[FEDORA-2021-ec00da7faa] Fedora 33: buildah, crun, containers-common, runc, podman
Severity
Medium
Affected Packages
5
CVEs
1
- crun and runc both
Provides: oci-runtime. - containers-common now hasRequires: oci-runtime. -dnf install oci-runtimewill install crun by default unless runc is already installed. ---- buildah: Security fix for CVE-2021-20291 Autobuilt v1.20.1
| Package | Affected Version |
|---|---|
 pkg:rpm/fedora/runc?distro=fedora-33
|
< 1.0.0.377.rc93.fc33 |
|
pkg:rpm/fedora/podman?distro=fedora-33
|
< 3.1.2.1.fc33 |
|
pkg:rpm/fedora/crun?distro=fedora-33
|
< 0.19.1.2.fc33 |
|
pkg:rpm/fedora/containers-common?distro=fedora-33
|
< 1.15.fc33 |
|
pkg:rpm/fedora/buildah?distro=fedora-33
|
< 1.20.1.4.fc33 |
- ID
- FEDORA-2021-ec00da7faa
- Severity
- medium
- Severity from
- CVE-2021-20291
- URL
- https://bodhi.fedoraproject.org/updates/FEDORA-2021-ec00da7faa
- Published
-
2021-04-24T18:07:08
(3 years ago) - Modified
-
2021-04-24T18:07:08
(3 years ago) - Rights
- Copyright 2021 Red Hat, Inc.
- Other Advisories
-
-
ALBA-2022:0348
-
ALSA-2021:4154
-
ALSA-2022:7954
-
ALSA-2022:7955
-
ALSA-2022:8008
-
ELSA-2021-4154
-
ELSA-2022-7954
-
ELSA-2022-7955
-
ELSA-2022-8008
-
FEDORA-2021-83b3740389
-
FEDORA-2021-a3703b9dc8
-
FEDORA-2021-c56a213327
-
GO-2021-0100
-
RHBA-2022:0348
-
RHSA-2021:4154
-
RHSA-2022:7954
-
RHSA-2022:7955
-
RHSA-2022:8008
-
RLBA-2022:0348
-
RLSA-2021:4154
-
SUSE-SU-2022:3312-1
-
| Source | # ID | Name | URL |
|---|---|---|---|
| Bugzilla | 1939485 | Bug #1939485 - CVE-2021-20291 containers/storage: DoS via malicious image |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/fedora/runc?distro=fedora-33 | fedora |
runc
|
< 1.0.0.377.rc93.fc33 | fedora-33 | ||
| Affected | pkg:rpm/fedora/podman?distro=fedora-33 | fedora |
podman
|
< 3.1.2.1.fc33 | fedora-33 | ||
| Affected | pkg:rpm/fedora/crun?distro=fedora-33 | fedora |
crun
|
< 0.19.1.2.fc33 | fedora-33 | ||
| Affected | pkg:rpm/fedora/containers-common?distro=fedora-33 | fedora |
containers-common
|
< 1.15.fc33 | fedora-33 | ||
| Affected | pkg:rpm/fedora/buildah?distro=fedora-33 | fedora |
buildah
|
< 1.20.1.4.fc33 | fedora-33 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |