[RHSA-2022:7954] podman security and bug fix update
Severity
Moderate
Affected Packages
21
CVEs
8
The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.
Security Fix(es):
golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension (CVE-2020-28851)
golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag (CVE-2020-28852)
podman: podman machine spawns gvproxy with port bound to all IPs (CVE-2021-4024)
podman: Remote traffic to rootless containers is seen as orginating from localhost (CVE-2021-20199)
containers/storage: DoS via malicious image (CVE-2021-20291)
golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty (CVE-2021-33197)
golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558)
golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section.
- ID
- RHSA-2022:7954
- Severity
- moderate
- URL
- https://access.redhat.com/errata/RHSA-2022:7954
- Published
-
2022-11-15T00:00:00
(22 months ago) - Modified
-
2022-11-15T00:00:00
(22 months ago) - Rights
- Copyright 2022 Red Hat, Inc.
- Other Advisories
-
-
ALAS-2021-1527
-
ALAS-2022-1635
-
ALAS-2023-1825
-
ALAS2-2021-1694
-
ALAS2-2022-1830
-
ALAS2-2022-1846
-
ALAS2-2022-1847
-
ALAS2-2022-1858
-
ALAS2-2022-1859
-
ALAS2-2022-1860
-
ALAS2-2022-1861
-
ALAS2-2022-1862
-
ALAS2-2022-1863
-
ALAS2-2022-1864
-
ALAS2-2022-1865
-
ALAS2-2023-2238
-
ALBA-2022:0348
-
ALPINE:CVE-2021-20199
-
ALPINE:CVE-2021-33197
-
ALPINE:CVE-2021-34558
-
ALPINE:CVE-2021-4024
-
ALPINE:CVE-2022-27191
-
ALSA-2021:1796
-
ALSA-2021:3076
-
ALSA-2021:4154
-
ALSA-2021:4156
-
ALSA-2021:4226
-
ALSA-2022:7129
-
ALSA-2022:7469
-
ALSA-2022:7954
-
ALSA-2022:7955
-
ALSA-2022:8008
-
ASA-202106-42
-
ASA-202107-42
-
ELSA-2021-1796
-
ELSA-2021-3076
-
ELSA-2021-4154
-
ELSA-2021-4226
-
ELSA-2022-7129
-
ELSA-2022-7457
-
ELSA-2022-7469
-
ELSA-2022-7954
-
ELSA-2022-7955
-
ELSA-2022-8008
-
ELSA-2024-2988
-
FEDORA-2021-07e4d20196
-
FEDORA-2021-1bfb61f77c
-
FEDORA-2021-25c0011e78
-
FEDORA-2021-3a55403080
-
FEDORA-2021-47d259d3cf
-
FEDORA-2021-54f88bebd4
-
FEDORA-2021-6ac9b98f9e
-
FEDORA-2021-6bc3fe7129
-
FEDORA-2021-6bd024d2a7
-
FEDORA-2021-83b3740389
-
FEDORA-2021-a3703b9dc8
-
FEDORA-2021-c35235c250
-
FEDORA-2021-c56a213327
-
FEDORA-2021-ec00da7faa
-
FEDORA-2021-ffa749f7f7
-
FEDORA-2022-08ae2dd481
-
FEDORA-2022-13ad572b5a
-
FEDORA-2022-14712f9699
-
FEDORA-2022-30c5ed5625
-
FEDORA-2022-3969b64d4b
-
FEDORA-2022-3a63897745
-
FEDORA-2022-3e1ade35db
-
FEDORA-2022-4a48180f3f
-
FEDORA-2022-4b5537c44c
-
FEDORA-2022-5038c3236c
-
FEDORA-2022-53e0f427dd
-
FEDORA-2022-5cbd6de569
-
FEDORA-2022-5e637f6cc6
-
FEDORA-2022-5ef0bd9a27
-
FEDORA-2022-6716cd0da2
-
FEDORA-2022-739c7a0058
-
FEDORA-2022-741325e9a0
-
FEDORA-2022-8bf5635efc
-
FEDORA-2022-9986fbb3d7
-
FEDORA-2022-9a9a638d09
-
FEDORA-2022-a4c9009f3e
-
FEDORA-2022-b0bd0219ff
-
FEDORA-2022-ba365d3703
-
FEDORA-2022-c87047f163
-
FEDORA-2022-d37fb34309
-
FEDORA-2022-e674d52438
-
FEDORA-2022-ea8f4e232d
-
FEDORA-2022-fae3ecee19
-
FEDORA-2023-e8c27ba884
-
FEDORA-2024-80e062d21a
-
FEDORA-2024-9cc0e0c63e
-
FEDORA-2024-d652859efb
-
FREEBSD:079B3641-C4BD-11EB-A22A-693F0544AE52
-
FREEBSD:C365536D-E3CF-11EB-9D8D-B37B683944C2
-
GLSA-202208-02
-
GLSA-202407-12
-
GO-2021-0100
-
GO-2021-0241
-
GO-2021-0243
-
GO-2021-0356
-
MS:CVE-2021-20199
-
MS:CVE-2021-34558
-
openSUSE-SU-2021:0950-1
-
openSUSE-SU-2021:1078-1
-
openSUSE-SU-2021:1079-1
-
openSUSE-SU-2021:2186-1
-
openSUSE-SU-2021:2214-1
-
openSUSE-SU-2021:2392-1
-
openSUSE-SU-2021:2398-1
-
RHBA-2022:0348
-
RHSA-2021:1796
-
RHSA-2021:3076
-
RHSA-2021:4154
-
RHSA-2021:4156
-
RHSA-2021:4226
-
RHSA-2022:7129
-
RHSA-2022:7457
-
RHSA-2022:7469
-
RHSA-2022:7955
-
RHSA-2022:8008
-
RHSA-2024:2988
-
RLBA-2022:0348
-
RLSA-2021:1796
-
RLSA-2021:4154
-
RLSA-2022:7129
-
RLSA-2022:7457
-
RLSA-2022:7469
-
SUSE-SU-2021:2186-1
-
SUSE-SU-2021:2214-1
-
SUSE-SU-2021:2392-1
-
SUSE-SU-2021:2398-1
-
SUSE-SU-2022:1507-1
-
SUSE-SU-2022:1689-1
-
SUSE-SU-2022:2834-1
-
SUSE-SU-2022:2839-1
-
SUSE-SU-2022:2839-2
-
SUSE-SU-2022:3312-1
-
SUSE-SU-2022:4409-1
-
SUSE-SU-2022:4463-1
-
SUSE-SU-2023:0187-1
-
SUSE-SU-2023:0326-1
-
SUSE-SU-2023:2183-1
-
SUSE-SU-2023:2185-1
-
SUSE-SU-2023:2187-1
-
SUSE-SU-2023:2579-1
-
SUSE-SU-2024:0191-1
-
USN-5873-1
-
| Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
|---|---|---|---|---|---|---|---|
| Affected | pkg:rpm/redhat/podman?arch=x86_64&distro=redhat-9 | redhat |
 podman
|
< 4.2.0-3.el9 | redhat-9 | x86_64 | |
| Affected | pkg:rpm/redhat/podman?arch=s390x&distro=redhat-9 | redhat |
podman
|
< 4.2.0-3.el9 | redhat-9 | s390x | |
| Affected | pkg:rpm/redhat/podman?arch=ppc64le&distro=redhat-9 | redhat |
podman
|
< 4.2.0-3.el9 | redhat-9 | ppc64le | |
| Affected | pkg:rpm/redhat/podman?arch=aarch64&distro=redhat-9 | redhat |
podman
|
< 4.2.0-3.el9 | redhat-9 | aarch64 | |
| Affected | pkg:rpm/redhat/podman-tests?arch=x86_64&distro=redhat-9 | redhat |
podman-tests
|
< 4.2.0-3.el9 | redhat-9 | x86_64 | |
| Affected | pkg:rpm/redhat/podman-tests?arch=s390x&distro=redhat-9 | redhat |
podman-tests
|
< 4.2.0-3.el9 | redhat-9 | s390x | |
| Affected | pkg:rpm/redhat/podman-tests?arch=ppc64le&distro=redhat-9 | redhat |
podman-tests
|
< 4.2.0-3.el9 | redhat-9 | ppc64le | |
| Affected | pkg:rpm/redhat/podman-tests?arch=aarch64&distro=redhat-9 | redhat |
podman-tests
|
< 4.2.0-3.el9 | redhat-9 | aarch64 | |
| Affected | pkg:rpm/redhat/podman-remote?arch=x86_64&distro=redhat-9 | redhat |
podman-remote
|
< 4.2.0-3.el9 | redhat-9 | x86_64 | |
| Affected | pkg:rpm/redhat/podman-remote?arch=s390x&distro=redhat-9 | redhat |
podman-remote
|
< 4.2.0-3.el9 | redhat-9 | s390x | |
| Affected | pkg:rpm/redhat/podman-remote?arch=ppc64le&distro=redhat-9 | redhat |
podman-remote
|
< 4.2.0-3.el9 | redhat-9 | ppc64le | |
| Affected | pkg:rpm/redhat/podman-remote?arch=aarch64&distro=redhat-9 | redhat |
podman-remote
|
< 4.2.0-3.el9 | redhat-9 | aarch64 | |
| Affected | pkg:rpm/redhat/podman-plugins?arch=x86_64&distro=redhat-9 | redhat |
podman-plugins
|
< 4.2.0-3.el9 | redhat-9 | x86_64 | |
| Affected | pkg:rpm/redhat/podman-plugins?arch=s390x&distro=redhat-9 | redhat |
podman-plugins
|
< 4.2.0-3.el9 | redhat-9 | s390x | |
| Affected | pkg:rpm/redhat/podman-plugins?arch=ppc64le&distro=redhat-9 | redhat |
podman-plugins
|
< 4.2.0-3.el9 | redhat-9 | ppc64le | |
| Affected | pkg:rpm/redhat/podman-plugins?arch=aarch64&distro=redhat-9 | redhat |
podman-plugins
|
< 4.2.0-3.el9 | redhat-9 | aarch64 | |
| Affected | pkg:rpm/redhat/podman-gvproxy?arch=x86_64&distro=redhat-9 | redhat |
podman-gvproxy
|
< 4.2.0-3.el9 | redhat-9 | x86_64 | |
| Affected | pkg:rpm/redhat/podman-gvproxy?arch=s390x&distro=redhat-9 | redhat |
podman-gvproxy
|
< 4.2.0-3.el9 | redhat-9 | s390x | |
| Affected | pkg:rpm/redhat/podman-gvproxy?arch=ppc64le&distro=redhat-9 | redhat |
podman-gvproxy
|
< 4.2.0-3.el9 | redhat-9 | ppc64le | |
| Affected | pkg:rpm/redhat/podman-gvproxy?arch=aarch64&distro=redhat-9 | redhat |
podman-gvproxy
|
< 4.2.0-3.el9 | redhat-9 | aarch64 | |
| Affected | pkg:rpm/redhat/podman-docker?distro=redhat-9 | redhat |
podman-docker
|
< 4.2.0-3.el9 | redhat-9 |
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
|---|---|---|---|---|---|---|---|---|---|---|---|
| # CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |