[RHSA-2023:7765] podman security update

Severity Moderate

Affected Packages 21

CVEs 5

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.

Security Fix(es):

golang: crypto/tls: slow verification of certificate chains containing large RSA keys (CVE-2023-29409)
golang: html/template: improper handling of HTML-like comments within script contexts (CVE-2023-39318)
golang: html/template: improper handling of special tags within script contexts (CVE-2023-39319)
golang: crypto/tls: panic when processing post-handshake message on QUIC connections (CVE-2023-39321)
golang: crypto/tls: lack of a limit on buffered post-handshake (CVE-2023-39322)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Package	Affected Version
pkg:rpm/redhat/podman?arch=x86_64&distro=redhat-9.3	< 4.6.1-7.el9_3
pkg:rpm/redhat/podman?arch=s390x&distro=redhat-9.3	< 4.6.1-7.el9_3
pkg:rpm/redhat/podman?arch=ppc64le&distro=redhat-9.3	< 4.6.1-7.el9_3
pkg:rpm/redhat/podman?arch=aarch64&distro=redhat-9.3	< 4.6.1-7.el9_3
pkg:rpm/redhat/podman-tests?arch=x86_64&distro=redhat-9.3	< 4.6.1-7.el9_3
pkg:rpm/redhat/podman-tests?arch=s390x&distro=redhat-9.3	< 4.6.1-7.el9_3
pkg:rpm/redhat/podman-tests?arch=ppc64le&distro=redhat-9.3	< 4.6.1-7.el9_3
pkg:rpm/redhat/podman-tests?arch=aarch64&distro=redhat-9.3	< 4.6.1-7.el9_3
pkg:rpm/redhat/podman-remote?arch=x86_64&distro=redhat-9.3	< 4.6.1-7.el9_3
pkg:rpm/redhat/podman-remote?arch=s390x&distro=redhat-9.3	< 4.6.1-7.el9_3
pkg:rpm/redhat/podman-remote?arch=ppc64le&distro=redhat-9.3	< 4.6.1-7.el9_3
pkg:rpm/redhat/podman-remote?arch=aarch64&distro=redhat-9.3	< 4.6.1-7.el9_3
pkg:rpm/redhat/podman-plugins?arch=x86_64&distro=redhat-9.3	< 4.6.1-7.el9_3
pkg:rpm/redhat/podman-plugins?arch=s390x&distro=redhat-9.3	< 4.6.1-7.el9_3
pkg:rpm/redhat/podman-plugins?arch=ppc64le&distro=redhat-9.3	< 4.6.1-7.el9_3
pkg:rpm/redhat/podman-plugins?arch=aarch64&distro=redhat-9.3	< 4.6.1-7.el9_3
pkg:rpm/redhat/podman-gvproxy?arch=x86_64&distro=redhat-9.3	< 4.6.1-7.el9_3
pkg:rpm/redhat/podman-gvproxy?arch=s390x&distro=redhat-9.3	< 4.6.1-7.el9_3
pkg:rpm/redhat/podman-gvproxy?arch=ppc64le&distro=redhat-9.3	< 4.6.1-7.el9_3
pkg:rpm/redhat/podman-gvproxy?arch=aarch64&distro=redhat-9.3	< 4.6.1-7.el9_3
pkg:rpm/redhat/podman-docker?distro=redhat-9.3	< 4.6.1-7.el9_3

ID

RHSA-2023:7765

Severity

moderate

URL

https://access.redhat.com/errata/RHSA-2023:7765

Published

2023-12-12T00:00:00
(9 months ago)

Modified

2023-12-12T00:00:00
(9 months ago)

Rights

Other Advisories

Source	# ID	URL
Bugzilla	2228743	https://bugzilla.redhat.com/2228743
Bugzilla	2237773	https://bugzilla.redhat.com/2237773
Bugzilla	2237776	https://bugzilla.redhat.com/2237776
Bugzilla	2237777	https://bugzilla.redhat.com/2237777
Bugzilla	2237778	https://bugzilla.redhat.com/2237778
RHSA	RHSA-2023:7765	https://access.redhat.com/errata/RHSA-2023:7765
CVE	CVE-2023-29409	https://access.redhat.com/security/cve/CVE-2023-29409
CVE	CVE-2023-39318	https://access.redhat.com/security/cve/CVE-2023-39318
CVE	CVE-2023-39319	https://access.redhat.com/security/cve/CVE-2023-39319
CVE	CVE-2023-39321	https://access.redhat.com/security/cve/CVE-2023-39321
CVE	CVE-2023-39322	https://access.redhat.com/security/cve/CVE-2023-39322

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch
Affected	pkg:rpm/redhat/podman?arch=x86_64&distro=redhat-9.3	redhat	podman	< 4.6.1-7.el9_3	redhat-9.3	x86_64
Affected	pkg:rpm/redhat/podman?arch=s390x&distro=redhat-9.3	redhat	podman	< 4.6.1-7.el9_3	redhat-9.3	s390x
Affected	pkg:rpm/redhat/podman?arch=ppc64le&distro=redhat-9.3	redhat	podman	< 4.6.1-7.el9_3	redhat-9.3	ppc64le
Affected	pkg:rpm/redhat/podman?arch=aarch64&distro=redhat-9.3	redhat	podman	< 4.6.1-7.el9_3	redhat-9.3	aarch64
Affected	pkg:rpm/redhat/podman-tests?arch=x86_64&distro=redhat-9.3	redhat	podman-tests	< 4.6.1-7.el9_3	redhat-9.3	x86_64
Affected	pkg:rpm/redhat/podman-tests?arch=s390x&distro=redhat-9.3	redhat	podman-tests	< 4.6.1-7.el9_3	redhat-9.3	s390x
Affected	pkg:rpm/redhat/podman-tests?arch=ppc64le&distro=redhat-9.3	redhat	podman-tests	< 4.6.1-7.el9_3	redhat-9.3	ppc64le
Affected	pkg:rpm/redhat/podman-tests?arch=aarch64&distro=redhat-9.3	redhat	podman-tests	< 4.6.1-7.el9_3	redhat-9.3	aarch64
Affected	pkg:rpm/redhat/podman-remote?arch=x86_64&distro=redhat-9.3	redhat	podman-remote	< 4.6.1-7.el9_3	redhat-9.3	x86_64
Affected	pkg:rpm/redhat/podman-remote?arch=s390x&distro=redhat-9.3	redhat	podman-remote	< 4.6.1-7.el9_3	redhat-9.3	s390x
Affected	pkg:rpm/redhat/podman-remote?arch=ppc64le&distro=redhat-9.3	redhat	podman-remote	< 4.6.1-7.el9_3	redhat-9.3	ppc64le
Affected	pkg:rpm/redhat/podman-remote?arch=aarch64&distro=redhat-9.3	redhat	podman-remote	< 4.6.1-7.el9_3	redhat-9.3	aarch64
Affected	pkg:rpm/redhat/podman-plugins?arch=x86_64&distro=redhat-9.3	redhat	podman-plugins	< 4.6.1-7.el9_3	redhat-9.3	x86_64
Affected	pkg:rpm/redhat/podman-plugins?arch=s390x&distro=redhat-9.3	redhat	podman-plugins	< 4.6.1-7.el9_3	redhat-9.3	s390x
Affected	pkg:rpm/redhat/podman-plugins?arch=ppc64le&distro=redhat-9.3	redhat	podman-plugins	< 4.6.1-7.el9_3	redhat-9.3	ppc64le
Affected	pkg:rpm/redhat/podman-plugins?arch=aarch64&distro=redhat-9.3	redhat	podman-plugins	< 4.6.1-7.el9_3	redhat-9.3	aarch64
Affected	pkg:rpm/redhat/podman-gvproxy?arch=x86_64&distro=redhat-9.3	redhat	podman-gvproxy	< 4.6.1-7.el9_3	redhat-9.3	x86_64
Affected	pkg:rpm/redhat/podman-gvproxy?arch=s390x&distro=redhat-9.3	redhat	podman-gvproxy	< 4.6.1-7.el9_3	redhat-9.3	s390x
Affected	pkg:rpm/redhat/podman-gvproxy?arch=ppc64le&distro=redhat-9.3	redhat	podman-gvproxy	< 4.6.1-7.el9_3	redhat-9.3	ppc64le
Affected	pkg:rpm/redhat/podman-gvproxy?arch=aarch64&distro=redhat-9.3	redhat	podman-gvproxy	< 4.6.1-7.el9_3	redhat-9.3	aarch64
Affected	pkg:rpm/redhat/podman-docker?distro=redhat-9.3	redhat	podman-docker	< 4.6.1-7.el9_3	redhat-9.3

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date