1. Home
  2. Security Advisories
  3. Oracle Linux
  4. ELSA-2022-1565

[ELSA-2022-1565] container-tools:3.0 security and bug fix update

Severity Moderate
Affected Packages 26
CVEs 2
Info Packages References Vulnerabilities

buildah
[1.19.9-2]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.19
(https://github.com/containers/buildah/commit/7c6701d)
- fixes CVE-2022-27651
- Resolves: #2067539

podman
[3.0.1-8]
- update to the latest content of https://github.com/containers/podman/tree/v3.0.1-rhel
(https://github.com/containers/podman/commit/c5d8129)
- fixes CVE-2022-27649
- Resolves: #2067511

runc
[1.0.0-73.rc95]
- fix podman run --pid=host command causes OCI permission error
- rc95 fixes CVE-2021-30465
- Related: #2070961

Package Affected Version
pkg:rpm/oraclelinux/udica?distro=oraclelinux-8.5 < 0.2.4-1.module+el8.5.0+20637+38ac8416
pkg:rpm/oraclelinux/slirp4netns?distro=oraclelinux-8.5 < 1.1.8-1.module+el8.5.0+20637+38ac8416
pkg:rpm/oraclelinux/skopeo?distro=oraclelinux-8.5 < 1.2.4-1.0.1.module+el8.5.0+20637+38ac8416
pkg:rpm/oraclelinux/skopeo-tests?distro=oraclelinux-8.5 < 1.2.4-1.0.1.module+el8.5.0+20637+38ac8416
pkg:rpm/oraclelinux/runc?distro=oraclelinux-8.5 < 1.0.0-73.rc95.module+el8.5.0+20637+38ac8416
pkg:rpm/oraclelinux/python3-criu?distro=oraclelinux-8.5 < 3.15-1.module+el8.5.0+20637+38ac8416
pkg:rpm/oraclelinux/podman?distro=oraclelinux-8.5 < 3.0.1-8.module+el8.5.0+20637+38ac8416
pkg:rpm/oraclelinux/podman-tests?distro=oraclelinux-8.5 < 3.0.1-8.module+el8.5.0+20637+38ac8416
pkg:rpm/oraclelinux/podman-remote?distro=oraclelinux-8.5 < 3.0.1-8.module+el8.5.0+20637+38ac8416
pkg:rpm/oraclelinux/podman-plugins?distro=oraclelinux-8.5 < 3.0.1-8.module+el8.5.0+20637+38ac8416
pkg:rpm/oraclelinux/podman-docker?distro=oraclelinux-8.5 < 3.0.1-8.module+el8.5.0+20637+38ac8416
pkg:rpm/oraclelinux/podman-catatonit?distro=oraclelinux-8.5 < 3.0.1-8.module+el8.5.0+20637+38ac8416
pkg:rpm/oraclelinux/oci-seccomp-bpf-hook?distro=oraclelinux-8.5 < 1.2.0-3.module+el8.5.0+20637+38ac8416
pkg:rpm/oraclelinux/libslirp?distro=oraclelinux-8.5 < 4.3.1-1.module+el8.5.0+20637+38ac8416
pkg:rpm/oraclelinux/libslirp-devel?distro=oraclelinux-8.5 < 4.3.1-1.module+el8.5.0+20637+38ac8416
pkg:rpm/oraclelinux/fuse-overlayfs?distro=oraclelinux-8.5 < 1.4.0-2.module+el8.5.0+20637+38ac8416
pkg:rpm/oraclelinux/crun?distro=oraclelinux-8.5 < 0.18-2.module+el8.5.0+20637+38ac8416
pkg:rpm/oraclelinux/criu?distro=oraclelinux-8.5 < 3.15-1.module+el8.5.0+20637+38ac8416
pkg:rpm/oraclelinux/crit?distro=oraclelinux-8.5 < 3.15-1.module+el8.5.0+20637+38ac8416
pkg:rpm/oraclelinux/containers-common?distro=oraclelinux-8.5 < 1.2.4-1.0.1.module+el8.5.0+20637+38ac8416
pkg:rpm/oraclelinux/containernetworking-plugins?distro=oraclelinux-8.5 < 0.9.1-1.module+el8.5.0+20637+38ac8416
pkg:rpm/oraclelinux/container-selinux?distro=oraclelinux-8.5 < 2.167.0-1.module+el8.5.0+20637+38ac8416
pkg:rpm/oraclelinux/conmon?distro=oraclelinux-8.5 < 2.0.26-1.module+el8.5.0+20637+38ac8416
pkg:rpm/oraclelinux/cockpit-podman?distro=oraclelinux-8.5 < 29-2.module+el8.5.0+20637+38ac8416
pkg:rpm/oraclelinux/buildah?distro=oraclelinux-8.5 < 1.19.9-2.module+el8.5.0+20637+38ac8416
pkg:rpm/oraclelinux/buildah-tests?distro=oraclelinux-8.5 < 1.19.9-2.module+el8.5.0+20637+38ac8416
ID
ELSA-2022-1565
Severity
moderate
URL
https://linux.oracle.com/errata/ELSA-2022-1565.html
Published
2022-04-28T00:00:00
(2 years ago)
Modified
2022-04-28T00:00:00
(2 years ago)
Rights
Copyright 2022 Oracle, Inc.
Other Advisories
Type Package URL Namespace Name / Product Version Distribution / Platform Arch Patch / Fix
Affected pkg:rpm/oraclelinux/udica?distro=oraclelinux-8.5 oraclelinux udica < 0.2.4-1.module+el8.5.0+20637+38ac8416 oraclelinux-8.5
Affected pkg:rpm/oraclelinux/slirp4netns?distro=oraclelinux-8.5 oraclelinux slirp4netns < 1.1.8-1.module+el8.5.0+20637+38ac8416 oraclelinux-8.5
Affected pkg:rpm/oraclelinux/skopeo?distro=oraclelinux-8.5 oraclelinux skopeo < 1.2.4-1.0.1.module+el8.5.0+20637+38ac8416 oraclelinux-8.5
Affected pkg:rpm/oraclelinux/skopeo-tests?distro=oraclelinux-8.5 oraclelinux skopeo-tests < 1.2.4-1.0.1.module+el8.5.0+20637+38ac8416 oraclelinux-8.5
Affected pkg:rpm/oraclelinux/runc?distro=oraclelinux-8.5 oraclelinux runc < 1.0.0-73.rc95.module+el8.5.0+20637+38ac8416 oraclelinux-8.5
Affected pkg:rpm/oraclelinux/python3-criu?distro=oraclelinux-8.5 oraclelinux python3-criu < 3.15-1.module+el8.5.0+20637+38ac8416 oraclelinux-8.5
Affected pkg:rpm/oraclelinux/podman?distro=oraclelinux-8.5 oraclelinux podman < 3.0.1-8.module+el8.5.0+20637+38ac8416 oraclelinux-8.5
Affected pkg:rpm/oraclelinux/podman-tests?distro=oraclelinux-8.5 oraclelinux podman-tests < 3.0.1-8.module+el8.5.0+20637+38ac8416 oraclelinux-8.5
Affected pkg:rpm/oraclelinux/podman-remote?distro=oraclelinux-8.5 oraclelinux podman-remote < 3.0.1-8.module+el8.5.0+20637+38ac8416 oraclelinux-8.5
Affected pkg:rpm/oraclelinux/podman-plugins?distro=oraclelinux-8.5 oraclelinux podman-plugins < 3.0.1-8.module+el8.5.0+20637+38ac8416 oraclelinux-8.5
Affected pkg:rpm/oraclelinux/podman-docker?distro=oraclelinux-8.5 oraclelinux podman-docker < 3.0.1-8.module+el8.5.0+20637+38ac8416 oraclelinux-8.5
Affected pkg:rpm/oraclelinux/podman-catatonit?distro=oraclelinux-8.5 oraclelinux podman-catatonit < 3.0.1-8.module+el8.5.0+20637+38ac8416 oraclelinux-8.5
Affected pkg:rpm/oraclelinux/oci-seccomp-bpf-hook?distro=oraclelinux-8.5 oraclelinux oci-seccomp-bpf-hook < 1.2.0-3.module+el8.5.0+20637+38ac8416 oraclelinux-8.5
Affected pkg:rpm/oraclelinux/libslirp?distro=oraclelinux-8.5 oraclelinux libslirp < 4.3.1-1.module+el8.5.0+20637+38ac8416 oraclelinux-8.5
Affected pkg:rpm/oraclelinux/libslirp-devel?distro=oraclelinux-8.5 oraclelinux libslirp-devel < 4.3.1-1.module+el8.5.0+20637+38ac8416 oraclelinux-8.5
Affected pkg:rpm/oraclelinux/fuse-overlayfs?distro=oraclelinux-8.5 oraclelinux fuse-overlayfs < 1.4.0-2.module+el8.5.0+20637+38ac8416 oraclelinux-8.5
Affected pkg:rpm/oraclelinux/crun?distro=oraclelinux-8.5 oraclelinux crun < 0.18-2.module+el8.5.0+20637+38ac8416 oraclelinux-8.5
Affected pkg:rpm/oraclelinux/criu?distro=oraclelinux-8.5 oraclelinux criu < 3.15-1.module+el8.5.0+20637+38ac8416 oraclelinux-8.5
Affected pkg:rpm/oraclelinux/crit?distro=oraclelinux-8.5 oraclelinux crit < 3.15-1.module+el8.5.0+20637+38ac8416 oraclelinux-8.5
Affected pkg:rpm/oraclelinux/containers-common?distro=oraclelinux-8.5 oraclelinux containers-common < 1.2.4-1.0.1.module+el8.5.0+20637+38ac8416 oraclelinux-8.5
Affected pkg:rpm/oraclelinux/containernetworking-plugins?distro=oraclelinux-8.5 oraclelinux containernetworking-plugins < 0.9.1-1.module+el8.5.0+20637+38ac8416 oraclelinux-8.5
Affected pkg:rpm/oraclelinux/container-selinux?distro=oraclelinux-8.5 oraclelinux container-selinux < 2.167.0-1.module+el8.5.0+20637+38ac8416 oraclelinux-8.5
Affected pkg:rpm/oraclelinux/conmon?distro=oraclelinux-8.5 oraclelinux conmon < 2.0.26-1.module+el8.5.0+20637+38ac8416 oraclelinux-8.5
Affected pkg:rpm/oraclelinux/cockpit-podman?distro=oraclelinux-8.5 oraclelinux cockpit-podman < 29-2.module+el8.5.0+20637+38ac8416 oraclelinux-8.5
Affected pkg:rpm/oraclelinux/buildah?distro=oraclelinux-8.5 oraclelinux buildah < 1.19.9-2.module+el8.5.0+20637+38ac8416 oraclelinux-8.5
Affected pkg:rpm/oraclelinux/buildah-tests?distro=oraclelinux-8.5 oraclelinux buildah-tests < 1.19.9-2.module+el8.5.0+20637+38ac8416 oraclelinux-8.5
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories Exploits PoC Pubblication Date Modification Date
# CVE Description CVSS EPSS EPSS Trend (30 days) Affected Products Weaknesses Security Advisories PoC Pubblication Date Modification Date