container-tools:ol8 security, bug fix, and enhancement update

2021-02-2000:00:00

linux.oracle.com

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

JSON

buildah
[1.16.7-4.0.1]

Handling redirect from the docker registry [Orabug: 29874238] (Nikita Gerasimov)
[1.16.7-4]
update to the latest content of https://github.com/containers/buildah/tree/release-1.16
(https://github.com/containers/buildah/commit/aaed66b)
Related: #1888571
[1.16.7-3]
revert back to buildah-1.16 for the quarterly release
Related: #1888571
[1.19.0-2]
bump version to refrect buildah upgrade
Related: #1888571
[1.16.7-2]
bump to release-1.19 branch
Related: #1888571
[1.16.5-5]
update to the latest content of https://github.com/containers/buildah/tree/release-1.16
(https://github.com/containers/buildah/commit/56ed75b)
Related: #1888571
[1.16.5-4]
simplify spec file
use short commit ID in tarball name
Related: #1888571
[1.16.5-3]
update to the latest content of https://github.com/containers/buildah/tree/release-1.16
(https://github.com/containers/buildah/commit/9e02bf9)
Related: #1888571
[1.16.5-2]
use shortcommit ID in branch tarball name
Related: #1888571
[1.16.5-1]
synchronize with stream-container-tools-rhel8-rhel-8.4.0
Related: #1888571
cockpit-podman
[27.1-3]
run much more tests - patch from Matej Marusak
Related: #1888571
[27.1-2]
gating tests - always set VM password
Related: #1888571
[27.1-1]
update to https://github.com/cockpit-project/cockpit-podman/releases/tag/27.1
Related: #1888571
[27-1]
update to https://github.com/cockpit-project/cockpit-podman/releases/tag/27
Related: #1888571
[26-1]
update to https://github.com/cockpit-project/cockpit-podman/releases/tag/26
Related: #1888571
[25-5]
remove redundant patch
Related: #1888571
[25-4]
replace docker.io with quay.io for gating tests due do
docker.io new pull rate limit requirements
Related: #1888571
[25-3]
test: Cleanup images before pulling the ones we need - thanks to Matej Marusak
Related: #1888571
[25-2]
remove hack in tests
add LICENSE
Related: #1888571
[25-1]
synchronize with stream-container-tools-rhel8-rhel-8.4.0
Related: #1888571
conmon
[2:2.0.22-3]
exclude i686 as golang is not suppoerted there
Related: #1888571
[2:2.0.22-2]
add BR: golang, go-md2man
add man pages
Related: #1888571
[2:2.0.22-1]
update to https://github.com/containers/conmon/releases/tag/v2.0.22
Related: #1888571
[2:2.0.21-3]
simplify spec
Related: #1888571
[2:2.0.21-2]
be sure to harden the linked binary
compile with debuginfo enabled
Related: #1888571
[2:2.0.21-1]
synchronize with stream-container-tools-rhel8-rhel-8.4.0
Related: #1888571
containernetworking-plugins
[0.9.0-1]
update to https://github.com/containernetworking/plugins/releases/tag/v0.9.0
Related: #1888571
container-selinux
[2:2.155.0-1]
update to https://github.com/containers/container-selinux/releases/tag/v2.155.0
Related: #1888571
[2:2.154.0-1]
update to
https://github.com/containers/container-selinux/releases/tag/v2.154.0
Related: #1888571
[2:2.153.0-1]
update to
https://github.com/containers/container-selinux/releases/tag/v2.153.0
Related: #1888571
[2:2.152.0-1]
update to
https://github.com/containers/container-selinux/releases/tag/v2.152.0
Related: #1888571
[2:2.151.0-1]
update to https://github.com/containers/container-selinux/releases/tag/v2.151.0
Related: #1888571
[2:2.150.0-1]
update to https://github.com/containers/container-selinux/releases/tag/v2.150.0
Related: #1888571
[2:2.145.0-1]
synchronize with stream-container-tools-rhel8-rhel-8.4.0
Resolves: #1873064
criu
[3.15-1]
update to https://github.com/checkpoint-restore/criu/releases/tag/v3.15
Related: #1888571
[3.14-2]
fix ‘Need to fix bugs found by coverity.’
Related: #1821193
[3.14-1]
synchronize containter-tools 8.3.0 with 8.2.1
Related: #1821193
crun
[0.16-2]
exclude i686 because of build failures
Related: #1888571
[0.16-1]
update to https://github.com/containers/crun/releases/tag/0.16
Related: #1888571
[0.15.1-1]
update to https://github.com/containers/crun/releases/tag/0.15.1
Related: #1888571
[0.15-2]
backport ‘exec: check read bytes from sync’ ([email protected])
(https://github.com/containers/crun/issues/511)
Related: #1888571
[0.15-1]
synchronize with stream-container-tools-rhel8-rhel-8.4.0
Related: #1888571
fuse-overlayfs
[1.3.0-2]
disable openat2 syscall again - still unsupported in current RHEL8 kernel
Resolves: #1921863
[1.3.0-1]
update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.3.0
Related: #1888571
[1.2.0-3]
be sure to harden the linked binary
Related: #1888571
[1.2.0-2]
ensure fuse module is loaded
Related: #1888571
[1.2.0-1]
synchronize with stream-container-tools-rhel8-rhel-8.4.0
Related: #1888571
libslirp
oci-seccomp-bpf-hook
[1.2.0-1]
update to https://github.com/containers/oci-seccomp-bpf-hook/releases/tag/v1.2.0
Related: #1888571
podman
[2.2.1-7.0.1]
Handling redirect from the docker registry [Orabug: 29874238] (Nikita Gerasimov)
[2.2.1-7]
Resolves: #1925928 - Fix varlink GetVersion()
Upstream PR: https://github.com/containers/podman/pull/9274
[2.2.1-6]
update to the latest content of https://github.com/containers/podman/tree/v2.2.1-rhel
(https://github.com/containers/podman/commit/1741f15)
Related: #1888571
[2.2.1-5]
update to the latest content of https://github.com/containers/podman/tree/v2.2.1-rhel
(https://github.com/containers/podman/commit/b5bc6a7)
Related: #1877188
[2.2.1-4]
add Requires: oci-runtime
Related: #1888571
[2.2.1-3]
update to the latest content of https://github.com/containers/podman/tree/v2.2.1-rhel
(https://github.com/containers/podman/commit/14c35f6)
Related: #1888571
[2.2.1-2]
update to https://github.com/containers/dnsname/releases/tag/v1.1.1
[2.2.1-1]
update to the latest content of https://github.com/containers/podman/tree/v2.2.1-rhel
(https://github.com/containers/podman/commit/a0d478e)
Related: #1888571
[2.2.0-2]
attempt to fix gatng tests
Related: #1888571
[2.2.0-1]
update to https://github.com/containers/podman/releases/tag/v2.2.0
Related: #1888571
[2.1.1-3]
attempt to fix linker error with golang-1.15
add Requires: httpd-tools to tests, needed to work around
missing htpasswd in docker registry image, thanks to Ed Santiago
Related: #1888571
[2.1.1-2]
update to the latest content of https://github.com/containers/podman/tree/v2.1.1-rhel
(https://github.com/containers/podman/commit/450615a)
Resolves: #1873204
Resolves: #1884668
[2.1.1-1]
update podman to 2.1.1-rhel
Resolves: #1743687
Resolves: #1811570
Resolves: #1869322
Resolves: #1678546
Resolves: #1853455
Resolves: #1874271
python-podman-api
[1.2.0-0.2.gitd0a45fe]
revert update to 1.6.0 due to new python3-pbr dependency which
is not in RHEL
Related: RHELPLAN-25139
[1.2.0-0.1.gitd0a45fe]
Initial package
runc
[1.0.0-70.rc92]
add Provides: oci-runtime = 1
Related: #1888571
[1.0.0-69.rc92]
still use ExcludeArch as go_arches macro is broken for 8.4
Related: #1888571
skopeo
[1:1.2.0-9.0.1]
Handling redirect from the docker registry [Orabug: 29874238] (Nikita Gerasimov)
Add oracle registry into the conf file [Orabug: 29845934 31306708]
[1:1.2.0-9]
upload proper source tarball
Related: #1888571
[1:1.2.0-8]
revert back to version aimed at 8.3.1 - skopeo-1.2.0
also downgrade versions of vendored libraries
Related: #1888571
[1:1.2.1-1]
update vendored component versions
update to the latest content of https://github.com/containers/skopeo/tree/release-1.2
(https://github.com/containers/skopeo/commit/2e90a8a)
Related: #1888571
[1:1.2.0-6]
always build with debuginfo
use less verbose output when compiling
Related: #1888571
[1:1.2.0-5]
re-sync config files
assure events_logger = ‘file’
Related: #1888571
[1:1.2.0-4]
change default logging mechanism to use for container engine events
in containers.conf to be events_logger = ‘file’ - it should fix
RHEL gating tests for podman nonroot (thanks to Dan Walsh)
Related: #1888571
[1:1.2.0-3]
simplify spec file
use short commit ID in tarball name
Related: #1888571
[1:1.2.0-2]
use shortcommit ID in branch tarball name
Related: #1888571
[1:1.2.0-1]
synchronize with stream-container-tools-rhel8-rhel-8.4.0
Related: #1888571
slirp4netns
[1.1.8-1]
update to
https://github.com/rootless-containers/slirp4netns/releases/tag/v1.1.8
Related: #1888571
[1.1.7-2]
exclude i686 because of build failures
Related: #1888571
[1.1.7-1]
update to
https://github.com/rootless-containers/slirp4netns/releases/tag/v1.1.7
Related: #1888571
[1.1.6-2]
- be sure to harden the linked binary
Related: #1888571
[1.1.6-1]
update to
https://github.com/rootless-containers/slirp4netns/releases/tag/v1.1.6
Related: #1888571
udica
[0.2.4-1]
update to https://github.com/containers/udica/releases/tag/v0.2.4
Related: #1888571
[0.2.3-1]
synchronize with stream-container-tools-rhel8-rhel-8.4.0
Related: #1888571
[0.2.2-1]
https://github.com/containers/udica/releases/tag/v0.2.2
Related: #1821193

OSVersionArchitecturePackageVersionFilename
oracle linux8srcbuildah< 1.16.7-4.0.1.modulebuildah-1.16.7-4.0.1.module+el8.3.1+9659+c1901784.src.rpm
oracle linux8srccockpit-podman< 27.1-3.modulecockpit-podman-27.1-3.module+el8.3.1+9659+c1901784.src.rpm
oracle linux8srcconmon< 2.0.22-3.moduleconmon-2.0.22-3.module+el8.3.1+9659+c1901784.src.rpm
oracle linux8srccontainer-selinux< 2.155.0-1.modulecontainer-selinux-2.155.0-1.module+el8.3.1+9659+c1901784.src.rpm
oracle linux8srccontainernetworking-plugins< 0.9.0-1.modulecontainernetworking-plugins-0.9.0-1.module+el8.3.1+9659+c1901784.src.rpm
oracle linux8srccriu< 3.15-1.modulecriu-3.15-1.module+el8.3.1+9659+c1901784.src.rpm
oracle linux8srccrun< 0.16-2.modulecrun-0.16-2.module+el8.3.1+9659+c1901784.src.rpm
oracle linux8srcfuse-overlayfs< 1.3.0-2.modulefuse-overlayfs-1.3.0-2.module+el8.3.1+9659+c1901784.src.rpm
oracle linux8srclibslirp< 4.3.1-1.modulelibslirp-4.3.1-1.module+el8.3.1+9659+c1901784.src.rpm
oracle linux8srcoci-seccomp-bpf-hook< 1.2.0-1.moduleoci-seccomp-bpf-hook-1.2.0-1.module+el8.3.1+9659+c1901784.src.rpm

OS	Version	Architecture	Package	Version	Filename
oracle linux	8	src	buildah	< 1.16.7-4.0.1.module	buildah-1.16.7-4.0.1.module+el8.3.1+9659+c1901784.src.rpm
oracle linux	8	src	cockpit-podman	< 27.1-3.module	cockpit-podman-27.1-3.module+el8.3.1+9659+c1901784.src.rpm
oracle linux	8	src	conmon	< 2.0.22-3.module	conmon-2.0.22-3.module+el8.3.1+9659+c1901784.src.rpm
oracle linux	8	src	container-selinux	< 2.155.0-1.module	container-selinux-2.155.0-1.module+el8.3.1+9659+c1901784.src.rpm
oracle linux	8	src	containernetworking-plugins	< 0.9.0-1.module	containernetworking-plugins-0.9.0-1.module+el8.3.1+9659+c1901784.src.rpm
oracle linux	8	src	criu	< 3.15-1.module	criu-3.15-1.module+el8.3.1+9659+c1901784.src.rpm
oracle linux	8	src	crun	< 0.16-2.module	crun-0.16-2.module+el8.3.1+9659+c1901784.src.rpm
oracle linux	8	src	fuse-overlayfs	< 1.3.0-2.module	fuse-overlayfs-1.3.0-2.module+el8.3.1+9659+c1901784.src.rpm
oracle linux	8	src	libslirp	< 4.3.1-1.module	libslirp-4.3.1-1.module+el8.3.1+9659+c1901784.src.rpm
oracle linux	8	src	oci-seccomp-bpf-hook	< 1.2.0-1.module	oci-seccomp-bpf-hook-1.2.0-1.module+el8.3.1+9659+c1901784.src.rpm