[RLBA-2022:0348] container-tools:3.0 security, bug fix, and enhancement update

Severity None

Affected Packages 24

CVEs 1

An update is available for fuse-overlayfs, container-selinux, udica, runc, toolbox, podman, conmon, skopeo, crun, libslirp, oci-seccomp-bpf-hook, slirp4netns, containernetworking-plugins, buildah, criu, cockpit-podman. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.

For detailed information on changes in this release, see the Rocky Linux 8 Release Notes linked from the References section.

Package	Affected Version
pkg:rpm/rockylinux/udica?arch=noarch&distro=rockylinux-8.7	< 0.2.4-1.module+el8.7.0+1076+9b1c11c1
pkg:rpm/rockylinux/toolbox?arch=x86_64&distro=rockylinux-8.7	< 0.0.99.3-1.module+el8.7.0+1076+9b1c11c1
pkg:rpm/rockylinux/toolbox?arch=aarch64&distro=rockylinux-8.7	< 0.0.99.3-1.module+el8.7.0+1076+9b1c11c1
pkg:rpm/rockylinux/toolbox-tests?arch=x86_64&distro=rockylinux-8.7	< 0.0.99.3-1.module+el8.7.0+1076+9b1c11c1
pkg:rpm/rockylinux/toolbox-tests?arch=aarch64&distro=rockylinux-8.7	< 0.0.99.3-1.module+el8.7.0+1076+9b1c11c1
pkg:rpm/rockylinux/slirp4netns?arch=x86_64&distro=rockylinux-8.7	< 1.1.8-1.module+el8.7.0+1076+9b1c11c1
pkg:rpm/rockylinux/slirp4netns?arch=aarch64&distro=rockylinux-8.7	< 1.1.8-1.module+el8.7.0+1076+9b1c11c1
pkg:rpm/rockylinux/python3-criu?arch=x86_64&distro=rockylinux-8.7	< 3.15-1.module+el8.7.0+1076+9b1c11c1
pkg:rpm/rockylinux/python3-criu?arch=aarch64&distro=rockylinux-8.7	< 3.15-1.module+el8.7.0+1076+9b1c11c1
pkg:rpm/rockylinux/oci-seccomp-bpf-hook?arch=x86_64&distro=rockylinux-8.7	< 1.2.0-3.module+el8.7.0+1076+9b1c11c1
pkg:rpm/rockylinux/oci-seccomp-bpf-hook?arch=aarch64&distro=rockylinux-8.7	< 1.2.0-3.module+el8.7.0+1076+9b1c11c1
pkg:rpm/rockylinux/libslirp?arch=x86_64&distro=rockylinux-8.7	< 4.3.1-1.module+el8.7.0+1076+9b1c11c1
pkg:rpm/rockylinux/libslirp?arch=aarch64&distro=rockylinux-8.7	< 4.3.1-1.module+el8.7.0+1076+9b1c11c1
pkg:rpm/rockylinux/libslirp-devel?arch=x86_64&distro=rockylinux-8.7	< 4.3.1-1.module+el8.7.0+1076+9b1c11c1
pkg:rpm/rockylinux/libslirp-devel?arch=aarch64&distro=rockylinux-8.7	< 4.3.1-1.module+el8.7.0+1076+9b1c11c1
pkg:rpm/rockylinux/fuse-overlayfs?arch=x86_64&distro=rockylinux-8.7	< 1.4.0-2.module+el8.7.0+1076+9b1c11c1
pkg:rpm/rockylinux/fuse-overlayfs?arch=aarch64&distro=rockylinux-8.7	< 1.4.0-2.module+el8.7.0+1076+9b1c11c1
pkg:rpm/rockylinux/criu?arch=x86_64&distro=rockylinux-8.7	< 3.15-1.module+el8.7.0+1076+9b1c11c1
pkg:rpm/rockylinux/criu?arch=aarch64&distro=rockylinux-8.7	< 3.15-1.module+el8.7.0+1076+9b1c11c1
pkg:rpm/rockylinux/crit?arch=x86_64&distro=rockylinux-8.7	< 3.15-1.module+el8.7.0+1076+9b1c11c1
pkg:rpm/rockylinux/crit?arch=aarch64&distro=rockylinux-8.7	< 3.15-1.module+el8.7.0+1076+9b1c11c1
pkg:rpm/rockylinux/containernetworking-plugins?arch=x86_64&distro=rockylinux-8.7	< 0.9.1-1.module+el8.7.0+1076+9b1c11c1
pkg:rpm/rockylinux/containernetworking-plugins?arch=aarch64&distro=rockylinux-8.7	< 0.9.1-1.module+el8.7.0+1076+9b1c11c1
pkg:rpm/rockylinux/cockpit-podman?arch=noarch&distro=rockylinux-8.7	< 29-2.module+el8.7.0+1076+9b1c11c1

ID

RLBA-2022:0348

Severity

none

URL

https://errata.rockylinux.org/RLBA-2022:0348

Published

2022-02-01T20:06:52
(2 years ago)

Modified

2023-02-02T13:34:05
(19 months ago)

Rights

Other Advisories

Source	# ID	URL
CVE	CVE-2021-20291	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20291
Bugzilla	2036929	https://bugzilla.redhat.com/show_bug.cgi?id=2036929
Self	RLBA-2022:0348	https://errata.rockylinux.org/RLBA-2022:0348

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform	Arch
Affected	pkg:rpm/rockylinux/udica?arch=noarch&distro=rockylinux-8.7	rockylinux	udica	< 0.2.4-1.module+el8.7.0+1076+9b1c11c1	rockylinux-8.7	noarch
Affected	pkg:rpm/rockylinux/toolbox?arch=x86_64&distro=rockylinux-8.7	rockylinux	toolbox	< 0.0.99.3-1.module+el8.7.0+1076+9b1c11c1	rockylinux-8.7	x86_64
Affected	pkg:rpm/rockylinux/toolbox?arch=aarch64&distro=rockylinux-8.7	rockylinux	toolbox	< 0.0.99.3-1.module+el8.7.0+1076+9b1c11c1	rockylinux-8.7	aarch64
Affected	pkg:rpm/rockylinux/toolbox-tests?arch=x86_64&distro=rockylinux-8.7	rockylinux	toolbox-tests	< 0.0.99.3-1.module+el8.7.0+1076+9b1c11c1	rockylinux-8.7	x86_64
Affected	pkg:rpm/rockylinux/toolbox-tests?arch=aarch64&distro=rockylinux-8.7	rockylinux	toolbox-tests	< 0.0.99.3-1.module+el8.7.0+1076+9b1c11c1	rockylinux-8.7	aarch64
Affected	pkg:rpm/rockylinux/slirp4netns?arch=x86_64&distro=rockylinux-8.7	rockylinux	slirp4netns	< 1.1.8-1.module+el8.7.0+1076+9b1c11c1	rockylinux-8.7	x86_64
Affected	pkg:rpm/rockylinux/slirp4netns?arch=aarch64&distro=rockylinux-8.7	rockylinux	slirp4netns	< 1.1.8-1.module+el8.7.0+1076+9b1c11c1	rockylinux-8.7	aarch64
Affected	pkg:rpm/rockylinux/python3-criu?arch=x86_64&distro=rockylinux-8.7	rockylinux	python3-criu	< 3.15-1.module+el8.7.0+1076+9b1c11c1	rockylinux-8.7	x86_64
Affected	pkg:rpm/rockylinux/python3-criu?arch=aarch64&distro=rockylinux-8.7	rockylinux	python3-criu	< 3.15-1.module+el8.7.0+1076+9b1c11c1	rockylinux-8.7	aarch64
Affected	pkg:rpm/rockylinux/oci-seccomp-bpf-hook?arch=x86_64&distro=rockylinux-8.7	rockylinux	oci-seccomp-bpf-hook	< 1.2.0-3.module+el8.7.0+1076+9b1c11c1	rockylinux-8.7	x86_64
Affected	pkg:rpm/rockylinux/oci-seccomp-bpf-hook?arch=aarch64&distro=rockylinux-8.7	rockylinux	oci-seccomp-bpf-hook	< 1.2.0-3.module+el8.7.0+1076+9b1c11c1	rockylinux-8.7	aarch64
Affected	pkg:rpm/rockylinux/libslirp?arch=x86_64&distro=rockylinux-8.7	rockylinux	libslirp	< 4.3.1-1.module+el8.7.0+1076+9b1c11c1	rockylinux-8.7	x86_64
Affected	pkg:rpm/rockylinux/libslirp?arch=aarch64&distro=rockylinux-8.7	rockylinux	libslirp	< 4.3.1-1.module+el8.7.0+1076+9b1c11c1	rockylinux-8.7	aarch64
Affected	pkg:rpm/rockylinux/libslirp-devel?arch=x86_64&distro=rockylinux-8.7	rockylinux	libslirp-devel	< 4.3.1-1.module+el8.7.0+1076+9b1c11c1	rockylinux-8.7	x86_64
Affected	pkg:rpm/rockylinux/libslirp-devel?arch=aarch64&distro=rockylinux-8.7	rockylinux	libslirp-devel	< 4.3.1-1.module+el8.7.0+1076+9b1c11c1	rockylinux-8.7	aarch64
Affected	pkg:rpm/rockylinux/fuse-overlayfs?arch=x86_64&distro=rockylinux-8.7	rockylinux	fuse-overlayfs	< 1.4.0-2.module+el8.7.0+1076+9b1c11c1	rockylinux-8.7	x86_64
Affected	pkg:rpm/rockylinux/fuse-overlayfs?arch=aarch64&distro=rockylinux-8.7	rockylinux	fuse-overlayfs	< 1.4.0-2.module+el8.7.0+1076+9b1c11c1	rockylinux-8.7	aarch64
Affected	pkg:rpm/rockylinux/criu?arch=x86_64&distro=rockylinux-8.7	rockylinux	criu	< 3.15-1.module+el8.7.0+1076+9b1c11c1	rockylinux-8.7	x86_64
Affected	pkg:rpm/rockylinux/criu?arch=aarch64&distro=rockylinux-8.7	rockylinux	criu	< 3.15-1.module+el8.7.0+1076+9b1c11c1	rockylinux-8.7	aarch64
Affected	pkg:rpm/rockylinux/crit?arch=x86_64&distro=rockylinux-8.7	rockylinux	crit	< 3.15-1.module+el8.7.0+1076+9b1c11c1	rockylinux-8.7	x86_64
Affected	pkg:rpm/rockylinux/crit?arch=aarch64&distro=rockylinux-8.7	rockylinux	crit	< 3.15-1.module+el8.7.0+1076+9b1c11c1	rockylinux-8.7	aarch64
Affected	pkg:rpm/rockylinux/containernetworking-plugins?arch=x86_64&distro=rockylinux-8.7	rockylinux	containernetworking-plugins	< 0.9.1-1.module+el8.7.0+1076+9b1c11c1	rockylinux-8.7	x86_64
Affected	pkg:rpm/rockylinux/containernetworking-plugins?arch=aarch64&distro=rockylinux-8.7	rockylinux	containernetworking-plugins	< 0.9.1-1.module+el8.7.0+1076+9b1c11c1	rockylinux-8.7	aarch64
Affected	pkg:rpm/rockylinux/cockpit-podman?arch=noarch&distro=rockylinux-8.7	rockylinux	cockpit-podman	< 29-2.module+el8.7.0+1076+9b1c11c1	rockylinux-8.7	noarch

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date