1. Home
  2. Security Advisories
  3. Oracle Linux
  4. ELSA-2020-1926

[ELSA-2020-1926] container-tools:1.0 security and bug fix update

Severity Important
Affected Packages 15
CVEs 1
Info Packages References Vulnerabilities

buildah
[1.5-4.0.1.gite94b4f9]
- Fixes troubles with oracle registry login [Orabug: 29937283]

[1.5-4.gite94b4f9]
- fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file overwriting during image build process'
- Resolves: #1819431

container-selinux
[2:2.124.0-1.gitf958d0c]
- update to 2.124.0
- Resolves: #1816541

[2:2.94-2.git1e99f1d]
- rebuild because of CVE-2019-9512 and CVE-2019-9514
- Resolves: #1766316, #1766215

slirp4netns
[0.1-5.dev.gitc4e1bc5]
- backport fix for CVE-2020-7039
- Resolves: #1791578

[0.1-4.dev.gitc4e1bc5]
- actually add CVE-2019-14378 patch to dist-git
- Related: RHELPLAN-25139

Package Affected Version
pkg:rpm/oraclelinux/slirp4netns?distro=oraclelinux-8.2 < 0.1-5.dev.gitc4e1bc5.module+el8.2.0+7621+b33f33e5
pkg:rpm/oraclelinux/skopeo?distro=oraclelinux-8.2 < 0.1.32-4.0.2.git1715c90.module+el8.2.0+7621+b33f33e5
pkg:rpm/oraclelinux/runc?distro=oraclelinux-8.2 < 1.0.0-56.rc5.dev.git2abd837.module+el8.2.0+7621+b33f33e5
pkg:rpm/oraclelinux/python3-criu?distro=oraclelinux-8.2 < 3.12-9.module+el8.2.0+7621+b33f33e5
pkg:rpm/oraclelinux/podman?distro=oraclelinux-8.2 < 1.0.0-4.git921f98f.module+el8.2.0+7621+b33f33e5
pkg:rpm/oraclelinux/podman-docker?distro=oraclelinux-8.2 < 1.0.0-4.git921f98f.module+el8.2.0+7621+b33f33e5
pkg:rpm/oraclelinux/oci-umount?distro=oraclelinux-8.2 < 2.3.4-2.git87f9237.module+el8.2.0+7621+b33f33e5
pkg:rpm/oraclelinux/oci-systemd-hook?distro=oraclelinux-8.2 < 0.1.15-2.git2d0b8a3.module+el8.2.0+7621+b33f33e5
pkg:rpm/oraclelinux/fuse-overlayfs?distro=oraclelinux-8.2 < 0.3-5.module+el8.2.0+7621+b33f33e5
pkg:rpm/oraclelinux/criu?distro=oraclelinux-8.2 < 3.12-9.module+el8.2.0+7621+b33f33e5
pkg:rpm/oraclelinux/crit?distro=oraclelinux-8.2 < 3.12-9.module+el8.2.0+7621+b33f33e5
pkg:rpm/oraclelinux/containers-common?distro=oraclelinux-8.2 < 0.1.32-4.0.2.git1715c90.module+el8.2.0+7621+b33f33e5
pkg:rpm/oraclelinux/containernetworking-plugins?distro=oraclelinux-8.2 < 0.7.4-3.git9ebe139.module+el8.2.0+7621+b33f33e5
pkg:rpm/oraclelinux/container-selinux?distro=oraclelinux-8.2 < 2.124.0-1.gitf958d0c.module+el8.2.0+7621+b33f33e5
pkg:rpm/oraclelinux/buildah?distro=oraclelinux-8.2 < 1.5-4.0.1.gite94b4f9.module+el8.2.0+7621+b33f33e5
ID
ELSA-2020-1926
Severity
important
URL
https://linux.oracle.com/errata/ELSA-2020-1926.html
Published
2020-05-13T00:00:00
(4 years ago)
Modified
2020-05-13T00:00:00
(4 years ago)
Rights
Copyright 2020 Oracle, Inc.
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/oraclelinux/slirp4netns?distro=oraclelinux-8.2 oraclelinux slirp4netns < 0.1-5.dev.gitc4e1bc5.module+el8.2.0+7621+b33f33e5 oraclelinux-8.2
Affected pkg:rpm/oraclelinux/skopeo?distro=oraclelinux-8.2 oraclelinux skopeo < 0.1.32-4.0.2.git1715c90.module+el8.2.0+7621+b33f33e5 oraclelinux-8.2
Affected pkg:rpm/oraclelinux/runc?distro=oraclelinux-8.2 oraclelinux runc < 1.0.0-56.rc5.dev.git2abd837.module+el8.2.0+7621+b33f33e5 oraclelinux-8.2
Affected pkg:rpm/oraclelinux/python3-criu?distro=oraclelinux-8.2 oraclelinux python3-criu < 3.12-9.module+el8.2.0+7621+b33f33e5 oraclelinux-8.2
Affected pkg:rpm/oraclelinux/podman?distro=oraclelinux-8.2 oraclelinux podman < 1.0.0-4.git921f98f.module+el8.2.0+7621+b33f33e5 oraclelinux-8.2
Affected pkg:rpm/oraclelinux/podman-docker?distro=oraclelinux-8.2 oraclelinux podman-docker < 1.0.0-4.git921f98f.module+el8.2.0+7621+b33f33e5 oraclelinux-8.2
Affected pkg:rpm/oraclelinux/oci-umount?distro=oraclelinux-8.2 oraclelinux oci-umount < 2.3.4-2.git87f9237.module+el8.2.0+7621+b33f33e5 oraclelinux-8.2
Affected pkg:rpm/oraclelinux/oci-systemd-hook?distro=oraclelinux-8.2 oraclelinux oci-systemd-hook < 0.1.15-2.git2d0b8a3.module+el8.2.0+7621+b33f33e5 oraclelinux-8.2
Affected pkg:rpm/oraclelinux/fuse-overlayfs?distro=oraclelinux-8.2 oraclelinux fuse-overlayfs < 0.3-5.module+el8.2.0+7621+b33f33e5 oraclelinux-8.2
Affected pkg:rpm/oraclelinux/criu?distro=oraclelinux-8.2 oraclelinux criu < 3.12-9.module+el8.2.0+7621+b33f33e5 oraclelinux-8.2
Affected pkg:rpm/oraclelinux/crit?distro=oraclelinux-8.2 oraclelinux crit < 3.12-9.module+el8.2.0+7621+b33f33e5 oraclelinux-8.2
Affected pkg:rpm/oraclelinux/containers-common?distro=oraclelinux-8.2 oraclelinux containers-common < 0.1.32-4.0.2.git1715c90.module+el8.2.0+7621+b33f33e5 oraclelinux-8.2
Affected pkg:rpm/oraclelinux/containernetworking-plugins?distro=oraclelinux-8.2 oraclelinux containernetworking-plugins < 0.7.4-3.git9ebe139.module+el8.2.0+7621+b33f33e5 oraclelinux-8.2
Affected pkg:rpm/oraclelinux/container-selinux?distro=oraclelinux-8.2 oraclelinux container-selinux < 2.124.0-1.gitf958d0c.module+el8.2.0+7621+b33f33e5 oraclelinux-8.2
Affected pkg:rpm/oraclelinux/buildah?distro=oraclelinux-8.2 oraclelinux buildah < 1.5-4.0.1.gite94b4f9.module+el8.2.0+7621+b33f33e5 oraclelinux-8.2
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date