[ELSA-2022-7529] container-tools:3.0 security update
buildah
[1.19.9-6]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.19
(https://github.com/containers/buildah/commit/6d7f496)
- Related: #2061390
[1.19.9-5]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.19
(https://github.com/containers/buildah/commit/d69ac6e)
- Related: #2061390
[1.19.9-4]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.19
(https://github.com/containers/buildah/commit/7c6701d)
- Related: #2061390
[1.19.9-3]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.19
(https://github.com/containers/buildah/commit/3808e27)
- Related: #2061390
[1.19.9-2]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.19
(https://github.com/containers/buildah/commit/ff5434f)
- Related: #2001445
[1.19.9-1]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.19
(https://github.com/containers/buildah/commit/c1d6200)
- fixes CVE-2021-3602
- Related: #1977943
cockpit-podman
[29-2]
- fix gating test failure for cockpit-podman
- Related: #1934415
[29-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/29
- Related: #1883490
conmon
[2:2.0.26-3]
- amend CVE-2022-1708
- Related: #2093390
[2:2.0.26-2]
- fix CVE-2022-1708 - thanks to Peter Hunt
- Related: #2061390
[2:2.0.26-1]
- update to https://github.com/containers/conmon/releases/tag/v2.0.26
- Related: #1883490
containernetworking-plugins
[0.9.1-1]
- update to https://github.com/containernetworking/plugins/releases/tag/v0.9.1
- Related: #1883490
criu
[3.15-1]
- update to https://github.com/checkpoint-restore/criu/releases/tag/v3.15
- Related: #1883490
crun
[0.18-3]
- fix CVE-2022-27650
- Related: #2061390
[0.18-2]
- allow to build without glibc-static (thanks to Giuseppe Scrivano)
- Related: #1883490
[0.18-1]
- update to https://github.com/containers/crun/releases/tag/0.18
- Related: #1883490
fuse-overlayfs
[1.4.0-2]
- disable openat2 syscall again - still unsupported in current RHEL8 kernel
- Related: #1883490
[1.4.0-1]
- update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.4.0
- Related: #1883490
libslirp
[4.3.1-1]
- update to https://gitlab.freedesktop.org/slirp/libslirp/-/releases/v4.3.1
- Related: #1821193
oci-seccomp-bpf-hook
[1.2.0-3]
- actually apply the build fix patch
- Related: #1934415
[1.2.0-2]
- resolve build issue
- Related: #1934415
[1.2.0-1]
- revert back to 1.2.0 - build issues
- Related: #1883490
podman
[3.0.1-13]
- update to the latest content of https://github.com/containers/podman/tree/v3.0.1-rhel
(https://github.com/containers/podman/commit/37cd5bf)
- Related: #2061390
[3.0.1-12]
- update to the latest content of https://github.com/containers/podman/tree/v3.0.1-rhel
(https://github.com/containers/podman/commit/1c4d1a7)
- Related: #2061390
[3.0.1-11]
- update to the latest content of https://github.com/containers/podman/tree/v3.0.1-rhel
(https://github.com/containers/podman/commit/4cd74c2)
- Related: #2061390
[3.0.1-10]
- update to the latest content of https://github.com/containers/podman/tree/v3.0.1-rhel
(https://github.com/containers/podman/commit/47b310e)
- Related: #2061390
[3.0.1-9]
- update to the latest content of https://github.com/containers/podman/tree/v3.0.1-rhel
(https://github.com/containers/podman/commit/801b7e8)
- Resolves: #2074144
[3.0.1-8]
- update to the latest content of https://github.com/containers/podman/tree/v3.0.1-rhel
(https://github.com/containers/podman/commit/c5d8129)
- Related: #2061390
[3.0.1-7]
- add missing docker man pages
- Related: #2009106
[3.0.1-6]
- update to the latest content of https://github.com/containers/podman/tree/v3.0.1-rhel
(https://github.com/containers/podman/commit/4f91b37)
- Related: #2009106
[3.0.1-5]
- update to the latest content of https://github.com/containers/podman/tree/v3.0.1-rhel
(https://github.com/containers/podman/commit/2bed76e)
- fixes CVE-2021-3602
- Related: #1977943
[3.0.1-4]
- update to the latest content of https://github.com/containers/podman/tree/v3.0.1-rhel
(https://github.com/containers/podman/commit/eebd611)
- Related: #1934415
[3.0.1-3]
- remove docker man page as it was removed upstream
- Related: #1934415
[3.0.1-2]
- update to the latest content of https://github.com/containers/podman/tree/v3.0
(https://github.com/containers/podman/commit/9a2fc37)
- Related: #1883490
[3.0.1-1]
- update to the latest content of https://github.com/containers/podman/tree/v3.0
(https://github.com/containers/podman/commit/7e286bc)
- Related: #1883490
runc
[1.0.0-73.rc95]
- fix podman run --pid=host command causes OCI permission error
- rc95 fixes CVE-2021-30465
- Related: #2001445
skopeo
[1.2.4-2.0.1]
- Ignore rhel-shortnames.conf [JIRA: OLDIS-3902]
- Handling redirect from the docker registry Orabug: 29874238
- Add oracle registry into the conf file [Orabug: 29845934 31306708]
[1:1.2.4-2]
- update to the latest content of https://github.com/containers/skopeo/tree/release-1.2
(https://github.com/containers/skopeo/commit/7300333)
- Related: #2061390
[1:1.2.4-1]
- update to the latest content of https://github.com/containers/skopeo/tree/release-1.2
(https://github.com/containers/skopeo/commit/9921983)
- Related: #2001445
slirp4netns
[1.1.8-1]
- update to
https://github.com/rootless-containers/slirp4netns/releases/tag/v1.1.8
- Related: #1883490
udica
[0.2.4-1]
- update to https://github.com/containers/udica/releases/tag/v0.2.4
- Related: #1883490
- ID
- ELSA-2022-7529
- Severity
- moderate
- URL
- https://linux.oracle.com/errata/ELSA-2022-7529.html
- Published
-
2022-11-15T00:00:00
(22 months ago) - Modified
-
2022-11-15T00:00:00
(22 months ago) - Rights
- Copyright 2022 Oracle, Inc.
- Other Advisories
-
-
ALAS-2022-1635
-
ALAS2-2022-1846
-
ALAS2-2022-1847
-
ALAS2-2022-1858
-
ALAS2-2022-1859
-
ALAS2-2022-1860
-
ALAS2-2022-1861
-
ALAS2-2022-1862
-
ALAS2-2022-1863
-
ALAS2-2022-1864
-
ALAS2-2022-1865
-
ALPINE:CVE-2022-1705
-
ALPINE:CVE-2022-1962
-
ALPINE:CVE-2022-21698
-
ALPINE:CVE-2022-28131
-
ALPINE:CVE-2022-30630
-
ALPINE:CVE-2022-30631
-
ALPINE:CVE-2022-30632
-
ALPINE:CVE-2022-30633
-
ALPINE:CVE-2022-32148
-
ALSA-2022:1762
-
ALSA-2022:5775
-
ALSA-2022:5799
-
ALSA-2022:7129
-
ALSA-2022:7469
-
ALSA-2022:7519
-
ALSA-2022:7529
-
ALSA-2022:7648
-
ALSA-2022:8057
-
ALSA-2022:8098
-
ALSA-2022:8250
-
ALSA-2023:2357
-
ALSA-2023:2758
-
ALSA-2023:2802
-
ALSA-2024:2180
-
ELSA-2022-1762
-
ELSA-2022-23681
-
ELSA-2022-24267
-
ELSA-2022-5775
-
ELSA-2022-5799
-
ELSA-2022-7129
-
ELSA-2022-7457
-
ELSA-2022-7469
-
ELSA-2022-7519
-
ELSA-2022-7648
-
ELSA-2022-8057
-
ELSA-2022-8250
-
ELSA-2022-9717
-
ELSA-2022-9718
-
ELSA-2022-9719
-
ELSA-2022-9720
-
ELSA-2023-2357
-
ELSA-2023-2758
-
ELSA-2023-2802
-
ELSA-2024-2180
-
FEDORA-2022-13ad572b5a
-
FEDORA-2022-2067702f06
-
FEDORA-2022-30c5ed5625
-
FEDORA-2022-3969b64d4b
-
FEDORA-2022-396c568c5e
-
FEDORA-2022-5038c3236c
-
FEDORA-2022-5e637f6cc6
-
FEDORA-2022-5f253807ce
-
FEDORA-2022-6043a7b938
-
FEDORA-2022-6c4cb64314
-
FEDORA-2022-739c7a0058
-
FEDORA-2022-741325e9a0
-
FEDORA-2022-83405f9d5b
-
FEDORA-2022-92ef43c439
-
FEDORA-2022-9dd03cab55
-
FEDORA-2022-a7d438b30b
-
FEDORA-2022-c5383675d9
-
FEDORA-2022-c87047f163
-
FEDORA-2022-e244ad73d6
-
FEDORA-2022-eda0e65b01
-
FEDORA-2022-fae3ecee19
-
FREEBSD:A4F2416C-02A0-11ED-B817-10C37B4AC2EA
-
GLSA-202208-02
-
GO-2022-0322
-
GO-2022-0515
-
GO-2022-0520
-
GO-2022-0521
-
GO-2022-0522
-
GO-2022-0523
-
GO-2022-0524
-
GO-2022-0525
-
GO-2022-0527
-
MS:CVE-2022-1705
-
MS:CVE-2022-1962
-
MS:CVE-2022-21698
-
MS:CVE-2022-28131
-
MS:CVE-2022-30630
-
MS:CVE-2022-30631
-
MS:CVE-2022-30632
-
MS:CVE-2022-30633
-
MS:CVE-2022-32148
-
RHSA-2022:1762
-
RHSA-2022:5775
-
RHSA-2022:5799
-
RHSA-2022:7129
-
RHSA-2022:7457
-
RHSA-2022:7469
-
RHSA-2022:7519
-
RHSA-2022:7529
-
RHSA-2022:7648
-
RHSA-2022:8057
-
RHSA-2022:8098
-
RHSA-2022:8250
-
RHSA-2023:2357
-
RHSA-2023:2758
-
RHSA-2023:2802
-
RHSA-2024:2180
-
RLSA-2022:1762
-
RLSA-2022:5775
-
RLSA-2022:7129
-
RLSA-2022:7457
-
RLSA-2022:7469
-
RLSA-2022:7519
-
RLSA-2022:7529
-
RLSA-2022:7648
-
RLSA-2022:8057
-
RLSA-2022:8098
-
RLSA-2022:8250
-
SUSE-SU-2022:1433-1
-
SUSE-SU-2022:1434-1
-
SUSE-SU-2022:1435-1
-
SUSE-SU-2022:1531-1
-
SUSE-SU-2022:1545-1
-
SUSE-SU-2022:2134-1
-
SUSE-SU-2022:2137-1
-
SUSE-SU-2022:2139-1
-
SUSE-SU-2022:2140-1
-
SUSE-SU-2022:2145-1
-
SUSE-SU-2022:2671-1
-
SUSE-SU-2022:2672-1
-
SUSE-SU-2022:2834-1
-
SUSE-SU-2022:2839-1
-
SUSE-SU-2022:2839-2
-
SUSE-SU-2022:3745-1
-
SUSE-SU-2022:3747-1
-
SUSE-SU-2022:3896-1
-
SUSE-SU-2022:4607-1
-
SUSE-SU-2022:4635-1
-
SUSE-SU-2023:2312-1
-
SUSE-SU-2024:0191-1
-
USN-6038-1
-
USN-6038-2
-
| Source | # ID | Name | URL |
|---|---|---|---|
| elsa | ELSA-2022-7529 |
|
|
| CVE | CVE-2022-1705 |
|
|
| CVE | CVE-2022-28131 |
|
|
| CVE | CVE-2022-30631 |
|
|
| CVE | CVE-2022-30633 |
|
|
| CVE | CVE-2022-32148 |
|
|
| CVE | CVE-2022-1708 |
|
|
| CVE | CVE-2022-21698 |
|
|
| CVE | CVE-2022-30632 |
|
|
| CVE | CVE-2022-1962 |
|
|
| CVE | CVE-2022-30630 |
|
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/oraclelinux/udica?distro=oraclelinux-8.7 | oraclelinux |
 udica
|
< 0.2.4-1.module+el8.7.0+20785+0180d035 | oraclelinux-8.7 | ||
| Affected | pkg:rpm/oraclelinux/slirp4netns?distro=oraclelinux-8.7 | oraclelinux |
slirp4netns
|
< 1.1.8-1.module+el8.7.0+20785+0180d035 | oraclelinux-8.7 | ||
| Affected | pkg:rpm/oraclelinux/skopeo?distro=oraclelinux-8.7 | oraclelinux |
skopeo
|
< 1.2.4-2.0.1.module+el8.7.0+20785+0180d035 | oraclelinux-8.7 | ||
| Affected | pkg:rpm/oraclelinux/skopeo-tests?distro=oraclelinux-8.7 | oraclelinux |
skopeo-tests
|
< 1.2.4-2.0.1.module+el8.7.0+20785+0180d035 | oraclelinux-8.7 | ||
| Affected | pkg:rpm/oraclelinux/runc?distro=oraclelinux-8.7 | oraclelinux |
runc
|
< 1.0.0-73.rc95.module+el8.7.0+20785+0180d035 | oraclelinux-8.7 | ||
| Affected | pkg:rpm/oraclelinux/python3-criu?distro=oraclelinux-8.7 | oraclelinux |
python3-criu
|
< 3.15-1.module+el8.7.0+20785+0180d035 | oraclelinux-8.7 | ||
| Affected | pkg:rpm/oraclelinux/podman?distro=oraclelinux-8.7 | oraclelinux |
podman
|
< 3.0.1-13.module+el8.7.0+20785+0180d035 | oraclelinux-8.7 | ||
| Affected | pkg:rpm/oraclelinux/podman-tests?distro=oraclelinux-8.7 | oraclelinux |
podman-tests
|
< 3.0.1-13.module+el8.7.0+20785+0180d035 | oraclelinux-8.7 | ||
| Affected | pkg:rpm/oraclelinux/podman-remote?distro=oraclelinux-8.7 | oraclelinux |
podman-remote
|
< 3.0.1-13.module+el8.7.0+20785+0180d035 | oraclelinux-8.7 | ||
| Affected | pkg:rpm/oraclelinux/podman-plugins?distro=oraclelinux-8.7 | oraclelinux |
podman-plugins
|
< 3.0.1-13.module+el8.7.0+20785+0180d035 | oraclelinux-8.7 | ||
| Affected | pkg:rpm/oraclelinux/podman-docker?distro=oraclelinux-8.7 | oraclelinux |
podman-docker
|
< 3.0.1-13.module+el8.7.0+20785+0180d035 | oraclelinux-8.7 | ||
| Affected | pkg:rpm/oraclelinux/podman-catatonit?distro=oraclelinux-8.7 | oraclelinux |
podman-catatonit
|
< 3.0.1-13.module+el8.7.0+20785+0180d035 | oraclelinux-8.7 | ||
| Affected | pkg:rpm/oraclelinux/oci-seccomp-bpf-hook?distro=oraclelinux-8.7 | oraclelinux |
oci-seccomp-bpf-hook
|
< 1.2.0-3.module+el8.7.0+20785+0180d035 | oraclelinux-8.7 | ||
| Affected | pkg:rpm/oraclelinux/libslirp?distro=oraclelinux-8.7 | oraclelinux |
libslirp
|
< 4.3.1-1.module+el8.7.0+20785+0180d035 | oraclelinux-8.7 | ||
| Affected | pkg:rpm/oraclelinux/libslirp-devel?distro=oraclelinux-8.7 | oraclelinux |
libslirp-devel
|
< 4.3.1-1.module+el8.7.0+20785+0180d035 | oraclelinux-8.7 | ||
| Affected | pkg:rpm/oraclelinux/fuse-overlayfs?distro=oraclelinux-8.7 | oraclelinux |
fuse-overlayfs
|
< 1.4.0-2.module+el8.7.0+20785+0180d035 | oraclelinux-8.7 | ||
| Affected | pkg:rpm/oraclelinux/crun?distro=oraclelinux-8.7 | oraclelinux |
crun
|
< 0.18-3.module+el8.7.0+20785+0180d035 | oraclelinux-8.7 | ||
| Affected | pkg:rpm/oraclelinux/criu?distro=oraclelinux-8.7 | oraclelinux |
criu
|
< 3.15-1.module+el8.7.0+20785+0180d035 | oraclelinux-8.7 | ||
| Affected | pkg:rpm/oraclelinux/crit?distro=oraclelinux-8.7 | oraclelinux |
crit
|
< 3.15-1.module+el8.7.0+20785+0180d035 | oraclelinux-8.7 | ||
| Affected | pkg:rpm/oraclelinux/containers-common?distro=oraclelinux-8.7 | oraclelinux |
containers-common
|
< 1.2.4-2.0.1.module+el8.7.0+20785+0180d035 | oraclelinux-8.7 | ||
| Affected | pkg:rpm/oraclelinux/containernetworking-plugins?distro=oraclelinux-8.7 | oraclelinux |
containernetworking-plugins
|
< 0.9.1-1.module+el8.7.0+20785+0180d035 | oraclelinux-8.7 | ||
| Affected | pkg:rpm/oraclelinux/container-selinux?distro=oraclelinux-8.7 | oraclelinux |
container-selinux
|
< 2.189.0-1.module+el8.7.0+20785+0180d035 | oraclelinux-8.7 | ||
| Affected | pkg:rpm/oraclelinux/conmon?distro=oraclelinux-8.7 | oraclelinux |
conmon
|
< 2.0.26-3.module+el8.7.0+20785+0180d035 | oraclelinux-8.7 | ||
| Affected | pkg:rpm/oraclelinux/cockpit-podman?distro=oraclelinux-8.7 | oraclelinux |
cockpit-podman
|
< 29-2.module+el8.7.0+20785+0180d035 | oraclelinux-8.7 | ||
| Affected | pkg:rpm/oraclelinux/buildah?distro=oraclelinux-8.7 | oraclelinux |
buildah
|
< 1.19.9-6.module+el8.7.0+20785+0180d035 | oraclelinux-8.7 | ||
| Affected | pkg:rpm/oraclelinux/buildah-tests?distro=oraclelinux-8.7 | oraclelinux |
buildah-tests
|
< 1.19.9-6.module+el8.7.0+20785+0180d035 | oraclelinux-8.7 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |