oci-seccomp-bpf-hook
|
< 1.2.0-3.module_el8.5.0+2614+87221ce8 | almalinux-8.5 | x86_64 | |
| Affected | pkg:rpm/almalinux/oci-seccomp-bpf-hook?arch=aarch64&distro=almalinux-8.6 | almalinux |
oci-seccomp-bpf-hook
|
< 1.2.0-3.module_el8.6.0+2876+9ed4eae2 | almalinux-8.6 | aarch64 | |
| Affected | pkg:rpm/almalinux/libslirp?arch=x86_64&distro=almalinux-8.6 | almalinux |
libslirp
|
< 4.3.1-1.module_el8.6.0+2876+9ed4eae2 | almalinux-8.6 | x86_64 | |
| Affected | pkg:rpm/almalinux/libslirp?arch=x86_64&distro=almalinux-8.5 | almalinux |
libslirp
|
< 4.3.1-1.module_el8.5.0+2614+87221ce8 | almalinux-8.5 | x86_64 | |
| Affected | pkg:rpm/almalinux/libslirp?arch=aarch64&distro=almalinux-8.6 | almalinux |
libslirp
|
< 4.3.1-1.module_el8.6.0+2876+9ed4eae2 | almalinux-8.6 | aarch64 | |
| Affected | pkg:rpm/almalinux/libslirp-devel?arch=x86_64&distro=almalinux-8.6 | almalinux |
libslirp-devel
|
< 4.3.1-1.module_el8.6.0+2876+9ed4eae2 | almalinux-8.6 | x86_64 | |
| Affected | pkg:rpm/almalinux/libslirp-devel?arch=x86_64&distro=almalinux-8.5 | almalinux |
libslirp-devel
|
< 4.3.1-1.module_el8.5.0+2614+87221ce8 | almalinux-8.5 | x86_64 | |
| Affected | pkg:rpm/almalinux/libslirp-devel?arch=aarch64&distro=almalinux-8.6 | almalinux |
libslirp-devel
|
< 4.3.1-1.module_el8.6.0+2876+9ed4eae2 | almalinux-8.6 | aarch64 | |
| Affected | pkg:rpm/almalinux/fuse-overlayfs?arch=x86_64&distro=almalinux-8.6 | almalinux |
fuse-overlayfs
|
< 1.4.0-2.module_el8.6.0+2876+9ed4eae2 | almalinux-8.6 | x86_64 | |
| Affected | pkg:rpm/almalinux/fuse-overlayfs?arch=x86_64&distro=almalinux-8.5 | almalinux |
fuse-overlayfs
|
< 1.4.0-2.module_el8.5.0+2614+87221ce8 | almalinux-8.5 | x86_64 | |
| Affected | pkg:rpm/almalinux/fuse-overlayfs?arch=aarch64&distro=almalinux-8.6 | almalinux |
fuse-overlayfs
|
< 1.4.0-2.module_el8.6.0+2876+9ed4eae2 | almalinux-8.6 | aarch64 | |
| Affected | pkg:rpm/almalinux/crun?arch=x86_64&distro=almalinux-8.5 | almalinux |
crun
|
< 0.18-2.module_el8.5.0+2614+87221ce8 | almalinux-8.5 | x86_64 | |
| Affected | pkg:rpm/almalinux/criu?arch=x86_64&distro=almalinux-8.6 | almalinux |
criu
|
< 3.15-1.module_el8.6.0+2876+9ed4eae2 | almalinux-8.6 | x86_64 | |
| Affected | pkg:rpm/almalinux/criu?arch=x86_64&distro=almalinux-8.5 | almalinux |
criu
|
< 3.15-1.module_el8.5.0+2614+87221ce8 | almalinux-8.5 | x86_64 | |
| Affected | pkg:rpm/almalinux/criu?arch=aarch64&distro=almalinux-8.6 | almalinux |
criu
|
< 3.15-1.module_el8.6.0+2876+9ed4eae2 | almalinux-8.6 | aarch64 | |
| Affected | pkg:rpm/almalinux/crit?arch=x86_64&distro=almalinux-8.6 | almalinux |
crit
|
< 3.15-1.module_el8.6.0+2876+9ed4eae2 | almalinux-8.6 | x86_64 | |
| Affected | pkg:rpm/almalinux/crit?arch=x86_64&distro=almalinux-8.5 | almalinux |
crit
|
< 3.15-1.module_el8.5.0+2614+87221ce8 | almalinux-8.5 | x86_64 | |
| Affected | pkg:rpm/almalinux/crit?arch=aarch64&distro=almalinux-8.6 | almalinux |
crit
|
< 3.15-1.module_el8.6.0+2876+9ed4eae2 | almalinux-8.6 | aarch64 | |
| Affected | pkg:rpm/almalinux/containernetworking-plugins?arch=x86_64&distro=almalinux-8.6 | almalinux |
containernetworking-plugins
|
< 0.9.1-1.module_el8.6.0+2876+9ed4eae2 | almalinux-8.6 | x86_64 | |
| Affected | pkg:rpm/almalinux/containernetworking-plugins?arch=x86_64&distro=almalinux-8.5 | almalinux |
containernetworking-plugins
|
< 0.9.1-1.module_el8.5.0+2614+87221ce8 | almalinux-8.5 | x86_64 | |
| Affected | pkg:rpm/almalinux/containernetworking-plugins?arch=aarch64&distro=almalinux-8.6 | almalinux |
containernetworking-plugins
|
< 0.9.1-1.module_el8.6.0+2876+9ed4eae2 | almalinux-8.6 | aarch64 | |
| Affected | pkg:rpm/almalinux/container-selinux?arch=noarch&distro=almalinux-8.5 | almalinux |
container-selinux
|
< 2.167.0-1.module_el8.5.0+2614+87221ce8 | almalinux-8.5 | noarch | |
| Affected | pkg:rpm/almalinux/conmon?arch=x86_64&distro=almalinux-8.6 | almalinux |
conmon
|
< 2.0.26-1.module_el8.6.0+2876+9ed4eae2 | almalinux-8.6 | x86_64 | |
| Affected | pkg:rpm/almalinux/conmon?arch=x86_64&distro=almalinux-8.5 | almalinux |
conmon
|
< 2.0.26-1.module_el8.5.0+2614+87221ce8 | almalinux-8.5 | x86_64 | |
| Affected | pkg:rpm/almalinux/conmon?arch=aarch64&distro=almalinux-8.6 | almalinux |
conmon
|
< 2.0.26-1.module_el8.6.0+2876+9ed4eae2 | almalinux-8.6 | aarch64 | |
| Affected | pkg:rpm/almalinux/cockpit-podman?arch=noarch&distro=almalinux-8.6 | almalinux |
cockpit-podman
|
< 29-2.module_el8.6.0+2876+9ed4eae2 | almalinux-8.6 | noarch | |
| Affected | pkg:rpm/almalinux/cockpit-podman?arch=noarch&distro=almalinux-8.5 | almalinux |
cockpit-podman
|
< 29-2.module_el8.5.0+2614+87221ce8 | almalinux-8.5 | noarch | |
| Affected | pkg:rpm/almalinux/buildah?arch=x86_64&distro=almalinux-8.5 | almalinux |
buildah
|
< 1.19.9-1.module_el8.5.0+2614+87221ce8 | almalinux-8.5 | x86_64 | |
| Affected | pkg:rpm/almalinux/buildah-tests?arch=x86_64&distro=almalinux-8.5 | almalinux |
buildah-tests
|
< 1.19.9-1.module_el8.5.0+2614+87221ce8 | almalinux-8.5 | x86_64 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |