[FEDORA-2021-fb466fb623] Fedora 33: containernetworking-plugins, containers-common, podman, buildah, skopeo
Severity
High
Affected Packages
5
CVEs
1
bump podman to v3.0.1, Security fix for CVE-2021-20206 ---- Resolves:
#1919391, #1926796 - Security fix for CVE-2021-20206 ---- Autobuilt v1.19.3
---- Autobuilt v1.19.2 ---- Autobuilt v1.19.1 ---- Autobuilt v1.19.0 ----
harden cgo based golang binaries ---- Autobuilt v0.9.1
| Package | Affected Version |
|---|---|
 pkg:rpm/fedora/skopeo?distro=fedora-33
|
< 1.2.2.1.fc33 |
|
pkg:rpm/fedora/podman?distro=fedora-33
|
< 3.0.1.1.fc33 |
|
pkg:rpm/fedora/containers-common?distro=fedora-33
|
< 1.4.fc33 |
|
pkg:rpm/fedora/containernetworking-plugins?distro=fedora-33
|
< 0.9.1.2.fc33 |
|
pkg:rpm/fedora/buildah?distro=fedora-33
|
< 1.19.6.2.fc33 |
- ID
- FEDORA-2021-fb466fb623
- Severity
- high
- Severity from
- CVE-2021-20206
- URL
- https://bodhi.fedoraproject.org/updates/FEDORA-2021-fb466fb623
- Published
-
2021-02-26T01:09:46
(3 years ago) - Modified
-
2021-02-26T01:09:46
(3 years ago) - Rights
- Copyright 2021 Red Hat, Inc.
- Other Advisories
ALPINE:CVE-2021-20206
GO-2022-0230
openSUSE-SU-2022:0770-1
SUSE-SU-2022:0770-1| Source | # ID | Name | URL |
|---|---|---|---|
| Bugzilla | 1919391 | Bug #1919391 - CVE-2021-20206 containernetworking-cni: Arbitrary path injection via type field in CNI configuration |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/fedora/skopeo?distro=fedora-33 | fedora |
skopeo
|
< 1.2.2.1.fc33 | fedora-33 | ||
| Affected | pkg:rpm/fedora/podman?distro=fedora-33 | fedora |
podman
|
< 3.0.1.1.fc33 | fedora-33 | ||
| Affected | pkg:rpm/fedora/containers-common?distro=fedora-33 | fedora |
containers-common
|
< 1.4.fc33 | fedora-33 | ||
| Affected | pkg:rpm/fedora/containernetworking-plugins?distro=fedora-33 | fedora |
containernetworking-plugins
|
< 0.9.1.2.fc33 | fedora-33 | ||
| Affected | pkg:rpm/fedora/buildah?distro=fedora-33 | fedora |
buildah
|
< 1.19.6.2.fc33 | fedora-33 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |