[ELSA-2024-0121] container-tools:4.0 security update
buildah
[1:1.24.6-7]
- rebuild for CVE-2023-29406
- Related: #2176055
cockpit-podman
[46-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/46
- Related: #2061390
conmon
[2:2.1.4-2]
- update to https://github.com/containers/conmon/releases/tag/v2.1.4
- Related: #2176055
containernetworking-plugins
[1:1.1.1-6]
- Rebuild with golang 1.20.6 or higher
- Related: Jira:RHEL-4507
- Related: Jira:RHEL-7442
containers-common
[1-38.0.1]
- Updated removed references Orabug: 33473101
- Adjust registries.conf (Nikita Gerasimov)
- remove references to RedHat registry (Nikita Gerasimov)
container-selinux
[2:2.205.0-3]
- fix build for stable module
- Related: #2176055
criu
[3.15-3]
- add Requires: criu-libs = %{version}-%{release} in criu-devel
- add gating tests
- Related: #1934415
crun
fuse-overlayfs
[1.9-2]
- update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.9
- Related: #2176055
libslirp
oci-seccomp-bpf-hook
[1.2.5-2]
- fix compatibility with the new bcc
- Related: #2176055
podman
[2:4.0.2-25]
- rebuild with golang 1.20.6+ for CVE-2023-39321 CVE-2023-29409
- Related: Jira:RHEL-4508
- Related: Jira:RHEL-7443
python-podman
[4.0.0-2]
- bump to v4.0.0
- Related: #2176055
runc
[1:1.1.5-2]
- rebuild for following CVEs: CVE-2022-41724
- Resolves: #2179971
skopeo
[2:1.6.2-9]
- rebuild because of CVE-2023-29406
- Resolves: #2236831
slirp4netns
[1.1.8-3]
- fix gating - don't use insecure functions - thanks to Marc-Andre Lureau
- Related: #2176055
udica
[0.2.6-4]
- sync with stream-container-tools-4.0-rhel-8.8.0
- Related: #2176055
- ID
- ELSA-2024-0121
- Severity
- moderate
- URL
- https://linux.oracle.com/errata/ELSA-2024-0121.html
- Published
-
2024-01-11T00:00:00
(8 months ago) - Modified
-
2024-01-11T00:00:00
(8 months ago) - Rights
- Copyright 2024 Oracle, Inc.
- Other Advisories
-
- ALAS-2022-1635
- ALAS-2023-1825
- ALAS-2023-1848
- ALAS-2023-1849
- ALAS2-2022-1851
- ALAS2-2022-1858
- ALAS2-2022-1859
- ALAS2-2022-1860
- ALAS2-2022-1861
- ALAS2-2022-1862
- ALAS2-2022-1863
- ALAS2-2022-1864
- ALAS2-2022-1865
- ALAS2-2022-1887
- ALAS2-2023-1913
- ALAS2-2023-2015
- ALAS2-2023-2208
- ALAS2-2023-2209
- ALAS2-2023-2210
- ALAS2-2023-2211
- ALAS2-2023-2229
- ALAS2-2023-2238
- ALAS2-2023-2303
- ALAS2-2023-2313
- ALPINE:CVE-2022-27664
- ALPINE:CVE-2022-2879
- ALPINE:CVE-2022-2880
- ALPINE:CVE-2022-41715
- ALPINE:CVE-2023-29409
- ALPINE:CVE-2023-39318
- ALPINE:CVE-2023-39319
- ALPINE:CVE-2023-39321
- ALPINE:CVE-2023-39322
- ALSA-2022:7129
- ALSA-2023:0328
- ALSA-2023:0446
- ALSA-2023:2167
- ALSA-2023:2177
- ALSA-2023:2193
- ALSA-2023:2204
- ALSA-2023:2236
- ALSA-2023:2357
- ALSA-2023:2758
- ALSA-2023:2780
- ALSA-2023:2784
- ALSA-2023:2785
- ALSA-2023:2802
- ALSA-2023:2866
- ALSA-2023:5738
- ALSA-2023:7762
- ALSA-2023:7763
- ALSA-2023:7764
- ALSA-2023:7765
- ALSA-2023:7766
- ALSA-2024:0121
- ALSA-2024:2160
- ALSA-2024:3254
- ELSA-2022-24267
- ELSA-2022-7129
- ELSA-2023-0328
- ELSA-2023-0446
- ELSA-2023-18908
- ELSA-2023-2167
- ELSA-2023-2177
- ELSA-2023-2204
- ELSA-2023-2357
- ELSA-2023-2592
- ELSA-2023-2758
- ELSA-2023-2780
- ELSA-2023-2784
- ELSA-2023-2785
- ELSA-2023-2802
- ELSA-2023-2866
- ELSA-2023-5738
- ELSA-2023-7762
- ELSA-2023-7763
- ELSA-2023-7764
- ELSA-2023-7765
- ELSA-2023-7766
- ELSA-2024-2988
- ELSA-2024-3254
- FEDORA-2022-0e313cc582
- FEDORA-2022-45097317b4
- FEDORA-2022-59a20edab2
- FEDORA-2022-67ec8c61d0
- FREEBSD:6FEA7103-2EA4-11ED-B403-3DAE8AC60D3E
- FREEBSD:854C2AFB-4424-11ED-AF97-ADCABF310F9B
- FREEBSD:BEB36F39-4D74-11EE-985E-BFF341E78D94
- GLSA-202209-26
- GLSA-202311-09
- GO-2022-0969
- GO-2022-1037
- GO-2022-1038
- GO-2022-1039
- GO-2023-1987
- GO-2023-2041
- GO-2023-2043
- GO-2023-2044
- GO-2023-2045
- MS:CVE-2022-27664
- openSUSE-SU-2023:0360-1
- RHBA-2023:6364
- RHBA-2023:6928
- RHSA-2022:7129
- RHSA-2023:0328
- RHSA-2023:0446
- RHSA-2023:2167
- RHSA-2023:2177
- RHSA-2023:2193
- RHSA-2023:2204
- RHSA-2023:2236
- RHSA-2023:2357
- RHSA-2023:2592
- RHSA-2023:2758
- RHSA-2023:2780
- RHSA-2023:2784
- RHSA-2023:2785
- RHSA-2023:2802
- RHSA-2023:2866
- RHSA-2023:5721
- RHSA-2023:5738
- RHSA-2023:7762
- RHSA-2023:7763
- RHSA-2023:7764
- RHSA-2023:7765
- RHSA-2023:7766
- RHSA-2024:0121
- RHSA-2024:2160
- RHSA-2024:2988
- RHSA-2024:3254
- RLSA-2022:7129
- RLSA-2023:0328
- RLSA-2023:0446
- SUSE-SU-2022:3325-1
- SUSE-SU-2022:3326-1
- SUSE-SU-2022:3668-1
- SUSE-SU-2022:3669-1
- SUSE-SU-2023:2182-1
- SUSE-SU-2023:2183-1
- SUSE-SU-2023:2185-1
- SUSE-SU-2023:2187-1
- SUSE-SU-2023:2312-1
- SUSE-SU-2023:2575-1
- SUSE-SU-2023:2578-1
- SUSE-SU-2023:2579-1
- SUSE-SU-2023:2598-1
- SUSE-SU-2023:3181-1
- SUSE-SU-2023:3263-1
- SUSE-SU-2023:3474-1
- SUSE-SU-2023:3700-1
- SUSE-SU-2023:3701-1
- SUSE-SU-2023:3840-1
- SUSE-SU-2023:3841-1
- SUSE-SU-2023:3861-1
- SUSE-SU-2023:3867-1
- SUSE-SU-2023:3868-1
- SUSE-SU-2023:3875-1
- SUSE-SU-2023:3885-1
- SUSE-SU-2023:3886-1
- SUSE-SU-2023:3888-1
- SUSE-SU-2023:4469-1
- SUSE-SU-2024:0191-1
- SUSE-SU-2024:0196-1
- SUSE-SU-2024:0486-1
- SUSE-SU-2024:0487-1
- USN-6038-1
- USN-6038-2
- USN-6574-1
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2024-0121 | https://linux.oracle.com/errata/ELSA-2024-0121.html | |
CVE | CVE-2022-27664 | https://linux.oracle.com/cve/CVE-2022-27664.html | |
CVE | CVE-2023-39322 | https://linux.oracle.com/cve/CVE-2023-39322.html | |
CVE | CVE-2023-29409 | https://linux.oracle.com/cve/CVE-2023-29409.html | |
CVE | CVE-2022-2879 | https://linux.oracle.com/cve/CVE-2022-2879.html | |
CVE | CVE-2023-39318 | https://linux.oracle.com/cve/CVE-2023-39318.html | |
CVE | CVE-2023-39321 | https://linux.oracle.com/cve/CVE-2023-39321.html | |
CVE | CVE-2022-2880 | https://linux.oracle.com/cve/CVE-2022-2880.html | |
CVE | CVE-2022-41715 | https://linux.oracle.com/cve/CVE-2022-41715.html | |
CVE | CVE-2023-39319 | https://linux.oracle.com/cve/CVE-2023-39319.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/udica?distro=oraclelinux-8.9 | oraclelinux | udica | < 0.2.6-4.module+el8.9.0+90119+2f9ef15c | oraclelinux-8.9 | ||
Affected | pkg:rpm/oraclelinux/slirp4netns?distro=oraclelinux-8.9 | oraclelinux | slirp4netns | < 1.1.8-3.module+el8.9.0+90119+2f9ef15c | oraclelinux-8.9 | ||
Affected | pkg:rpm/oraclelinux/skopeo?distro=oraclelinux-8.9 | oraclelinux | skopeo | < 1.6.2-9.module+el8.9.0+90119+2f9ef15c | oraclelinux-8.9 | ||
Affected | pkg:rpm/oraclelinux/skopeo-tests?distro=oraclelinux-8.9 | oraclelinux | skopeo-tests | < 1.6.2-9.module+el8.9.0+90119+2f9ef15c | oraclelinux-8.9 | ||
Affected | pkg:rpm/oraclelinux/runc?distro=oraclelinux-8.9 | oraclelinux | runc | < 1.1.5-2.module+el8.9.0+90119+2f9ef15c | oraclelinux-8.9 | ||
Affected | pkg:rpm/oraclelinux/python3-podman?distro=oraclelinux-8.9 | oraclelinux | python3-podman | < 4.0.0-2.module+el8.9.0+90119+2f9ef15c | oraclelinux-8.9 | ||
Affected | pkg:rpm/oraclelinux/python3-criu?distro=oraclelinux-8.9 | oraclelinux | python3-criu | < 3.15-3.module+el8.9.0+90119+2f9ef15c | oraclelinux-8.9 | ||
Affected | pkg:rpm/oraclelinux/podman?distro=oraclelinux-8.9 | oraclelinux | podman | < 4.0.2-25.module+el8.9.0+90119+2f9ef15c | oraclelinux-8.9 | ||
Affected | pkg:rpm/oraclelinux/podman-tests?distro=oraclelinux-8.9 | oraclelinux | podman-tests | < 4.0.2-25.module+el8.9.0+90119+2f9ef15c | oraclelinux-8.9 | ||
Affected | pkg:rpm/oraclelinux/podman-remote?distro=oraclelinux-8.9 | oraclelinux | podman-remote | < 4.0.2-25.module+el8.9.0+90119+2f9ef15c | oraclelinux-8.9 | ||
Affected | pkg:rpm/oraclelinux/podman-plugins?distro=oraclelinux-8.9 | oraclelinux | podman-plugins | < 4.0.2-25.module+el8.9.0+90119+2f9ef15c | oraclelinux-8.9 | ||
Affected | pkg:rpm/oraclelinux/podman-gvproxy?distro=oraclelinux-8.9 | oraclelinux | podman-gvproxy | < 4.0.2-25.module+el8.9.0+90119+2f9ef15c | oraclelinux-8.9 | ||
Affected | pkg:rpm/oraclelinux/podman-docker?distro=oraclelinux-8.9 | oraclelinux | podman-docker | < 4.0.2-25.module+el8.9.0+90119+2f9ef15c | oraclelinux-8.9 | ||
Affected | pkg:rpm/oraclelinux/podman-catatonit?distro=oraclelinux-8.9 | oraclelinux | podman-catatonit | < 4.0.2-25.module+el8.9.0+90119+2f9ef15c | oraclelinux-8.9 | ||
Affected | pkg:rpm/oraclelinux/oci-seccomp-bpf-hook?distro=oraclelinux-8.9 | oraclelinux | oci-seccomp-bpf-hook | < 1.2.5-2.module+el8.9.0+90119+2f9ef15c | oraclelinux-8.9 | ||
Affected | pkg:rpm/oraclelinux/netavark?distro=oraclelinux-8.9 | oraclelinux | netavark | < 1.0.1-38.0.1.module+el8.9.0+90119+2f9ef15c | oraclelinux-8.9 | ||
Affected | pkg:rpm/oraclelinux/libslirp?distro=oraclelinux-8.9 | oraclelinux | libslirp | < 4.4.0-1.module+el8.9.0+90119+2f9ef15c | oraclelinux-8.9 | ||
Affected | pkg:rpm/oraclelinux/libslirp-devel?distro=oraclelinux-8.9 | oraclelinux | libslirp-devel | < 4.4.0-1.module+el8.9.0+90119+2f9ef15c | oraclelinux-8.9 | ||
Affected | pkg:rpm/oraclelinux/fuse-overlayfs?distro=oraclelinux-8.9 | oraclelinux | fuse-overlayfs | < 1.9-2.module+el8.9.0+90119+2f9ef15c | oraclelinux-8.9 | ||
Affected | pkg:rpm/oraclelinux/crun?distro=oraclelinux-8.9 | oraclelinux | crun | < 1.8.7-1.module+el8.9.0+90119+2f9ef15c | oraclelinux-8.9 | ||
Affected | pkg:rpm/oraclelinux/criu?distro=oraclelinux-8.9 | oraclelinux | criu | < 3.15-3.module+el8.9.0+90119+2f9ef15c | oraclelinux-8.9 | ||
Affected | pkg:rpm/oraclelinux/criu-libs?distro=oraclelinux-8.9 | oraclelinux | criu-libs | < 3.15-3.module+el8.9.0+90119+2f9ef15c | oraclelinux-8.9 | ||
Affected | pkg:rpm/oraclelinux/criu-devel?distro=oraclelinux-8.9 | oraclelinux | criu-devel | < 3.15-3.module+el8.9.0+90119+2f9ef15c | oraclelinux-8.9 | ||
Affected | pkg:rpm/oraclelinux/crit?distro=oraclelinux-8.9 | oraclelinux | crit | < 3.15-3.module+el8.9.0+90119+2f9ef15c | oraclelinux-8.9 | ||
Affected | pkg:rpm/oraclelinux/containers-common?distro=oraclelinux-8.9 | oraclelinux | containers-common | < 1-38.0.1.module+el8.9.0+90119+2f9ef15c | oraclelinux-8.9 | ||
Affected | pkg:rpm/oraclelinux/containernetworking-plugins?distro=oraclelinux-8.9 | oraclelinux | containernetworking-plugins | < 1.1.1-6.module+el8.9.0+90119+2f9ef15c | oraclelinux-8.9 | ||
Affected | pkg:rpm/oraclelinux/container-selinux?distro=oraclelinux-8.9 | oraclelinux | container-selinux | < 2.205.0-3.module+el8.9.0+90119+2f9ef15c | oraclelinux-8.9 | ||
Affected | pkg:rpm/oraclelinux/conmon?distro=oraclelinux-8.9 | oraclelinux | conmon | < 2.1.4-2.module+el8.9.0+90119+2f9ef15c | oraclelinux-8.9 | ||
Affected | pkg:rpm/oraclelinux/cockpit-podman?distro=oraclelinux-8.9 | oraclelinux | cockpit-podman | < 46-1.module+el8.9.0+90119+2f9ef15c | oraclelinux-8.9 | ||
Affected | pkg:rpm/oraclelinux/buildah?distro=oraclelinux-8.9 | oraclelinux | buildah | < 1.24.6-7.module+el8.9.0+90119+2f9ef15c | oraclelinux-8.9 | ||
Affected | pkg:rpm/oraclelinux/buildah-tests?distro=oraclelinux-8.9 | oraclelinux | buildah-tests | < 1.24.6-7.module+el8.9.0+90119+2f9ef15c | oraclelinux-8.9 | ||
Affected | pkg:rpm/oraclelinux/aardvark-dns?distro=oraclelinux-8.9 | oraclelinux | aardvark-dns | < 1.0.1-38.0.1.module+el8.9.0+90119+2f9ef15c | oraclelinux-8.9 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |