container-tools:ol8 security, bug fix, and enhancement update

2020-08-0600:00:00

linux.oracle.com

8.6 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

JSON

buildah
[1.14.9-1.0.1]

Fixes troubles with oracle registry login [Orabug: 29937283]
[1.14.9-1]
update to https://github.com/containers/buildah/releases/tag/v1.14.9
Related: RHELPLAN-39206
[1.14.8-2]
make container-selinux a soft dependency
Related: #1806044
[1.14.8-1]
update to https://github.com/containers/buildah/releases/tag/v1.14.8
Related: RHELPLAN-39206
[1.14.7-1]
initial rhel8-8.2.1 build
update to https://github.com/containers/buildah/releases/tag/v1.14.7
Related: RHELPLAN-39206
cockpit-podman
[17-1]
update to https://github.com/cockpit-project/cockpit-podman/releases/tag/17
Related: RHELPLAN-39206
[16-1]
update to https://github.com/cockpit-project/cockpit-podman/releases/tag/v16
Related: RHELPLAN-39206
[15-1]
update to https://github.com/cockpit-project/cockpit-podman/releases/tag/15
Related: RHELPLAN-39206
[12-1]
Configure CPU share for system containers
Translation updates
conmon
[2:2.0.17-1.0.1]
Remove upstream references [Orabug: 30871880]
[2:2.0.17-1]
update to https://github.com/containers/conmon/releases/tag/v2.0.17
Related: RHELPLAN-39206
[2:2.0.16-1]
update to https://github.com/containers/conmon/releases/tag/v2.0.16
Related: RHELPLAN-39206
[2:2.0.15-1]
update to 2.0.15
Related: #1821204
containernetworking-plugins
[0.8.6-1]
update to https://github.com/containernetworking/plugins/releases/tag/v0.8.6
Related: RHELPLAN-39206
[0.8.5-1]
update to https://github.com/containernetworking/plugins/archive/v0.8.5.tar.gz
Related: RHELPLAN-39206
container-selinux
[2:2.135.0-1]
update to https://github.com/containers/container-selinux/releases/tag/v2.135.0
Related: RHELPLAN-39206
[2:2.134.0-1]
update to https://github.com/containers/container-selinux/releases/tag/v2.134.0
Related: RHELPLAN-39206
[2:2.132.0-2]
sync with Fedora and install selinux contexts file into /usr/share/containers/selinux/contexts
(thanks to Dan Walsh)
do not print error in RPM transaction log when customizable_types file is missing
Related: RHELPLAN-39206
[2:2.132.0-1]
update to https://github.com/containers/container-selinux/releases/tag/v2.132.0
Related: RHELPLAN-39206
[2:2.131.0-1]
update to https://github.com/containers/container-selinux/releases/tag/v2.131.0
Related: RHELPLAN-39206
[2:2.130.0-1]
update to https://github.com/containers/container-selinux/releases/tag/v2.130.0
dont use macros in changelog
Related: #1821204
criu
[3.14-2]
fix ‘Need to fix bugs found by coverity.’
Resolves: #1838991
[3.14-1]
update to https://github.com/checkpoint-restore/criu/releases/tag/v3.14
Related: RHELPLAN-39206
[3.13-1]
update to 3.13
Related: RHELPLAN-39206
fuse-overlayfs
[1.0.0-2]
remove bogus Provides from spec
Related: RHELPLAN-39206
[1.0.0-1]
update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.0.0
Related: RHELPLAN-39206
libslirp
[4.3.0-3]
fix static analysis issues merged upstream
(https://gitlab.freedesktop.org/slirp/libslirp/-/merge_requests/41)
Related: #1823657
[4.3.0-2]
initial libslirp build for container-tools 8.2.1 module
Resolves: #1823657
[4.3.0-1]
New v4.3.0 release
podman
[1.9.3-2.0.1]
delivering fix for [Orabug: 29874238] by Nikita Gerasimov
[1.9.3-2]
fix ‘Signature verification incorrectly uses mirrors references’
Resolves: #1829061
[1.9.3-1]
update to https://github.com/containers/libpod/releases/tag/v1.9.3
Related: RHELPLAN-39206
[1.9.2-3]
fix ‘Podman support for FIPS Mode requires a bind mount inside the container’
version the oci-systemd-hook obsolete
Related: #1784950
Related: #1836180
[1.9.2-2]
obsolete oci-systemd-hook package
Resolves: #1836180
[1.9.2-1]
update to https://github.com/containers/libpod/releases/tag/v1.9.2
Related: RHELPLAN-39206
[1.9.1-2]
make container-selinux a soft dependency
Related: #1806044
[1.9.1-1]
update to https://github.com/containers/libpod/releases/tag/v1.9.1
Related: RHELPLAN-39206
[1.9.0-2]
remove containers-mounts.conf man page, this is shipped by skopeo: containers-common subpackage
Related: RHELPLAN-39206
[1.9.0-1]
update to https://github.com/containers/libpod/releases/tag/v1.9.0
Related: RHELPLAN-39206
python-podman-api
[1.2.0-0.2.gitd0a45fe]
revert update to 1.6.0 due to new python3-pbr dependency which
is not in RHEL
Related: RHELPLAN-25139
[1.2.0-0.1.gitd0a45fe]
Initial package
runc
[1.0.0-66.rc10]
drop container-selinux runtime dependency
Related: #1806044
[1.0.0-65.rc10]
address CVE-2019-19921 by updating to rc10
Resolves: #1801887
[1.0.0-64.rc9]
use no_openssl in BUILDTAGS (no vendored crypto in runc)
Related: RHELPLAN-25139
[1.0.0-63.rc9]
be sure to use golang >= 1.12.12-4
Related: RHELPLAN-25139
[1.0.0-62.rc9]
rebuild because of CVE-2019-9512 and CVE-2019-9514
Resolves: #1766331, #1766303
[1.0.0-61.rc9]
update to runc 1.0.0-rc9 release
amend golang deps
fixes CVE-2019-16884
Resolves: #1759651
[1.0.0-60.rc8]
Resolves: #1721247 - enable fips mode
[1.0.0-59.rc8]
Resolves: #1720654 - rebase to v1.0.0-rc8
[1.0.0-57.rc5.dev.git2abd837]
Resolves: #1693424 - podman rootless: cannot specify gid= mount options
[1.0.0-56.rc5.dev.git2abd837]
change-default-root patch not needed as theres no docker on rhel8
[1.0.0-55.rc5.dev.git2abd837]
Resolves: CVE-2019-5736
[1.0.0-54.rc5.dev.git2abd837]
re-enable debuginfo
[1.0.0-53.rc5.dev.git2abd837]
go toolset not in scl anymore
[1.0.0-52.rc5.dev.git2abd837]
rebase
skopeo
[1:1.0.0-1.0.1]
Add oracle registry into the conf file [Orabug: 29845934 31306708]
Fix oracle registry login issues [Orabug: 29937192]
[1:1.0.0-1]
update to https://github.com/containers/skopeo/releases/tag/v1.0.0
Related: RHELPLAN-39206
[1:0.2.0-5]
follow Dans suggestion to deliver seccomp.json and storage.conf
from Fedora and not directly from upstream yet
Related: RHELPLAN-39206
[1:0.2.0-4]
re-include ppc64 arch, golang doesnt seem broken there any more
synchronize man pages and config files with upstream
Related: RHELPLAN-39206
[1:0.2.0-3]
include and ship containers.conf
Resolves: #1826486
[1:0.2.0-2]
add docker.io into the default registry list
Related: RHELPLAN-39206
[1:0.2.0-1]
update to https://github.com/containers/skopeo/releases/tag/v0.2.0
initial rhel8-8.2.1 build
Related: RHELPLAN-39206
slirp4netns
[1.0.1-1]
update to https://github.com/rootless-containers/slirp4netns/archive/v1.0.1.tar.gz
Related: RHELPLAN-39206
[0.4.3-1]
update to https://github.com/rootless-containers/slirp4netns/archive/v0.4.3.tar.gz
Related: RHELPLAN-39206

OSVersionArchitecturePackageVersionFilename
oracle linux8srcbuildah< 1.14.9-1.0.1.modulebuildah-1.14.9-1.0.1.module+el8.2.1+7658+86e51d52.src.rpm
oracle linux8srccockpit-podman< 17-1.modulecockpit-podman-17-1.module+el8.2.1+7658+86e51d52.src.rpm
oracle linux8srcconmon< 2.0.17-1.0.1.moduleconmon-2.0.17-1.0.1.module+el8.2.1+7658+86e51d52.src.rpm
oracle linux8srccontainer-selinux< 2.135.0-1.modulecontainer-selinux-2.135.0-1.module+el8.2.1+7658+86e51d52.src.rpm
oracle linux8srccontainernetworking-plugins< 0.8.6-1.modulecontainernetworking-plugins-0.8.6-1.module+el8.2.1+7658+86e51d52.src.rpm
oracle linux8srccriu< 3.14-2.modulecriu-3.14-2.module+el8.2.1+7658+86e51d52.src.rpm
oracle linux8srcfuse-overlayfs< 1.0.0-2.modulefuse-overlayfs-1.0.0-2.module+el8.2.1+7658+86e51d52.src.rpm
oracle linux8srclibslirp< 4.3.0-3.modulelibslirp-4.3.0-3.module+el8.2.1+7658+86e51d52.src.rpm
oracle linux8srcpodman< 1.9.3-2.0.1.modulepodman-1.9.3-2.0.1.module+el8.2.1+7658+86e51d52.src.rpm
oracle linux8srcpython-podman-api< 1.2.0-0.2.gitd0a45fe.modulepython-podman-api-1.2.0-0.2.gitd0a45fe.module+el8.2.1+7658+86e51d52.src.rpm

OS	Version	Architecture	Package	Version	Filename
oracle linux	8	src	buildah	< 1.14.9-1.0.1.module	buildah-1.14.9-1.0.1.module+el8.2.1+7658+86e51d52.src.rpm
oracle linux	8	src	cockpit-podman	< 17-1.module	cockpit-podman-17-1.module+el8.2.1+7658+86e51d52.src.rpm
oracle linux	8	src	conmon	< 2.0.17-1.0.1.module	conmon-2.0.17-1.0.1.module+el8.2.1+7658+86e51d52.src.rpm
oracle linux	8	src	container-selinux	< 2.135.0-1.module	container-selinux-2.135.0-1.module+el8.2.1+7658+86e51d52.src.rpm
oracle linux	8	src	containernetworking-plugins	< 0.8.6-1.module	containernetworking-plugins-0.8.6-1.module+el8.2.1+7658+86e51d52.src.rpm
oracle linux	8	src	criu	< 3.14-2.module	criu-3.14-2.module+el8.2.1+7658+86e51d52.src.rpm
oracle linux	8	src	fuse-overlayfs	< 1.0.0-2.module	fuse-overlayfs-1.0.0-2.module+el8.2.1+7658+86e51d52.src.rpm
oracle linux	8	src	libslirp	< 4.3.0-3.module	libslirp-4.3.0-3.module+el8.2.1+7658+86e51d52.src.rpm
oracle linux	8	src	podman	< 1.9.3-2.0.1.module	podman-1.9.3-2.0.1.module+el8.2.1+7658+86e51d52.src.rpm
oracle linux	8	src	python-podman-api	< 1.2.0-0.2.gitd0a45fe.module	python-podman-api-1.2.0-0.2.gitd0a45fe.module+el8.2.1+7658+86e51d52.src.rpm