[RHSA-2020:1926] container-tools:1.0 security and bug fix update
Severity
Important
Affected Packages
54
CVEs
1
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.
Security Fix(es):
- buildah: Crafted input tar file may lead to local file overwrite during image build process (CVE-2020-10696)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
conflicting requests: failed to install container-tools:1.0 (BZ#1813776)
podman run container error with avc denied (BZ#1816541)
- ID
- RHSA-2020:1926
- Severity
- important
- URL
- https://access.redhat.com/errata/RHSA-2020:1926
- Published
-
2020-04-28T00:00:00
(4 years ago) - Modified
-
2020-04-28T00:00:00
(4 years ago) - Rights
- Copyright 2020 Red Hat, Inc.
- Other Advisories
-
- ALPINE:CVE-2020-10696
- ALSA-2020:1926
- ALSA-2020:1931
- ALSA-2020:1932
- ELSA-2020-1926
- ELSA-2020-1931
- ELSA-2020-1932
- openSUSE-SU-2020:2106-1
- openSUSE-SU-2021:0310-1
- openSUSE-SU-2022:0770-1
- RHSA-2020:1931
- RHSA-2020:1932
- RLSA-2020:1926
- RLSA-2020:1931
- RLSA-2020:1932
- SUSE-SU-2020:3423-1
- SUSE-SU-2022:0770-1
- SUSE-SU-2022:3480-1
- SUSE-SU-2022:3655-1
- SUSE-SU-2022:3766-1
- SUSE-SU-2022:4349-1
- SUSE-SU-2022:4350-1
Source | # ID | Name | URL |
---|---|---|---|
Bugzilla | 1817651 | https://bugzilla.redhat.com/1817651 | |
RHSA | RHSA-2020:1926 | https://access.redhat.com/errata/RHSA-2020:1926 | |
CVE | CVE-2020-10696 | https://access.redhat.com/security/cve/CVE-2020-10696 |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/redhat/slirp4netns?arch=x86_64&distro=redhat-8.2 | redhat | slirp4netns | < 0.1-5.dev.gitc4e1bc5.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | x86_64 | |
Affected | pkg:rpm/redhat/slirp4netns?arch=s390x&distro=redhat-8.2 | redhat | slirp4netns | < 0.1-5.dev.gitc4e1bc5.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | s390x | |
Affected | pkg:rpm/redhat/slirp4netns?arch=ppc64le&distro=redhat-8.2 | redhat | slirp4netns | < 0.1-5.dev.gitc4e1bc5.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | ppc64le | |
Affected | pkg:rpm/redhat/slirp4netns?arch=aarch64&distro=redhat-8.2 | redhat | slirp4netns | < 0.1-5.dev.gitc4e1bc5.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | aarch64 | |
Affected | pkg:rpm/redhat/skopeo?arch=x86_64&distro=redhat-8.2 | redhat | skopeo | < 0.1.32-4.git1715c90.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | x86_64 | |
Affected | pkg:rpm/redhat/skopeo?arch=s390x&distro=redhat-8.2 | redhat | skopeo | < 0.1.32-4.git1715c90.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | s390x | |
Affected | pkg:rpm/redhat/skopeo?arch=ppc64le&distro=redhat-8.2 | redhat | skopeo | < 0.1.32-4.git1715c90.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | ppc64le | |
Affected | pkg:rpm/redhat/skopeo?arch=aarch64&distro=redhat-8.2 | redhat | skopeo | < 0.1.32-4.git1715c90.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | aarch64 | |
Affected | pkg:rpm/redhat/runc?arch=x86_64&distro=redhat-8.2 | redhat | runc | < 1.0.0-56.rc5.dev.git2abd837.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | x86_64 | |
Affected | pkg:rpm/redhat/runc?arch=s390x&distro=redhat-8.2 | redhat | runc | < 1.0.0-56.rc5.dev.git2abd837.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | s390x | |
Affected | pkg:rpm/redhat/runc?arch=ppc64le&distro=redhat-8.2 | redhat | runc | < 1.0.0-56.rc5.dev.git2abd837.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | ppc64le | |
Affected | pkg:rpm/redhat/runc?arch=aarch64&distro=redhat-8.2 | redhat | runc | < 1.0.0-56.rc5.dev.git2abd837.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | aarch64 | |
Affected | pkg:rpm/redhat/python3-criu?arch=x86_64&distro=redhat-8.2 | redhat | python3-criu | < 3.12-9.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | x86_64 | |
Affected | pkg:rpm/redhat/python3-criu?arch=s390x&distro=redhat-8.2 | redhat | python3-criu | < 3.12-9.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | s390x | |
Affected | pkg:rpm/redhat/python3-criu?arch=ppc64le&distro=redhat-8.2 | redhat | python3-criu | < 3.12-9.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | ppc64le | |
Affected | pkg:rpm/redhat/python3-criu?arch=aarch64&distro=redhat-8.2 | redhat | python3-criu | < 3.12-9.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | aarch64 | |
Affected | pkg:rpm/redhat/podman?arch=x86_64&distro=redhat-8.2 | redhat | podman | < 1.0.0-4.git921f98f.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | x86_64 | |
Affected | pkg:rpm/redhat/podman?arch=s390x&distro=redhat-8.2 | redhat | podman | < 1.0.0-4.git921f98f.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | s390x | |
Affected | pkg:rpm/redhat/podman?arch=ppc64le&distro=redhat-8.2 | redhat | podman | < 1.0.0-4.git921f98f.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | ppc64le | |
Affected | pkg:rpm/redhat/podman?arch=aarch64&distro=redhat-8.2 | redhat | podman | < 1.0.0-4.git921f98f.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | aarch64 | |
Affected | pkg:rpm/redhat/podman-docker?distro=redhat-8.2 | redhat | podman-docker | < 1.0.0-4.git921f98f.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | ||
Affected | pkg:rpm/redhat/oci-umount?arch=x86_64&distro=redhat-8.2 | redhat | oci-umount | < 2.3.4-2.git87f9237.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | x86_64 | |
Affected | pkg:rpm/redhat/oci-umount?arch=s390x&distro=redhat-8.2 | redhat | oci-umount | < 2.3.4-2.git87f9237.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | s390x | |
Affected | pkg:rpm/redhat/oci-umount?arch=ppc64le&distro=redhat-8.2 | redhat | oci-umount | < 2.3.4-2.git87f9237.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | ppc64le | |
Affected | pkg:rpm/redhat/oci-umount?arch=aarch64&distro=redhat-8.2 | redhat | oci-umount | < 2.3.4-2.git87f9237.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | aarch64 | |
Affected | pkg:rpm/redhat/oci-systemd-hook?arch=x86_64&distro=redhat-8.2 | redhat | oci-systemd-hook | < 0.1.15-2.git2d0b8a3.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | x86_64 | |
Affected | pkg:rpm/redhat/oci-systemd-hook?arch=s390x&distro=redhat-8.2 | redhat | oci-systemd-hook | < 0.1.15-2.git2d0b8a3.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | s390x | |
Affected | pkg:rpm/redhat/oci-systemd-hook?arch=ppc64le&distro=redhat-8.2 | redhat | oci-systemd-hook | < 0.1.15-2.git2d0b8a3.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | ppc64le | |
Affected | pkg:rpm/redhat/oci-systemd-hook?arch=aarch64&distro=redhat-8.2 | redhat | oci-systemd-hook | < 0.1.15-2.git2d0b8a3.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | aarch64 | |
Affected | pkg:rpm/redhat/fuse-overlayfs?arch=x86_64&distro=redhat-8.2 | redhat | fuse-overlayfs | < 0.3-5.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | x86_64 | |
Affected | pkg:rpm/redhat/fuse-overlayfs?arch=s390x&distro=redhat-8.2 | redhat | fuse-overlayfs | < 0.3-5.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | s390x | |
Affected | pkg:rpm/redhat/fuse-overlayfs?arch=ppc64le&distro=redhat-8.2 | redhat | fuse-overlayfs | < 0.3-5.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | ppc64le | |
Affected | pkg:rpm/redhat/fuse-overlayfs?arch=aarch64&distro=redhat-8.2 | redhat | fuse-overlayfs | < 0.3-5.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | aarch64 | |
Affected | pkg:rpm/redhat/criu?arch=x86_64&distro=redhat-8.2 | redhat | criu | < 3.12-9.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | x86_64 | |
Affected | pkg:rpm/redhat/criu?arch=s390x&distro=redhat-8.2 | redhat | criu | < 3.12-9.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | s390x | |
Affected | pkg:rpm/redhat/criu?arch=ppc64le&distro=redhat-8.2 | redhat | criu | < 3.12-9.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | ppc64le | |
Affected | pkg:rpm/redhat/criu?arch=aarch64&distro=redhat-8.2 | redhat | criu | < 3.12-9.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | aarch64 | |
Affected | pkg:rpm/redhat/crit?arch=x86_64&distro=redhat-8.2 | redhat | crit | < 3.12-9.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | x86_64 | |
Affected | pkg:rpm/redhat/crit?arch=s390x&distro=redhat-8.2 | redhat | crit | < 3.12-9.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | s390x | |
Affected | pkg:rpm/redhat/crit?arch=ppc64le&distro=redhat-8.2 | redhat | crit | < 3.12-9.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | ppc64le | |
Affected | pkg:rpm/redhat/crit?arch=aarch64&distro=redhat-8.2 | redhat | crit | < 3.12-9.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | aarch64 | |
Affected | pkg:rpm/redhat/containers-common?arch=x86_64&distro=redhat-8.2 | redhat | containers-common | < 0.1.32-4.git1715c90.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | x86_64 | |
Affected | pkg:rpm/redhat/containers-common?arch=s390x&distro=redhat-8.2 | redhat | containers-common | < 0.1.32-4.git1715c90.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | s390x | |
Affected | pkg:rpm/redhat/containers-common?arch=ppc64le&distro=redhat-8.2 | redhat | containers-common | < 0.1.32-4.git1715c90.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | ppc64le | |
Affected | pkg:rpm/redhat/containers-common?arch=aarch64&distro=redhat-8.2 | redhat | containers-common | < 0.1.32-4.git1715c90.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | aarch64 | |
Affected | pkg:rpm/redhat/containernetworking-plugins?arch=x86_64&distro=redhat-8.2 | redhat | containernetworking-plugins | < 0.7.4-3.git9ebe139.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | x86_64 | |
Affected | pkg:rpm/redhat/containernetworking-plugins?arch=s390x&distro=redhat-8.2 | redhat | containernetworking-plugins | < 0.7.4-3.git9ebe139.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | s390x | |
Affected | pkg:rpm/redhat/containernetworking-plugins?arch=ppc64le&distro=redhat-8.2 | redhat | containernetworking-plugins | < 0.7.4-3.git9ebe139.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | ppc64le | |
Affected | pkg:rpm/redhat/containernetworking-plugins?arch=aarch64&distro=redhat-8.2 | redhat | containernetworking-plugins | < 0.7.4-3.git9ebe139.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | aarch64 | |
Affected | pkg:rpm/redhat/container-selinux?distro=redhat-8.2 | redhat | container-selinux | < 2.124.0-1.gitf958d0c.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | ||
Affected | pkg:rpm/redhat/buildah?arch=x86_64&distro=redhat-8.2 | redhat | buildah | < 1.5-4.gite94b4f9.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | x86_64 | |
Affected | pkg:rpm/redhat/buildah?arch=s390x&distro=redhat-8.2 | redhat | buildah | < 1.5-4.gite94b4f9.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | s390x | |
Affected | pkg:rpm/redhat/buildah?arch=ppc64le&distro=redhat-8.2 | redhat | buildah | < 1.5-4.gite94b4f9.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | ppc64le | |
Affected | pkg:rpm/redhat/buildah?arch=aarch64&distro=redhat-8.2 | redhat | buildah | < 1.5-4.gite94b4f9.module+el8.2.0+6370+6fb6c8ca | redhat-8.2 | aarch64 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |