(RHSA-2020:1449) Low: OpenShift Container Platform 4.1.41 security update

2020-04-22T15:31:37

Description

Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. Security Fix(es): * buildah: a crafted input tar file could overwrite local files during the image build process (CVE-2020-10696) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Package

OS	OS Version	Package Name	Package Version
RedHat	8	podman-debuginfo	1.0.2-4.dev.git96ccc2e.rhaos4.1.el8
RedHat	8	podman-debugsource	1.0.2-4.dev.git96ccc2e.rhaos4.1.el8
RedHat	8	podman	1.0.2-4.dev.git96ccc2e.rhaos4.1.el8
RedHat	8	podman	1.0.2-4.dev.git96ccc2e.rhaos4.1.el8
RedHat	8	podman-docker	1.0.2-4.dev.git96ccc2e.rhaos4.1.el8

{"id": "RHSA-2020:1449", "type": "redhat", "bulletinFamily": "unix", "title": "(RHSA-2020:1449) Low: OpenShift Container Platform 4.1.41 security update", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nSecurity Fix(es):\n\n* buildah: a crafted input tar file could overwrite local files during the image build process (CVE-2020-10696)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.", "published": "2020-04-22T15:31:37", "modified": "2020-04-22T15:32:13", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}, "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": true}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9}, "href": "https://access.redhat.com/errata/RHSA-2020:1449", "reporter": "RedHat", "references": [], "cvelist": ["CVE-2020-10696"], "immutableFields": [], "lastseen": "2021-10-19T20:41:01", "viewCount": 24, "enchantments": {"dependencies": {"references": [{"type": "almalinux", "idList": ["ALSA-2020:1926", "ALSA-2020:1931", "ALSA-2020:1932"]}, {"type": "cve", "idList": ["CVE-2020-10696"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2020-10696"]}, {"type": "github", "idList": ["GHSA-FX8W-MJVM-HVPC"]}, {"type": "nessus", "idList": ["CENTOS8_RHSA-2020-1926.NASL", "CENTOS8_RHSA-2020-1931.NASL", "CENTOS8_RHSA-2020-1932.NASL", "OPENSUSE-2020-2106.NASL", "OPENSUSE-2021-310.NASL", "OPENSUSE-2022-0770-1.NASL", "ORACLELINUX_ELSA-2020-1926.NASL", "ORACLELINUX_ELSA-2020-1931.NASL", "ORACLELINUX_ELSA-2020-1932.NASL", "REDHAT-RHSA-2020-1401.NASL", "REDHAT-RHSA-2020-1449.NASL", "REDHAT-RHSA-2020-1926.NASL", "REDHAT-RHSA-2020-1931.NASL", "REDHAT-RHSA-2020-1932.NASL", "REDHAT-RHSA-2020-2116.NASL", "REDHAT-RHSA-2020-2117.NASL", "SUSE_SU-2020-3423-1.NASL", "SUSE_SU-2022-0770-1.NASL"]}, {"type": "oraclelinux", "idList": ["ELSA-2020-1926", "ELSA-2020-1931", "ELSA-2020-1932", "ELSA-2021-0705", "ELSA-2021-0706"]}, {"type": "osv", "idList": ["OSV:GHSA-FX8W-MJVM-HVPC"]}, {"type": "redhat", "idList": ["RHSA-2020:1396", "RHSA-2020:1401", "RHSA-2020:1926", "RHSA-2020:1931", "RHSA-2020:1932", "RHSA-2020:2116", "RHSA-2020:2117"]}, {"type": "redhatcve", "idList": ["RH:CVE-2020-10696"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2020:2106-1", "OPENSUSE-SU-2021:0310-1", "OPENSUSE-SU-2022:0770-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-10696"]}, {"type": "veracode", "idList": ["VERACODE:22920"]}]}, "score": {"value": 0.3, "vector": "NONE"}, "backreferences": {"references": [{"type": "cve", "idList": ["CVE-2020-10696"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2020-10696"]}, {"type": "github", "idList": ["GHSA-FX8W-MJVM-HVPC"]}, {"type": "nessus", "idList": ["ORACLELINUX_ELSA-2020-1931.NASL", "ORACLELINUX_ELSA-2020-1932.NASL", "REDHAT-RHSA-2020-1449.NASL", "REDHAT-RHSA-2020-1926.NASL", "REDHAT-RHSA-2020-1931.NASL", "REDHAT-RHSA-2020-1932.NASL", "REDHAT-RHSA-2020-2116.NASL", "REDHAT-RHSA-2020-2117.NASL", "REDHAT_UPDATE_LEVEL.NASL"]}, {"type": "oraclelinux", "idList": ["ELSA-2020-1926", "ELSA-2020-1931", "ELSA-2020-1932"]}, {"type": "redhat", "idList": ["RHSA-2020:1932", "RHSA-2020:2116", "RHSA-2020:2117"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2020:2106-1", "OPENSUSE-SU-2021:0310-1"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-10696"]}]}, "exploitation": null, "vulnersScore": 0.3}, "affectedPackage": [{"OS": "RedHat", "OSVersion": "8", "arch": "x86_64", "packageVersion": "1.0.2-4.dev.git96ccc2e.rhaos4.1.el8", "packageFilename": "podman-debuginfo-1.0.2-4.dev.git96ccc2e.rhaos4.1.el8.x86_64.rpm", "operator": "lt", "packageName": "podman-debuginfo"}, {"OS": "RedHat", "OSVersion": "8", "arch": "x86_64", "packageVersion": "1.0.2-4.dev.git96ccc2e.rhaos4.1.el8", "packageFilename": "podman-debugsource-1.0.2-4.dev.git96ccc2e.rhaos4.1.el8.x86_64.rpm", "operator": "lt", "packageName": "podman-debugsource"}, {"OS": "RedHat", "OSVersion": "8", "arch": "x86_64", "packageVersion": "1.0.2-4.dev.git96ccc2e.rhaos4.1.el8", "packageFilename": "podman-1.0.2-4.dev.git96ccc2e.rhaos4.1.el8.x86_64.rpm", "operator": "lt", "packageName": "podman"}, {"OS": "RedHat", "OSVersion": "8", "arch": "src", "packageVersion": "1.0.2-4.dev.git96ccc2e.rhaos4.1.el8", "packageFilename": "podman-1.0.2-4.dev.git96ccc2e.rhaos4.1.el8.src.rpm", "operator": "lt", "packageName": "podman"}, {"OS": "RedHat", "OSVersion": "8", "arch": "noarch", "packageVersion": "1.0.2-4.dev.git96ccc2e.rhaos4.1.el8", "packageFilename": "podman-docker-1.0.2-4.dev.git96ccc2e.rhaos4.1.el8.noarch.rpm", "operator": "lt", "packageName": "podman-docker"}], "vendorCvss": {"severity": "low"}, "_state": {"dependencies": 1660004461, "score": 1659966967}, "_internal": {"score_hash": "4c24dddd847aeb14a3ba9ef64bcbc007"}}

{"ubuntucve": [{"lastseen": "2022-08-04T13:30:35", "description": "A path traversal flaw was found in Buildah in versions before 1.14.5. This\nflaw allows an attacker to trick a user into building a malicious container\nimage hosted on an HTTP(s) server and then write files to the user's system\nanywhere that the user has permissions.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-03-31T00:00:00", "type": "ubuntucve", "title": "CVE-2020-10696", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10696"], "modified": "2020-03-31T00:00:00", "id": "UB:CVE-2020-10696", "href": "https://ubuntu.com/security/CVE-2020-10696", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "debiancve": [{"lastseen": "2022-07-04T05:59:20", "description": "A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to the user's system anywhere that the user has permissions.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-03-31T22:15:00", "type": "debiancve", "title": "CVE-2020-10696", "bulletinFamily": "info", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10696"], "modified": "2020-03-31T22:15:00", "id": "DEBIANCVE:CVE-2020-10696", "href": "https://security-tracker.debian.org/tracker/CVE-2020-10696", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "almalinux": [{"lastseen": "2022-06-09T16:58:40", "description": "The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.\n\nSecurity Fix(es):\n\n* buildah: Crafted input tar file may lead to local file overwrite during image build process (CVE-2020-10696)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-04-28T16:07:32", "type": "almalinux", "title": "Important: container-tools:rhel8 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10696"], "modified": "2020-04-28T16:07:22", "id": "ALSA-2020:1932", "href": "https://errata.almalinux.org/8/ALSA-2020-1932.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-09T16:58:41", "description": "The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.\n\nSecurity Fix(es):\n\n* buildah: Crafted input tar file may lead to local file overwrite during image build process (CVE-2020-10696)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* conflicting requests: failed to install container-tools:1.0 (BZ#1813776)\n\n* podman run container error with avc denied (BZ#1816541)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-04-28T16:06:48", "type": "almalinux", "title": "Important: container-tools:1.0 security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10696"], "modified": "2020-04-28T16:06:37", "id": "ALSA-2020:1926", "href": "https://errata.almalinux.org/8/ALSA-2020-1926.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-06-09T16:58:42", "description": "The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.\n\nSecurity Fix(es):\n\n* buildah: Crafted input tar file may lead to local file overwrite during image build process (CVE-2020-10696)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-04-28T16:07:22", "type": "almalinux", "title": "Important: container-tools:2.0 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10696"], "modified": "2020-04-28T16:07:11", "id": "ALSA-2020:1931", "href": "https://errata.almalinux.org/8/ALSA-2020-1931.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "veracode": [{"lastseen": "2022-07-27T10:06:16", "description": "github.com/containers/buildah is vulnerable to directory traversal. The image building process does not properly handle file path as well as symlinks. An attacker is able to exploit the vulnerability to overwrite arbitrary files on the file system and potentially escalation privileges by overwriting files configured with `setuid`.\n", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "baseScore": 8.8, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1", "userInteraction": "REQUIRED"}, "impactScore": 5.9}, "published": "2020-04-02T06:05:06", "type": "veracode", "title": "Directory Traversal", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 10.0, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10696"], "modified": "2020-06-15T09:18:57", "id": "VERACODE:22920", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-22920/summary", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "nessus": [{"lastseen": "2022-08-09T15:35:02", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1449 advisory.\n\n - buildah: Crafted input tar file may lead to local file overwrite during image build process (CVE-2020-10696)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-04-22T00:00:00", "type": "nessus", "title": "RHEL 8 : OpenShift Container Platform 4.1.41 (RHSA-2020:1449)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10696"], "modified": "2022-05-17T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:podman", "p-cpe:/a:redhat:enterprise_linux:podman-docker"], "id": "REDHAT-RHSA-2020-1449.NASL", "href": "https://www.tenable.com/plugins/nessus/135912", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1449. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135912);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/17\");\n\n script_cve_id(\"CVE-2020-10696\");\n script_xref(name:\"RHSA\", value:\"2020:1449\");\n\n script_name(english:\"RHEL 8 : OpenShift Container Platform 4.1.41 (RHSA-2020:1449)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2020:1449 advisory.\n\n - buildah: Crafted input tar file may lead to local file overwrite during image build process\n (CVE-2020-10696)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/22.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10696\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1449\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1817651\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected podman and / or podman-docker packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10696\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(22);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/03/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/22\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:podman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:podman-docker\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'openshift_4_1_el8': [\n 'rhocp-4.1-for-rhel-8-x86_64-debug-rpms',\n 'rhocp-4.1-for-rhel-8-x86_64-rpms',\n 'rhocp-4.1-for-rhel-8-x86_64-source-rpms'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'podman-1.0.2-4.dev.git96ccc2e.rhaos4.1.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openshift', 'repo_list':['openshift_4_1_el8']},\n {'reference':'podman-docker-1.0.2-4.dev.git96ccc2e.rhaos4.1.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openshift', 'repo_list':['openshift_4_1_el8']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'podman / podman-docker');\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-09T15:35:02", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1932 advisory.\n\n - buildah: Crafted input tar file may lead to local file overwrite during image build process (CVE-2020-10696)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-04-29T00:00:00", "type": "nessus", "title": "RHEL 8 : container-tools:rhel8 (RHSA-2020:1932)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10696"], "modified": "2021-10-13T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.2", "cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_e4s:8.2", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_eus:8.2", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_tus:8.2", "cpe:/o:redhat:rhel_tus:8.4", "p-cpe:/a:redhat:enterprise_linux:buildah", "p-cpe:/a:redhat:enterprise_linux:buildah-tests", "p-cpe:/a:redhat:enterprise_linux:cockpit-podman", "p-cpe:/a:redhat:enterprise_linux:conmon", "p-cpe:/a:redhat:enterprise_linux:container-selinux", "p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins", "p-cpe:/a:redhat:enterprise_linux:containers-common", "p-cpe:/a:redhat:enterprise_linux:crit", "p-cpe:/a:redhat:enterprise_linux:criu", "p-cpe:/a:redhat:enterprise_linux:fuse-overlayfs", "p-cpe:/a:redhat:enterprise_linux:podman", "p-cpe:/a:redhat:enterprise_linux:podman-docker", "p-cpe:/a:redhat:enterprise_linux:podman-remote", "p-cpe:/a:redhat:enterprise_linux:podman-tests", "p-cpe:/a:redhat:enterprise_linux:python-podman-api", "p-cpe:/a:redhat:enterprise_linux:python3-criu", "p-cpe:/a:redhat:enterprise_linux:runc", "p-cpe:/a:redhat:enterprise_linux:skopeo", "p-cpe:/a:redhat:enterprise_linux:skopeo-tests", "p-cpe:/a:redhat:enterprise_linux:slirp4netns", "p-cpe:/a:redhat:enterprise_linux:toolbox", "p-cpe:/a:redhat:enterprise_linux:udica"], "id": "REDHAT-RHSA-2020-1932.NASL", "href": "https://www.tenable.com/plugins/nessus/136063", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1932. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136063);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/13\");\n\n script_cve_id(\"CVE-2020-10696\");\n script_xref(name:\"RHSA\", value:\"2020:1932\");\n\n script_name(english:\"RHEL 8 : container-tools:rhel8 (RHSA-2020:1932)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2020:1932 advisory.\n\n - buildah: Crafted input tar file may lead to local file overwrite during image build process\n (CVE-2020-10696)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/22.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10696\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1932\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1817651\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10696\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(22);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/03/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:buildah\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:buildah-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cockpit-podman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:conmon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:container-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:containers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:crit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:criu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fuse-overlayfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:podman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:podman-docker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:podman-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:podman-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-podman-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-criu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:runc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:skopeo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:skopeo-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:slirp4netns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:toolbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:udica\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'enterprise_linux_8_appstream': [\n 'rhel-8-for-aarch64-appstream-debug-rpms',\n 'rhel-8-for-aarch64-appstream-rpms',\n 'rhel-8-for-aarch64-appstream-source-rpms',\n 'rhel-8-for-s390x-appstream-debug-rpms',\n 'rhel-8-for-s390x-appstream-rpms',\n 'rhel-8-for-s390x-appstream-source-rpms',\n 'rhel-8-for-x86_64-appstream-debug-rpms',\n 'rhel-8-for-x86_64-appstream-rpms',\n 'rhel-8-for-x86_64-appstream-source-rpms'\n ],\n 'enterprise_linux_8_baseos': [\n 'rhel-8-for-aarch64-baseos-debug-rpms',\n 'rhel-8-for-aarch64-baseos-rpms',\n 'rhel-8-for-aarch64-baseos-source-rpms',\n 'rhel-8-for-s390x-baseos-debug-rpms',\n 'rhel-8-for-s390x-baseos-rpms',\n 'rhel-8-for-s390x-baseos-source-rpms',\n 'rhel-8-for-x86_64-baseos-debug-rpms',\n 'rhel-8-for-x86_64-baseos-rpms',\n 'rhel-8-for-x86_64-baseos-source-rpms'\n ],\n 'enterprise_linux_8_crb': [\n 'codeready-builder-for-rhel-8-aarch64-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-rpms',\n 'codeready-builder-for-rhel-8-aarch64-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-rpms',\n 'codeready-builder-for-rhel-8-s390x-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-rpms',\n 'codeready-builder-for-rhel-8-x86_64-source-rpms'\n ],\n 'enterprise_linux_8_highavailability': [\n 'rhel-8-for-aarch64-highavailability-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-rpms',\n 'rhel-8-for-aarch64-highavailability-source-rpms',\n 'rhel-8-for-s390x-highavailability-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-rpms',\n 'rhel-8-for-s390x-highavailability-source-rpms',\n 'rhel-8-for-x86_64-highavailability-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-rpms',\n 'rhel-8-for-x86_64-highavailability-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms'\n ],\n 'enterprise_linux_8_nfv': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-nfv-tus-debug-rpms',\n 'rhel-8-for-x86_64-nfv-tus-rpms',\n 'rhel-8-for-x86_64-nfv-tus-source-rpms'\n ],\n 'enterprise_linux_8_realtime': [\n 'rhel-8-for-x86_64-rt-debug-rpms',\n 'rhel-8-for-x86_64-rt-rpms',\n 'rhel-8-for-x86_64-rt-source-rpms',\n 'rhel-8-for-x86_64-rt-tus-debug-rpms',\n 'rhel-8-for-x86_64-rt-tus-rpms',\n 'rhel-8-for-x86_64-rt-tus-source-rpms'\n ],\n 'enterprise_linux_8_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-rpms',\n 'rhel-8-for-s390x-resilientstorage-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-rpms',\n 'rhel-8-for-x86_64-resilientstorage-source-rpms'\n ],\n 'enterprise_linux_8_sap': [\n 'rhel-8-for-s390x-sap-netweaver-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-rpms',\n 'rhel-8-for-s390x-sap-netweaver-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-source-rpms'\n ],\n 'enterprise_linux_8_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-rpms',\n 'rhel-8-for-x86_64-sap-solutions-source-rpms'\n ],\n 'enterprise_linux_8_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-rpms',\n 'rhel-8-for-aarch64-supplementary-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-rpms',\n 'rhel-8-for-s390x-supplementary-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-rpms',\n 'rhel-8-for-x86_64-supplementary-source-rpms'\n ],\n 'rhel_aus_8_2_appstream': [\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms__8_DOT_2'\n ],\n 'rhel_aus_8_2_baseos': [\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms__8_DOT_2'\n ],\n 'rhel_aus_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms__8_DOT_4'\n ],\n 'rhel_aus_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_2_appstream': [\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_2_baseos': [\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_2_highavailability': [\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_2_sap': [\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_2_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_highavailability': [\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_sap': [\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_2_appstream': [\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms',\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-appstream-eus-rpms',\n 'rhel-8-for-aarch64-appstream-eus-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-appstream-eus-rpms',\n 'rhel-8-for-s390x-appstream-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-appstream-eus-source-rpms',\n 'rhel-8-for-s390x-appstream-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-eus-rpms',\n 'rhel-8-for-x86_64-appstream-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms'\n ],\n 'rhel_eus_8_2_baseos': [\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms',\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-baseos-eus-rpms',\n 'rhel-8-for-aarch64-baseos-eus-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-baseos-eus-rpms',\n 'rhel-8-for-s390x-baseos-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-baseos-eus-source-rpms',\n 'rhel-8-for-s390x-baseos-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-eus-rpms',\n 'rhel-8-for-x86_64-baseos-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms'\n ],\n 'rhel_eus_8_2_crb': [\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_2_highavailability': [\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms'\n ],\n 'rhel_eus_8_2_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_2_sap': [\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_2_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_2_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_4_appstream': [\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms',\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-appstream-eus-rpms',\n 'rhel-8-for-aarch64-appstream-eus-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-appstream-eus-rpms',\n 'rhel-8-for-s390x-appstream-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-appstream-eus-source-rpms',\n 'rhel-8-for-s390x-appstream-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-eus-rpms',\n 'rhel-8-for-x86_64-appstream-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms'\n ],\n 'rhel_eus_8_4_baseos': [\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms',\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-baseos-eus-rpms',\n 'rhel-8-for-aarch64-baseos-eus-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-baseos-eus-rpms',\n 'rhel-8-for-s390x-baseos-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-baseos-eus-source-rpms',\n 'rhel-8-for-s390x-baseos-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-eus-rpms',\n 'rhel-8-for-x86_64-baseos-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms'\n ],\n 'rhel_eus_8_4_crb': [\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_highavailability': [\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms'\n ],\n 'rhel_eus_8_4_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_sap': [\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_extras_nfv_8': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-nfv-tus-debug-rpms',\n 'rhel-8-for-x86_64-nfv-tus-rpms',\n 'rhel-8-for-x86_64-nfv-tus-source-rpms'\n ],\n 'rhel_extras_rt_8': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-rt-debug-rpms',\n 'rhel-8-for-x86_64-rt-rpms',\n 'rhel-8-for-x86_64-rt-source-rpms',\n 'rhel-8-for-x86_64-rt-tus-debug-rpms',\n 'rhel-8-for-x86_64-rt-tus-rpms',\n 'rhel-8-for-x86_64-rt-tus-source-rpms'\n ],\n 'rhel_tus_8_2_appstream': [\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms__8_DOT_2'\n ],\n 'rhel_tus_8_2_baseos': [\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms__8_DOT_2'\n ],\n 'rhel_tus_8_2_highavailability': [\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms__8_DOT_2'\n ],\n 'rhel_tus_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms__8_DOT_4'\n ],\n 'rhel_tus_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms__8_DOT_4'\n ],\n 'rhel_tus_8_4_highavailability': [\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms__8_DOT_4'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nvar enterprise_linux_flag = rhel_repo_sets_has_enterprise_linux(repo_sets:repo_sets);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'buildah-1.11.6-8.module+el8.2.0+6368+cf16aa14', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'buildah-1.11.6-8.module+el8.2.0+6368+cf16aa14', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'buildah-1.11.6-8.module+el8.2.0+6368+cf16aa14', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'buildah-tests-1.11.6-8.module+el8.2.0+6368+cf16aa14', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'buildah-tests-1.11.6-8.module+el8.2.0+6368+cf16aa14', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'buildah-tests-1.11.6-8.module+el8.2.0+6368+cf16aa14', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'cockpit-podman-12-1.module+el8.2.0+6368+cf16aa14', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'conmon-2.0.6-1.module+el8.2.0+6368+cf16aa14', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'conmon-2.0.6-1.module+el8.2.0+6368+cf16aa14', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'conmon-2.0.6-1.module+el8.2.0+6368+cf16aa14', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'container-selinux-2.124.0-1.module+el8.2.0+6368+cf16aa14', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'containernetworking-plugins-0.8.3-5.module+el8.2.0+6368+cf16aa14', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'containernetworking-plugins-0.8.3-5.module+el8.2.0+6368+cf16aa14', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'containernetworking-plugins-0.8.3-5.module+el8.2.0+6368+cf16aa14', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'containers-common-0.1.40-11.module+el8.2.0+6374+67f43e89', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'containers-common-0.1.40-11.module+el8.2.0+6374+67f43e89', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'containers-common-0.1.40-11.module+el8.2.0+6374+67f43e89', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'crit-3.12-9.module+el8.2.0+6368+cf16aa14', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'crit-3.12-9.module+el8.2.0+6368+cf16aa14', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'crit-3.12-9.module+el8.2.0+6368+cf16aa14', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'criu-3.12-9.module+el8.2.0+6368+cf16aa14', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'criu-3.12-9.module+el8.2.0+6368+cf16aa14', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'criu-3.12-9.module+el8.2.0+6368+cf16aa14', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'fuse-overlayfs-0.7.2-5.module+el8.2.0+6368+cf16aa14', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'fuse-overlayfs-0.7.2-5.module+el8.2.0+6368+cf16aa14', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'fuse-overlayfs-0.7.2-5.module+el8.2.0+6368+cf16aa14', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'podman-1.6.4-11.module+el8.2.0+6368+cf16aa14', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'podman-1.6.4-11.module+el8.2.0+6368+cf16aa14', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'podman-1.6.4-11.module+el8.2.0+6368+cf16aa14', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'podman-docker-1.6.4-11.module+el8.2.0+6368+cf16aa14', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'podman-remote-1.6.4-11.module+el8.2.0+6368+cf16aa14', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'podman-remote-1.6.4-11.module+el8.2.0+6368+cf16aa14', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'podman-remote-1.6.4-11.module+el8.2.0+6368+cf16aa14', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'podman-tests-1.6.4-11.module+el8.2.0+6368+cf16aa14', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'podman-tests-1.6.4-11.module+el8.2.0+6368+cf16aa14', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'podman-tests-1.6.4-11.module+el8.2.0+6368+cf16aa14', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'python-podman-api-1.2.0-0.2.gitd0a45fe.module+el8.2.0+6368+cf16aa14', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'python3-criu-3.12-9.module+el8.2.0+6368+cf16aa14', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'python3-criu-3.12-9.module+el8.2.0+6368+cf16aa14', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'python3-criu-3.12-9.module+el8.2.0+6368+cf16aa14', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'runc-1.0.0-65.rc10.module+el8.2.0+6368+cf16aa14', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'runc-1.0.0-65.rc10.module+el8.2.0+6368+cf16aa14', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'runc-1.0.0-65.rc10.module+el8.2.0+6368+cf16aa14', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'skopeo-0.1.40-11.module+el8.2.0+6374+67f43e89', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'skopeo-0.1.40-11.module+el8.2.0+6374+67f43e89', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'skopeo-0.1.40-11.module+el8.2.0+6374+67f43e89', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'skopeo-tests-0.1.40-11.module+el8.2.0+6374+67f43e89', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'skopeo-tests-0.1.40-11.module+el8.2.0+6374+67f43e89', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'skopeo-tests-0.1.40-11.module+el8.2.0+6374+67f43e89', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'slirp4netns-0.4.2-3.git21fdece.module+el8.2.0+6368+cf16aa14', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'slirp4netns-0.4.2-3.git21fdece.module+el8.2.0+6368+cf16aa14', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'slirp4netns-0.4.2-3.git21fdece.module+el8.2.0+6368+cf16aa14', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'toolbox-0.0.7-1.module+el8.2.0+6368+cf16aa14', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'udica-0.2.1-2.module+el8.2.0+6368+cf16aa14', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp']) && !enterprise_linux_flag) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'buildah / buildah-tests / cockpit-podman / conmon / container-selinux / etc');\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-09T15:35:31", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1401 advisory.\n\n - buildah: Crafted input tar file may lead to local file overwrite during image build process (CVE-2020-10696)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-04-14T00:00:00", "type": "nessus", "title": "RHEL 8 : OpenShift Container Platform 4.2.28 (RHSA-2020:1401)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10696"], "modified": "2022-05-17T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "p-cpe:/a:redhat:enterprise_linux:podman", "p-cpe:/a:redhat:enterprise_linux:podman-docker", "p-cpe:/a:redhat:enterprise_linux:podman-manpages"], "id": "REDHAT-RHSA-2020-1401.NASL", "href": "https://www.tenable.com/plugins/nessus/135414", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1401. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(135414);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/05/17\");\n\n script_cve_id(\"CVE-2020-10696\");\n script_xref(name:\"RHSA\", value:\"2020:1401\");\n\n script_name(english:\"RHEL 8 : OpenShift Container Platform 4.2.28 (RHSA-2020:1401)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2020:1401 advisory.\n\n - buildah: Crafted input tar file may lead to local file overwrite during image build process\n (CVE-2020-10696)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/22.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10696\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1401\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1817651\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected podman, podman-docker and / or podman-manpages packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10696\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(22);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/03/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/14\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/14\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:podman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:podman-docker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:podman-manpages\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'openshift_4_2_el8': [\n 'rhocp-4.2-for-rhel-8-s390x-debug-rpms',\n 'rhocp-4.2-for-rhel-8-s390x-rpms',\n 'rhocp-4.2-for-rhel-8-s390x-source-rpms',\n 'rhocp-4.2-for-rhel-8-x86_64-debug-rpms',\n 'rhocp-4.2-for-rhel-8-x86_64-rpms',\n 'rhocp-4.2-for-rhel-8-x86_64-source-rpms'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'podman-1.4.2-6.rhaos4.2.el8', 'cpu':'s390x', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openshift', 'repo_list':['openshift_4_2_el8']},\n {'reference':'podman-1.4.2-6.rhaos4.2.el8', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openshift', 'repo_list':['openshift_4_2_el8']},\n {'reference':'podman-docker-1.4.2-6.rhaos4.2.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openshift', 'repo_list':['openshift_4_2_el8']},\n {'reference':'podman-manpages-1.4.2-6.rhaos4.2.el8', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'openshift', 'repo_list':['openshift_4_2_el8']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'podman / podman-docker / podman-manpages');\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-09T15:35:59", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1931 advisory.\n\n - buildah: Crafted input tar file may lead to local file overwrite during image build process (CVE-2020-10696)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-04-29T00:00:00", "type": "nessus", "title": "RHEL 8 : container-tools:2.0 (RHSA-2020:1931)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10696"], "modified": "2021-10-13T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.2", "cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_e4s:8.2", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_eus:8.2", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_tus:8.2", "cpe:/o:redhat:rhel_tus:8.4", "p-cpe:/a:redhat:enterprise_linux:buildah", "p-cpe:/a:redhat:enterprise_linux:buildah-tests", "p-cpe:/a:redhat:enterprise_linux:cockpit-podman", "p-cpe:/a:redhat:enterprise_linux:conmon", "p-cpe:/a:redhat:enterprise_linux:container-selinux", "p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins", "p-cpe:/a:redhat:enterprise_linux:containers-common", "p-cpe:/a:redhat:enterprise_linux:crit", "p-cpe:/a:redhat:enterprise_linux:criu", "p-cpe:/a:redhat:enterprise_linux:fuse-overlayfs", "p-cpe:/a:redhat:enterprise_linux:podman", "p-cpe:/a:redhat:enterprise_linux:podman-docker", "p-cpe:/a:redhat:enterprise_linux:podman-remote", "p-cpe:/a:redhat:enterprise_linux:podman-tests", "p-cpe:/a:redhat:enterprise_linux:python-podman-api", "p-cpe:/a:redhat:enterprise_linux:python3-criu", "p-cpe:/a:redhat:enterprise_linux:runc", "p-cpe:/a:redhat:enterprise_linux:skopeo", "p-cpe:/a:redhat:enterprise_linux:skopeo-tests", "p-cpe:/a:redhat:enterprise_linux:slirp4netns", "p-cpe:/a:redhat:enterprise_linux:toolbox", "p-cpe:/a:redhat:enterprise_linux:udica"], "id": "REDHAT-RHSA-2020-1931.NASL", "href": "https://www.tenable.com/plugins/nessus/136061", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1931. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136061);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/13\");\n\n script_cve_id(\"CVE-2020-10696\");\n script_xref(name:\"RHSA\", value:\"2020:1931\");\n\n script_name(english:\"RHEL 8 : container-tools:2.0 (RHSA-2020:1931)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2020:1931 advisory.\n\n - buildah: Crafted input tar file may lead to local file overwrite during image build process\n (CVE-2020-10696)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/22.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10696\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1931\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1817651\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10696\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(22);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/03/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:buildah\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:buildah-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:cockpit-podman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:conmon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:container-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:containers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:crit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:criu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fuse-overlayfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:podman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:podman-docker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:podman-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:podman-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-podman-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-criu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:runc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:skopeo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:skopeo-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:slirp4netns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:toolbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:udica\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'enterprise_linux_8_appstream': [\n 'rhel-8-for-aarch64-appstream-debug-rpms',\n 'rhel-8-for-aarch64-appstream-rpms',\n 'rhel-8-for-aarch64-appstream-source-rpms',\n 'rhel-8-for-s390x-appstream-debug-rpms',\n 'rhel-8-for-s390x-appstream-rpms',\n 'rhel-8-for-s390x-appstream-source-rpms',\n 'rhel-8-for-x86_64-appstream-debug-rpms',\n 'rhel-8-for-x86_64-appstream-rpms',\n 'rhel-8-for-x86_64-appstream-source-rpms'\n ],\n 'enterprise_linux_8_baseos': [\n 'rhel-8-for-aarch64-baseos-debug-rpms',\n 'rhel-8-for-aarch64-baseos-rpms',\n 'rhel-8-for-aarch64-baseos-source-rpms',\n 'rhel-8-for-s390x-baseos-debug-rpms',\n 'rhel-8-for-s390x-baseos-rpms',\n 'rhel-8-for-s390x-baseos-source-rpms',\n 'rhel-8-for-x86_64-baseos-debug-rpms',\n 'rhel-8-for-x86_64-baseos-rpms',\n 'rhel-8-for-x86_64-baseos-source-rpms'\n ],\n 'enterprise_linux_8_crb': [\n 'codeready-builder-for-rhel-8-aarch64-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-rpms',\n 'codeready-builder-for-rhel-8-aarch64-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-rpms',\n 'codeready-builder-for-rhel-8-s390x-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-rpms',\n 'codeready-builder-for-rhel-8-x86_64-source-rpms'\n ],\n 'enterprise_linux_8_highavailability': [\n 'rhel-8-for-aarch64-highavailability-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-rpms',\n 'rhel-8-for-aarch64-highavailability-source-rpms',\n 'rhel-8-for-s390x-highavailability-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-rpms',\n 'rhel-8-for-s390x-highavailability-source-rpms',\n 'rhel-8-for-x86_64-highavailability-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-rpms',\n 'rhel-8-for-x86_64-highavailability-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms'\n ],\n 'enterprise_linux_8_nfv': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-nfv-tus-debug-rpms',\n 'rhel-8-for-x86_64-nfv-tus-rpms',\n 'rhel-8-for-x86_64-nfv-tus-source-rpms'\n ],\n 'enterprise_linux_8_realtime': [\n 'rhel-8-for-x86_64-rt-debug-rpms',\n 'rhel-8-for-x86_64-rt-rpms',\n 'rhel-8-for-x86_64-rt-source-rpms',\n 'rhel-8-for-x86_64-rt-tus-debug-rpms',\n 'rhel-8-for-x86_64-rt-tus-rpms',\n 'rhel-8-for-x86_64-rt-tus-source-rpms'\n ],\n 'enterprise_linux_8_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-rpms',\n 'rhel-8-for-s390x-resilientstorage-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-rpms',\n 'rhel-8-for-x86_64-resilientstorage-source-rpms'\n ],\n 'enterprise_linux_8_sap': [\n 'rhel-8-for-s390x-sap-netweaver-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-rpms',\n 'rhel-8-for-s390x-sap-netweaver-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-source-rpms'\n ],\n 'enterprise_linux_8_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-rpms',\n 'rhel-8-for-x86_64-sap-solutions-source-rpms'\n ],\n 'enterprise_linux_8_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-rpms',\n 'rhel-8-for-aarch64-supplementary-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-rpms',\n 'rhel-8-for-s390x-supplementary-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-rpms',\n 'rhel-8-for-x86_64-supplementary-source-rpms'\n ],\n 'rhel_aus_8_2_appstream': [\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms__8_DOT_2'\n ],\n 'rhel_aus_8_2_baseos': [\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms__8_DOT_2'\n ],\n 'rhel_aus_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms__8_DOT_4'\n ],\n 'rhel_aus_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_2_appstream': [\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_2_baseos': [\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_2_highavailability': [\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_2_sap': [\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_2_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_highavailability': [\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_sap': [\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_2_appstream': [\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms',\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-appstream-eus-rpms',\n 'rhel-8-for-aarch64-appstream-eus-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-appstream-eus-rpms',\n 'rhel-8-for-s390x-appstream-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-appstream-eus-source-rpms',\n 'rhel-8-for-s390x-appstream-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-eus-rpms',\n 'rhel-8-for-x86_64-appstream-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms'\n ],\n 'rhel_eus_8_2_baseos': [\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms',\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-baseos-eus-rpms',\n 'rhel-8-for-aarch64-baseos-eus-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-baseos-eus-rpms',\n 'rhel-8-for-s390x-baseos-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-baseos-eus-source-rpms',\n 'rhel-8-for-s390x-baseos-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-eus-rpms',\n 'rhel-8-for-x86_64-baseos-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms'\n ],\n 'rhel_eus_8_2_crb': [\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_2_highavailability': [\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms'\n ],\n 'rhel_eus_8_2_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_2_sap': [\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_2_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_2_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_4_appstream': [\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms',\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-appstream-eus-rpms',\n 'rhel-8-for-aarch64-appstream-eus-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-appstream-eus-rpms',\n 'rhel-8-for-s390x-appstream-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-appstream-eus-source-rpms',\n 'rhel-8-for-s390x-appstream-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-eus-rpms',\n 'rhel-8-for-x86_64-appstream-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms'\n ],\n 'rhel_eus_8_4_baseos': [\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms',\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-baseos-eus-rpms',\n 'rhel-8-for-aarch64-baseos-eus-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-baseos-eus-rpms',\n 'rhel-8-for-s390x-baseos-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-baseos-eus-source-rpms',\n 'rhel-8-for-s390x-baseos-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-eus-rpms',\n 'rhel-8-for-x86_64-baseos-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms'\n ],\n 'rhel_eus_8_4_crb': [\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_highavailability': [\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms'\n ],\n 'rhel_eus_8_4_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_sap': [\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_extras_nfv_8': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-nfv-tus-debug-rpms',\n 'rhel-8-for-x86_64-nfv-tus-rpms',\n 'rhel-8-for-x86_64-nfv-tus-source-rpms'\n ],\n 'rhel_extras_rt_8': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-rt-debug-rpms',\n 'rhel-8-for-x86_64-rt-rpms',\n 'rhel-8-for-x86_64-rt-source-rpms',\n 'rhel-8-for-x86_64-rt-tus-debug-rpms',\n 'rhel-8-for-x86_64-rt-tus-rpms',\n 'rhel-8-for-x86_64-rt-tus-source-rpms'\n ],\n 'rhel_tus_8_2_appstream': [\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms__8_DOT_2'\n ],\n 'rhel_tus_8_2_baseos': [\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms__8_DOT_2'\n ],\n 'rhel_tus_8_2_highavailability': [\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms__8_DOT_2'\n ],\n 'rhel_tus_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms__8_DOT_4'\n ],\n 'rhel_tus_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms__8_DOT_4'\n ],\n 'rhel_tus_8_4_highavailability': [\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms__8_DOT_4'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nvar enterprise_linux_flag = rhel_repo_sets_has_enterprise_linux(repo_sets:repo_sets);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'buildah-1.11.6-7.module+el8.2.0+6369+1f4293b4', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'buildah-1.11.6-7.module+el8.2.0+6369+1f4293b4', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'buildah-1.11.6-7.module+el8.2.0+6369+1f4293b4', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'buildah-tests-1.11.6-7.module+el8.2.0+6369+1f4293b4', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'buildah-tests-1.11.6-7.module+el8.2.0+6369+1f4293b4', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'buildah-tests-1.11.6-7.module+el8.2.0+6369+1f4293b4', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'cockpit-podman-11-1.module+el8.2.0+6369+1f4293b4', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'allowmaj':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'conmon-2.0.6-1.module+el8.2.0+6369+1f4293b4', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'conmon-2.0.6-1.module+el8.2.0+6369+1f4293b4', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'conmon-2.0.6-1.module+el8.2.0+6369+1f4293b4', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'container-selinux-2.124.0-1.module+el8.2.0+6369+1f4293b4', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'containernetworking-plugins-0.8.3-4.module+el8.2.0+6369+1f4293b4', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'containernetworking-plugins-0.8.3-4.module+el8.2.0+6369+1f4293b4', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'containernetworking-plugins-0.8.3-4.module+el8.2.0+6369+1f4293b4', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'containers-common-0.1.40-9.module+el8.2.0+6373+4950d421', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'containers-common-0.1.40-9.module+el8.2.0+6373+4950d421', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'containers-common-0.1.40-9.module+el8.2.0+6373+4950d421', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'crit-3.12-9.module+el8.2.0+6369+1f4293b4', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'crit-3.12-9.module+el8.2.0+6369+1f4293b4', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'crit-3.12-9.module+el8.2.0+6369+1f4293b4', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'criu-3.12-9.module+el8.2.0+6369+1f4293b4', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'criu-3.12-9.module+el8.2.0+6369+1f4293b4', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'criu-3.12-9.module+el8.2.0+6369+1f4293b4', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'fuse-overlayfs-0.7.2-5.module+el8.2.0+6369+1f4293b4', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'fuse-overlayfs-0.7.2-5.module+el8.2.0+6369+1f4293b4', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'fuse-overlayfs-0.7.2-5.module+el8.2.0+6369+1f4293b4', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'podman-1.6.4-11.module+el8.2.0+6369+1f4293b4', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'podman-1.6.4-11.module+el8.2.0+6369+1f4293b4', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'podman-1.6.4-11.module+el8.2.0+6369+1f4293b4', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'podman-docker-1.6.4-11.module+el8.2.0+6369+1f4293b4', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'podman-remote-1.6.4-11.module+el8.2.0+6369+1f4293b4', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'podman-remote-1.6.4-11.module+el8.2.0+6369+1f4293b4', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'podman-remote-1.6.4-11.module+el8.2.0+6369+1f4293b4', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'podman-tests-1.6.4-11.module+el8.2.0+6369+1f4293b4', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'podman-tests-1.6.4-11.module+el8.2.0+6369+1f4293b4', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'podman-tests-1.6.4-11.module+el8.2.0+6369+1f4293b4', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'python-podman-api-1.2.0-0.2.gitd0a45fe.module+el8.2.0+6369+1f4293b4', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'python3-criu-3.12-9.module+el8.2.0+6369+1f4293b4', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'python3-criu-3.12-9.module+el8.2.0+6369+1f4293b4', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'python3-criu-3.12-9.module+el8.2.0+6369+1f4293b4', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'runc-1.0.0-64.rc10.module+el8.2.0+6369+1f4293b4', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'runc-1.0.0-64.rc10.module+el8.2.0+6369+1f4293b4', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'runc-1.0.0-64.rc10.module+el8.2.0+6369+1f4293b4', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'skopeo-0.1.40-9.module+el8.2.0+6373+4950d421', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'skopeo-0.1.40-9.module+el8.2.0+6373+4950d421', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'skopeo-0.1.40-9.module+el8.2.0+6373+4950d421', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'skopeo-tests-0.1.40-9.module+el8.2.0+6373+4950d421', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'skopeo-tests-0.1.40-9.module+el8.2.0+6373+4950d421', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'skopeo-tests-0.1.40-9.module+el8.2.0+6373+4950d421', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'slirp4netns-0.4.2-3.git21fdece.module+el8.2.0+6369+1f4293b4', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'slirp4netns-0.4.2-3.git21fdece.module+el8.2.0+6369+1f4293b4', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'slirp4netns-0.4.2-3.git21fdece.module+el8.2.0+6369+1f4293b4', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'toolbox-0.0.7-1.module+el8.2.0+6369+1f4293b4', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'udica-0.2.1-2.module+el8.2.0+6369+1f4293b4', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp']) && !enterprise_linux_flag) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'buildah / buildah-tests / cockpit-podman / conmon / container-selinux / etc');\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-09T15:36:54", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:1926 advisory.\n\n - buildah: Crafted input tar file may lead to local file overwrite during image build process (CVE-2020-10696)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-04-29T00:00:00", "type": "nessus", "title": "RHEL 8 : container-tools:1.0 (RHSA-2020:1926)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10696"], "modified": "2021-10-13T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8", "cpe:/o:redhat:rhel_aus:8.2", "cpe:/o:redhat:rhel_aus:8.4", "cpe:/o:redhat:rhel_e4s:8.2", "cpe:/o:redhat:rhel_e4s:8.4", "cpe:/o:redhat:rhel_eus:8.2", "cpe:/o:redhat:rhel_eus:8.4", "cpe:/o:redhat:rhel_tus:8.2", "cpe:/o:redhat:rhel_tus:8.4", "p-cpe:/a:redhat:enterprise_linux:buildah", "p-cpe:/a:redhat:enterprise_linux:container-selinux", "p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins", "p-cpe:/a:redhat:enterprise_linux:containers-common", "p-cpe:/a:redhat:enterprise_linux:crit", "p-cpe:/a:redhat:enterprise_linux:criu", "p-cpe:/a:redhat:enterprise_linux:fuse-overlayfs", "p-cpe:/a:redhat:enterprise_linux:oci-systemd-hook", "p-cpe:/a:redhat:enterprise_linux:oci-umount", "p-cpe:/a:redhat:enterprise_linux:podman", "p-cpe:/a:redhat:enterprise_linux:podman-docker", "p-cpe:/a:redhat:enterprise_linux:python3-criu", "p-cpe:/a:redhat:enterprise_linux:runc", "p-cpe:/a:redhat:enterprise_linux:skopeo", "p-cpe:/a:redhat:enterprise_linux:slirp4netns"], "id": "REDHAT-RHSA-2020-1926.NASL", "href": "https://www.tenable.com/plugins/nessus/136064", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:1926. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136064);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/13\");\n\n script_cve_id(\"CVE-2020-10696\");\n script_xref(name:\"RHSA\", value:\"2020:1926\");\n\n script_name(english:\"RHEL 8 : container-tools:1.0 (RHSA-2020:1926)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in\nthe RHSA-2020:1926 advisory.\n\n - buildah: Crafted input tar file may lead to local file overwrite during image build process\n (CVE-2020-10696)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/22.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10696\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1926\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1817651\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10696\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(22);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/03/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/04/29\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_aus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_e4s:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_eus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:rhel_tus:8.4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:buildah\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:container-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:containernetworking-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:containers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:crit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:criu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:fuse-overlayfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:oci-systemd-hook\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:oci-umount\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:podman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:podman-docker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-criu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:runc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:skopeo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:slirp4netns\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'enterprise_linux_8_appstream': [\n 'rhel-8-for-aarch64-appstream-debug-rpms',\n 'rhel-8-for-aarch64-appstream-rpms',\n 'rhel-8-for-aarch64-appstream-source-rpms',\n 'rhel-8-for-s390x-appstream-debug-rpms',\n 'rhel-8-for-s390x-appstream-rpms',\n 'rhel-8-for-s390x-appstream-source-rpms',\n 'rhel-8-for-x86_64-appstream-debug-rpms',\n 'rhel-8-for-x86_64-appstream-rpms',\n 'rhel-8-for-x86_64-appstream-source-rpms'\n ],\n 'enterprise_linux_8_baseos': [\n 'rhel-8-for-aarch64-baseos-debug-rpms',\n 'rhel-8-for-aarch64-baseos-rpms',\n 'rhel-8-for-aarch64-baseos-source-rpms',\n 'rhel-8-for-s390x-baseos-debug-rpms',\n 'rhel-8-for-s390x-baseos-rpms',\n 'rhel-8-for-s390x-baseos-source-rpms',\n 'rhel-8-for-x86_64-baseos-debug-rpms',\n 'rhel-8-for-x86_64-baseos-rpms',\n 'rhel-8-for-x86_64-baseos-source-rpms'\n ],\n 'enterprise_linux_8_crb': [\n 'codeready-builder-for-rhel-8-aarch64-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-rpms',\n 'codeready-builder-for-rhel-8-aarch64-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-rpms',\n 'codeready-builder-for-rhel-8-s390x-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-rpms',\n 'codeready-builder-for-rhel-8-x86_64-source-rpms'\n ],\n 'enterprise_linux_8_highavailability': [\n 'rhel-8-for-aarch64-highavailability-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-rpms',\n 'rhel-8-for-aarch64-highavailability-source-rpms',\n 'rhel-8-for-s390x-highavailability-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-rpms',\n 'rhel-8-for-s390x-highavailability-source-rpms',\n 'rhel-8-for-x86_64-highavailability-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-rpms',\n 'rhel-8-for-x86_64-highavailability-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms'\n ],\n 'enterprise_linux_8_nfv': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-nfv-tus-debug-rpms',\n 'rhel-8-for-x86_64-nfv-tus-rpms',\n 'rhel-8-for-x86_64-nfv-tus-source-rpms'\n ],\n 'enterprise_linux_8_realtime': [\n 'rhel-8-for-x86_64-rt-debug-rpms',\n 'rhel-8-for-x86_64-rt-rpms',\n 'rhel-8-for-x86_64-rt-source-rpms',\n 'rhel-8-for-x86_64-rt-tus-debug-rpms',\n 'rhel-8-for-x86_64-rt-tus-rpms',\n 'rhel-8-for-x86_64-rt-tus-source-rpms'\n ],\n 'enterprise_linux_8_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-rpms',\n 'rhel-8-for-s390x-resilientstorage-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-rpms',\n 'rhel-8-for-x86_64-resilientstorage-source-rpms'\n ],\n 'enterprise_linux_8_sap': [\n 'rhel-8-for-s390x-sap-netweaver-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-rpms',\n 'rhel-8-for-s390x-sap-netweaver-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-source-rpms'\n ],\n 'enterprise_linux_8_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-rpms',\n 'rhel-8-for-x86_64-sap-solutions-source-rpms'\n ],\n 'enterprise_linux_8_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-rpms',\n 'rhel-8-for-aarch64-supplementary-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-rpms',\n 'rhel-8-for-s390x-supplementary-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-rpms',\n 'rhel-8-for-x86_64-supplementary-source-rpms'\n ],\n 'rhel_aus_8_2_appstream': [\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms__8_DOT_2'\n ],\n 'rhel_aus_8_2_baseos': [\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms__8_DOT_2'\n ],\n 'rhel_aus_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms__8_DOT_4'\n ],\n 'rhel_aus_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_2_appstream': [\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_2_baseos': [\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_2_highavailability': [\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_2_sap': [\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_2_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms__8_DOT_2'\n ],\n 'rhel_e4s_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_highavailability': [\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_sap': [\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_e4s_8_4_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_2_appstream': [\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms',\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-appstream-eus-rpms',\n 'rhel-8-for-aarch64-appstream-eus-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-appstream-eus-rpms',\n 'rhel-8-for-s390x-appstream-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-appstream-eus-source-rpms',\n 'rhel-8-for-s390x-appstream-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-eus-rpms',\n 'rhel-8-for-x86_64-appstream-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms'\n ],\n 'rhel_eus_8_2_baseos': [\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms',\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-baseos-eus-rpms',\n 'rhel-8-for-aarch64-baseos-eus-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-baseos-eus-rpms',\n 'rhel-8-for-s390x-baseos-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-baseos-eus-source-rpms',\n 'rhel-8-for-s390x-baseos-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-eus-rpms',\n 'rhel-8-for-x86_64-baseos-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms'\n ],\n 'rhel_eus_8_2_crb': [\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms__8_DOT_2',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_2_highavailability': [\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms'\n ],\n 'rhel_eus_8_2_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_2_sap': [\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_2_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_2_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-rpms__8_DOT_2',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms__8_DOT_2',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms__8_DOT_2'\n ],\n 'rhel_eus_8_4_appstream': [\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms',\n 'rhel-8-for-aarch64-appstream-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-appstream-eus-rpms',\n 'rhel-8-for-aarch64-appstream-eus-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms',\n 'rhel-8-for-aarch64-appstream-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms',\n 'rhel-8-for-s390x-appstream-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-appstream-eus-rpms',\n 'rhel-8-for-s390x-appstream-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-appstream-eus-source-rpms',\n 'rhel-8-for-s390x-appstream-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-aus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-aus-rpms',\n 'rhel-8-for-x86_64-appstream-aus-source-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-debug-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-rpms',\n 'rhel-8-for-x86_64-appstream-e4s-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-eus-rpms',\n 'rhel-8-for-x86_64-appstream-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms',\n 'rhel-8-for-x86_64-appstream-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms'\n ],\n 'rhel_eus_8_4_baseos': [\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms',\n 'rhel-8-for-aarch64-baseos-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-baseos-eus-rpms',\n 'rhel-8-for-aarch64-baseos-eus-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms',\n 'rhel-8-for-aarch64-baseos-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms',\n 'rhel-8-for-s390x-baseos-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-baseos-eus-rpms',\n 'rhel-8-for-s390x-baseos-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-baseos-eus-source-rpms',\n 'rhel-8-for-s390x-baseos-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-aus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-aus-rpms',\n 'rhel-8-for-x86_64-baseos-aus-source-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-debug-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-rpms',\n 'rhel-8-for-x86_64-baseos-e4s-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-eus-rpms',\n 'rhel-8-for-x86_64-baseos-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms',\n 'rhel-8-for-x86_64-baseos-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms'\n ],\n 'rhel_eus_8_4_crb': [\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-debug-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-aarch64-eus-source-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-debug-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms',\n 'codeready-builder-for-rhel-8-s390x-eus-source-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-debug-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-rpms__8_DOT_4',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms',\n 'codeready-builder-for-rhel-8-x86_64-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_highavailability': [\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-highavailability-eus-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms',\n 'rhel-8-for-aarch64-highavailability-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms',\n 'rhel-8-for-s390x-highavailability-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-highavailability-eus-rpms',\n 'rhel-8-for-s390x-highavailability-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms',\n 'rhel-8-for-s390x-highavailability-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-e4s-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-rpms',\n 'rhel-8-for-x86_64-highavailability-e4s-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-eus-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms'\n ],\n 'rhel_eus_8_4_resilientstorage': [\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms',\n 'rhel-8-for-s390x-resilientstorage-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms',\n 'rhel-8-for-x86_64-resilientstorage-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_sap': [\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-s390x-sap-netweaver-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-netweaver-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_sap_hana': [\n 'rhel-8-for-x86_64-sap-solutions-e4s-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-rpms',\n 'rhel-8-for-x86_64-sap-solutions-e4s-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms',\n 'rhel-8-for-x86_64-sap-solutions-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_eus_8_4_supplementary': [\n 'rhel-8-for-aarch64-supplementary-eus-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-rpms__8_DOT_4',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms',\n 'rhel-8-for-aarch64-supplementary-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-s390x-supplementary-eus-rpms',\n 'rhel-8-for-s390x-supplementary-eus-rpms__8_DOT_4',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms',\n 'rhel-8-for-s390x-supplementary-eus-source-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-supplementary-eus-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms',\n 'rhel-8-for-x86_64-supplementary-eus-source-rpms__8_DOT_4'\n ],\n 'rhel_extras_nfv_8': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-nfv-tus-debug-rpms',\n 'rhel-8-for-x86_64-nfv-tus-rpms',\n 'rhel-8-for-x86_64-nfv-tus-source-rpms'\n ],\n 'rhel_extras_rt_8': [\n 'rhel-8-for-x86_64-nfv-debug-rpms',\n 'rhel-8-for-x86_64-nfv-rpms',\n 'rhel-8-for-x86_64-nfv-source-rpms',\n 'rhel-8-for-x86_64-rt-debug-rpms',\n 'rhel-8-for-x86_64-rt-rpms',\n 'rhel-8-for-x86_64-rt-source-rpms',\n 'rhel-8-for-x86_64-rt-tus-debug-rpms',\n 'rhel-8-for-x86_64-rt-tus-rpms',\n 'rhel-8-for-x86_64-rt-tus-source-rpms'\n ],\n 'rhel_tus_8_2_appstream': [\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms__8_DOT_2'\n ],\n 'rhel_tus_8_2_baseos': [\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms__8_DOT_2'\n ],\n 'rhel_tus_8_2_highavailability': [\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms__8_DOT_2',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms__8_DOT_2'\n ],\n 'rhel_tus_8_4_appstream': [\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms',\n 'rhel-8-for-x86_64-appstream-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-rpms',\n 'rhel-8-for-x86_64-appstream-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms',\n 'rhel-8-for-x86_64-appstream-tus-source-rpms__8_DOT_4'\n ],\n 'rhel_tus_8_4_baseos': [\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms',\n 'rhel-8-for-x86_64-baseos-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-rpms',\n 'rhel-8-for-x86_64-baseos-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms',\n 'rhel-8-for-x86_64-baseos-tus-source-rpms__8_DOT_4'\n ],\n 'rhel_tus_8_4_highavailability': [\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-debug-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-rpms__8_DOT_4',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms',\n 'rhel-8-for-x86_64-highavailability-tus-source-rpms__8_DOT_4'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nvar enterprise_linux_flag = rhel_repo_sets_has_enterprise_linux(repo_sets:repo_sets);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'buildah-1.5-4.gite94b4f9.module+el8.2.0+6370+6fb6c8ca', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'buildah-1.5-4.gite94b4f9.module+el8.2.0+6370+6fb6c8ca', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'buildah-1.5-4.gite94b4f9.module+el8.2.0+6370+6fb6c8ca', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'container-selinux-2.124.0-1.gitf958d0c.module+el8.2.0+6370+6fb6c8ca', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'containernetworking-plugins-0.7.4-3.git9ebe139.module+el8.2.0+6370+6fb6c8ca', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'containernetworking-plugins-0.7.4-3.git9ebe139.module+el8.2.0+6370+6fb6c8ca', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'containernetworking-plugins-0.7.4-3.git9ebe139.module+el8.2.0+6370+6fb6c8ca', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'containers-common-0.1.32-4.git1715c90.module+el8.2.0+6370+6fb6c8ca', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'containers-common-0.1.32-4.git1715c90.module+el8.2.0+6370+6fb6c8ca', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'containers-common-0.1.32-4.git1715c90.module+el8.2.0+6370+6fb6c8ca', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'crit-3.12-9.module+el8.2.0+6370+6fb6c8ca', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'crit-3.12-9.module+el8.2.0+6370+6fb6c8ca', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'crit-3.12-9.module+el8.2.0+6370+6fb6c8ca', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'criu-3.12-9.module+el8.2.0+6370+6fb6c8ca', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'criu-3.12-9.module+el8.2.0+6370+6fb6c8ca', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'criu-3.12-9.module+el8.2.0+6370+6fb6c8ca', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'fuse-overlayfs-0.3-5.module+el8.2.0+6370+6fb6c8ca', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'fuse-overlayfs-0.3-5.module+el8.2.0+6370+6fb6c8ca', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'fuse-overlayfs-0.3-5.module+el8.2.0+6370+6fb6c8ca', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.2.0+6370+6fb6c8ca', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.2.0+6370+6fb6c8ca', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.2.0+6370+6fb6c8ca', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'oci-umount-2.3.4-2.git87f9237.module+el8.2.0+6370+6fb6c8ca', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'oci-umount-2.3.4-2.git87f9237.module+el8.2.0+6370+6fb6c8ca', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'oci-umount-2.3.4-2.git87f9237.module+el8.2.0+6370+6fb6c8ca', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'podman-1.0.0-4.git921f98f.module+el8.2.0+6370+6fb6c8ca', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'podman-1.0.0-4.git921f98f.module+el8.2.0+6370+6fb6c8ca', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'podman-1.0.0-4.git921f98f.module+el8.2.0+6370+6fb6c8ca', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'podman-docker-1.0.0-4.git921f98f.module+el8.2.0+6370+6fb6c8ca', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'python3-criu-3.12-9.module+el8.2.0+6370+6fb6c8ca', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'python3-criu-3.12-9.module+el8.2.0+6370+6fb6c8ca', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'python3-criu-3.12-9.module+el8.2.0+6370+6fb6c8ca', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'runc-1.0.0-56.rc5.dev.git2abd837.module+el8.2.0+6370+6fb6c8ca', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'runc-1.0.0-56.rc5.dev.git2abd837.module+el8.2.0+6370+6fb6c8ca', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'runc-1.0.0-56.rc5.dev.git2abd837.module+el8.2.0+6370+6fb6c8ca', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'skopeo-0.1.32-4.git1715c90.module+el8.2.0+6370+6fb6c8ca', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'skopeo-0.1.32-4.git1715c90.module+el8.2.0+6370+6fb6c8ca', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'skopeo-0.1.32-4.git1715c90.module+el8.2.0+6370+6fb6c8ca', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1', 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'slirp4netns-0.1-5.dev.gitc4e1bc5.module+el8.2.0+6370+6fb6c8ca', 'cpu':'aarch64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'slirp4netns-0.1-5.dev.gitc4e1bc5.module+el8.2.0+6370+6fb6c8ca', 'cpu':'s390x', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']},\n {'reference':'slirp4netns-0.1-5.dev.gitc4e1bc5.module+el8.2.0+6370+6fb6c8ca', 'cpu':'x86_64', 'release':'8', 'el_string':'el8.2.0', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_8_appstream', 'enterprise_linux_8_baseos', 'enterprise_linux_8_crb', 'enterprise_linux_8_highavailability', 'enterprise_linux_8_nfv', 'enterprise_linux_8_realtime', 'enterprise_linux_8_resilientstorage', 'enterprise_linux_8_sap', 'enterprise_linux_8_sap_hana', 'enterprise_linux_8_supplementary', 'rhel_aus_8_2_appstream', 'rhel_aus_8_2_baseos', 'rhel_aus_8_4_appstream', 'rhel_aus_8_4_baseos', 'rhel_e4s_8_2_appstream', 'rhel_e4s_8_2_baseos', 'rhel_e4s_8_2_highavailability', 'rhel_e4s_8_2_sap', 'rhel_e4s_8_2_sap_hana', 'rhel_e4s_8_4_appstream', 'rhel_e4s_8_4_baseos', 'rhel_e4s_8_4_highavailability', 'rhel_e4s_8_4_sap', 'rhel_e4s_8_4_sap_hana', 'rhel_eus_8_2_appstream', 'rhel_eus_8_2_baseos', 'rhel_eus_8_2_crb', 'rhel_eus_8_2_highavailability', 'rhel_eus_8_2_resilientstorage', 'rhel_eus_8_2_sap', 'rhel_eus_8_2_sap_hana', 'rhel_eus_8_2_supplementary', 'rhel_eus_8_4_appstream', 'rhel_eus_8_4_baseos', 'rhel_eus_8_4_crb', 'rhel_eus_8_4_highavailability', 'rhel_eus_8_4_resilientstorage', 'rhel_eus_8_4_sap', 'rhel_eus_8_4_sap_hana', 'rhel_eus_8_4_supplementary', 'rhel_extras_nfv_8', 'rhel_extras_rt_8', 'rhel_tus_8_2_appstream', 'rhel_tus_8_2_baseos', 'rhel_tus_8_2_highavailability', 'rhel_tus_8_4_appstream', 'rhel_tus_8_4_baseos', 'rhel_tus_8_4_highavailability']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp']) && !enterprise_linux_flag) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'buildah / container-selinux / containernetworking-plugins / etc');\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-09T15:45:10", "description": "The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-1932 advisory.\n\n - A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to the user's system anywhere that the user has permissions. (CVE-2020-10696)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-08-13T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : container-tools:ol8 (ELSA-2020-1932)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10696"], "modified": "2021-09-22T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:buildah", "p-cpe:/a:oracle:linux:buildah-tests", "p-cpe:/a:oracle:linux:cockpit-podman", "p-cpe:/a:oracle:linux:conmon", "p-cpe:/a:oracle:linux:container-selinux", "p-cpe:/a:oracle:linux:containernetworking-plugins", "p-cpe:/a:oracle:linux:containers-common", "p-cpe:/a:oracle:linux:crit", "p-cpe:/a:oracle:linux:criu", "p-cpe:/a:oracle:linux:fuse-overlayfs", "p-cpe:/a:oracle:linux:podman", "p-cpe:/a:oracle:linux:podman-docker", "p-cpe:/a:oracle:linux:podman-remote", "p-cpe:/a:oracle:linux:podman-tests", "p-cpe:/a:oracle:linux:python-podman-api", "p-cpe:/a:oracle:linux:python3-criu", "p-cpe:/a:oracle:linux:runc", "p-cpe:/a:oracle:linux:skopeo", "p-cpe:/a:oracle:linux:skopeo-tests", "p-cpe:/a:oracle:linux:slirp4netns", "p-cpe:/a:oracle:linux:udica"], "id": "ORACLELINUX_ELSA-2020-1932.NASL", "href": "https://www.tenable.com/plugins/nessus/136598", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2020-1932.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136598);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/22\");\n\n script_cve_id(\"CVE-2020-10696\");\n\n script_name(english:\"Oracle Linux 8 : container-tools:ol8 (ELSA-2020-1932)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2020-1932 advisory.\n\n - A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to\n trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to\n the user's system anywhere that the user has permissions. (CVE-2020-10696)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2020-1932.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10696\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/03/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:buildah\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:buildah-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:cockpit-podman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:conmon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:container-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:containernetworking-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:containers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:crit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:criu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:fuse-overlayfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:podman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:podman-docker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:podman-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:podman-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-podman-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-criu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:runc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:skopeo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:skopeo-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:slirp4netns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:udica\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nmodule_ver = get_kb_item('Host/RedHat/appstream/container-tools');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module container-tools:ol8');\nif ('ol8' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module container-tools:' + module_ver);\n\nappstreams = {\n 'container-tools:ol8': [\n {'reference':'buildah-1.11.6-8.0.1.module+el8.2.0+7615+180dc822', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'buildah-1.11.6-8.0.1.module+el8.2.0+7615+180dc822', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'buildah-tests-1.11.6-8.0.1.module+el8.2.0+7615+180dc822', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'buildah-tests-1.11.6-8.0.1.module+el8.2.0+7615+180dc822', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'cockpit-podman-12-1.module+el8.2.0+7615+180dc822', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'conmon-2.0.6-1.0.1.module+el8.2.0+7615+180dc822', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'conmon-2.0.6-1.0.1.module+el8.2.0+7615+180dc822', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'container-selinux-2.124.0-1.module+el8.2.0+7615+180dc822', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'containernetworking-plugins-0.8.3-5.0.1.module+el8.2.0+7615+180dc822', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'containernetworking-plugins-0.8.3-5.0.1.module+el8.2.0+7615+180dc822', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'containers-common-0.1.40-11.0.1.module+el8.2.0+7615+180dc822', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'containers-common-0.1.40-11.0.1.module+el8.2.0+7615+180dc822', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'crit-3.12-9.module+el8.2.0+7615+180dc822', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'crit-3.12-9.module+el8.2.0+7615+180dc822', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'criu-3.12-9.module+el8.2.0+7615+180dc822', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'criu-3.12-9.module+el8.2.0+7615+180dc822', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'fuse-overlayfs-0.7.2-5.module+el8.2.0+7615+180dc822', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'fuse-overlayfs-0.7.2-5.module+el8.2.0+7615+180dc822', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-1.6.4-11.0.1.module+el8.2.0+7615+180dc822', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-1.6.4-11.0.1.module+el8.2.0+7615+180dc822', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-docker-1.6.4-11.0.1.module+el8.2.0+7615+180dc822', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-remote-1.6.4-11.0.1.module+el8.2.0+7615+180dc822', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-remote-1.6.4-11.0.1.module+el8.2.0+7615+180dc822', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-tests-1.6.4-11.0.1.module+el8.2.0+7615+180dc822', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-tests-1.6.4-11.0.1.module+el8.2.0+7615+180dc822', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-podman-api-1.2.0-0.2.gitd0a45fe.module+el8.2.0+7615+180dc822', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-criu-3.12-9.module+el8.2.0+7615+180dc822', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-criu-3.12-9.module+el8.2.0+7615+180dc822', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'runc-1.0.0-65.rc10.module+el8.2.0+7615+180dc822', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'rc_precedence':TRUE},\n {'reference':'runc-1.0.0-65.rc10.module+el8.2.0+7615+180dc822', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'rc_precedence':TRUE},\n {'reference':'skopeo-0.1.40-11.0.1.module+el8.2.0+7615+180dc822', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'skopeo-0.1.40-11.0.1.module+el8.2.0+7615+180dc822', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'skopeo-tests-0.1.40-11.0.1.module+el8.2.0+7615+180dc822', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'skopeo-tests-0.1.40-11.0.1.module+el8.2.0+7615+180dc822', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'slirp4netns-0.4.2-3.git21fdece.module+el8.2.0+7615+180dc822', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'slirp4netns-0.4.2-3.git21fdece.module+el8.2.0+7615+180dc822', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'udica-0.2.1-2.module+el8.2.0+7615+180dc822', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n};\n\nflag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n appstream = NULL;\n appstream_name = NULL;\n appstream_version = NULL;\n appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['rc_precedence'])) rc_precedence = package_array['rc_precedence'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, rc_precedence:rc_precedence)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module container-tools:ol8');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'buildah / buildah-tests / cockpit-podman / etc');\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-09T15:44:26", "description": "The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-1926 advisory.\n\n - A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to the user's system anywhere that the user has permissions. (CVE-2020-10696)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-08-13T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : container-tools:1.0 (ELSA-2020-1926)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10696"], "modified": "2021-09-22T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:buildah", "p-cpe:/a:oracle:linux:container-selinux", "p-cpe:/a:oracle:linux:containernetworking-plugins", "p-cpe:/a:oracle:linux:containers-common", "p-cpe:/a:oracle:linux:crit", "p-cpe:/a:oracle:linux:criu", "p-cpe:/a:oracle:linux:fuse-overlayfs", "p-cpe:/a:oracle:linux:oci-systemd-hook", "p-cpe:/a:oracle:linux:oci-umount", "p-cpe:/a:oracle:linux:podman", "p-cpe:/a:oracle:linux:podman-docker", "p-cpe:/a:oracle:linux:python3-criu", "p-cpe:/a:oracle:linux:runc", "p-cpe:/a:oracle:linux:skopeo", "p-cpe:/a:oracle:linux:slirp4netns"], "id": "ORACLELINUX_ELSA-2020-1926.NASL", "href": "https://www.tenable.com/plugins/nessus/136644", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2020-1926.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136644);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/22\");\n\n script_cve_id(\"CVE-2020-10696\");\n\n script_name(english:\"Oracle Linux 8 : container-tools:1.0 (ELSA-2020-1926)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2020-1926 advisory.\n\n - A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to\n trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to\n the user's system anywhere that the user has permissions. (CVE-2020-10696)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2020-1926.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10696\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/03/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/13\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:buildah\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:container-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:containernetworking-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:containers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:crit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:criu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:fuse-overlayfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:oci-systemd-hook\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:oci-umount\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:podman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:podman-docker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-criu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:runc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:skopeo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:slirp4netns\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nmodule_ver = get_kb_item('Host/RedHat/appstream/container-tools');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module container-tools:1.0');\nif ('1.0' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module container-tools:' + module_ver);\n\nappstreams = {\n 'container-tools:1.0': [\n {'reference':'buildah-1.5-4.0.1.gite94b4f9.module+el8.2.0+7621+b33f33e5', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'buildah-1.5-4.0.1.gite94b4f9.module+el8.2.0+7621+b33f33e5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'container-selinux-2.124.0-1.gitf958d0c.module+el8.2.0+7621+b33f33e5', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'containernetworking-plugins-0.7.4-3.git9ebe139.module+el8.2.0+7621+b33f33e5', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'containernetworking-plugins-0.7.4-3.git9ebe139.module+el8.2.0+7621+b33f33e5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'containers-common-0.1.32-4.0.2.git1715c90.module+el8.2.0+7621+b33f33e5', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'containers-common-0.1.32-4.0.2.git1715c90.module+el8.2.0+7621+b33f33e5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'crit-3.12-9.module+el8.2.0+7621+b33f33e5', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'crit-3.12-9.module+el8.2.0+7621+b33f33e5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'criu-3.12-9.module+el8.2.0+7621+b33f33e5', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'criu-3.12-9.module+el8.2.0+7621+b33f33e5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'fuse-overlayfs-0.3-5.module+el8.2.0+7621+b33f33e5', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'fuse-overlayfs-0.3-5.module+el8.2.0+7621+b33f33e5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.2.0+7621+b33f33e5', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.2.0+7621+b33f33e5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'oci-umount-2.3.4-2.git87f9237.module+el8.2.0+7621+b33f33e5', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'oci-umount-2.3.4-2.git87f9237.module+el8.2.0+7621+b33f33e5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'podman-1.0.0-4.git921f98f.module+el8.2.0+7621+b33f33e5', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-1.0.0-4.git921f98f.module+el8.2.0+7621+b33f33e5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-docker-1.0.0-4.git921f98f.module+el8.2.0+7621+b33f33e5', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-criu-3.12-9.module+el8.2.0+7621+b33f33e5', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-criu-3.12-9.module+el8.2.0+7621+b33f33e5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'runc-1.0.0-56.rc5.dev.git2abd837.module+el8.2.0+7621+b33f33e5', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'rc_precedence':TRUE},\n {'reference':'runc-1.0.0-56.rc5.dev.git2abd837.module+el8.2.0+7621+b33f33e5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'rc_precedence':TRUE},\n {'reference':'skopeo-0.1.32-4.0.2.git1715c90.module+el8.2.0+7621+b33f33e5', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'skopeo-0.1.32-4.0.2.git1715c90.module+el8.2.0+7621+b33f33e5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'slirp4netns-0.1-5.dev.gitc4e1bc5.module+el8.2.0+7621+b33f33e5', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'slirp4netns-0.1-5.dev.gitc4e1bc5.module+el8.2.0+7621+b33f33e5', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n};\n\nflag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n appstream = NULL;\n appstream_name = NULL;\n appstream_version = NULL;\n appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['rc_precedence'])) rc_precedence = package_array['rc_precedence'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, rc_precedence:rc_precedence)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module container-tools:1.0');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'buildah / container-selinux / containernetworking-plugins / etc');\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-09T15:43:46", "description": "The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2020-1931 advisory.\n\n - A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to the user's system anywhere that the user has permissions. (CVE-2020-10696)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-08-13T00:00:00", "type": "nessus", "title": "Oracle Linux 8 : container-tools:2.0 (ELSA-2020-1931)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10696"], "modified": "2021-09-22T00:00:00", "cpe": ["cpe:/o:oracle:linux:8", "p-cpe:/a:oracle:linux:buildah", "p-cpe:/a:oracle:linux:buildah-tests", "p-cpe:/a:oracle:linux:cockpit-podman", "p-cpe:/a:oracle:linux:conmon", "p-cpe:/a:oracle:linux:container-selinux", "p-cpe:/a:oracle:linux:containernetworking-plugins", "p-cpe:/a:oracle:linux:containers-common", "p-cpe:/a:oracle:linux:crit", "p-cpe:/a:oracle:linux:criu", "p-cpe:/a:oracle:linux:fuse-overlayfs", "p-cpe:/a:oracle:linux:podman", "p-cpe:/a:oracle:linux:podman-docker", "p-cpe:/a:oracle:linux:podman-remote", "p-cpe:/a:oracle:linux:podman-tests", "p-cpe:/a:oracle:linux:python-podman-api", "p-cpe:/a:oracle:linux:python3-criu", "p-cpe:/a:oracle:linux:runc", "p-cpe:/a:oracle:linux:skopeo", "p-cpe:/a:oracle:linux:skopeo-tests", "p-cpe:/a:oracle:linux:slirp4netns", "p-cpe:/a:oracle:linux:udica"], "id": "ORACLELINUX_ELSA-2020-1931.NASL", "href": "https://www.tenable.com/plugins/nessus/136597", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Oracle Linux Security Advisory ELSA-2020-1931.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136597);\n script_version(\"1.7\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/09/22\");\n\n script_cve_id(\"CVE-2020-10696\");\n\n script_name(english:\"Oracle Linux 8 : container-tools:2.0 (ELSA-2020-1931)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Oracle Linux host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nELSA-2020-1931 advisory.\n\n - A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to\n trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to\n the user's system anywhere that the user has permissions. (CVE-2020-10696)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://linux.oracle.com/errata/ELSA-2020-1931.html\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10696\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/03/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/08/13\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:buildah\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:buildah-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:cockpit-podman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:conmon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:container-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:containernetworking-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:containers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:crit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:criu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:fuse-overlayfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:podman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:podman-docker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:podman-remote\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:podman-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python-podman-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:python3-criu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:runc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:skopeo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:skopeo-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:slirp4netns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:udica\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/local_checks_enabled\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item('Host/OracleLinux')) audit(AUDIT_OS_NOT, 'Oracle Linux');\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, 'Oracle Linux');\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Oracle Linux');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Oracle Linux 8', 'Oracle Linux ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Oracle Linux', cpu);\n\nmodule_ver = get_kb_item('Host/RedHat/appstream/container-tools');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module container-tools:2.0');\nif ('2.0' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module container-tools:' + module_ver);\n\nappstreams = {\n 'container-tools:2.0': [\n {'reference':'buildah-1.11.6-7.0.1.module+el8.2.0+7618+3a616245', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'buildah-1.11.6-7.0.1.module+el8.2.0+7618+3a616245', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'buildah-tests-1.11.6-7.0.1.module+el8.2.0+7618+3a616245', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'buildah-tests-1.11.6-7.0.1.module+el8.2.0+7618+3a616245', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'cockpit-podman-11-1.module+el8.2.0+7618+3a616245', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'conmon-2.0.6-1.0.1.module+el8.2.0+7618+3a616245', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'conmon-2.0.6-1.0.1.module+el8.2.0+7618+3a616245', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'container-selinux-2.124.0-1.module+el8.2.0+7618+3a616245', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'2'},\n {'reference':'containernetworking-plugins-0.8.3-4.0.1.module+el8.2.0+7618+3a616245', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'containernetworking-plugins-0.8.3-4.0.1.module+el8.2.0+7618+3a616245', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'containers-common-0.1.40-9.0.1.module+el8.2.0+7618+3a616245', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'containers-common-0.1.40-9.0.1.module+el8.2.0+7618+3a616245', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'crit-3.12-9.module+el8.2.0+7618+3a616245', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'crit-3.12-9.module+el8.2.0+7618+3a616245', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'criu-3.12-9.module+el8.2.0+7618+3a616245', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'criu-3.12-9.module+el8.2.0+7618+3a616245', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'fuse-overlayfs-0.7.2-5.module+el8.2.0+7618+3a616245', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'fuse-overlayfs-0.7.2-5.module+el8.2.0+7618+3a616245', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-1.6.4-11.0.1.module+el8.2.0+7618+3a616245', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-1.6.4-11.0.1.module+el8.2.0+7618+3a616245', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-docker-1.6.4-11.0.1.module+el8.2.0+7618+3a616245', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-remote-1.6.4-11.0.1.module+el8.2.0+7618+3a616245', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-remote-1.6.4-11.0.1.module+el8.2.0+7618+3a616245', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-tests-1.6.4-11.0.1.module+el8.2.0+7618+3a616245', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-tests-1.6.4-11.0.1.module+el8.2.0+7618+3a616245', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-podman-api-1.2.0-0.2.gitd0a45fe.module+el8.2.0+7618+3a616245', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-criu-3.12-9.module+el8.2.0+7618+3a616245', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-criu-3.12-9.module+el8.2.0+7618+3a616245', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'runc-1.0.0-64.rc10.module+el8.2.0+7618+3a616245', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'rc_precedence':TRUE},\n {'reference':'runc-1.0.0-64.rc10.module+el8.2.0+7618+3a616245', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'rc_precedence':TRUE},\n {'reference':'skopeo-0.1.40-9.0.1.module+el8.2.0+7618+3a616245', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'skopeo-0.1.40-9.0.1.module+el8.2.0+7618+3a616245', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'skopeo-tests-0.1.40-9.0.1.module+el8.2.0+7618+3a616245', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'skopeo-tests-0.1.40-9.0.1.module+el8.2.0+7618+3a616245', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'slirp4netns-0.4.2-3.git21fdece.module+el8.2.0+7618+3a616245', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'slirp4netns-0.4.2-3.git21fdece.module+el8.2.0+7618+3a616245', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'udica-0.2.1-2.module+el8.2.0+7618+3a616245', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n};\n\nflag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n appstream = NULL;\n appstream_name = NULL;\n appstream_version = NULL;\n appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'EL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['rc_precedence'])) rc_precedence = package_array['rc_precedence'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj, rc_precedence:rc_precedence)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module container-tools:2.0');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'buildah / buildah-tests / cockpit-podman / etc');\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-09T15:01:44", "description": "The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:1932 advisory.\n\n - buildah: Crafted input tar file may lead to local file overwrite during image build process (CVE-2020-10696)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-02-01T00:00:00", "type": "nessus", "title": "CentOS 8 : container-tools:rhel8 (CESA-2020:1932)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10696"], "modified": "2021-03-23T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:cockpit-podman", "p-cpe:/a:centos:centos:conmon", "p-cpe:/a:centos:centos:container-selinux", "p-cpe:/a:centos:centos:containernetworking-plugins", "p-cpe:/a:centos:centos:containers-common", "p-cpe:/a:centos:centos:crit", "p-cpe:/a:centos:centos:criu", "p-cpe:/a:centos:centos:fuse-overlayfs", "p-cpe:/a:centos:centos:python-podman-api", "p-cpe:/a:centos:centos:python3-criu", "p-cpe:/a:centos:centos:runc", "p-cpe:/a:centos:centos:skopeo", "p-cpe:/a:centos:centos:skopeo-tests", "p-cpe:/a:centos:centos:slirp4netns", "p-cpe:/a:centos:centos:toolbox", "p-cpe:/a:centos:centos:udica"], "id": "CENTOS8_RHSA-2020-1932.NASL", "href": "https://www.tenable.com/plugins/nessus/145928", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2020:1932. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145928);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/23\");\n\n script_cve_id(\"CVE-2020-10696\");\n script_xref(name:\"RHSA\", value:\"2020:1932\");\n\n script_name(english:\"CentOS 8 : container-tools:rhel8 (CESA-2020:1932)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nCESA-2020:1932 advisory.\n\n - buildah: Crafted input tar file may lead to local file overwrite during image build process\n (CVE-2020-10696)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1932\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10696\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/03/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:cockpit-podman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:conmon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:container-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:containernetworking-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:containers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:crit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:criu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:fuse-overlayfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-podman-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-criu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:runc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:skopeo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:skopeo-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:slirp4netns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:toolbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:udica\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nmodule_ver = get_kb_item('Host/RedHat/appstream/container-tools');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module container-tools:rhel8');\nif ('rhel8' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module container-tools:' + module_ver);\n\nappstreams = {\n 'container-tools:rhel8': [\n {'reference':'cockpit-podman-12-1.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'cockpit-podman-12-1.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'conmon-2.0.6-1.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'conmon-2.0.6-1.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'container-selinux-2.124.0-1.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'container-selinux-2.124.0-1.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'containernetworking-plugins-0.8.3-5.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'containernetworking-plugins-0.8.3-5.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'containers-common-0.1.40-11.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'containers-common-0.1.40-11.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'crit-3.12-9.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'crit-3.12-9.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'criu-3.12-9.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'criu-3.12-9.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'fuse-overlayfs-0.7.2-5.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'fuse-overlayfs-0.7.2-5.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-podman-api-1.2.0-0.2.gitd0a45fe.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-podman-api-1.2.0-0.2.gitd0a45fe.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-criu-3.12-9.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-criu-3.12-9.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'runc-1.0.0-65.rc10.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'runc-1.0.0-65.rc10.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'skopeo-0.1.40-11.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'skopeo-0.1.40-11.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'skopeo-tests-0.1.40-11.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'skopeo-tests-0.1.40-11.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'slirp4netns-0.4.2-3.git21fdece.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'slirp4netns-0.4.2-3.git21fdece.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'toolbox-0.0.7-1.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'toolbox-0.0.7-1.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'udica-0.2.1-2.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'udica-0.2.1-2.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n};\n\nflag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n appstream = NULL;\n appstream_name = NULL;\n appstream_version = NULL;\n appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module container-tools:rhel8');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'cockpit-podman / conmon / container-selinux / etc');\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T16:00:42", "description": "The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:1931 advisory.\n\n - buildah: Crafted input tar file may lead to local file overwrite during image build process (CVE-2020-10696)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-02-01T00:00:00", "type": "nessus", "title": "CentOS 8 : container-tools:2.0 (CESA-2020:1931)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10696"], "modified": "2021-03-23T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:buildah", "p-cpe:/a:centos:centos:buildah-tests", "p-cpe:/a:centos:centos:cockpit-podman", "p-cpe:/a:centos:centos:conmon", "p-cpe:/a:centos:centos:container-selinux", "p-cpe:/a:centos:centos:containernetworking-plugins", "p-cpe:/a:centos:centos:containers-common", "p-cpe:/a:centos:centos:crit", "p-cpe:/a:centos:centos:criu", "p-cpe:/a:centos:centos:fuse-overlayfs", "p-cpe:/a:centos:centos:python-podman-api", "p-cpe:/a:centos:centos:python3-criu", "p-cpe:/a:centos:centos:runc", "p-cpe:/a:centos:centos:skopeo", "p-cpe:/a:centos:centos:skopeo-tests", "p-cpe:/a:centos:centos:slirp4netns", "p-cpe:/a:centos:centos:toolbox", "p-cpe:/a:centos:centos:udica"], "id": "CENTOS8_RHSA-2020-1931.NASL", "href": "https://www.tenable.com/plugins/nessus/145838", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2020:1931. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145838);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/23\");\n\n script_cve_id(\"CVE-2020-10696\");\n script_xref(name:\"RHSA\", value:\"2020:1931\");\n\n script_name(english:\"CentOS 8 : container-tools:2.0 (CESA-2020:1931)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nCESA-2020:1931 advisory.\n\n - buildah: Crafted input tar file may lead to local file overwrite during image build process\n (CVE-2020-10696)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1931\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10696\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/03/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:buildah\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:buildah-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:cockpit-podman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:conmon\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:container-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:containernetworking-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:containers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:crit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:criu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:fuse-overlayfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python-podman-api\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-criu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:runc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:skopeo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:skopeo-tests\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:slirp4netns\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:toolbox\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:udica\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nmodule_ver = get_kb_item('Host/RedHat/appstream/container-tools');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module container-tools:2.0');\nif ('2.0' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module container-tools:' + module_ver);\n\nappstreams = {\n 'container-tools:2.0': [\n {'reference':'buildah-1.11.6-7.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'buildah-1.11.6-7.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'buildah-tests-1.11.6-7.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'buildah-tests-1.11.6-7.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'cockpit-podman-11-1.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'cockpit-podman-11-1.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'conmon-2.0.6-1.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'conmon-2.0.6-1.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'container-selinux-2.124.0-1.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'container-selinux-2.124.0-1.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'containernetworking-plugins-0.8.3-4.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'containernetworking-plugins-0.8.3-4.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'containers-common-0.1.40-9.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'containers-common-0.1.40-9.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'crit-3.12-9.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'crit-3.12-9.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'criu-3.12-9.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'criu-3.12-9.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'fuse-overlayfs-0.7.2-5.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'fuse-overlayfs-0.7.2-5.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-podman-api-1.2.0-0.2.gitd0a45fe.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-podman-api-1.2.0-0.2.gitd0a45fe.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-criu-3.12-9.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-criu-3.12-9.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'runc-1.0.0-64.rc10.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'runc-1.0.0-64.rc10.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'skopeo-0.1.40-9.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'skopeo-0.1.40-9.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'skopeo-tests-0.1.40-9.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'skopeo-tests-0.1.40-9.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'slirp4netns-0.4.2-3.git21fdece.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'slirp4netns-0.4.2-3.git21fdece.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'toolbox-0.0.7-1.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'toolbox-0.0.7-1.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'udica-0.2.1-2.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'udica-0.2.1-2.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n};\n\nflag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n appstream = NULL;\n appstream_name = NULL;\n appstream_version = NULL;\n appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module container-tools:2.0');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'buildah / buildah-tests / cockpit-podman / conmon / container-selinux / etc');\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T16:00:43", "description": "The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2020:1926 advisory.\n\n - buildah: Crafted input tar file may lead to local file overwrite during image build process (CVE-2020-10696)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-02-01T00:00:00", "type": "nessus", "title": "CentOS 8 : container-tools:1.0 (CESA-2020:1926)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10696"], "modified": "2021-03-23T00:00:00", "cpe": ["cpe:/o:centos:centos:8", "p-cpe:/a:centos:centos:buildah", "p-cpe:/a:centos:centos:container-selinux", "p-cpe:/a:centos:centos:containernetworking-plugins", "p-cpe:/a:centos:centos:containers-common", "p-cpe:/a:centos:centos:crit", "p-cpe:/a:centos:centos:criu", "p-cpe:/a:centos:centos:fuse-overlayfs", "p-cpe:/a:centos:centos:oci-systemd-hook", "p-cpe:/a:centos:centos:oci-umount", "p-cpe:/a:centos:centos:podman", "p-cpe:/a:centos:centos:podman-docker", "p-cpe:/a:centos:centos:python3-criu", "p-cpe:/a:centos:centos:runc", "p-cpe:/a:centos:centos:skopeo", "p-cpe:/a:centos:centos:slirp4netns"], "id": "CENTOS8_RHSA-2020-1926.NASL", "href": "https://www.tenable.com/plugins/nessus/145971", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# Red Hat Security Advisory RHSA-2020:1926. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(145971);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/03/23\");\n\n script_cve_id(\"CVE-2020-10696\");\n script_xref(name:\"RHSA\", value:\"2020:1926\");\n\n script_name(english:\"CentOS 8 : container-tools:1.0 (CESA-2020:1926)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote CentOS host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the\nCESA-2020:1926 advisory.\n\n - buildah: Crafted input tar file may lead to local file overwrite during image build process\n (CVE-2020-10696)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:1926\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10696\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/03/31\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/04/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/01\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:8\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:buildah\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:container-selinux\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:containernetworking-plugins\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:containers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:crit\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:criu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:fuse-overlayfs\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:oci-systemd-hook\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:oci-umount\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:podman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:podman-docker\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:python3-criu\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:runc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:skopeo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:slirp4netns\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"CentOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/CentOS/release');\nif (isnull(release) || 'CentOS' >!< release) audit(AUDIT_OS_NOT, 'CentOS');\nos_ver = pregmatch(pattern: \"CentOS(?: Stream)?(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'CentOS');\nos_ver = os_ver[1];\nif ('CentOS Stream' >< release) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS Stream ' + os_ver);\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '8')) audit(AUDIT_OS_NOT, 'CentOS 8.x', 'CentOS ' + os_ver);\n\nif (!get_kb_item('Host/CentOS/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'CentOS', cpu);\n\nmodule_ver = get_kb_item('Host/RedHat/appstream/container-tools');\nif (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module container-tools:1.0');\nif ('1.0' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module container-tools:' + module_ver);\n\nappstreams = {\n 'container-tools:1.0': [\n {'reference':'buildah-1.5-4.gite94b4f9.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'buildah-1.5-4.gite94b4f9.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'container-selinux-2.124.0-1.gitf958d0c.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'container-selinux-2.124.0-1.gitf958d0c.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'containernetworking-plugins-0.7.4-3.git9ebe139.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'containernetworking-plugins-0.7.4-3.git9ebe139.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'containers-common-0.1.32-4.git1715c90.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'containers-common-0.1.32-4.git1715c90.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'crit-3.12-9.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'crit-3.12-9.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'criu-3.12-9.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'criu-3.12-9.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'fuse-overlayfs-0.3-5.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'fuse-overlayfs-0.3-5.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'oci-systemd-hook-0.1.15-2.git2d0b8a3.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'oci-systemd-hook-0.1.15-2.git2d0b8a3.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'oci-umount-2.3.4-2.git87f9237.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'oci-umount-2.3.4-2.git87f9237.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-1.0.0-4.git921f98f.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-1.0.0-4.git921f98f.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-docker-1.0.0-4.git921f98f.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'podman-docker-1.0.0-4.git921f98f.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-criu-3.12-9.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-criu-3.12-9.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'runc-1.0.0-56.rc5.dev.git2abd837.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'runc-1.0.0-56.rc5.dev.git2abd837.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'skopeo-0.1.32-4.git1715c90.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'skopeo-0.1.32-4.git1715c90.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE, 'epoch':'1'},\n {'reference':'slirp4netns-0.1-5.dev.gitc4e1bc5.module_el8.2.0', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'slirp4netns-0.1-5.dev.gitc4e1bc5.module_el8.2.0', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}\n ]\n};\n\nflag = 0;\nappstreams_found = 0;\nforeach module (keys(appstreams)) {\n appstream = NULL;\n appstream_name = NULL;\n appstream_version = NULL;\n appstream_split = split(module, sep:':', keep:FALSE);\n if (!empty_or_null(appstream_split)) {\n appstream_name = appstream_split[0];\n appstream_version = appstream_split[1];\n if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RedHat/appstream/' + appstream_name);\n }\n if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {\n appstreams_found++;\n foreach package_array ( appstreams[module] ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'CentOS-' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n }\n}\n\nif (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module container-tools:1.0');\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'buildah / container-selinux / containernetworking-plugins / etc');\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-12-15T12:45:30", "description": "This update for buildah fixes the following issues :\n\nbuildah was updated to v1.17.0 (bsc#1165184) :\n\n - Handle cases where other tools mount/unmount containers\n\n - overlay.MountReadOnly: support RO overlay mounts\n\n - overlay: use fusermount for rootless umounts\n\n - overlay: fix umount\n\n - Switch default log level of Buildah to Warn. Users need to see these messages\n\n - Drop error messages about OCI/Docker format to Warning level\n\n - build(deps): bump github.com/containers/common from 0.26.0 to 0.26.2\n\n - tests/testreport: adjust for API break in storage v1.23.6\n\n - build(deps): bump github.com/containers/storage from 1.23.5 to 1.23.7\n\n - build(deps): bump github.com/fsouza/go-dockerclient from 1.6.5 to 1.6.6\n\n - copier: put: ignore Typeflag='g'\n\n - Use curl to get repo file (fix #2714)\n\n - build(deps): bump github.com/containers/common from 0.25.0 to 0.26.0\n\n - build(deps): bump github.com/spf13/cobra from 1.0.0 to 1.1.1\n\n - Remove docs that refer to bors, since we're not using it\n\n - Buildah bud should not use stdin by default\n\n - bump containerd, docker, and golang.org/x/sys\n\n - Makefile: cross: remove windows.386 target\n\n - copier.copierHandlerPut: don't check length when there are errors\n\n - Stop excessive wrapping\n\n - CI: require that conformance tests pass\n\n - bump(github.com/openshift/imagebuilder) to v1.1.8\n\n - Skip tlsVerify insecure BUILD_REGISTRY_SOURCES\n\n - Fix build path wrong containers/podman#7993\n\n - refactor pullpolicy to avoid deps\n\n - build(deps): bump github.com/containers/common from 0.24.0 to 0.25.0\n\n - CI: run gating tasks with a lot more memory\n\n - ADD and COPY: descend into excluded directories, sometimes\n\n - copier: add more context to a couple of error messages\n\n - copier: check an error earlier\n\n - copier: log stderr output as debug on success\n\n - Update nix pin with make nixpkgs\n\n - Set directory ownership when copied with ID mapping\n\n - build(deps): bump github.com/sirupsen/logrus from 1.6.0 to 1.7.0\n\n - build(deps): bump github.com/containers/common from 0.23.0 to 0.24.0\n\n - Cirrus: Remove bors artifacts\n\n - Sort build flag definitions alphabetically\n\n - ADD: only expand archives at the right time\n\n - Remove configuration for bors\n\n - Shell Completion for podman build flags\n\n - Bump c/common to v0.24.0\n\n - New CI check: xref --help vs man pages\n\n - CI: re-enable several linters\n\n - Move --userns-uid-map/--userns-gid-map description into buildah man page\n\n - add: preserve ownerships and permissions on ADDed archives\n\n - Makefile: tweak the cross-compile target\n\n - Bump containers/common to v0.23.0\n\n - chroot: create bind mount targets 0755 instead of 0700\n\n - Change call to Split() to safer SplitN()\n\n - chroot: fix handling of errno seccomp rules\n\n - build(deps): bump github.com/containers/image/v5 from 5.5.2 to 5.6.0\n\n - Add In Progress section to contributing\n\n - integration tests: make sure tests run in $(topdir)/tests\n\n - Run(): ignore containers.conf's environment configuration\n\n - Warn when setting healthcheck in OCI format\n\n - Cirrus: Skip git-validate on branches\n\n - tools: update git-validation to the latest commit\n\n - tools: update golangci-lint to v1.18.0\n\n - Add a few tests of push command\n\n - Add(): fix handling of relative paths with no ContextDir\n\n - build(deps): bump github.com/containers/common from 0.21.0 to 0.22.0\n\n - Lint: Use same linters as podman\n\n - Validate: reference HEAD\n\n - Fix buildah mount to display container names not ids\n\n - Update nix pin with make nixpkgs\n\n - Add missing --format option in buildah from man page\n\n - Fix up code based on codespell\n\n - build(deps): bump github.com/openshift/imagebuilder from 1.1.6 to 1.1.7\n\n - build(deps): bump github.com/containers/storage from 1.23.4 to 1.23.5\n\n - Improve buildah completions\n\n - Cirrus: Fix validate commit epoch\n\n - Fix bash completion of manifest flags\n\n - Uniform some man pages\n\n - Update Buildah Tutorial to address BZ1867426\n\n - Update bash completion of manifest add sub command\n\n - copier.Get(): hard link targets shouldn't be relative paths\n\n - build(deps): bump github.com/onsi/gomega from 1.10.1 to 1.10.2\n\n - Pass timestamp down to history lines\n\n - Timestamp gets updated everytime you inspect an image\n\n - bud.bats: use absolute paths in newly-added tests\n\n - contrib/cirrus/lib.sh: don't use CN for the hostname\n\n - tests: Add some tests\n\n - Update manifest add man page\n\n - Extend flags of manifest add\n\n - build(deps): bump github.com/containers/storage from 1.23.3 to 1.23.4\n\n - build(deps): bump github.com/onsi/ginkgo from 1.14.0 to 1.14.1\n\n - CI: expand cross-compile checks\n\nUpdate to v1.16.2 :\n\n - fix build on 32bit arches\n\n - containerImageRef.NewImageSource(): don't always force timestamps\n\n - Add fuse module warning to image readme\n\n - Heed our retry delay option values when retrying commit/pull/push\n\n - Switch to containers/common for seccomp\n\n - Use --timestamp rather then --omit-timestamp\n\n - docs: remove outdated notice\n\n - docs: remove outdated notice\n\n - build-using-dockerfile: add a hidden --log-rusage flag\n\n - build(deps): bump github.com/containers/image/v5 from 5.5.1 to 5.5.2\n\n - Discard ReportWriter if user sets options.Quiet\n\n - build(deps): bump github.com/containers/common from 0.19.0 to 0.20.3\n\n - Fix ownership of content copied using COPY --from\n\n - newTarDigester: zero out timestamps in tar headers\n\n - Update nix pin with `make nixpkgs`\n\n - bud.bats: correct .dockerignore integration tests\n\n - Use pipes for copying\n\n - run: include stdout in error message\n\n - run: use the correct error for errors.Wrapf\n\n - copier: un-export internal types\n\n - copier: add Mkdir()\n\n - in_podman: don't get tripped up by $CIRRUS_CHANGE_TITLE\n\n - docs/buildah-commit.md: tweak some wording, add a --rm example\n\n - imagebuildah: don’t blank out destination names when COPYing\n\n - Replace retry functions with common/pkg/retry\n\n - StageExecutor.historyMatches: compare timestamps using .Equal\n\n - Update vendor of containers/common\n\n - Fix errors found in coverity scan\n\n - Change namespace handling flags to better match podman commands\n\n - conformance testing: ignore buildah.BuilderIdentityAnnotation labels\n\n - Vendor in containers/storage v1.23.0\n\n - Add buildah.IsContainer interface\n\n - Avoid feeding run_buildah to pipe\n\n - fix(buildahimage): add xz dependency in buildah image\n\n - Bump github.com/containers/common from 0.15.2 to 0.18.0\n\n - Howto for rootless image building from OpenShift\n\n - Add --omit-timestamp flag to buildah bud\n\n - Update nix pin with `make nixpkgs`\n\n - Shutdown storage on failures\n\n - Handle COPY --from when an argument is used\n\n - Bump github.com/seccomp/containers-golang from 0.5.0 to 0.6.0\n\n - Cirrus: Use newly built VM images\n\n - Bump github.com/opencontainers/runc from 1.0.0-rc91 to 1.0.0-rc92\n\n - Enhance the .dockerignore man pages\n\n - conformance: add a test for COPY from subdirectory\n\n - fix bug manifest inspct\n\n - Add documentation for .dockerignore\n\n - Add BuilderIdentityAnnotation to identify buildah version\n\n - DOC: Add quay.io/containers/buildah image to README.md\n\n - Update buildahimages readme\n\n - fix spelling mistake in 'info' command result display\n\n - Don't bind /etc/host and /etc/resolv.conf if network is not present\n\n - blobcache: avoid an unnecessary NewImage()\n\n - Build static binary with `buildGoModule`\n\n - copier: split StripSetidBits into StripSetuidBit/StripSetgidBit/StripStickyBit\n\n - tarFilterer: handle multiple archives\n\n - Fix a race we hit during conformance tests\n\n - Rework conformance testing\n\n - Update 02-registries-repositories.md\n\n - test-unit: invoke cmd/buildah tests with --flags\n\n - parse: fix a type mismatch in a test\n\n - Fix compilation of tests/testreport/testreport\n\n - build.sh: log the version of Go that we're using\n\n - test-unit: increase the test timeout to 40/45 minutes\n\n - Add the 'copier' package\n\n - Fix & add notes regarding problematic language in codebase\n\n - Add dependency on github.com/stretchr/testify/require\n\n - CompositeDigester: add the ability to filter tar streams\n\n - BATS tests: make more robust\n\n - vendor golang.org/x/text@v0.3.3\n\n - Switch golang 1.12 to golang 1.13\n\n - imagebuildah: wait for stages that might not have even started yet\n\n - chroot, run: not fail on bind mounts from /sys\n\n - chroot: do not use setgroups if it is blocked\n\n - Set engine env from containers.conf\n\n - imagebuildah: return the right stage's image as the 'final' image\n\n - Fix a help string\n\n - Deduplicate environment variables\n\n - switch containers/libpod to containers/podman\n\n - Bump github.com/containers/ocicrypt from 1.0.2 to 1.0.3\n\n - Bump github.com/opencontainers/selinux from 1.5.2 to 1.6.0\n\n - Mask out /sys/dev to prevent information leak\n\n - linux: skip errors from the runtime kill\n\n - Mask over the /sys/fs/selinux in mask branch\n\n - Add VFS additional image store to container\n\n - tests: add auth tests\n\n - Allow 'readonly' as alias to 'ro' in mount options\n\n - Ignore OS X specific consistency mount option\n\n - Bump github.com/onsi/ginkgo from 1.13.0 to 1.14.0\n\n - Bump github.com/containers/common from 0.14.0 to 0.15.2\n\n - Rootless Buildah should default to IsolationOCIRootless\n\n - imagebuildah: fix inheriting multi-stage builds\n\n - Make imagebuildah.BuildOptions.Architecture/OS optional\n\n - Make imagebuildah.BuildOptions.Jobs optional\n\n - Resolve a possible race in imagebuildah.Executor.startStage()\n\n - Switch scripts to use containers.conf\n\n - Bump openshift/imagebuilder to v1.1.6\n\n - Bump go.etcd.io/bbolt from 1.3.4 to 1.3.5\n\n - buildah, bud: support --jobs=N for parallel execution\n\n - executor: refactor build code inside new function\n\n - Add bud regression tests\n\n - Cirrus: Fix missing htpasswd in registry img\n\n - docs: clarify the 'triples' format\n\n - CHANGELOG.md: Fix markdown formatting\n\n - Add nix derivation for static builds\n\n - Bump to v1.16.0-dev\n\n - Update to v1.15.1\n\n - Mask over the /sys/fs/selinux in mask branch\n\n - chroot: do not use setgroups if it is blocked\n\n - chroot, run: not fail on bind mounts from /sys\n\n - Allow 'readonly' as alias to 'ro' in mount options\n\n - Add VFS additional image store to container\n\n - vendor golang.org/x/text@v0.3.3\n\n - Make imagebuildah.BuildOptions.Architecture/OS optional\n\nUpdate to v1.15.0 :\n\n - Add CVE-2020-10696 to CHANGELOG.md and changelog.txt\n\n - fix lighttpd example\n\n - remove dependency on openshift struct\n\n - Warn on unset build arguments\n\n - vendor: update seccomp/containers-golang to v0.4.1\n\n - Updated docs\n\n - clean up comments\n\n - update exit code for tests\n\n - Implement commit for encryption\n\n - implementation of encrypt/decrypt push/pull/bud/from\n\n - fix resolve docker image name as transport\n\n - Add preliminary profiling support to the CLI\n\n - Evaluate symlinks in build context directory\n\n - fix error info about get signatures for containerImageSource\n\n - Add Security Policy\n\n - Cirrus: Fixes from review feedback\n\n - imagebuildah: stages shouldn't count as their base images\n\n - Update containers/common v0.10.0\n\n - Add registry to buildahimage Dockerfiles\n\n - Cirrus: Use pre-installed VM packages + F32\n\n - Cirrus: Re-enable all distro versions\n\n - Cirrus: Update to F31 + Use cache images\n\n - golangci-lint: Disable gosimple\n\n - Lower number of golangci-lint threads\n\n - Fix permissions on containers.conf\n\n - Don't force tests to use runc\n\n - Return exit code from failed containers\n\n - cgroup_manager should be under [engine]\n\n - Use c/common/pkg/auth in login/logout\n\n - Cirrus: Temporarily disable Ubuntu 19 testing\n\n - Add containers.conf to stablebyhand build\n\n - Update gitignore to exclude test Dockerfiles\n\n - Remove warning for systemd inside of container\n\nUpdate to v1.14.6 :\n\n - Make image history work correctly with new args handling\n\n - Don't add args to the RUN environment from the Builder\n\nUpdate to v1.14.5 :\n\n - Revert FIPS mode change\n\nUpdate to v1.14.4 :\n\n - Update unshare man page to fix script example\n\n - Fix compilation errors on non linux platforms\n\n - Preserve volume uid and gid through subsequent commands\n\n - Fix potential CVE in tarfile w/ symlink\n\n - Fix .dockerignore with globs and ! commands\n\nUpdate to v1.14.2 :\n\n - Search for local runtime per values in containers.conf\n\n - Set correct ownership on working directory\n\n - Improve remote manifest retrieval\n\n - Correct a couple of incorrect format specifiers\n\n - manifest push --format: force an image type, not a list type\n\n - run: adjust the order in which elements are added to $\n\n - getDateAndDigestAndSize(): handle creation time not being set\n\n - Make the commit id clear like Docker\n\n - Show error on copied file above context directory in build\n\n - pull/from/commit/push: retry on most failures\n\n - Repair buildah so it can use containers.conf on the server side\n\n - Fixing formatting & build instructions\n\n - Fix XDG_RUNTIME_DIR for authfile\n\n - Show validation command-line\n\nUpdate to v1.14.0 :\n\n - getDateAndDigestAndSize(): use manifest.Digest\n\n - Touch up os/arch doc\n\n - chroot: handle slightly broken seccomp defaults\n\n - buildahimage: specify fuse-overlayfs mount options\n\n - parse: don't complain about not being able to rename something to itself\n\n - Fix build for 32bit platforms\n\n - Allow users to set OS and architecture on bud\n\n - Fix COPY in containerfile with envvar\n\n - Add --sign-by to bud/commit/push, --remove-signatures for pull/push\n\n - Add support for containers.conf\n\n - manifest push: add --format option\n\nUpdate to v1.13.1 :\n\n - copyFileWithTar: close source files at the right time\n\n - copy: don't digest files that we ignore\n\n - Check for .dockerignore specifically\n\n - Don't setup excludes, if their is only one pattern to match\n\n - set HOME env to /root on chroot-isolation by default\n\n - docs: fix references to containers-*.5\n\n - fix bug Add check .dockerignore COPY file\n\n - buildah bud --volume: run from tmpdir, not source dir\n\n - Fix imageNamePrefix to give consistent names in buildah-from\n\n - cpp: use -traditional and -undef flags\n\n - discard outputs coming from onbuild command on buildah-from --quiet\n\n - make --format columnizing consistent with buildah images\n\n - Fix option handling for volumes in build\n\n - Rework overlay pkg for use with libpod\n\n - Fix buildahimage builds for buildah\n\n - Add support for FIPS-Mode backends\n\n - Set the TMPDIR for pulling/pushing image to $TMPDIR\n\nUpdate to v1.12.0 :\n\n - Allow ADD to use http src\n\n - imgtype: reset storage opts if driver overridden\n\n - Start using containers/common\n\n - overlay.bats typo: fuse-overlays should be fuse-overlayfs\n\n - chroot: Unmount with MNT_DETACH instead of UnmountMountpoints()\n\n - bind: don't complain about missing mountpoints\n\n - imgtype: check earlier for expected manifest type\n\n - Add history names support\n\nUpdate to v1.11.6 :\n\n - Handle missing equal sign in --from and --chown flags for COPY/ADD\n\n - bud COPY does not download URL\n\n - Fix .dockerignore exclude regression\n\n - commit(docker): always set ContainerID and ContainerConfig\n\n - Touch up commit man page image parameter\n\n - Add builder identity annotations.\n\nUpdate to v1.11.5 :\n\n - buildah: add 'manifest' command\n\n - pkg/supplemented: add a package for grouping images together\n\n - pkg/manifests: add a manifest list build/manipulation API\n\n - Update for ErrUnauthorizedForCredentials API change in containers/image\n\n - Update for manifest-lists API changes in containers/image\n\n - version: also note the version of containers/image\n\n - Move to containers/image v5.0.0\n\n - Enable --device directory as src device\n\n - Add clarification to the Tutorial for new users\n\n - Silence 'using cache' to ensure -q is fully quiet\n\n - Move runtime flag to bud from common\n\n - Commit: check for storage.ErrImageUnknown using errors.Cause()\n\n - Fix crash when invalid COPY --from flag is specified.\n\nUpdate to v1.11.4 :\n\n - buildah: add a 'manifest' command\n\n - pkg/manifests: add a manifest list build/manipulation API\n\n - Update for ErrUnauthorizedForCredentials API change in containers/image\n\n - Update for manifest-lists API changes in containers/image\n\n - Move to containers/image v5.0.0\n\n - Enable --device directory as src device\n\n - Add clarification to the Tutorial for new users\n\n - Silence 'using cache' to ensure -q is fully quiet\n\n - Move runtime flag to bud from common\n\n - Commit: check for storage.ErrImageUnknown using errors.Cause()\n\n - Fix crash when invalid COPY --from flag is specified.\n\nUpdate to v1.11.3 :\n\n - Add cgroups2\n\n - Add support for retrieving context from stdin '-'\n\n - Added tutorial on how to include Buildah as library\n\n - Fix --build-args handling\n\n - Print build 'STEP' line to stdout, not stderr\n\n - Use Containerfile by default\n\nUpdate to v1.11.2 :\n\n - Add some cleanup code\n\n - Move devices code to unit specific directory.\n\nUpdate to v1.11.1 :\n\n - Add --devices flag to bud and from\n\n - Add support for /run/.containerenv\n\n - Allow mounts.conf entries for equal source and destination paths\n\n - Fix label and annotation for 1-line Dockerfiles\n\n - Preserve file and directory mount permissions\n\n - Replace --debug=false with --log-level=error\n\n - Set TMPDIR to /var/tmp by default\n\n - Truncate output of too long image names\n\n - Ignore EmptyLayer if Squash is set\n\nUpdate to v1.11.0 :\n\n - Add --digestfile and Re-add push statement as debug\n\n - Add --log-level command line option and deprecate\n --debug\n\n - Add security-related volume options to validator\n\n - Allow buildah bud to be called without arguments\n\n - Allow to override build date with SOURCE_DATE_EPOCH\n\n - Correctly detect ExitError values from Run()\n\n - Disable empty logrus timestamps to reduce logger noise\n\n - Fix directory pull image names\n\n - Fix handling of /dev/null masked devices\n\n - Fix possible runtime panic on bud\n\n - Update bud/from help to contain indicator for --dns=none\n\n - Update documentation about bud\n\n - Update shebangs to take env into consideration\n\n - Use content digests in ADD/COPY history entries\n\n - add support for cgroupsV2\n\n - add: add a DryRun flag to AddAndCopyOptions\n\n - add: handle hard links when copying with .dockerignore\n\n - add: teach copyFileWithTar() about symlinks and directories\n\n - imagebuilder: fix detection of referenced stage roots\n\n - pull/commit/push: pay attention to $BUILD_REGISTRY_SOURCES\n\n - run_linux: fix mounting /sys in a userns\n\nUpdate to v1.10.1 :\n\n - Add automatic apparmor tag discovery\n\n - Add overlayfs to fuse-overlayfs tip\n\n - Bug fix for volume minus syntax\n\n - Bump container/storage v1.13.1 and containers/image v3.0.1\n\n - Bump containers/image to v3.0.2 to fix keyring issue\n\n - Fix bug whereby --get-login has no effect\n\n - Bump github.com/containernetworking/cni to v0.7.1\n\n - Add appamor-pattern requirement\n\n - Update build process to match the latest repository architecture\n\n - Update to v1.10.0\n\n - vendor github.com/containers/image@v3.0.0\n\n - Remove GO111MODULE in favor of -mod=vendor\n\n - Vendor in containers/storage v1.12.16\n\n - Add '-' minus syntax for removal of config values\n\n - tests: enable overlay tests for rootless\n\n - rootless, overlay: use fuse-overlayfs\n\n - vendor github.com/containers/image@v2.0.1\n\n - Added '-' syntax to remove volume config option\n\n - delete successfully pushed message\n\n - Add golint linter and apply fixes\n\n - vendor github.com/containers/storage@v1.12.15\n\n - Change wait to sleep in buildahimage readme\n\n - Handle ReadOnly images when deleting images\n\n - Add support for listing read/only images\n\n - from/import: record the base image's digest, if it has one\n\n - Fix CNI version retrieval to not require network connection\n\n - Add misspell linter and apply fixes\n\n - Add goimports linter and apply fixes\n\n - Add stylecheck linter and apply fixes\n\n - Add unconvert linter and apply fixes\n\n - image: make sure we don't try to use zstd compression\n\n - run.bats: skip the 'z' flag when testing --mount\n\n - Update to runc v1.0.0-rc8\n\n - Update to match updated runtime-tools API\n\n - bump github.com/opencontainers/runtime-tools to v0.9.0\n\n - Build e2e tests using the proper build tags\n\n - Add unparam linter and apply fixes\n\n - Run: correct a typo in the --cap-add help text\n\n - unshare: add a --mount flag\n\n - fix push check image name is not empty\n\n - add: fix slow copy with no excludes\n\n - Add errcheck linter and fix missing error check\n\n - Improve tests/tools/Makefile parallelism and abstraction\n\n - Fix response body not closed resource leak\n\n - Switch to golangci-lint\n\n - Add gomod instructions and mailing list links\n\n - On Masked path, check if /dev/null already mounted before mounting\n\n - Update to containers/storage v1.12.13\n\n - Refactor code in package imagebuildah\n\n - Add rootless podman with NFS issue in documentation\n\n - Add --mount for buildah run\n\n - import method ValidateVolumeOpts from libpod\n\n - Fix typo\n\n - Makefile: set GO111MODULE=off\n\n - rootless: add the built-in slirp DNS server\n\n - Update docker/libnetwork to get rid of outdated sctp package\n\n - Update buildah-login.md\n\n - migrate to go modules\n\n - install.md: mention go modules\n\n - tests/tools: go module for test binaries\n\n - fix --volume splits comma delimited option\n\n - Add bud test for RUN with a priv'd command\n\n - vendor logrus v1.4.2\n\n - pkg/cli: panic when flags can't be hidden\n\n - pkg/unshare: check all errors\n\n - pull: check error during report write\n\n - run_linux.go: ignore unchecked errors\n\n - conformance test: catch copy error\n\n - chroot/run_test.go: export funcs to actually be executed\n\n - tests/imgtype: ignore error when shutting down the store\n\n - testreport: check json error\n\n - bind/util.go: remove unused func\n\n - rm chroot/util.go\n\n - imagebuildah: remove unused dedupeStringSlice\n\n - StageExecutor: EnsureContainerPath: catch error from SecureJoin()\n\n - imagebuildah/build.go: return instead of branching\n\n - rmi: avoid redundant branching\n\n - conformance tests: nilness: allocate map\n\n - imagebuildah/build.go: avoid redundant filepath.Join()\n\n - imagebuildah/build.go: avoid redundant os.Stat()\n\n - imagebuildah: omit comparison to bool\n\n - fix 'ineffectual assignment' lint errors\n\n - docker: ignore 'repeats json tag' lint error\n\n - pkg/unshare: use ... instead of iterating a slice\n\n - conformance: bud test: use raw strings for regexes\n\n - conformance suite: remove unused func/var\n\n - buildah test suite: remove unused vars/funcs\n\n - testreport: fix golangci-lint errors\n\n - util: remove redundant return statement\n\n - chroot: only log clean-up errors\n\n - images_test: ignore golangci-lint error\n\n - blobcache: log error when draining the pipe\n\n - imagebuildah: check errors in deferred calls\n\n - chroot: fix error handling in deferred funcs\n\n - cmd: check all errors\n\n - chroot/run_test.go: check errors\n\n - chroot/run.go: check errors in deferred calls\n\n - imagebuildah.Executor: remove unused onbuild field\n\n - docker/types.go: remove unused struct fields\n\n - util: use strings.ContainsRune instead of index check\n\n - Cirrus: Initial implementation\n\n - buildah-run: fix-out-of-range panic (2)\n\n - Update containers/image to v2.0.0\n\n - run: fix hang with run and --isolation=chroot\n\n - run: fix hang when using run\n\n - chroot: drop unused function call\n\n - remove --> before imgageID on build\n\n - Always close stdin pipe\n\n - Write deny to setgroups when doing single user mapping\n\n - Avoid including linux/memfd.h\n\n - Add a test for the symlink pointing to a directory\n\n - Add missing continue\n\n - Fix the handling of symlinks to absolute paths\n\n - Only set default network sysctls if not rootless\n\n - Support --dns=none like podman\n\n - fix bug --cpu-shares parsing typo\n\n - Fix validate complaint\n\n - Update vendor on containers/storage to v1.12.10\n\n - Create directory paths for COPY thereby ensuring correct perms\n\n - imagebuildah: use a stable sort for comparing build args\n\n - imagebuildah: tighten up cache checking\n\n - bud.bats: add a test verying the order of --build-args\n\n - add -t to podman run\n\n - imagebuildah: simplify screening by top layers\n\n - imagebuildah: handle ID mappings for COPY --from\n\n - imagebuildah: apply additionalTags ourselves\n\n - bud.bats: test additional tags with cached images\n\n - bud.bats: add a test for WORKDIR and COPY with absolute destinations\n\n - Cleanup Overlay Mounts content\n\n - Add support for file secret mounts\n\n - Add ability to skip secrets in mounts file\n\n - allow 32bit builds\n\n - fix tutorial instructions\n\n - imagebuilder: pass the right contextDir to Add()\n\n - add: use fileutils.PatternMatcher for .dockerignore\n\n - bud.bats: add another .dockerignore test\n\n - unshare: fallback to single usermapping\n\n - addHelperSymlink: clear the destination on os.IsExist errors\n\n - bud.bats: test replacing symbolic links\n\n - imagebuildah: fix handling of destinations that end with '/'\n\n - bud.bats: test COPY with a final '/' in the destination\n\n - linux: add check for sysctl before using it\n\n - unshare: set _CONTAINERS_ROOTLESS_GID\n\n - Rework buildahimamges\n\n - build context: support https git repos\n\n - Add a test for ENV special chars behaviour\n\n - Check in new Dockerfiles\n\n - Apply custom SHELL during build time\n\n - config: expand variables only at the command line\n\n - SetEnv: we only need to expand v once\n\n - Add default /root if empty on chroot iso\n\n - Add support for Overlay volumes into the container.\n\n - Export buildah validate volume functions so it can share code with libpod\n\n - Bump baseline test to F30\n\n - Fix rootless handling of /dev/shm size\n\n - Avoid fmt.Printf() in the library\n\n - imagebuildah: tighten cache checking back up\n\n - Handle WORKDIR with dangling target\n\n - Default Authfile to proper path\n\n - Make buildah run --isolation follow BUILDAH_ISOLATION environment\n\n - Vendor in latest containers/storage and containers/image\n\n - getParent/getChildren: handle layerless images\n\n - imagebuildah: recognize cache images for layerless images\n\n - bud.bats: test scratch images with --layers caching\n\n - Get CHANGELOG.md updates\n\n - Add some symlinks to test our .dockerignore logic\n\n - imagebuildah: addHelper: handle symbolic links\n\n - commit/push: use an everything-allowed policy\n\n - Correct manpage formatting in files section\n\n - Remove must be root statement from buildah doc\n\n - Change image names to stable, testing and upstream\n\n - Don't create directory on container\n\n - Replace kubernetes/pause in tests with k8s.gcr.io/pause\n\n - imagebuildah: don't remove intermediate images if we need them\n\n - Rework buildahimagegit to buildahimageupstream\n\n - Fix Transient Mounts\n\n - Handle WORKDIRs that are symlinks\n\n - allow podman to build a client for windows\n\n - Touch up 1.9-dev to 1.9.0-dev\n\n - Resolve symlink when checking container path\n\n - commit: commit on every instruction, but not always with layers\n\n - CommitOptions: drop the unused OnBuild field\n\n - makeImageRef: pass in the whole CommitOptions structure\n\n - cmd: API cleanup: stores before images\n\n - run: check if SELinux is enabled\n\n - Fix buildahimages Dockerfiles to include support for additionalimages mounted from host.\n\n - Detect changes in rootdir\n\n - Fix typo in buildah-pull(1)\n\n - Vendor in latest containers/storage\n\n - Keep track of any build-args used during buildah bud\n --layers\n\n - commit: always set a parent ID\n\n - imagebuildah: rework unused-argument detection\n\n - fix bug dest path when COPY .dockerignore\n\n - Move Host IDMAppings code from util to unshare\n\n - Add BUILDAH_ISOLATION rootless back\n\n - Travis CI: fail fast, upon error in any step\n\n - imagebuildah: only commit images for intermediate stages if we have to\n\n - Use errors.Cause() when checking for IsNotExist errors\n\n - auto pass http_proxy to container\n\n - imagebuildah: don't leak image structs\n\n - Add Dockerfiles for buildahimages\n\n - Bump to Replace golang 1.10 with 1.12\n\n - add --dns* flags to buildah bud\n\n - Add hack/build_speed.sh test speeds on building container images\n\n - Create buildahimage Dockerfile for Quay\n\n - rename 'is' to 'expect_output'\n\n - squash.bats: test squashing in multi-layered builds\n\n - bud.bats: test COPY --from in a Dockerfile while using the cache\n\n - commit: make target image names optional\n\n - Fix bud-args to allow comma separation\n\n - oops, missed some tests in commit.bats\n\n - new helper: expect_line_count\n\n - New tests for #1467 (string slices in cmdline opts)\n\n - Workarounds for dealing with travis; review feedback\n\n - BATS tests - extensive but minor cleanup\n\n - imagebuildah: defer pulling images for COPY --from\n\n - imagebuildah: centralize COMMIT and image ID output\n\n - Travis: do not use traviswait\n\n - imagebuildah: only initialize imagebuilder configuration once per stage\n\n - Make cleaner error on Dockerfile build errors\n\n - unshare: move to pkg/\n\n - unshare: move some code from cmd/buildah/unshare\n\n - Fix handling of Slices versus Arrays\n\n - imagebuildah: reorganize stage and per-stage logic\n\n - imagebuildah: add empty layers for instructions\n\n - Add missing step in installing into Ubuntu\n\n - fix bug in .dockerignore support\n\n - imagebuildah: deduplicate prepended 'FROM' instructions\n\n - Touch up intro\n\n - commit: set created-by to the shell if it isn't set\n\n - commit: check that we always set a 'created-by'\n\n - docs/buildah.md: add 'containers-' prefixes under 'SEE ALSO'\n\nUpdate to v1.7.2\n\n - Updates vendored containers/storage to latest version\n\n - rootless: by default use the host network namespace\n\n - Full changelog:\n https://github.com/containers/buildah/releases/tag/v1.6\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update project.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-12-07T00:00:00", "type": "nessus", "title": "openSUSE Security Update : buildah (openSUSE-2020-2106)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-10214", "CVE-2020-10696"], "modified": "2020-12-09T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:buildah", "cpe:/o:novell:opensuse:15.1"], "id": "OPENSUSE-2020-2106.NASL", "href": "https://www.tenable.com/plugins/nessus/143496", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2020-2106.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(143496);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/09\");\n\n script_cve_id(\"CVE-2019-10214\", \"CVE-2020-10696\");\n\n script_name(english:\"openSUSE Security Update : buildah (openSUSE-2020-2106)\");\n script_summary(english:\"Check for the openSUSE-2020-2106 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for buildah fixes the following issues :\n\nbuildah was updated to v1.17.0 (bsc#1165184) :\n\n - Handle cases where other tools mount/unmount containers\n\n - overlay.MountReadOnly: support RO overlay mounts\n\n - overlay: use fusermount for rootless umounts\n\n - overlay: fix umount\n\n - Switch default log level of Buildah to Warn. Users need\n to see these messages\n\n - Drop error messages about OCI/Docker format to Warning\n level\n\n - build(deps): bump github.com/containers/common from\n 0.26.0 to 0.26.2\n\n - tests/testreport: adjust for API break in storage\n v1.23.6\n\n - build(deps): bump github.com/containers/storage from\n 1.23.5 to 1.23.7\n\n - build(deps): bump github.com/fsouza/go-dockerclient from\n 1.6.5 to 1.6.6\n\n - copier: put: ignore Typeflag='g'\n\n - Use curl to get repo file (fix #2714)\n\n - build(deps): bump github.com/containers/common from\n 0.25.0 to 0.26.0\n\n - build(deps): bump github.com/spf13/cobra from 1.0.0 to\n 1.1.1\n\n - Remove docs that refer to bors, since we're not using it\n\n - Buildah bud should not use stdin by default\n\n - bump containerd, docker, and golang.org/x/sys\n\n - Makefile: cross: remove windows.386 target\n\n - copier.copierHandlerPut: don't check length when there\n are errors\n\n - Stop excessive wrapping\n\n - CI: require that conformance tests pass\n\n - bump(github.com/openshift/imagebuilder) to v1.1.8\n\n - Skip tlsVerify insecure BUILD_REGISTRY_SOURCES\n\n - Fix build path wrong containers/podman#7993\n\n - refactor pullpolicy to avoid deps\n\n - build(deps): bump github.com/containers/common from\n 0.24.0 to 0.25.0\n\n - CI: run gating tasks with a lot more memory\n\n - ADD and COPY: descend into excluded directories,\n sometimes\n\n - copier: add more context to a couple of error messages\n\n - copier: check an error earlier\n\n - copier: log stderr output as debug on success\n\n - Update nix pin with make nixpkgs\n\n - Set directory ownership when copied with ID mapping\n\n - build(deps): bump github.com/sirupsen/logrus from 1.6.0\n to 1.7.0\n\n - build(deps): bump github.com/containers/common from\n 0.23.0 to 0.24.0\n\n - Cirrus: Remove bors artifacts\n\n - Sort build flag definitions alphabetically\n\n - ADD: only expand archives at the right time\n\n - Remove configuration for bors\n\n - Shell Completion for podman build flags\n\n - Bump c/common to v0.24.0\n\n - New CI check: xref --help vs man pages\n\n - CI: re-enable several linters\n\n - Move --userns-uid-map/--userns-gid-map description into\n buildah man page\n\n - add: preserve ownerships and permissions on ADDed\n archives\n\n - Makefile: tweak the cross-compile target\n\n - Bump containers/common to v0.23.0\n\n - chroot: create bind mount targets 0755 instead of 0700\n\n - Change call to Split() to safer SplitN()\n\n - chroot: fix handling of errno seccomp rules\n\n - build(deps): bump github.com/containers/image/v5 from\n 5.5.2 to 5.6.0\n\n - Add In Progress section to contributing\n\n - integration tests: make sure tests run in\n $(topdir)/tests\n\n - Run(): ignore containers.conf's environment\n configuration\n\n - Warn when setting healthcheck in OCI format\n\n - Cirrus: Skip git-validate on branches\n\n - tools: update git-validation to the latest commit\n\n - tools: update golangci-lint to v1.18.0\n\n - Add a few tests of push command\n\n - Add(): fix handling of relative paths with no ContextDir\n\n - build(deps): bump github.com/containers/common from\n 0.21.0 to 0.22.0\n\n - Lint: Use same linters as podman\n\n - Validate: reference HEAD\n\n - Fix buildah mount to display container names not ids\n\n - Update nix pin with make nixpkgs\n\n - Add missing --format option in buildah from man page\n\n - Fix up code based on codespell\n\n - build(deps): bump github.com/openshift/imagebuilder from\n 1.1.6 to 1.1.7\n\n - build(deps): bump github.com/containers/storage from\n 1.23.4 to 1.23.5\n\n - Improve buildah completions\n\n - Cirrus: Fix validate commit epoch\n\n - Fix bash completion of manifest flags\n\n - Uniform some man pages\n\n - Update Buildah Tutorial to address BZ1867426\n\n - Update bash completion of manifest add sub command\n\n - copier.Get(): hard link targets shouldn't be relative\n paths\n\n - build(deps): bump github.com/onsi/gomega from 1.10.1 to\n 1.10.2\n\n - Pass timestamp down to history lines\n\n - Timestamp gets updated everytime you inspect an image\n\n - bud.bats: use absolute paths in newly-added tests\n\n - contrib/cirrus/lib.sh: don't use CN for the hostname\n\n - tests: Add some tests\n\n - Update manifest add man page\n\n - Extend flags of manifest add\n\n - build(deps): bump github.com/containers/storage from\n 1.23.3 to 1.23.4\n\n - build(deps): bump github.com/onsi/ginkgo from 1.14.0 to\n 1.14.1\n\n - CI: expand cross-compile checks\n\nUpdate to v1.16.2 :\n\n - fix build on 32bit arches\n\n - containerImageRef.NewImageSource(): don't always force\n timestamps\n\n - Add fuse module warning to image readme\n\n - Heed our retry delay option values when retrying\n commit/pull/push\n\n - Switch to containers/common for seccomp\n\n - Use --timestamp rather then --omit-timestamp\n\n - docs: remove outdated notice\n\n - docs: remove outdated notice\n\n - build-using-dockerfile: add a hidden --log-rusage flag\n\n - build(deps): bump github.com/containers/image/v5 from\n 5.5.1 to 5.5.2\n\n - Discard ReportWriter if user sets options.Quiet\n\n - build(deps): bump github.com/containers/common from\n 0.19.0 to 0.20.3\n\n - Fix ownership of content copied using COPY --from\n\n - newTarDigester: zero out timestamps in tar headers\n\n - Update nix pin with `make nixpkgs`\n\n - bud.bats: correct .dockerignore integration tests\n\n - Use pipes for copying\n\n - run: include stdout in error message\n\n - run: use the correct error for errors.Wrapf\n\n - copier: un-export internal types\n\n - copier: add Mkdir()\n\n - in_podman: don't get tripped up by $CIRRUS_CHANGE_TITLE\n\n - docs/buildah-commit.md: tweak some wording, add a --rm\n example\n\n - imagebuildah: don’t blank out destination names\n when COPYing\n\n - Replace retry functions with common/pkg/retry\n\n - StageExecutor.historyMatches: compare timestamps using\n .Equal\n\n - Update vendor of containers/common\n\n - Fix errors found in coverity scan\n\n - Change namespace handling flags to better match podman\n commands\n\n - conformance testing: ignore\n buildah.BuilderIdentityAnnotation labels\n\n - Vendor in containers/storage v1.23.0\n\n - Add buildah.IsContainer interface\n\n - Avoid feeding run_buildah to pipe\n\n - fix(buildahimage): add xz dependency in buildah image\n\n - Bump github.com/containers/common from 0.15.2 to 0.18.0\n\n - Howto for rootless image building from OpenShift\n\n - Add --omit-timestamp flag to buildah bud\n\n - Update nix pin with `make nixpkgs`\n\n - Shutdown storage on failures\n\n - Handle COPY --from when an argument is used\n\n - Bump github.com/seccomp/containers-golang from 0.5.0 to\n 0.6.0\n\n - Cirrus: Use newly built VM images\n\n - Bump github.com/opencontainers/runc from 1.0.0-rc91 to\n 1.0.0-rc92\n\n - Enhance the .dockerignore man pages\n\n - conformance: add a test for COPY from subdirectory\n\n - fix bug manifest inspct\n\n - Add documentation for .dockerignore\n\n - Add BuilderIdentityAnnotation to identify buildah\n version\n\n - DOC: Add quay.io/containers/buildah image to README.md\n\n - Update buildahimages readme\n\n - fix spelling mistake in 'info' command result display\n\n - Don't bind /etc/host and /etc/resolv.conf if network is\n not present\n\n - blobcache: avoid an unnecessary NewImage()\n\n - Build static binary with `buildGoModule`\n\n - copier: split StripSetidBits into\n StripSetuidBit/StripSetgidBit/StripStickyBit\n\n - tarFilterer: handle multiple archives\n\n - Fix a race we hit during conformance tests\n\n - Rework conformance testing\n\n - Update 02-registries-repositories.md\n\n - test-unit: invoke cmd/buildah tests with --flags\n\n - parse: fix a type mismatch in a test\n\n - Fix compilation of tests/testreport/testreport\n\n - build.sh: log the version of Go that we're using\n\n - test-unit: increase the test timeout to 40/45 minutes\n\n - Add the 'copier' package\n\n - Fix & add notes regarding problematic language in\n codebase\n\n - Add dependency on github.com/stretchr/testify/require\n\n - CompositeDigester: add the ability to filter tar streams\n\n - BATS tests: make more robust\n\n - vendor golang.org/x/text@v0.3.3\n\n - Switch golang 1.12 to golang 1.13\n\n - imagebuildah: wait for stages that might not have even\n started yet\n\n - chroot, run: not fail on bind mounts from /sys\n\n - chroot: do not use setgroups if it is blocked\n\n - Set engine env from containers.conf\n\n - imagebuildah: return the right stage's image as the\n 'final' image\n\n - Fix a help string\n\n - Deduplicate environment variables\n\n - switch containers/libpod to containers/podman\n\n - Bump github.com/containers/ocicrypt from 1.0.2 to 1.0.3\n\n - Bump github.com/opencontainers/selinux from 1.5.2 to\n 1.6.0\n\n - Mask out /sys/dev to prevent information leak\n\n - linux: skip errors from the runtime kill\n\n - Mask over the /sys/fs/selinux in mask branch\n\n - Add VFS additional image store to container\n\n - tests: add auth tests\n\n - Allow 'readonly' as alias to 'ro' in mount options\n\n - Ignore OS X specific consistency mount option\n\n - Bump github.com/onsi/ginkgo from 1.13.0 to 1.14.0\n\n - Bump github.com/containers/common from 0.14.0 to 0.15.2\n\n - Rootless Buildah should default to IsolationOCIRootless\n\n - imagebuildah: fix inheriting multi-stage builds\n\n - Make imagebuildah.BuildOptions.Architecture/OS optional\n\n - Make imagebuildah.BuildOptions.Jobs optional\n\n - Resolve a possible race in\n imagebuildah.Executor.startStage()\n\n - Switch scripts to use containers.conf\n\n - Bump openshift/imagebuilder to v1.1.6\n\n - Bump go.etcd.io/bbolt from 1.3.4 to 1.3.5\n\n - buildah, bud: support --jobs=N for parallel execution\n\n - executor: refactor build code inside new function\n\n - Add bud regression tests\n\n - Cirrus: Fix missing htpasswd in registry img\n\n - docs: clarify the 'triples' format\n\n - CHANGELOG.md: Fix markdown formatting\n\n - Add nix derivation for static builds\n\n - Bump to v1.16.0-dev\n\n - Update to v1.15.1\n\n - Mask over the /sys/fs/selinux in mask branch\n\n - chroot: do not use setgroups if it is blocked\n\n - chroot, run: not fail on bind mounts from /sys\n\n - Allow 'readonly' as alias to 'ro' in mount options\n\n - Add VFS additional image store to container\n\n - vendor golang.org/x/text@v0.3.3\n\n - Make imagebuildah.BuildOptions.Architecture/OS optional\n\nUpdate to v1.15.0 :\n\n - Add CVE-2020-10696 to CHANGELOG.md and changelog.txt\n\n - fix lighttpd example\n\n - remove dependency on openshift struct\n\n - Warn on unset build arguments\n\n - vendor: update seccomp/containers-golang to v0.4.1\n\n - Updated docs\n\n - clean up comments\n\n - update exit code for tests\n\n - Implement commit for encryption\n\n - implementation of encrypt/decrypt push/pull/bud/from\n\n - fix resolve docker image name as transport\n\n - Add preliminary profiling support to the CLI\n\n - Evaluate symlinks in build context directory\n\n - fix error info about get signatures for\n containerImageSource\n\n - Add Security Policy\n\n - Cirrus: Fixes from review feedback\n\n - imagebuildah: stages shouldn't count as their base\n images\n\n - Update containers/common v0.10.0\n\n - Add registry to buildahimage Dockerfiles\n\n - Cirrus: Use pre-installed VM packages + F32\n\n - Cirrus: Re-enable all distro versions\n\n - Cirrus: Update to F31 + Use cache images\n\n - golangci-lint: Disable gosimple\n\n - Lower number of golangci-lint threads\n\n - Fix permissions on containers.conf\n\n - Don't force tests to use runc\n\n - Return exit code from failed containers\n\n - cgroup_manager should be under [engine]\n\n - Use c/common/pkg/auth in login/logout\n\n - Cirrus: Temporarily disable Ubuntu 19 testing\n\n - Add containers.conf to stablebyhand build\n\n - Update gitignore to exclude test Dockerfiles\n\n - Remove warning for systemd inside of container\n\nUpdate to v1.14.6 :\n\n - Make image history work correctly with new args handling\n\n - Don't add args to the RUN environment from the Builder\n\nUpdate to v1.14.5 :\n\n - Revert FIPS mode change\n\nUpdate to v1.14.4 :\n\n - Update unshare man page to fix script example\n\n - Fix compilation errors on non linux platforms\n\n - Preserve volume uid and gid through subsequent commands\n\n - Fix potential CVE in tarfile w/ symlink\n\n - Fix .dockerignore with globs and ! commands\n\nUpdate to v1.14.2 :\n\n - Search for local runtime per values in containers.conf\n\n - Set correct ownership on working directory\n\n - Improve remote manifest retrieval\n\n - Correct a couple of incorrect format specifiers\n\n - manifest push --format: force an image type, not a list\n type\n\n - run: adjust the order in which elements are added to $\n\n - getDateAndDigestAndSize(): handle creation time not\n being set\n\n - Make the commit id clear like Docker\n\n - Show error on copied file above context directory in\n build\n\n - pull/from/commit/push: retry on most failures\n\n - Repair buildah so it can use containers.conf on the\n server side\n\n - Fixing formatting & build instructions\n\n - Fix XDG_RUNTIME_DIR for authfile\n\n - Show validation command-line\n\nUpdate to v1.14.0 :\n\n - getDateAndDigestAndSize(): use manifest.Digest\n\n - Touch up os/arch doc\n\n - chroot: handle slightly broken seccomp defaults\n\n - buildahimage: specify fuse-overlayfs mount options\n\n - parse: don't complain about not being able to rename\n something to itself\n\n - Fix build for 32bit platforms\n\n - Allow users to set OS and architecture on bud\n\n - Fix COPY in containerfile with envvar\n\n - Add --sign-by to bud/commit/push, --remove-signatures\n for pull/push\n\n - Add support for containers.conf\n\n - manifest push: add --format option\n\nUpdate to v1.13.1 :\n\n - copyFileWithTar: close source files at the right time\n\n - copy: don't digest files that we ignore\n\n - Check for .dockerignore specifically\n\n - Don't setup excludes, if their is only one pattern to\n match\n\n - set HOME env to /root on chroot-isolation by default\n\n - docs: fix references to containers-*.5\n\n - fix bug Add check .dockerignore COPY file\n\n - buildah bud --volume: run from tmpdir, not source dir\n\n - Fix imageNamePrefix to give consistent names in\n buildah-from\n\n - cpp: use -traditional and -undef flags\n\n - discard outputs coming from onbuild command on\n buildah-from --quiet\n\n - make --format columnizing consistent with buildah images\n\n - Fix option handling for volumes in build\n\n - Rework overlay pkg for use with libpod\n\n - Fix buildahimage builds for buildah\n\n - Add support for FIPS-Mode backends\n\n - Set the TMPDIR for pulling/pushing image to $TMPDIR\n\nUpdate to v1.12.0 :\n\n - Allow ADD to use http src\n\n - imgtype: reset storage opts if driver overridden\n\n - Start using containers/common\n\n - overlay.bats typo: fuse-overlays should be\n fuse-overlayfs\n\n - chroot: Unmount with MNT_DETACH instead of\n UnmountMountpoints()\n\n - bind: don't complain about missing mountpoints\n\n - imgtype: check earlier for expected manifest type\n\n - Add history names support\n\nUpdate to v1.11.6 :\n\n - Handle missing equal sign in --from and --chown flags\n for COPY/ADD\n\n - bud COPY does not download URL\n\n - Fix .dockerignore exclude regression\n\n - commit(docker): always set ContainerID and\n ContainerConfig\n\n - Touch up commit man page image parameter\n\n - Add builder identity annotations.\n\nUpdate to v1.11.5 :\n\n - buildah: add 'manifest' command\n\n - pkg/supplemented: add a package for grouping images\n together\n\n - pkg/manifests: add a manifest list build/manipulation\n API\n\n - Update for ErrUnauthorizedForCredentials API change in\n containers/image\n\n - Update for manifest-lists API changes in\n containers/image\n\n - version: also note the version of containers/image\n\n - Move to containers/image v5.0.0\n\n - Enable --device directory as src device\n\n - Add clarification to the Tutorial for new users\n\n - Silence 'using cache' to ensure -q is fully quiet\n\n - Move runtime flag to bud from common\n\n - Commit: check for storage.ErrImageUnknown using\n errors.Cause()\n\n - Fix crash when invalid COPY --from flag is specified.\n\nUpdate to v1.11.4 :\n\n - buildah: add a 'manifest' command\n\n - pkg/manifests: add a manifest list build/manipulation\n API\n\n - Update for ErrUnauthorizedForCredentials API change in\n containers/image\n\n - Update for manifest-lists API changes in\n containers/image\n\n - Move to containers/image v5.0.0\n\n - Enable --device directory as src device\n\n - Add clarification to the Tutorial for new users\n\n - Silence 'using cache' to ensure -q is fully quiet\n\n - Move runtime flag to bud from common\n\n - Commit: check for storage.ErrImageUnknown using\n errors.Cause()\n\n - Fix crash when invalid COPY --from flag is specified.\n\nUpdate to v1.11.3 :\n\n - Add cgroups2\n\n - Add support for retrieving context from stdin '-'\n\n - Added tutorial on how to include Buildah as library\n\n - Fix --build-args handling\n\n - Print build 'STEP' line to stdout, not stderr\n\n - Use Containerfile by default\n\nUpdate to v1.11.2 :\n\n - Add some cleanup code\n\n - Move devices code to unit specific directory.\n\nUpdate to v1.11.1 :\n\n - Add --devices flag to bud and from\n\n - Add support for /run/.containerenv\n\n - Allow mounts.conf entries for equal source and\n destination paths\n\n - Fix label and annotation for 1-line Dockerfiles\n\n - Preserve file and directory mount permissions\n\n - Replace --debug=false with --log-level=error\n\n - Set TMPDIR to /var/tmp by default\n\n - Truncate output of too long image names\n\n - Ignore EmptyLayer if Squash is set\n\nUpdate to v1.11.0 :\n\n - Add --digestfile and Re-add push statement as debug\n\n - Add --log-level command line option and deprecate\n --debug\n\n - Add security-related volume options to validator\n\n - Allow buildah bud to be called without arguments\n\n - Allow to override build date with SOURCE_DATE_EPOCH\n\n - Correctly detect ExitError values from Run()\n\n - Disable empty logrus timestamps to reduce logger noise\n\n - Fix directory pull image names\n\n - Fix handling of /dev/null masked devices\n\n - Fix possible runtime panic on bud\n\n - Update bud/from help to contain indicator for --dns=none\n\n - Update documentation about bud\n\n - Update shebangs to take env into consideration\n\n - Use content digests in ADD/COPY history entries\n\n - add support for cgroupsV2\n\n - add: add a DryRun flag to AddAndCopyOptions\n\n - add: handle hard links when copying with .dockerignore\n\n - add: teach copyFileWithTar() about symlinks and\n directories\n\n - imagebuilder: fix detection of referenced stage roots\n\n - pull/commit/push: pay attention to\n $BUILD_REGISTRY_SOURCES\n\n - run_linux: fix mounting /sys in a userns\n\nUpdate to v1.10.1 :\n\n - Add automatic apparmor tag discovery\n\n - Add overlayfs to fuse-overlayfs tip\n\n - Bug fix for volume minus syntax\n\n - Bump container/storage v1.13.1 and containers/image\n v3.0.1\n\n - Bump containers/image to v3.0.2 to fix keyring issue\n\n - Fix bug whereby --get-login has no effect\n\n - Bump github.com/containernetworking/cni to v0.7.1\n\n - Add appamor-pattern requirement\n\n - Update build process to match the latest repository\n architecture\n\n - Update to v1.10.0\n\n - vendor github.com/containers/image@v3.0.0\n\n - Remove GO111MODULE in favor of -mod=vendor\n\n - Vendor in containers/storage v1.12.16\n\n - Add '-' minus syntax for removal of config values\n\n - tests: enable overlay tests for rootless\n\n - rootless, overlay: use fuse-overlayfs\n\n - vendor github.com/containers/image@v2.0.1\n\n - Added '-' syntax to remove volume config option\n\n - delete successfully pushed message\n\n - Add golint linter and apply fixes\n\n - vendor github.com/containers/storage@v1.12.15\n\n - Change wait to sleep in buildahimage readme\n\n - Handle ReadOnly images when deleting images\n\n - Add support for listing read/only images\n\n - from/import: record the base image's digest, if it has\n one\n\n - Fix CNI version retrieval to not require network\n connection\n\n - Add misspell linter and apply fixes\n\n - Add goimports linter and apply fixes\n\n - Add stylecheck linter and apply fixes\n\n - Add unconvert linter and apply fixes\n\n - image: make sure we don't try to use zstd compression\n\n - run.bats: skip the 'z' flag when testing --mount\n\n - Update to runc v1.0.0-rc8\n\n - Update to match updated runtime-tools API\n\n - bump github.com/opencontainers/runtime-tools to v0.9.0\n\n - Build e2e tests using the proper build tags\n\n - Add unparam linter and apply fixes\n\n - Run: correct a typo in the --cap-add help text\n\n - unshare: add a --mount flag\n\n - fix push check image name is not empty\n\n - add: fix slow copy with no excludes\n\n - Add errcheck linter and fix missing error check\n\n - Improve tests/tools/Makefile parallelism and abstraction\n\n - Fix response body not closed resource leak\n\n - Switch to golangci-lint\n\n - Add gomod instructions and mailing list links\n\n - On Masked path, check if /dev/null already mounted\n before mounting\n\n - Update to containers/storage v1.12.13\n\n - Refactor code in package imagebuildah\n\n - Add rootless podman with NFS issue in documentation\n\n - Add --mount for buildah run\n\n - import method ValidateVolumeOpts from libpod\n\n - Fix typo\n\n - Makefile: set GO111MODULE=off\n\n - rootless: add the built-in slirp DNS server\n\n - Update docker/libnetwork to get rid of outdated sctp\n package\n\n - Update buildah-login.md\n\n - migrate to go modules\n\n - install.md: mention go modules\n\n - tests/tools: go module for test binaries\n\n - fix --volume splits comma delimited option\n\n - Add bud test for RUN with a priv'd command\n\n - vendor logrus v1.4.2\n\n - pkg/cli: panic when flags can't be hidden\n\n - pkg/unshare: check all errors\n\n - pull: check error during report write\n\n - run_linux.go: ignore unchecked errors\n\n - conformance test: catch copy error\n\n - chroot/run_test.go: export funcs to actually be executed\n\n - tests/imgtype: ignore error when shutting down the store\n\n - testreport: check json error\n\n - bind/util.go: remove unused func\n\n - rm chroot/util.go\n\n - imagebuildah: remove unused dedupeStringSlice\n\n - StageExecutor: EnsureContainerPath: catch error from\n SecureJoin()\n\n - imagebuildah/build.go: return instead of branching\n\n - rmi: avoid redundant branching\n\n - conformance tests: nilness: allocate map\n\n - imagebuildah/build.go: avoid redundant filepath.Join()\n\n - imagebuildah/build.go: avoid redundant os.Stat()\n\n - imagebuildah: omit comparison to bool\n\n - fix 'ineffectual assignment' lint errors\n\n - docker: ignore 'repeats json tag' lint error\n\n - pkg/unshare: use ... instead of iterating a slice\n\n - conformance: bud test: use raw strings for regexes\n\n - conformance suite: remove unused func/var\n\n - buildah test suite: remove unused vars/funcs\n\n - testreport: fix golangci-lint errors\n\n - util: remove redundant return statement\n\n - chroot: only log clean-up errors\n\n - images_test: ignore golangci-lint error\n\n - blobcache: log error when draining the pipe\n\n - imagebuildah: check errors in deferred calls\n\n - chroot: fix error handling in deferred funcs\n\n - cmd: check all errors\n\n - chroot/run_test.go: check errors\n\n - chroot/run.go: check errors in deferred calls\n\n - imagebuildah.Executor: remove unused onbuild field\n\n - docker/types.go: remove unused struct fields\n\n - util: use strings.ContainsRune instead of index check\n\n - Cirrus: Initial implementation\n\n - buildah-run: fix-out-of-range panic (2)\n\n - Update containers/image to v2.0.0\n\n - run: fix hang with run and --isolation=chroot\n\n - run: fix hang when using run\n\n - chroot: drop unused function call\n\n - remove --> before imgageID on build\n\n - Always close stdin pipe\n\n - Write deny to setgroups when doing single user mapping\n\n - Avoid including linux/memfd.h\n\n - Add a test for the symlink pointing to a directory\n\n - Add missing continue\n\n - Fix the handling of symlinks to absolute paths\n\n - Only set default network sysctls if not rootless\n\n - Support --dns=none like podman\n\n - fix bug --cpu-shares parsing typo\n\n - Fix validate complaint\n\n - Update vendor on containers/storage to v1.12.10\n\n - Create directory paths for COPY thereby ensuring correct\n perms\n\n - imagebuildah: use a stable sort for comparing build args\n\n - imagebuildah: tighten up cache checking\n\n - bud.bats: add a test verying the order of --build-args\n\n - add -t to podman run\n\n - imagebuildah: simplify screening by top layers\n\n - imagebuildah: handle ID mappings for COPY --from\n\n - imagebuildah: apply additionalTags ourselves\n\n - bud.bats: test additional tags with cached images\n\n - bud.bats: add a test for WORKDIR and COPY with absolute\n destinations\n\n - Cleanup Overlay Mounts content\n\n - Add support for file secret mounts\n\n - Add ability to skip secrets in mounts file\n\n - allow 32bit builds\n\n - fix tutorial instructions\n\n - imagebuilder: pass the right contextDir to Add()\n\n - add: use fileutils.PatternMatcher for .dockerignore\n\n - bud.bats: add another .dockerignore test\n\n - unshare: fallback to single usermapping\n\n - addHelperSymlink: clear the destination on os.IsExist\n errors\n\n - bud.bats: test replacing symbolic links\n\n - imagebuildah: fix handling of destinations that end with\n '/'\n\n - bud.bats: test COPY with a final '/' in the destination\n\n - linux: add check for sysctl before using it\n\n - unshare: set _CONTAINERS_ROOTLESS_GID\n\n - Rework buildahimamges\n\n - build context: support https git repos\n\n - Add a test for ENV special chars behaviour\n\n - Check in new Dockerfiles\n\n - Apply custom SHELL during build time\n\n - config: expand variables only at the command line\n\n - SetEnv: we only need to expand v once\n\n - Add default /root if empty on chroot iso\n\n - Add support for Overlay volumes into the container.\n\n - Export buildah validate volume functions so it can share\n code with libpod\n\n - Bump baseline test to F30\n\n - Fix rootless handling of /dev/shm size\n\n - Avoid fmt.Printf() in the library\n\n - imagebuildah: tighten cache checking back up\n\n - Handle WORKDIR with dangling target\n\n - Default Authfile to proper path\n\n - Make buildah run --isolation follow BUILDAH_ISOLATION\n environment\n\n - Vendor in latest containers/storage and containers/image\n\n - getParent/getChildren: handle layerless images\n\n - imagebuildah: recognize cache images for layerless\n images\n\n - bud.bats: test scratch images with --layers caching\n\n - Get CHANGELOG.md updates\n\n - Add some symlinks to test our .dockerignore logic\n\n - imagebuildah: addHelper: handle symbolic links\n\n - commit/push: use an everything-allowed policy\n\n - Correct manpage formatting in files section\n\n - Remove must be root statement from buildah doc\n\n - Change image names to stable, testing and upstream\n\n - Don't create directory on container\n\n - Replace kubernetes/pause in tests with k8s.gcr.io/pause\n\n - imagebuildah: don't remove intermediate images if we\n need them\n\n - Rework buildahimagegit to buildahimageupstream\n\n - Fix Transient Mounts\n\n - Handle WORKDIRs that are symlinks\n\n - allow podman to build a client for windows\n\n - Touch up 1.9-dev to 1.9.0-dev\n\n - Resolve symlink when checking container path\n\n - commit: commit on every instruction, but not always with\n layers\n\n - CommitOptions: drop the unused OnBuild field\n\n - makeImageRef: pass in the whole CommitOptions structure\n\n - cmd: API cleanup: stores before images\n\n - run: check if SELinux is enabled\n\n - Fix buildahimages Dockerfiles to include support for\n additionalimages mounted from host.\n\n - Detect changes in rootdir\n\n - Fix typo in buildah-pull(1)\n\n - Vendor in latest containers/storage\n\n - Keep track of any build-args used during buildah bud\n --layers\n\n - commit: always set a parent ID\n\n - imagebuildah: rework unused-argument detection\n\n - fix bug dest path when COPY .dockerignore\n\n - Move Host IDMAppings code from util to unshare\n\n - Add BUILDAH_ISOLATION rootless back\n\n - Travis CI: fail fast, upon error in any step\n\n - imagebuildah: only commit images for intermediate stages\n if we have to\n\n - Use errors.Cause() when checking for IsNotExist errors\n\n - auto pass http_proxy to container\n\n - imagebuildah: don't leak image structs\n\n - Add Dockerfiles for buildahimages\n\n - Bump to Replace golang 1.10 with 1.12\n\n - add --dns* flags to buildah bud\n\n - Add hack/build_speed.sh test speeds on building\n container images\n\n - Create buildahimage Dockerfile for Quay\n\n - rename 'is' to 'expect_output'\n\n - squash.bats: test squashing in multi-layered builds\n\n - bud.bats: test COPY --from in a Dockerfile while using\n the cache\n\n - commit: make target image names optional\n\n - Fix bud-args to allow comma separation\n\n - oops, missed some tests in commit.bats\n\n - new helper: expect_line_count\n\n - New tests for #1467 (string slices in cmdline opts)\n\n - Workarounds for dealing with travis; review feedback\n\n - BATS tests - extensive but minor cleanup\n\n - imagebuildah: defer pulling images for COPY --from\n\n - imagebuildah: centralize COMMIT and image ID output\n\n - Travis: do not use traviswait\n\n - imagebuildah: only initialize imagebuilder configuration\n once per stage\n\n - Make cleaner error on Dockerfile build errors\n\n - unshare: move to pkg/\n\n - unshare: move some code from cmd/buildah/unshare\n\n - Fix handling of Slices versus Arrays\n\n - imagebuildah: reorganize stage and per-stage logic\n\n - imagebuildah: add empty layers for instructions\n\n - Add missing step in installing into Ubuntu\n\n - fix bug in .dockerignore support\n\n - imagebuildah: deduplicate prepended 'FROM' instructions\n\n - Touch up intro\n\n - commit: set created-by to the shell if it isn't set\n\n - commit: check that we always set a 'created-by'\n\n - docs/buildah.md: add 'containers-' prefixes under 'SEE\n ALSO'\n\nUpdate to v1.7.2\n\n - Updates vendored containers/storage to latest version\n\n - rootless: by default use the host network namespace\n\n - Full changelog:\n https://github.com/containers/buildah/releases/tag/v1.6\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1165184\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1167864\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://github.com/containers/buildah/releases/tag/v1.6\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected buildah package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:buildah\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.1\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/29\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/07\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.1\", reference:\"buildah-1.17.0-lp151.2.6.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"buildah\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-12-15T12:41:31", "description": "This update for buildah fixes the following issues :\n\nbuildah was updated to v1.17.0 (bsc#1165184) :\n\nHandle cases where other tools mount/unmount containers\n\noverlay.MountReadOnly: support RO overlay mounts\n\noverlay: use fusermount for rootless umounts\n\noverlay: fix umount\n\nSwitch default log level of Buildah to Warn. Users need to see these messages\n\nDrop error messages about OCI/Docker format to Warning level\n\nbuild(deps): bump github.com/containers/common from 0.26.0 to 0.26.2\n\ntests/testreport: adjust for API break in storage v1.23.6\n\nbuild(deps): bump github.com/containers/storage from 1.23.5 to 1.23.7\n\nbuild(deps): bump github.com/fsouza/go-dockerclient from 1.6.5 to 1.6.6\n\ncopier: put: ignore Typeflag='g'\n\nUse curl to get repo file (fix #2714)\n\nbuild(deps): bump github.com/containers/common from 0.25.0 to 0.26.0\n\nbuild(deps): bump github.com/spf13/cobra from 1.0.0 to 1.1.1\n\nRemove docs that refer to bors, since we're not using it\n\nBuildah bud should not use stdin by default\n\nbump containerd, docker, and golang.org/x/sys\n\nMakefile: cross: remove windows.386 target\n\ncopier.copierHandlerPut: don't check length when there are errors\n\nStop excessive wrapping\n\nCI: require that conformance tests pass\n\nbump(github.com/openshift/imagebuilder) to v1.1.8\n\nSkip tlsVerify insecure BUILD_REGISTRY_SOURCES\n\nFix build path wrong containers/podman#7993\n\nrefactor pullpolicy to avoid deps\n\nbuild(deps): bump github.com/containers/common from 0.24.0 to 0.25.0\n\nCI: run gating tasks with a lot more memory\n\nADD and COPY: descend into excluded directories, sometimes\n\ncopier: add more context to a couple of error messages\n\ncopier: check an error earlier\n\ncopier: log stderr output as debug on success\n\nUpdate nix pin with make nixpkgs\n\nSet directory ownership when copied with ID mapping\n\nbuild(deps): bump github.com/sirupsen/logrus from 1.6.0 to 1.7.0\n\nbuild(deps): bump github.com/containers/common from 0.23.0 to 0.24.0\n\nCirrus: Remove bors artifacts\n\nSort build flag definitions alphabetically\n\nADD: only expand archives at the right time\n\nRemove configuration for bors\n\nShell Completion for podman build flags\n\nBump c/common to v0.24.0\n\nNew CI check: xref --help vs man pages\n\nCI: re-enable several linters\n\nMove --userns-uid-map/--userns-gid-map description into buildah man page\n\nadd: preserve ownerships and permissions on ADDed archives\n\nMakefile: tweak the cross-compile target\n\nBump containers/common to v0.23.0\n\nchroot: create bind mount targets 0755 instead of 0700\n\nChange call to Split() to safer SplitN()\n\nchroot: fix handling of errno seccomp rules\n\nbuild(deps): bump github.com/containers/image/v5 from 5.5.2 to 5.6.0\n\nAdd In Progress section to contributing\n\nintegration tests: make sure tests run in ${topdir}/tests\n\nRun(): ignore containers.conf's environment configuration\n\nWarn when setting healthcheck in OCI format\n\nCirrus: Skip git-validate on branches\n\ntools: update git-validation to the latest commit\n\ntools: update golangci-lint to v1.18.0\n\nAdd a few tests of push command\n\nAdd(): fix handling of relative paths with no ContextDir\n\nbuild(deps): bump github.com/containers/common from 0.21.0 to 0.22.0\n\nLint: Use same linters as podman\n\nValidate: reference HEAD\n\nFix buildah mount to display container names not ids\n\nUpdate nix pin with make nixpkgs\n\nAdd missing --format option in buildah from man page\n\nFix up code based on codespell\n\nbuild(deps): bump github.com/openshift/imagebuilder from 1.1.6 to 1.1.7\n\nbuild(deps): bump github.com/containers/storage from 1.23.4 to 1.23.5\n\nImprove buildah completions\n\nCirrus: Fix validate commit epoch\n\nFix bash completion of manifest flags\n\nUniform some man pages\n\nUpdate Buildah Tutorial to address BZ1867426\n\nUpdate bash completion of manifest add sub command\n\ncopier.Get(): hard link targets shouldn't be relative paths\n\nbuild(deps): bump github.com/onsi/gomega from 1.10.1 to 1.10.2\n\nPass timestamp down to history lines\n\nTimestamp gets updated everytime you inspect an image\n\nbud.bats: use absolute paths in newly-added tests\n\ncontrib/cirrus/lib.sh: don't use CN for the hostname\n\ntests: Add some tests\n\nUpdate manifest add man page\n\nExtend flags of manifest add\n\nbuild(deps): bump github.com/containers/storage from 1.23.3 to 1.23.4\n\nbuild(deps): bump github.com/onsi/ginkgo from 1.14.0 to 1.14.1\n\nCI: expand cross-compile checks\n\nUpdate to v1.16.2 :\n\nfix build on 32bit arches\n\ncontainerImageRef.NewImageSource(): don't always force timestamps\n\nAdd fuse module warning to image readme\n\nHeed our retry delay option values when retrying commit/pull/push\n\nSwitch to containers/common for seccomp\n\nUse --timestamp rather then --omit-timestamp\n\ndocs: remove outdated notice\n\ndocs: remove outdated notice\n\nbuild-using-dockerfile: add a hidden --log-rusage flag\n\nbuild(deps): bump github.com/containers/image/v5 from 5.5.1 to 5.5.2\n\nDiscard ReportWriter if user sets options.Quiet\n\nbuild(deps): bump github.com/containers/common from 0.19.0 to 0.20.3\n\nFix ownership of content copied using COPY --from\n\nnewTarDigester: zero out timestamps in tar headers\n\nUpdate nix pin with `make nixpkgs`\n\nbud.bats: correct .dockerignore integration tests\n\nUse pipes for copying\n\nrun: include stdout in error message\n\nrun: use the correct error for errors.Wrapf\n\ncopier: un-export internal types\n\ncopier: add Mkdir()\n\nin_podman: don't get tripped up by $CIRRUS_CHANGE_TITLE\n\ndocs/buildah-commit.md: tweak some wording, add a --rm example\n\nimagebuildah: donât blank out destination names when COPYing\n\nReplace retry functions with common/pkg/retry\n\nStageExecutor.historyMatches: compare timestamps using .Equal\n\nUpdate vendor of containers/common\n\nFix errors found in coverity scan\n\nChange namespace handling flags to better match podman commands\n\nconformance testing: ignore buildah.BuilderIdentityAnnotation labels\n\nVendor in containers/storage v1.23.0\n\nAdd buildah.IsContainer interface\n\nAvoid feeding run_buildah to pipe\n\nfix(buildahimage): add xz dependency in buildah image\n\nBump github.com/containers/common from 0.15.2 to 0.18.0\n\nHowto for rootless image building from OpenShift\n\nAdd --omit-timestamp flag to buildah bud\n\nUpdate nix pin with `make nixpkgs`\n\nShutdown storage on failures\n\nHandle COPY --from when an argument is used\n\nBump github.com/seccomp/containers-golang from 0.5.0 to 0.6.0\n\nCirrus: Use newly built VM images\n\nBump github.com/opencontainers/runc from 1.0.0-rc91 to 1.0.0-rc92\n\nEnhance the .dockerignore man pages\n\nconformance: add a test for COPY from subdirectory\n\nfix bug manifest inspct\n\nAdd documentation for .dockerignore\n\nAdd BuilderIdentityAnnotation to identify buildah version\n\nDOC: Add quay.io/containers/buildah image to README.md\n\nUpdate buildahimages readme\n\nfix spelling mistake in 'info' command result display\n\nDon't bind /etc/host and /etc/resolv.conf if network is not present\n\nblobcache: avoid an unnecessary NewImage()\n\nBuild static binary with `buildGoModule`\n\ncopier: split StripSetidBits into StripSetuidBit/StripSetgidBit/StripStickyBit\n\ntarFilterer: handle multiple archives\n\nFix a race we hit during conformance tests\n\nRework conformance testing\n\nUpdate 02-registries-repositories.md\n\ntest-unit: invoke cmd/buildah tests with --flags\n\nparse: fix a type mismatch in a test\n\nFix compilation of tests/testreport/testreport\n\nbuild.sh: log the version of Go that we're using\n\ntest-unit: increase the test timeout to 40/45 minutes\n\nAdd the 'copier' package\n\nFix & add notes regarding problematic language in codebase\n\nAdd dependency on github.com/stretchr/testify/require\n\nCompositeDigester: add the ability to filter tar streams\n\nBATS tests: make more robust\n\nvendor golang.org/x/text@v0.3.3\n\nSwitch golang 1.12 to golang 1.13\n\nimagebuildah: wait for stages that might not have even started yet\n\nchroot, run: not fail on bind mounts from /sys\n\nchroot: do not use setgroups if it is blocked\n\nSet engine env from containers.conf\n\nimagebuildah: return the right stage's image as the 'final' image\n\nFix a help string\n\nDeduplicate environment variables\n\nswitch containers/libpod to containers/podman\n\nBump github.com/containers/ocicrypt from 1.0.2 to 1.0.3\n\nBump github.com/opencontainers/selinux from 1.5.2 to 1.6.0\n\nMask out /sys/dev to prevent information leak\n\nlinux: skip errors from the runtime kill\n\nMask over the /sys/fs/selinux in mask branch\n\nAdd VFS additional image store to container\n\ntests: add auth tests\n\nAllow 'readonly' as alias to 'ro' in mount options\n\nIgnore OS X specific consistency mount option\n\nBump github.com/onsi/ginkgo from 1.13.0 to 1.14.0\n\nBump github.com/containers/common from 0.14.0 to 0.15.2\n\nRootless Buildah should default to IsolationOCIRootless\n\nimagebuildah: fix inheriting multi-stage builds\n\nMake imagebuildah.BuildOptions.Architecture/OS optional\n\nMake imagebuildah.BuildOptions.Jobs optional\n\nResolve a possible race in imagebuildah.Executor.startStage()\n\nSwitch scripts to use containers.conf\n\nBump openshift/imagebuilder to v1.1.6\n\nBump go.etcd.io/bbolt from 1.3.4 to 1.3.5\n\nbuildah, bud: support --jobs=N for parallel execution\n\nexecutor: refactor build code inside new function\n\nAdd bud regression tests\n\nCirrus: Fix missing htpasswd in registry img\n\ndocs: clarify the 'triples' format\n\nCHANGELOG.md: Fix markdown formatting\n\nAdd nix derivation for static builds\n\nBump to v1.16.0-dev\n\nUpdate to v1.15.1\n\nMask over the /sys/fs/selinux in mask branch\n\nchroot: do not use setgroups if it is blocked\n\nchroot, run: not fail on bind mounts from /sys\n\nAllow 'readonly' as alias to 'ro' in mount options\n\nAdd VFS additional image store to container\n\nvendor golang.org/x/text@v0.3.3\n\nMake imagebuildah.BuildOptions.Architecture/OS optional\n\nUpdate to v1.15.0 :\n\nAdd CVE-2020-10696 to CHANGELOG.md and changelog.txt\n\nfix lighttpd example\n\nremove dependency on openshift struct\n\nWarn on unset build arguments\n\nvendor: update seccomp/containers-golang to v0.4.1\n\nUpdated docs\n\nclean up comments\n\nupdate exit code for tests\n\nImplement commit for encryption\n\nimplementation of encrypt/decrypt push/pull/bud/from\n\nfix resolve docker image name as transport\n\nAdd preliminary profiling support to the CLI\n\nEvaluate symlinks in build context directory\n\nfix error info about get signatures for containerImageSource\n\nAdd Security Policy\n\nCirrus: Fixes from review feedback\n\nimagebuildah: stages shouldn't count as their base images\n\nUpdate containers/common v0.10.0\n\nAdd registry to buildahimage Dockerfiles\n\nCirrus: Use pre-installed VM packages + F32\n\nCirrus: Re-enable all distro versions\n\nCirrus: Update to F31 + Use cache images\n\ngolangci-lint: Disable gosimple\n\nLower number of golangci-lint threads\n\nFix permissions on containers.conf\n\nDon't force tests to use runc\n\nReturn exit code from failed containers\n\ncgroup_manager should be under [engine]\n\nUse c/common/pkg/auth in login/logout\n\nCirrus: Temporarily disable Ubuntu 19 testing\n\nAdd containers.conf to stablebyhand build\n\nUpdate gitignore to exclude test Dockerfiles\n\nRemove warning for systemd inside of container\n\nUpdate to v1.14.6 :\n\nMake image history work correctly with new args handling\n\nDon't add args to the RUN environment from the Builder\n\nUpdate to v1.14.5 :\n\nRevert FIPS mode change\n\nUpdate to v1.14.4 :\n\nUpdate unshare man page to fix script example\n\nFix compilation errors on non linux platforms\n\nPreserve volume uid and gid through subsequent commands\n\nFix potential CVE in tarfile w/ symlink\n\nFix .dockerignore with globs and ! commands\n\nUpdate to v1.14.2 :\n\nSearch for local runtime per values in containers.conf\n\nSet correct ownership on working directory\n\nImprove remote manifest retrieval\n\nCorrect a couple of incorrect format specifiers\n\nmanifest push --format: force an image type, not a list type\n\nrun: adjust the order in which elements are added to $\n\ngetDateAndDigestAndSize(): handle creation time not being set\n\nMake the commit id clear like Docker\n\nShow error on copied file above context directory in build\n\npull/from/commit/push: retry on most failures\n\nRepair buildah so it can use containers.conf on the server side\n\nFixing formatting & build instructions\n\nFix XDG_RUNTIME_DIR for authfile\n\nShow validation command-line\n\nUpdate to v1.14.0 :\n\ngetDateAndDigestAndSize(): use manifest.Digest\n\nTouch up os/arch doc\n\nchroot: handle slightly broken seccomp defaults\n\nbuildahimage: specify fuse-overlayfs mount options\n\nparse: don't complain about not being able to rename something to itself\n\nFix build for 32bit platforms\n\nAllow users to set OS and architecture on bud\n\nFix COPY in containerfile with envvar\n\nAdd --sign-by to bud/commit/push, --remove-signatures for pull/push\n\nAdd support for containers.conf\n\nmanifest push: add --format option\n\nUpdate to v1.13.1 :\n\ncopyFileWithTar: close source files at the right time\n\ncopy: don't digest files that we ignore\n\nCheck for .dockerignore specifically\n\nDon't setup excludes, if their is only one pattern to match\n\nset HOME env to /root on chroot-isolation by default\n\ndocs: fix references to containers-*.5\n\nfix bug Add check .dockerignore COPY file\n\nbuildah bud --volume: run from tmpdir, not source dir\n\nFix imageNamePrefix to give consistent names in buildah-from\n\ncpp: use -traditional and -undef flags\n\ndiscard outputs coming from onbuild command on buildah-from --quiet\n\nmake --format columnizing consistent with buildah images\n\nFix option handling for volumes in build\n\nRework overlay pkg for use with libpod\n\nFix buildahimage builds for buildah\n\nAdd support for FIPS-Mode backends\n\nSet the TMPDIR for pulling/pushing image to $TMPDIR\n\nUpdate to v1.12.0 :\n\nAllow ADD to use http src\n\nimgtype: reset storage opts if driver overridden\n\nStart using containers/common\n\noverlay.bats typo: fuse-overlays should be fuse-overlayfs\n\nchroot: Unmount with MNT_DETACH instead of UnmountMountpoints()\n\nbind: don't complain about missing mountpoints\n\nimgtype: check earlier for expected manifest type\n\nAdd history names support\n\nUpdate to v1.11.6 :\n\nHandle missing equal sign in --from and --chown flags for COPY/ADD\n\nbud COPY does not download URL\n\nFix .dockerignore exclude regression\n\ncommit(docker): always set ContainerID and ContainerConfig\n\nTouch up commit man page image parameter\n\nAdd builder identity annotations.\n\nUpdate to v1.11.5 :\n\nbuildah: add 'manifest' command\n\npkg/supplemented: add a package for grouping images together\n\npkg/manifests: add a manifest list build/manipulation API\n\nUpdate for ErrUnauthorizedForCredentials API change in containers/image\n\nUpdate for manifest-lists API changes in containers/image\n\nversion: also note the version of containers/image\n\nMove to containers/image v5.0.0\n\nEnable --device directory as src device\n\nAdd clarification to the Tutorial for new users\n\nSilence 'using cache' to ensure -q is fully quiet\n\nMove runtime flag to bud from common\n\nCommit: check for storage.ErrImageUnknown using errors.Cause()\n\nFix crash when invalid COPY --from flag is specified.\n\nUpdate to v1.11.4 :\n\nbuildah: add a 'manifest' command\n\npkg/manifests: add a manifest list build/manipulation API\n\nUpdate for ErrUnauthorizedForCredentials API change in containers/image\n\nUpdate for manifest-lists API changes in containers/image\n\nMove to containers/image v5.0.0\n\nEnable --device directory as src device\n\nAdd clarification to the Tutorial for new users\n\nSilence 'using cache' to ensure -q is fully quiet\n\nMove runtime flag to bud from common\n\nCommit: check for storage.ErrImageUnknown using errors.Cause()\n\nFix crash when invalid COPY --from flag is specified.\n\nUpdate to v1.11.3 :\n\nAdd cgroups2\n\nAdd support for retrieving context from stdin '-'\n\nAdded tutorial on how to include Buildah as library\n\nFix --build-args handling\n\nPrint build 'STEP' line to stdout, not stderr\n\nUse Containerfile by default\n\nUpdate to v1.11.2 :\n\nAdd some cleanup code\n\nMove devices code to unit specific directory.\n\nUpdate to v1.11.1 :\n\nAdd --devices flag to bud and from\n\nAdd support for /run/.containerenv\n\nAllow mounts.conf entries for equal source and destination paths\n\nFix label and annotation for 1-line Dockerfiles\n\nPreserve file and directory mount permissions\n\nReplace --debug=false with --log-level=error\n\nSet TMPDIR to /var/tmp by default\n\nTruncate output of too long image names\n\nIgnore EmptyLayer if Squash is set\n\nUpdate to v1.11.0 :\n\nAdd --digestfile and Re-add push statement as debug\n\nAdd --log-level command line option and deprecate --debug\n\nAdd security-related volume options to validator\n\nAllow buildah bud to be called without arguments\n\nAllow to override build date with SOURCE_DATE_EPOCH\n\nCorrectly detect ExitError values from Run()\n\nDisable empty logrus timestamps to reduce logger noise\n\nFix directory pull image names\n\nFix handling of /dev/null masked devices\n\nFix possible runtime panic on bud\n\nUpdate bud/from help to contain indicator for --dns=none\n\nUpdate documentation about bud\n\nUpdate shebangs to take env into consideration\n\nUse content digests in ADD/COPY history entries\n\nadd support for cgroupsV2\n\nadd: add a DryRun flag to AddAndCopyOptions\n\nadd: handle hard links when copying with .dockerignore\n\nadd: teach copyFileWithTar() about symlinks and directories\n\nimagebuilder: fix detection of referenced stage roots\n\npull/commit/push: pay attention to $BUILD_REGISTRY_SOURCES\n\nrun_linux: fix mounting /sys in a userns\n\nUpdate to v1.10.1 :\n\nAdd automatic apparmor tag discovery\n\nAdd overlayfs to fuse-overlayfs tip\n\nBug fix for volume minus syntax\n\nBump container/storage v1.13.1 and containers/image v3.0.1\n\nBump containers/image to v3.0.2 to fix keyring issue\n\nFix bug whereby --get-login has no effect\n\nBump github.com/containernetworking/cni to v0.7.1\n\nAdd appamor-pattern requirement\n\nUpdate build process to match the latest repository architecture\n\nUpdate to v1.10.0\n\nvendor github.com/containers/image@v3.0.0\n\nRemove GO111MODULE in favor of -mod=vendor\n\nVendor in containers/storage v1.12.16\n\nAdd '-' minus syntax for removal of config values\n\ntests: enable overlay tests for rootless\n\nrootless, overlay: use fuse-overlayfs\n\nvendor github.com/containers/image@v2.0.1\n\nAdded '-' syntax to remove volume config option\n\ndelete successfully pushed message\n\nAdd golint linter and apply fixes\n\nvendor github.com/containers/storage@v1.12.15\n\nChange wait to sleep in buildahimage readme\n\nHandle ReadOnly images when deleting images\n\nAdd support for listing read/only images\n\nfrom/import: record the base image's digest, if it has one\n\nFix CNI version retrieval to not require network connection\n\nAdd misspell linter and apply fixes\n\nAdd goimports linter and apply fixes\n\nAdd stylecheck linter and apply fixes\n\nAdd unconvert linter and apply fixes\n\nimage: make sure we don't try to use zstd compression\n\nrun.bats: skip the 'z' flag when testing --mount\n\nUpdate to runc v1.0.0-rc8\n\nUpdate to match updated runtime-tools API\n\nbump github.com/opencontainers/runtime-tools to v0.9.0\n\nBuild e2e tests using the proper build tags\n\nAdd unparam linter and apply fixes\n\nRun: correct a typo in the --cap-add help text\n\nunshare: add a --mount flag\n\nfix push check image name is not empty\n\nadd: fix slow copy with no excludes\n\nAdd errcheck linter and fix missing error check\n\nImprove tests/tools/Makefile parallelism and abstraction\n\nFix response body not closed resource leak\n\nSwitch to golangci-lint\n\nAdd gomod instructions and mailing list links\n\nOn Masked path, check if /dev/null already mounted before mounting\n\nUpdate to containers/storage v1.12.13\n\nRefactor code in package imagebuildah\n\nAdd rootless podman with NFS issue in documentation\n\nAdd --mount for buildah run\n\nimport method ValidateVolumeOpts from libpod\n\nFix typo\n\nMakefile: set GO111MODULE=off\n\nrootless: add the built-in slirp DNS server\n\nUpdate docker/libnetwork to get rid of outdated sctp package\n\nUpdate buildah-login.md\n\nmigrate to go modules\n\ninstall.md: mention go modules\n\ntests/tools: go module for test binaries\n\nfix --volume splits comma delimited option\n\nAdd bud test for RUN with a priv'd command\n\nvendor logrus v1.4.2\n\npkg/cli: panic when flags can't be hidden\n\npkg/unshare: check all errors\n\npull: check error during report write\n\nrun_linux.go: ignore unchecked errors\n\nconformance test: catch copy error\n\nchroot/run_test.go: export funcs to actually be executed\n\ntests/imgtype: ignore error when shutting down the store\n\ntestreport: check json error\n\nbind/util.go: remove unused func\n\nrm chroot/util.go\n\nimagebuildah: remove unused dedupeStringSlice\n\nStageExecutor: EnsureContainerPath: catch error from SecureJoin()\n\nimagebuildah/build.go: return instead of branching\n\nrmi: avoid redundant branching\n\nconformance tests: nilness: allocate map\n\nimagebuildah/build.go: avoid redundant filepath.Join()\n\nimagebuildah/build.go: avoid redundant os.Stat()\n\nimagebuildah: omit comparison to bool\n\nfix 'ineffectual assignment' lint errors\n\ndocker: ignore 'repeats json tag' lint error\n\npkg/unshare: use ... instead of iterating a slice\n\nconformance: bud test: use raw strings for regexes\n\nconformance suite: remove unused func/var\n\nbuildah test suite: remove unused vars/funcs\n\ntestreport: fix golangci-lint errors\n\nutil: remove redundant return statement\n\nchroot: only log clean-up errors\n\nimages_test: ignore golangci-lint error\n\nblobcache: log error when draining the pipe\n\nimagebuildah: check errors in deferred calls\n\nchroot: fix error handling in deferred funcs\n\ncmd: check all errors\n\nchroot/run_test.go: check errors\n\nchroot/run.go: check errors in deferred calls\n\nimagebuildah.Executor: remove unused onbuild field\n\ndocker/types.go: remove unused struct fields\n\nutil: use strings.ContainsRune instead of index check\n\nCirrus: Initial implementation\n\nbuildah-run: fix-out-of-range panic (2)\n\nUpdate containers/image to v2.0.0\n\nrun: fix hang with run and --isolation=chroot\n\nrun: fix hang when using run\n\nchroot: drop unused function call\n\nremove --> before imgageID on build\n\nAlways close stdin pipe\n\nWrite deny to setgroups when doing single user mapping\n\nAvoid including linux/memfd.h\n\nAdd a test for the symlink pointing to a directory\n\nAdd missing continue\n\nFix the handling of symlinks to absolute paths\n\nOnly set default network sysctls if not rootless\n\nSupport --dns=none like podman\n\nfix bug --cpu-shares parsing typo\n\nFix validate complaint\n\nUpdate vendor on containers/storage to v1.12.10\n\nCreate directory paths for COPY thereby ensuring correct perms\n\nimagebuildah: use a stable sort for comparing build args\n\nimagebuildah: tighten up cache checking\n\nbud.bats: add a test verying the order of --build-args\n\nadd -t to podman run\n\nimagebuildah: simplify screening by top layers\n\nimagebuildah: handle ID mappings for COPY --from\n\nimagebuildah: apply additionalTags ourselves\n\nbud.bats: test additional tags with cached images\n\nbud.bats: add a test for WORKDIR and COPY with absolute destinations\n\nCleanup Overlay Mounts content\n\nAdd support for file secret mounts\n\nAdd ability to skip secrets in mounts file\n\nallow 32bit builds\n\nfix tutorial instructions\n\nimagebuilder: pass the right contextDir to Add()\n\nadd: use fileutils.PatternMatcher for .dockerignore\n\nbud.bats: add another .dockerignore test\n\nunshare: fallback to single usermapping\n\naddHelperSymlink: clear the destination on os.IsExist errors\n\nbud.bats: test replacing symbolic links\n\nimagebuildah: fix handling of destinations that end with '/'\n\nbud.bats: test COPY with a final '/' in the destination\n\nlinux: add check for sysctl before using it\n\nunshare: set _CONTAINERS_ROOTLESS_GID\n\nRework buildahimamges\n\nbuild context: support https git repos\n\nAdd a test for ENV special chars behaviour\n\nCheck in new Dockerfiles\n\nApply custom SHELL during build time\n\nconfig: expand variables only at the command line\n\nSetEnv: we only need to expand v once\n\nAdd default /root if empty on chroot iso\n\nAdd support for Overlay volumes into the container.\n\nExport buildah validate volume functions so it can share code with libpod\n\nBump baseline test to F30\n\nFix rootless handling of /dev/shm size\n\nAvoid fmt.Printf() in the library\n\nimagebuildah: tighten cache checking back up\n\nHandle WORKDIR with dangling target\n\nDefault Authfile to proper path\n\nMake buildah run --isolation follow BUILDAH_ISOLATION environment\n\nVendor in latest containers/storage and containers/image\n\ngetParent/getChildren: handle layerless images\n\nimagebuildah: recognize cache images for layerless images\n\nbud.bats: test scratch images with --layers caching\n\nGet CHANGELOG.md updates\n\nAdd some symlinks to test our .dockerignore logic\n\nimagebuildah: addHelper: handle symbolic links\n\ncommit/push: use an everything-allowed policy\n\nCorrect manpage formatting in files section\n\nRemove must be root statement from buildah doc\n\nChange image names to stable, testing and upstream\n\nDon't create directory on container\n\nReplace kubernetes/pause in tests with k8s.gcr.io/pause\n\nimagebuildah: don't remove intermediate images if we need them\n\nRework buildahimagegit to buildahimageupstream\n\nFix Transient Mounts\n\nHandle WORKDIRs that are symlinks\n\nallow podman to build a client for windows\n\nTouch up 1.9-dev to 1.9.0-dev\n\nResolve symlink when checking container path\n\ncommit: commit on every instruction, but not always with layers\n\nCommitOptions: drop the unused OnBuild field\n\nmakeImageRef: pass in the whole CommitOptions structure\n\ncmd: API cleanup: stores before images\n\nrun: check if SELinux is enabled\n\nFix buildahimages Dockerfiles to include support for additionalimages mounted from host.\n\nDetect changes in rootdir\n\nFix typo in buildah-pull(1)\n\nVendor in latest containers/storage\n\nKeep track of any build-args used during buildah bud --layers\n\ncommit: always set a parent ID\n\nimagebuildah: rework unused-argument detection\n\nfix bug dest path when COPY .dockerignore\n\nMove Host IDMAppings code from util to unshare\n\nAdd BUILDAH_ISOLATION rootless back\n\nTravis CI: fail fast, upon error in any step\n\nimagebuildah: only commit images for intermediate stages if we have to\n\nUse errors.Cause() when checking for IsNotExist errors\n\nauto pass http_proxy to container\n\nimagebuildah: don't leak image structs\n\nAdd Dockerfiles for buildahimages\n\nBump to Replace golang 1.10 with 1.12\n\nadd --dns* flags to buildah bud\n\nAdd hack/build_speed.sh test speeds on building container images\n\nCreate buildahimage Dockerfile for Quay\n\nrename 'is' to 'expect_output'\n\nsquash.bats: test squashing in multi-layered builds\n\nbud.bats: test COPY --from in a Dockerfile while using the cache\n\ncommit: make target image names optional\n\nFix bud-args to allow comma separation\n\noops, missed some tests in commit.bats\n\nnew helper: expect_line_count\n\nNew tests for #1467 (string slices in cmdline opts)\n\nWorkarounds for dealing with travis; review feedback\n\nBATS tests - extensive but minor cleanup\n\nimagebuildah: defer pulling images for COPY --from\n\nimagebuildah: centralize COMMIT and image ID output\n\nTravis: do not use traviswait\n\nimagebuildah: only initialize imagebuilder configuration once per stage\n\nMake cleaner error on Dockerfile build errors\n\nunshare: move to pkg/\n\nunshare: move some code from cmd/buildah/unshare\n\nFix handling of Slices versus Arrays\n\nimagebuildah: reorganize stage and per-stage logic\n\nimagebuildah: add empty layers for instructions\n\nAdd missing step in installing into Ubuntu\n\nfix bug in .dockerignore support\n\nimagebuildah: deduplicate prepended 'FROM' instructions\n\nTouch up intro\n\ncommit: set created-by to the shell if it isn't set\n\ncommit: check that we always set a 'created-by'\n\ndocs/buildah.md: add 'containers-' prefixes under 'SEE ALSO'\n\nUpdate to v1.7.2\n\nUpdates vendored containers/storage to latest version\n\nrootless: by default use the host network namespace\n\nFull changelog:\nhttps://github.com/containers/buildah/releases/tag/v1.6\n\nNote that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-12-09T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : buildah (SUSE-SU-2020:3423-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-10214", "CVE-2020-10696"], "modified": "2020-12-11T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:buildah", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2020-3423-1.NASL", "href": "https://www.tenable.com/plugins/nessus/143725", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:3423-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(143725);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/12/11\");\n\n script_cve_id(\"CVE-2019-10214\", \"CVE-2020-10696\");\n\n script_name(english:\"SUSE SLES15 Security Update : buildah (SUSE-SU-2020:3423-1)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for buildah fixes the following issues :\n\nbuildah was updated to v1.17.0 (bsc#1165184) :\n\nHandle cases where other tools mount/unmount containers\n\noverlay.MountReadOnly: support RO overlay mounts\n\noverlay: use fusermount for rootless umounts\n\noverlay: fix umount\n\nSwitch default log level of Buildah to Warn. Users need to see these\nmessages\n\nDrop error messages about OCI/Docker format to Warning level\n\nbuild(deps): bump github.com/containers/common from 0.26.0 to 0.26.2\n\ntests/testreport: adjust for API break in storage v1.23.6\n\nbuild(deps): bump github.com/containers/storage from 1.23.5 to 1.23.7\n\nbuild(deps): bump github.com/fsouza/go-dockerclient from 1.6.5 to\n1.6.6\n\ncopier: put: ignore Typeflag='g'\n\nUse curl to get repo file (fix #2714)\n\nbuild(deps): bump github.com/containers/common from 0.25.0 to 0.26.0\n\nbuild(deps): bump github.com/spf13/cobra from 1.0.0 to 1.1.1\n\nRemove docs that refer to bors, since we're not using it\n\nBuildah bud should not use stdin by default\n\nbump containerd, docker, and golang.org/x/sys\n\nMakefile: cross: remove windows.386 target\n\ncopier.copierHandlerPut: don't check length when there are errors\n\nStop excessive wrapping\n\nCI: require that conformance tests pass\n\nbump(github.com/openshift/imagebuilder) to v1.1.8\n\nSkip tlsVerify insecure BUILD_REGISTRY_SOURCES\n\nFix build path wrong containers/podman#7993\n\nrefactor pullpolicy to avoid deps\n\nbuild(deps): bump github.com/containers/common from 0.24.0 to 0.25.0\n\nCI: run gating tasks with a lot more memory\n\nADD and COPY: descend into excluded directories, sometimes\n\ncopier: add more context to a couple of error messages\n\ncopier: check an error earlier\n\ncopier: log stderr output as debug on success\n\nUpdate nix pin with make nixpkgs\n\nSet directory ownership when copied with ID mapping\n\nbuild(deps): bump github.com/sirupsen/logrus from 1.6.0 to 1.7.0\n\nbuild(deps): bump github.com/containers/common from 0.23.0 to 0.24.0\n\nCirrus: Remove bors artifacts\n\nSort build flag definitions alphabetically\n\nADD: only expand archives at the right time\n\nRemove configuration for bors\n\nShell Completion for podman build flags\n\nBump c/common to v0.24.0\n\nNew CI check: xref --help vs man pages\n\nCI: re-enable several linters\n\nMove --userns-uid-map/--userns-gid-map description into buildah man\npage\n\nadd: preserve ownerships and permissions on ADDed archives\n\nMakefile: tweak the cross-compile target\n\nBump containers/common to v0.23.0\n\nchroot: create bind mount targets 0755 instead of 0700\n\nChange call to Split() to safer SplitN()\n\nchroot: fix handling of errno seccomp rules\n\nbuild(deps): bump github.com/containers/image/v5 from 5.5.2 to 5.6.0\n\nAdd In Progress section to contributing\n\nintegration tests: make sure tests run in ${topdir}/tests\n\nRun(): ignore containers.conf's environment configuration\n\nWarn when setting healthcheck in OCI format\n\nCirrus: Skip git-validate on branches\n\ntools: update git-validation to the latest commit\n\ntools: update golangci-lint to v1.18.0\n\nAdd a few tests of push command\n\nAdd(): fix handling of relative paths with no ContextDir\n\nbuild(deps): bump github.com/containers/common from 0.21.0 to 0.22.0\n\nLint: Use same linters as podman\n\nValidate: reference HEAD\n\nFix buildah mount to display container names not ids\n\nUpdate nix pin with make nixpkgs\n\nAdd missing --format option in buildah from man page\n\nFix up code based on codespell\n\nbuild(deps): bump github.com/openshift/imagebuilder from 1.1.6 to\n1.1.7\n\nbuild(deps): bump github.com/containers/storage from 1.23.4 to 1.23.5\n\nImprove buildah completions\n\nCirrus: Fix validate commit epoch\n\nFix bash completion of manifest flags\n\nUniform some man pages\n\nUpdate Buildah Tutorial to address BZ1867426\n\nUpdate bash completion of manifest add sub command\n\ncopier.Get(): hard link targets shouldn't be relative paths\n\nbuild(deps): bump github.com/onsi/gomega from 1.10.1 to 1.10.2\n\nPass timestamp down to history lines\n\nTimestamp gets updated everytime you inspect an image\n\nbud.bats: use absolute paths in newly-added tests\n\ncontrib/cirrus/lib.sh: don't use CN for the hostname\n\ntests: Add some tests\n\nUpdate manifest add man page\n\nExtend flags of manifest add\n\nbuild(deps): bump github.com/containers/storage from 1.23.3 to 1.23.4\n\nbuild(deps): bump github.com/onsi/ginkgo from 1.14.0 to 1.14.1\n\nCI: expand cross-compile checks\n\nUpdate to v1.16.2 :\n\nfix build on 32bit arches\n\ncontainerImageRef.NewImageSource(): don't always force timestamps\n\nAdd fuse module warning to image readme\n\nHeed our retry delay option values when retrying commit/pull/push\n\nSwitch to containers/common for seccomp\n\nUse --timestamp rather then --omit-timestamp\n\ndocs: remove outdated notice\n\ndocs: remove outdated notice\n\nbuild-using-dockerfile: add a hidden --log-rusage flag\n\nbuild(deps): bump github.com/containers/image/v5 from 5.5.1 to 5.5.2\n\nDiscard ReportWriter if user sets options.Quiet\n\nbuild(deps): bump github.com/containers/common from 0.19.0 to 0.20.3\n\nFix ownership of content copied using COPY --from\n\nnewTarDigester: zero out timestamps in tar headers\n\nUpdate nix pin with `make nixpkgs`\n\nbud.bats: correct .dockerignore integration tests\n\nUse pipes for copying\n\nrun: include stdout in error message\n\nrun: use the correct error for errors.Wrapf\n\ncopier: un-export internal types\n\ncopier: add Mkdir()\n\nin_podman: don't get tripped up by $CIRRUS_CHANGE_TITLE\n\ndocs/buildah-commit.md: tweak some wording, add a --rm example\n\nimagebuildah: donât blank out destination names when\nCOPYing\n\nReplace retry functions with common/pkg/retry\n\nStageExecutor.historyMatches: compare timestamps using .Equal\n\nUpdate vendor of containers/common\n\nFix errors found in coverity scan\n\nChange namespace handling flags to better match podman commands\n\nconformance testing: ignore buildah.BuilderIdentityAnnotation labels\n\nVendor in containers/storage v1.23.0\n\nAdd buildah.IsContainer interface\n\nAvoid feeding run_buildah to pipe\n\nfix(buildahimage): add xz dependency in buildah image\n\nBump github.com/containers/common from 0.15.2 to 0.18.0\n\nHowto for rootless image building from OpenShift\n\nAdd --omit-timestamp flag to buildah bud\n\nUpdate nix pin with `make nixpkgs`\n\nShutdown storage on failures\n\nHandle COPY --from when an argument is used\n\nBump github.com/seccomp/containers-golang from 0.5.0 to 0.6.0\n\nCirrus: Use newly built VM images\n\nBump github.com/opencontainers/runc from 1.0.0-rc91 to 1.0.0-rc92\n\nEnhance the .dockerignore man pages\n\nconformance: add a test for COPY from subdirectory\n\nfix bug manifest inspct\n\nAdd documentation for .dockerignore\n\nAdd BuilderIdentityAnnotation to identify buildah version\n\nDOC: Add quay.io/containers/buildah image to README.md\n\nUpdate buildahimages readme\n\nfix spelling mistake in 'info' command result display\n\nDon't bind /etc/host and /etc/resolv.conf if network is not present\n\nblobcache: avoid an unnecessary NewImage()\n\nBuild static binary with `buildGoModule`\n\ncopier: split StripSetidBits into\nStripSetuidBit/StripSetgidBit/StripStickyBit\n\ntarFilterer: handle multiple archives\n\nFix a race we hit during conformance tests\n\nRework conformance testing\n\nUpdate 02-registries-repositories.md\n\ntest-unit: invoke cmd/buildah tests with --flags\n\nparse: fix a type mismatch in a test\n\nFix compilation of tests/testreport/testreport\n\nbuild.sh: log the version of Go that we're using\n\ntest-unit: increase the test timeout to 40/45 minutes\n\nAdd the 'copier' package\n\nFix & add notes regarding problematic language in codebase\n\nAdd dependency on github.com/stretchr/testify/require\n\nCompositeDigester: add the ability to filter tar streams\n\nBATS tests: make more robust\n\nvendor golang.org/x/text@v0.3.3\n\nSwitch golang 1.12 to golang 1.13\n\nimagebuildah: wait for stages that might not have even started yet\n\nchroot, run: not fail on bind mounts from /sys\n\nchroot: do not use setgroups if it is blocked\n\nSet engine env from containers.conf\n\nimagebuildah: return the right stage's image as the 'final' image\n\nFix a help string\n\nDeduplicate environment variables\n\nswitch containers/libpod to containers/podman\n\nBump github.com/containers/ocicrypt from 1.0.2 to 1.0.3\n\nBump github.com/opencontainers/selinux from 1.5.2 to 1.6.0\n\nMask out /sys/dev to prevent information leak\n\nlinux: skip errors from the runtime kill\n\nMask over the /sys/fs/selinux in mask branch\n\nAdd VFS additional image store to container\n\ntests: add auth tests\n\nAllow 'readonly' as alias to 'ro' in mount options\n\nIgnore OS X specific consistency mount option\n\nBump github.com/onsi/ginkgo from 1.13.0 to 1.14.0\n\nBump github.com/containers/common from 0.14.0 to 0.15.2\n\nRootless Buildah should default to IsolationOCIRootless\n\nimagebuildah: fix inheriting multi-stage builds\n\nMake imagebuildah.BuildOptions.Architecture/OS optional\n\nMake imagebuildah.BuildOptions.Jobs optional\n\nResolve a possible race in imagebuildah.Executor.startStage()\n\nSwitch scripts to use containers.conf\n\nBump openshift/imagebuilder to v1.1.6\n\nBump go.etcd.io/bbolt from 1.3.4 to 1.3.5\n\nbuildah, bud: support --jobs=N for parallel execution\n\nexecutor: refactor build code inside new function\n\nAdd bud regression tests\n\nCirrus: Fix missing htpasswd in registry img\n\ndocs: clarify the 'triples' format\n\nCHANGELOG.md: Fix markdown formatting\n\nAdd nix derivation for static builds\n\nBump to v1.16.0-dev\n\nUpdate to v1.15.1\n\nMask over the /sys/fs/selinux in mask branch\n\nchroot: do not use setgroups if it is blocked\n\nchroot, run: not fail on bind mounts from /sys\n\nAllow 'readonly' as alias to 'ro' in mount options\n\nAdd VFS additional image store to container\n\nvendor golang.org/x/text@v0.3.3\n\nMake imagebuildah.BuildOptions.Architecture/OS optional\n\nUpdate to v1.15.0 :\n\nAdd CVE-2020-10696 to CHANGELOG.md and changelog.txt\n\nfix lighttpd example\n\nremove dependency on openshift struct\n\nWarn on unset build arguments\n\nvendor: update seccomp/containers-golang to v0.4.1\n\nUpdated docs\n\nclean up comments\n\nupdate exit code for tests\n\nImplement commit for encryption\n\nimplementation of encrypt/decrypt push/pull/bud/from\n\nfix resolve docker image name as transport\n\nAdd preliminary profiling support to the CLI\n\nEvaluate symlinks in build context directory\n\nfix error info about get signatures for containerImageSource\n\nAdd Security Policy\n\nCirrus: Fixes from review feedback\n\nimagebuildah: stages shouldn't count as their base images\n\nUpdate containers/common v0.10.0\n\nAdd registry to buildahimage Dockerfiles\n\nCirrus: Use pre-installed VM packages + F32\n\nCirrus: Re-enable all distro versions\n\nCirrus: Update to F31 + Use cache images\n\ngolangci-lint: Disable gosimple\n\nLower number of golangci-lint threads\n\nFix permissions on containers.conf\n\nDon't force tests to use runc\n\nReturn exit code from failed containers\n\ncgroup_manager should be under [engine]\n\nUse c/common/pkg/auth in login/logout\n\nCirrus: Temporarily disable Ubuntu 19 testing\n\nAdd containers.conf to stablebyhand build\n\nUpdate gitignore to exclude test Dockerfiles\n\nRemove warning for systemd inside of container\n\nUpdate to v1.14.6 :\n\nMake image history work correctly with new args handling\n\nDon't add args to the RUN environment from the Builder\n\nUpdate to v1.14.5 :\n\nRevert FIPS mode change\n\nUpdate to v1.14.4 :\n\nUpdate unshare man page to fix script example\n\nFix compilation errors on non linux platforms\n\nPreserve volume uid and gid through subsequent commands\n\nFix potential CVE in tarfile w/ symlink\n\nFix .dockerignore with globs and ! commands\n\nUpdate to v1.14.2 :\n\nSearch for local runtime per values in containers.conf\n\nSet correct ownership on working directory\n\nImprove remote manifest retrieval\n\nCorrect a couple of incorrect format specifiers\n\nmanifest push --format: force an image type, not a list type\n\nrun: adjust the order in which elements are added to $\n\ngetDateAndDigestAndSize(): handle creation time not being set\n\nMake the commit id clear like Docker\n\nShow error on copied file above context directory in build\n\npull/from/commit/push: retry on most failures\n\nRepair buildah so it can use containers.conf on the server side\n\nFixing formatting & build instructions\n\nFix XDG_RUNTIME_DIR for authfile\n\nShow validation command-line\n\nUpdate to v1.14.0 :\n\ngetDateAndDigestAndSize(): use manifest.Digest\n\nTouch up os/arch doc\n\nchroot: handle slightly broken seccomp defaults\n\nbuildahimage: specify fuse-overlayfs mount options\n\nparse: don't complain about not being able to rename something to\nitself\n\nFix build for 32bit platforms\n\nAllow users to set OS and architecture on bud\n\nFix COPY in containerfile with envvar\n\nAdd --sign-by to bud/commit/push, --remove-signatures for pull/push\n\nAdd support for containers.conf\n\nmanifest push: add --format option\n\nUpdate to v1.13.1 :\n\ncopyFileWithTar: close source files at the right time\n\ncopy: don't digest files that we ignore\n\nCheck for .dockerignore specifically\n\nDon't setup excludes, if their is only one pattern to match\n\nset HOME env to /root on chroot-isolation by default\n\ndocs: fix references to containers-*.5\n\nfix bug Add check .dockerignore COPY file\n\nbuildah bud --volume: run from tmpdir, not source dir\n\nFix imageNamePrefix to give consistent names in buildah-from\n\ncpp: use -traditional and -undef flags\n\ndiscard outputs coming from onbuild command on buildah-from --quiet\n\nmake --format columnizing consistent with buildah images\n\nFix option handling for volumes in build\n\nRework overlay pkg for use with libpod\n\nFix buildahimage builds for buildah\n\nAdd support for FIPS-Mode backends\n\nSet the TMPDIR for pulling/pushing image to $TMPDIR\n\nUpdate to v1.12.0 :\n\nAllow ADD to use http src\n\nimgtype: reset storage opts if driver overridden\n\nStart using containers/common\n\noverlay.bats typo: fuse-overlays should be fuse-overlayfs\n\nchroot: Unmount with MNT_DETACH instead of UnmountMountpoints()\n\nbind: don't complain about missing mountpoints\n\nimgtype: check earlier for expected manifest type\n\nAdd history names support\n\nUpdate to v1.11.6 :\n\nHandle missing equal sign in --from and --chown flags for COPY/ADD\n\nbud COPY does not download URL\n\nFix .dockerignore exclude regression\n\ncommit(docker): always set ContainerID and ContainerConfig\n\nTouch up commit man page image parameter\n\nAdd builder identity annotations.\n\nUpdate to v1.11.5 :\n\nbuildah: add 'manifest' command\n\npkg/supplemented: add a package for grouping images together\n\npkg/manifests: add a manifest list build/manipulation API\n\nUpdate for ErrUnauthorizedForCredentials API change in\ncontainers/image\n\nUpdate for manifest-lists API changes in containers/image\n\nversion: also note the version of containers/image\n\nMove to containers/image v5.0.0\n\nEnable --device directory as src device\n\nAdd clarification to the Tutorial for new users\n\nSilence 'using cache' to ensure -q is fully quiet\n\nMove runtime flag to bud from common\n\nCommit: check for storage.ErrImageUnknown using errors.Cause()\n\nFix crash when invalid COPY --from flag is specified.\n\nUpdate to v1.11.4 :\n\nbuildah: add a 'manifest' command\n\npkg/manifests: add a manifest list build/manipulation API\n\nUpdate for ErrUnauthorizedForCredentials API change in\ncontainers/image\n\nUpdate for manifest-lists API changes in containers/image\n\nMove to containers/image v5.0.0\n\nEnable --device directory as src device\n\nAdd clarification to the Tutorial for new users\n\nSilence 'using cache' to ensure -q is fully quiet\n\nMove runtime flag to bud from common\n\nCommit: check for storage.ErrImageUnknown using errors.Cause()\n\nFix crash when invalid COPY --from flag is specified.\n\nUpdate to v1.11.3 :\n\nAdd cgroups2\n\nAdd support for retrieving context from stdin '-'\n\nAdded tutorial on how to include Buildah as library\n\nFix --build-args handling\n\nPrint build 'STEP' line to stdout, not stderr\n\nUse Containerfile by default\n\nUpdate to v1.11.2 :\n\nAdd some cleanup code\n\nMove devices code to unit specific directory.\n\nUpdate to v1.11.1 :\n\nAdd --devices flag to bud and from\n\nAdd support for /run/.containerenv\n\nAllow mounts.conf entries for equal source and destination paths\n\nFix label and annotation for 1-line Dockerfiles\n\nPreserve file and directory mount permissions\n\nReplace --debug=false with --log-level=error\n\nSet TMPDIR to /var/tmp by default\n\nTruncate output of too long image names\n\nIgnore EmptyLayer if Squash is set\n\nUpdate to v1.11.0 :\n\nAdd --digestfile and Re-add push statement as debug\n\nAdd --log-level command line option and deprecate --debug\n\nAdd security-related volume options to validator\n\nAllow buildah bud to be called without arguments\n\nAllow to override build date with SOURCE_DATE_EPOCH\n\nCorrectly detect ExitError values from Run()\n\nDisable empty logrus timestamps to reduce logger noise\n\nFix directory pull image names\n\nFix handling of /dev/null masked devices\n\nFix possible runtime panic on bud\n\nUpdate bud/from help to contain indicator for --dns=none\n\nUpdate documentation about bud\n\nUpdate shebangs to take env into consideration\n\nUse content digests in ADD/COPY history entries\n\nadd support for cgroupsV2\n\nadd: add a DryRun flag to AddAndCopyOptions\n\nadd: handle hard links when copying with .dockerignore\n\nadd: teach copyFileWithTar() about symlinks and directories\n\nimagebuilder: fix detection of referenced stage roots\n\npull/commit/push: pay attention to $BUILD_REGISTRY_SOURCES\n\nrun_linux: fix mounting /sys in a userns\n\nUpdate to v1.10.1 :\n\nAdd automatic apparmor tag discovery\n\nAdd overlayfs to fuse-overlayfs tip\n\nBug fix for volume minus syntax\n\nBump container/storage v1.13.1 and containers/image v3.0.1\n\nBump containers/image to v3.0.2 to fix keyring issue\n\nFix bug whereby --get-login has no effect\n\nBump github.com/containernetworking/cni to v0.7.1\n\nAdd appamor-pattern requirement\n\nUpdate build process to match the latest repository architecture\n\nUpdate to v1.10.0\n\nvendor github.com/containers/image@v3.0.0\n\nRemove GO111MODULE in favor of -mod=vendor\n\nVendor in containers/storage v1.12.16\n\nAdd '-' minus syntax for removal of config values\n\ntests: enable overlay tests for rootless\n\nrootless, overlay: use fuse-overlayfs\n\nvendor github.com/containers/image@v2.0.1\n\nAdded '-' syntax to remove volume config option\n\ndelete successfully pushed message\n\nAdd golint linter and apply fixes\n\nvendor github.com/containers/storage@v1.12.15\n\nChange wait to sleep in buildahimage readme\n\nHandle ReadOnly images when deleting images\n\nAdd support for listing read/only images\n\nfrom/import: record the base image's digest, if it has one\n\nFix CNI version retrieval to not require network connection\n\nAdd misspell linter and apply fixes\n\nAdd goimports linter and apply fixes\n\nAdd stylecheck linter and apply fixes\n\nAdd unconvert linter and apply fixes\n\nimage: make sure we don't try to use zstd compression\n\nrun.bats: skip the 'z' flag when testing --mount\n\nUpdate to runc v1.0.0-rc8\n\nUpdate to match updated runtime-tools API\n\nbump github.com/opencontainers/runtime-tools to v0.9.0\n\nBuild e2e tests using the proper build tags\n\nAdd unparam linter and apply fixes\n\nRun: correct a typo in the --cap-add help text\n\nunshare: add a --mount flag\n\nfix push check image name is not empty\n\nadd: fix slow copy with no excludes\n\nAdd errcheck linter and fix missing error check\n\nImprove tests/tools/Makefile parallelism and abstraction\n\nFix response body not closed resource leak\n\nSwitch to golangci-lint\n\nAdd gomod instructions and mailing list links\n\nOn Masked path, check if /dev/null already mounted before mounting\n\nUpdate to containers/storage v1.12.13\n\nRefactor code in package imagebuildah\n\nAdd rootless podman with NFS issue in documentation\n\nAdd --mount for buildah run\n\nimport method ValidateVolumeOpts from libpod\n\nFix typo\n\nMakefile: set GO111MODULE=off\n\nrootless: add the built-in slirp DNS server\n\nUpdate docker/libnetwork to get rid of outdated sctp package\n\nUpdate buildah-login.md\n\nmigrate to go modules\n\ninstall.md: mention go modules\n\ntests/tools: go module for test binaries\n\nfix --volume splits comma delimited option\n\nAdd bud test for RUN with a priv'd command\n\nvendor logrus v1.4.2\n\npkg/cli: panic when flags can't be hidden\n\npkg/unshare: check all errors\n\npull: check error during report write\n\nrun_linux.go: ignore unchecked errors\n\nconformance test: catch copy error\n\nchroot/run_test.go: export funcs to actually be executed\n\ntests/imgtype: ignore error when shutting down the store\n\ntestreport: check json error\n\nbind/util.go: remove unused func\n\nrm chroot/util.go\n\nimagebuildah: remove unused dedupeStringSlice\n\nStageExecutor: EnsureContainerPath: catch error from SecureJoin()\n\nimagebuildah/build.go: return instead of branching\n\nrmi: avoid redundant branching\n\nconformance tests: nilness: allocate map\n\nimagebuildah/build.go: avoid redundant filepath.Join()\n\nimagebuildah/build.go: avoid redundant os.Stat()\n\nimagebuildah: omit comparison to bool\n\nfix 'ineffectual assignment' lint errors\n\ndocker: ignore 'repeats json tag' lint error\n\npkg/unshare: use ... instead of iterating a slice\n\nconformance: bud test: use raw strings for regexes\n\nconformance suite: remove unused func/var\n\nbuildah test suite: remove unused vars/funcs\n\ntestreport: fix golangci-lint errors\n\nutil: remove redundant return statement\n\nchroot: only log clean-up errors\n\nimages_test: ignore golangci-lint error\n\nblobcache: log error when draining the pipe\n\nimagebuildah: check errors in deferred calls\n\nchroot: fix error handling in deferred funcs\n\ncmd: check all errors\n\nchroot/run_test.go: check errors\n\nchroot/run.go: check errors in deferred calls\n\nimagebuildah.Executor: remove unused onbuild field\n\ndocker/types.go: remove unused struct fields\n\nutil: use strings.ContainsRune instead of index check\n\nCirrus: Initial implementation\n\nbuildah-run: fix-out-of-range panic (2)\n\nUpdate containers/image to v2.0.0\n\nrun: fix hang with run and --isolation=chroot\n\nrun: fix hang when using run\n\nchroot: drop unused function call\n\nremove --> before imgageID on build\n\nAlways close stdin pipe\n\nWrite deny to setgroups when doing single user mapping\n\nAvoid including linux/memfd.h\n\nAdd a test for the symlink pointing to a directory\n\nAdd missing continue\n\nFix the handling of symlinks to absolute paths\n\nOnly set default network sysctls if not rootless\n\nSupport --dns=none like podman\n\nfix bug --cpu-shares parsing typo\n\nFix validate complaint\n\nUpdate vendor on containers/storage to v1.12.10\n\nCreate directory paths for COPY thereby ensuring correct perms\n\nimagebuildah: use a stable sort for comparing build args\n\nimagebuildah: tighten up cache checking\n\nbud.bats: add a test verying the order of --build-args\n\nadd -t to podman run\n\nimagebuildah: simplify screening by top layers\n\nimagebuildah: handle ID mappings for COPY --from\n\nimagebuildah: apply additionalTags ourselves\n\nbud.bats: test additional tags with cached images\n\nbud.bats: add a test for WORKDIR and COPY with absolute destinations\n\nCleanup Overlay Mounts content\n\nAdd support for file secret mounts\n\nAdd ability to skip secrets in mounts file\n\nallow 32bit builds\n\nfix tutorial instructions\n\nimagebuilder: pass the right contextDir to Add()\n\nadd: use fileutils.PatternMatcher for .dockerignore\n\nbud.bats: add another .dockerignore test\n\nunshare: fallback to single usermapping\n\naddHelperSymlink: clear the destination on os.IsExist errors\n\nbud.bats: test replacing symbolic links\n\nimagebuildah: fix handling of destinations that end with '/'\n\nbud.bats: test COPY with a final '/' in the destination\n\nlinux: add check for sysctl before using it\n\nunshare: set _CONTAINERS_ROOTLESS_GID\n\nRework buildahimamges\n\nbuild context: support https git repos\n\nAdd a test for ENV special chars behaviour\n\nCheck in new Dockerfiles\n\nApply custom SHELL during build time\n\nconfig: expand variables only at the command line\n\nSetEnv: we only need to expand v once\n\nAdd default /root if empty on chroot iso\n\nAdd support for Overlay volumes into the container.\n\nExport buildah validate volume functions so it can share code with\nlibpod\n\nBump baseline test to F30\n\nFix rootless handling of /dev/shm size\n\nAvoid fmt.Printf() in the library\n\nimagebuildah: tighten cache checking back up\n\nHandle WORKDIR with dangling target\n\nDefault Authfile to proper path\n\nMake buildah run --isolation follow BUILDAH_ISOLATION environment\n\nVendor in latest containers/storage and containers/image\n\ngetParent/getChildren: handle layerless images\n\nimagebuildah: recognize cache images for layerless images\n\nbud.bats: test scratch images with --layers caching\n\nGet CHANGELOG.md updates\n\nAdd some symlinks to test our .dockerignore logic\n\nimagebuildah: addHelper: handle symbolic links\n\ncommit/push: use an everything-allowed policy\n\nCorrect manpage formatting in files section\n\nRemove must be root statement from buildah doc\n\nChange image names to stable, testing and upstream\n\nDon't create directory on container\n\nReplace kubernetes/pause in tests with k8s.gcr.io/pause\n\nimagebuildah: don't remove intermediate images if we need them\n\nRework buildahimagegit to buildahimageupstream\n\nFix Transient Mounts\n\nHandle WORKDIRs that are symlinks\n\nallow podman to build a client for windows\n\nTouch up 1.9-dev to 1.9.0-dev\n\nResolve symlink when checking container path\n\ncommit: commit on every instruction, but not always with layers\n\nCommitOptions: drop the unused OnBuild field\n\nmakeImageRef: pass in the whole CommitOptions structure\n\ncmd: API cleanup: stores before images\n\nrun: check if SELinux is enabled\n\nFix buildahimages Dockerfiles to include support for additionalimages\nmounted from host.\n\nDetect changes in rootdir\n\nFix typo in buildah-pull(1)\n\nVendor in latest containers/storage\n\nKeep track of any build-args used during buildah bud --layers\n\ncommit: always set a parent ID\n\nimagebuildah: rework unused-argument detection\n\nfix bug dest path when COPY .dockerignore\n\nMove Host IDMAppings code from util to unshare\n\nAdd BUILDAH_ISOLATION rootless back\n\nTravis CI: fail fast, upon error in any step\n\nimagebuildah: only commit images for intermediate stages if we have to\n\nUse errors.Cause() when checking for IsNotExist errors\n\nauto pass http_proxy to container\n\nimagebuildah: don't leak image structs\n\nAdd Dockerfiles for buildahimages\n\nBump to Replace golang 1.10 with 1.12\n\nadd --dns* flags to buildah bud\n\nAdd hack/build_speed.sh test speeds on building container images\n\nCreate buildahimage Dockerfile for Quay\n\nrename 'is' to 'expect_output'\n\nsquash.bats: test squashing in multi-layered builds\n\nbud.bats: test COPY --from in a Dockerfile while using the cache\n\ncommit: make target image names optional\n\nFix bud-args to allow comma separation\n\noops, missed some tests in commit.bats\n\nnew helper: expect_line_count\n\nNew tests for #1467 (string slices in cmdline opts)\n\nWorkarounds for dealing with travis; review feedback\n\nBATS tests - extensive but minor cleanup\n\nimagebuildah: defer pulling images for COPY --from\n\nimagebuildah: centralize COMMIT and image ID output\n\nTravis: do not use traviswait\n\nimagebuildah: only initialize imagebuilder configuration once per\nstage\n\nMake cleaner error on Dockerfile build errors\n\nunshare: move to pkg/\n\nunshare: move some code from cmd/buildah/unshare\n\nFix handling of Slices versus Arrays\n\nimagebuildah: reorganize stage and per-stage logic\n\nimagebuildah: add empty layers for instructions\n\nAdd missing step in installing into Ubuntu\n\nfix bug in .dockerignore support\n\nimagebuildah: deduplicate prepended 'FROM' instructions\n\nTouch up intro\n\ncommit: set created-by to the shell if it isn't set\n\ncommit: check that we always set a 'created-by'\n\ndocs/buildah.md: add 'containers-' prefixes under 'SEE ALSO'\n\nUpdate to v1.7.2\n\nUpdates vendored containers/storage to latest version\n\nrootless: by default use the host network namespace\n\nFull changelog:\nhttps://github.com/containers/buildah/releases/tag/v1.6\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1165184\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1167864\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://github.com/containers/buildah/releases/tag/v1.6\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-10214/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-10696/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20203423-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?fc11c168\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Module for Containers 15-SP2 :\n\nzypper in -t patch SUSE-SLE-Module-Containers-15-SP2-2020-3423=1\n\nSUSE Linux Enterprise Module for Containers 15-SP1 :\n\nzypper in -t patch SUSE-SLE-Module-Containers-15-SP1-2020-3423=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:buildah\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/11/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/12/09\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES15\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(1|2)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP1/2\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES15\", sp:\"1\", reference:\"buildah-1.17.0-3.6.1\")) flag++;\nif (rpm_check(release:\"SLES15\", sp:\"2\", reference:\"buildah-1.17.0-3.6.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"buildah\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-03-22T21:00:13", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2117 advisory.\n\n - buildah: Crafted input tar file may lead to local file overwrite during image build process (CVE-2020-10696)\n\n - proglottis/gpgme: Use-after-free in GPGME bindings during container image pull (CVE-2020-8945)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-05-12T00:00:00", "type": "nessus", "title": "RHEL 7 : podman (RHSA-2020:2117)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10696", "CVE-2020-8945"], "modified": "2021-10-13T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:podman", "p-cpe:/a:redhat:enterprise_linux:podman-docker"], "id": "REDHAT-RHSA-2020-2117.NASL", "href": "https://www.tenable.com/plugins/nessus/136522", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:2117. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136522);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/13\");\n\n script_cve_id(\"CVE-2020-8945\", \"CVE-2020-10696\");\n script_xref(name:\"RHSA\", value:\"2020:2117\");\n\n script_name(english:\"RHEL 7 : podman (RHSA-2020:2117)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:2117 advisory.\n\n - buildah: Crafted input tar file may lead to local file overwrite during image build process\n (CVE-2020-10696)\n\n - proglottis/gpgme: Use-after-free in GPGME bindings during container image pull (CVE-2020-8945)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/22.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/416.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-8945\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10696\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:2117\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1795838\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1817651\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected podman and / or podman-docker packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10696\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(22, 416);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/02/12\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:podman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:podman-docker\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'rhel_extras_other_7': [\n 'rhel-7-desktop-extras-debug-rpms',\n 'rhel-7-desktop-extras-rpms',\n 'rhel-7-desktop-extras-source-rpms',\n 'rhel-7-for-system-z-a-extras-debug-rpms',\n 'rhel-7-for-system-z-a-extras-rpms',\n 'rhel-7-for-system-z-a-extras-source-rpms',\n 'rhel-7-for-system-z-extras-debug-rpms',\n 'rhel-7-for-system-z-extras-rpms',\n 'rhel-7-for-system-z-extras-source-rpms',\n 'rhel-7-server-extras-debug-rpms',\n 'rhel-7-server-extras-rpms',\n 'rhel-7-server-extras-source-rpms',\n 'rhel-7-workstation-extras-debug-rpms',\n 'rhel-7-workstation-extras-rpms',\n 'rhel-7-workstation-extras-source-rpms'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'podman-1.6.4-18.el7_8', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_extras_other_7']},\n {'reference':'podman-1.6.4-18.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_extras_other_7']},\n {'reference':'podman-docker-1.6.4-18.el7_8', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_extras_other_7']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'podman / podman-docker');\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-09T15:37:31", "description": "The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2020:2116 advisory.\n\n - buildah: Crafted input tar file may lead to local file overwrite during image build process (CVE-2020-10696)\n\n - containers/image: Container images read entire image manifest into memory (CVE-2020-1702)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2020-05-12T00:00:00", "type": "nessus", "title": "RHEL 7 : buildah (RHSA-2020:2116)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-10696", "CVE-2020-1702"], "modified": "2021-10-13T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:buildah"], "id": "REDHAT-RHSA-2020-2116.NASL", "href": "https://www.tenable.com/plugins/nessus/136521", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:2116. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136521);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/10/13\");\n\n script_cve_id(\"CVE-2020-1702\", \"CVE-2020-10696\");\n script_xref(name:\"RHSA\", value:\"2020:2116\");\n\n script_name(english:\"RHEL 7 : buildah (RHSA-2020:2116)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:2116 advisory.\n\n - buildah: Crafted input tar file may lead to local file overwrite during image build process\n (CVE-2020-10696)\n\n - containers/image: Container images read entire image manifest into memory (CVE-2020-1702)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/22.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/400.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-1702\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10696\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:2116\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1792796\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1817651\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected buildah package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10696\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_cwe_id(22, 400);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/02/26\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/12\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:buildah\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\", \"redhat_repos.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('rhel.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nvar os_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nvar os_ver = os_ver[1];\nif (!rhel_check_release(operator: 'ge', os_version: os_ver, rhel_version: '7')) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nvar repositories = {\n 'rhel_extras_other_7': [\n 'rhel-7-desktop-extras-debug-rpms',\n 'rhel-7-desktop-extras-rpms',\n 'rhel-7-desktop-extras-source-rpms',\n 'rhel-7-for-system-z-a-extras-debug-rpms',\n 'rhel-7-for-system-z-a-extras-rpms',\n 'rhel-7-for-system-z-a-extras-source-rpms',\n 'rhel-7-for-system-z-extras-debug-rpms',\n 'rhel-7-for-system-z-extras-rpms',\n 'rhel-7-for-system-z-extras-source-rpms',\n 'rhel-7-server-extras-debug-rpms',\n 'rhel-7-server-extras-rpms',\n 'rhel-7-server-extras-source-rpms',\n 'rhel-7-workstation-extras-debug-rpms',\n 'rhel-7-workstation-extras-rpms',\n 'rhel-7-workstation-extras-source-rpms'\n ]\n};\n\nvar repo_sets = rhel_get_valid_repo_sets(repositories:repositories);\nif(repo_sets == RHEL_REPOS_NO_OVERLAP_MESSAGE) audit(AUDIT_PACKAGE_LIST_MISSING, RHEL_REPO_AUDIT_PACKAGE_LIST_DETAILS);\n\nvar pkgs = [\n {'reference':'buildah-1.11.6-11.el7_8', 'cpu':'s390x', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_extras_other_7']},\n {'reference':'buildah-1.11.6-11.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_extras_other_7']}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var el_string = NULL;\n var rpm_spec_vers_cmp = NULL;\n var epoch = NULL;\n var allowmaj = NULL;\n var exists_check = NULL;\n var repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (reference &&\n release &&\n (rhel_decide_repo_check(repo_list:repo_list, repo_sets:repo_sets) || (!exists_check || rpm_exists(release:release, rpm:exists_check))) &&\n rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n}\n\nif (flag)\n{\n var extra = NULL;\n if (empty_or_null(repo_sets)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'buildah');\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-10T16:04:38", "description": "This update for buildah, libcontainers-common, podman fixes the following issues :\n\nChanges in libcontainers-common :\n\n - Update common to 0.33.0\n\n - Update image to 5.9.0\n\n - Update podman to 2.2.1\n\n - Update storage to 1.24.5\n\n - Switch to seccomp profile provided by common instead of podman\n\n - Update containers.conf to match latest version\n\nChanges in buildah :\n\nUpdate to version 1.19.2 :\n\n - Update vendor of containers/storage and containers/common\n\n - Buildah inspect should be able to inspect manifests\n\n - Make buildah push support pushing manifests lists and digests\n\n - Fix handling of TMPDIR environment variable\n\n - Add support for --manifest flags\n\n - Upper directory should match mode of destination directory\n\n - Only grab the OS, Arch if the user actually specified them\n\n - Use --arch and --os and --variant options to select architecture and os\n\n - Cirrus: Track libseccomp and golang version\n\n - copier.PutOptions: add an 'IgnoreDevices' flag\n\n - fix: `rmi --prune` when parent image is in store.\n\n - build(deps): bump github.com/containers/storage from 1.24.3 to 1.24.4\n\n - build(deps): bump github.com/containers/common from 0.31.1 to 0.31.2\n\n - Allow users to specify stdin into containers\n\n - Drop log message on failure to mount on /sys file systems to info\n\n - Spelling\n\n - SELinux no longer requires a tag.\n\n - build(deps): bump github.com/opencontainers/selinux from 1.6.0 to 1.8.0\n\n - build(deps): bump github.com/containers/common from 0.31.0 to 0.31.1\n\n - Update nix pin with `make nixpkgs`\n\n - Switch references of /var/run -> /run\n\n - Allow FROM to be overriden with from option\n\n - copier: don't assume we can chroot() on Unixy systems\n\n - copier: add PutOptions.NoOverwriteDirNonDir, Get/PutOptions.Rename\n\n - copier: handle replacing directories with not-directories\n\n - copier: Put: skip entries with zero-length names\n\n - build(deps): bump github.com/containers/storage from 1.24.2 to 1.24.3\n\n - Add U volume flag to chown source volumes\n\n - Turn off PRIOR_UBUNTU Test until vm is updated\n\n - pkg, cli: rootless uses correct isolation\n\n - build(deps): bump github.com/onsi/gomega from 1.10.3 to 1.10.4\n\n - update installation doc to reflect current status\n\n - Move away from using docker.io\n\n - enable short-name aliasing\n\n - build(deps): bump github.com/containers/storage from 1.24.1 to 1.24.2\n\n - build(deps): bump github.com/containers/common from 0.30.0 to 0.31.0\n\n - Throw errors when using bogus --network flags\n\n - pkg/supplemented test: replace our null blobinfocache\n\n - build(deps): bump github.com/containers/common from 0.29.0 to 0.30.0\n\n - inserts forgotten quotation mark\n\n - Not prefer use local image create/add manifest\n\n - Add container information to .containerenv\n\n - Add --ignorefile flag to use alternate .dockerignore flags\n\n - Add a source debug build\n\n - Fix crash on invalid filter commands\n\n - build(deps): bump github.com/containers/common from 0.27.0 to 0.29.0\n\n - Switch to using containers/common pkg's\n\n - fix: non-portable shebang #2812\n\n - Remove copy/paste errors that leaked `Podman` into man pages.\n\n - Add suggests cpp to spec file\n\n - Apply suggestions from code review\n\n - update docs for debian testing and unstable\n\n - imagebuildah: disable pseudo-terminals for RUN\n\n - Compute diffID for mapped-layer at creating image source\n\n - intermediateImageExists: ignore images whose history we can't read\n\n - Bump to v1.19.0-dev\n\n - build(deps): bump github.com/containers/common from 0.26.3 to 0.27.0\n\n - Fix testing error caused by simultanious merge\n\n - Vendor in containers/storage v1.24.0\n\n - short-names aliasing\n\n - Add --policy flag to buildah pull\n\n - Stop overwrapping and stuttering\n\n - copier.Get(): ignore ENOTSUP/ENOSYS when listing xattrs\n\n - Run: don't forcibly disable UTS namespaces in rootless mode\n\n - test: ensure non-directory in a Dockerfile path is handled correctly\n\n - Add a few tests for `pull` command\n\n - Fix buildah config --cmd to handle array\n\n - build(deps): bump github.com/containers/storage from 1.23.8 to 1.23.9\n\n - Fix NPE when Dockerfile path contains non-directory entries\n\n - Update buildah bud man page from podman build man page\n\n - Move declaration of decryption-keys to common cli\n\n - Run: correctly call copier.Mkdir\n\n - util: digging UID/GID out of os.FileInfo should work on Unix\n\n - imagebuildah.getImageTypeAndHistoryAndDiffIDs: cache results\n\n - Verify userns-uid-map and userns-gid-map input\n\n - Use CPP, CC and flags in dep check scripts\n\n - Avoid overriding LDFLAGS in Makefile\n\n - ADD: handle --chown on URLs\n\n - Update nix pin with `make nixpkgs`\n\n - (*Builder).Run: MkdirAll: handle EEXIST error\n\n - copier: try to force loading of nsswitch modules before chroot()\n\n - fix MkdirAll usage\n\n - build(deps): bump github.com/containers/common from 0.26.2 to 0.26.3\n\n - build(deps): bump github.com/containers/storage from 1.23.7 to 1.23.8\n\n - Use osusergo build tag for static build\n\n - imagebuildah: cache should take image format into account\n\n - Bump to v1.18.0-dev\n\nUpdate to version 1.17.1 :\n\n - copier.Get(): ignore ENOTSUP/ENOSYS when listing xattrs\n\n - copier: try to force loading of nsswitch modules before chroot()\n\n - ADD: handle --chown on URLs\n\n - imagebuildah: cache should take image format into account\n\n - Update CI configuration for the release-1.17 branch\n\nadded cni to requires as its needed for buildah to run \n\nUpdate to v1.17.0 (boo#1165184)\n\n - Handle cases where other tools mount/unmount containers\n\n - overlay.MountReadOnly: support RO overlay mounts\n\n - overlay: use fusermount for rootless umounts\n\n - overlay: fix umount\n\n - Switch default log level of Buildah to Warn. Users need to see these messages\n\n - Drop error messages about OCI/Docker format to Warning level\n\n - build(deps): bump github.com/containers/common from 0.26.0 to 0.26.2\n\n - tests/testreport: adjust for API break in storage v1.23.6\n\n - build(deps): bump github.com/containers/storage from 1.23.5 to 1.23.7\n\n - build(deps): bump github.com/fsouza/go-dockerclient from 1.6.5 to 1.6.6\n\n - copier: put: ignore Typeflag='g'\n\n - Use curl to get repo file (fix #2714)\n\n - build(deps): bump github.com/containers/common from 0.25.0 to 0.26.0\n\n - build(deps): bump github.com/spf13/cobra from 1.0.0 to 1.1.1\n\n - Remove docs that refer to bors, since we're not using it\n\n - Buildah bud should not use stdin by default\n\n - bump containerd, docker, and golang.org/x/sys\n\n - Makefile: cross: remove windows.386 target\n\n - copier.copierHandlerPut: don't check length when there are errors\n\n - Stop excessive wrapping\n\n - CI: require that conformance tests pass\n\n - bump(github.com/openshift/imagebuilder) to v1.1.8\n\n - Skip tlsVerify insecure BUILD_REGISTRY_SOURCES\n\n - Fix build path wrong containers/podman#7993\n\n - refactor pullpolicy to avoid deps\n\n - build(deps): bump github.com/containers/common from 0.24.0 to 0.25.0\n\n - CI: run gating tasks with a lot more memory\n\n - ADD and COPY: descend into excluded directories, sometimes\n\n - copier: add more context to a couple of error messages\n\n - copier: check an error earlier\n\n - copier: log stderr output as debug on success\n\n - Update nix pin with make nixpkgs\n\n - Set directory ownership when copied with ID mapping\n\n - build(deps): bump github.com/sirupsen/logrus from 1.6.0 to 1.7.0\n\n - build(deps): bump github.com/containers/common from 0.23.0 to 0.24.0\n\n - Cirrus: Remove bors artifacts\n\n - Sort build flag definitions alphabetically\n\n - ADD: only expand archives at the right time\n\n - Remove configuration for bors\n\n - Shell Completion for podman build flags\n\n - Bump c/common to v0.24.0\n\n - New CI check: xref --help vs man pages\n\n - CI: re-enable several linters\n\n - Move --userns-uid-map/--userns-gid-map description into buildah man page\n\n - add: preserve ownerships and permissions on ADDed archives\n\n - Makefile: tweak the cross-compile target\n\n - Bump containers/common to v0.23.0\n\n - chroot: create bind mount targets 0755 instead of 0700\n\n - Change call to Split() to safer SplitN()\n\n - chroot: fix handling of errno seccomp rules\n\n - build(deps): bump github.com/containers/image/v5 from 5.5.2 to 5.6.0\n\n - Add In Progress section to contributing\n\n - integration tests: make sure tests run in $(topdir)/tests\n\n - Run(): ignore containers.conf's environment configuration\n\n - Warn when setting healthcheck in OCI format\n\n - Cirrus: Skip git-validate on branches\n\n - tools: update git-validation to the latest commit\n\n - tools: update golangci-lint to v1.18.0\n\n - Add a few tests of push command\n\n - Add(): fix handling of relative paths with no ContextDir\n\n - build(deps): bump github.com/containers/common from 0.21.0 to 0.22.0\n\n - Lint: Use same linters as podman\n\n - Validate: reference HEAD\n\n - Fix buildah mount to display container names not ids\n\n - Update nix pin with make nixpkgs\n\n - Add missing --format option in buildah from man page\n\n - Fix up code based on codespell\n\n - build(deps): bump github.com/openshift/imagebuilder from 1.1.6 to 1.1.7\n\n - build(deps): bump github.com/containers/storage from 1.23.4 to 1.23.5\n\n - Improve buildah completions\n\n - Cirrus: Fix validate commit epoch\n\n - Fix bash completion of manifest flags\n\n - Uniform some man pages\n\n - Update Buildah Tutorial to address BZ1867426\n\n - Update bash completion of manifest add sub command\n\n - copier.Get(): hard link targets shouldn't be relative paths\n\n - build(deps): bump github.com/onsi/gomega from 1.10.1 to 1.10.2\n\n - Pass timestamp down to history lines\n\n - Timestamp gets updated everytime you inspect an image\n\n - bud.bats: use absolute paths in newly-added tests\n\n - contrib/cirrus/lib.sh: don't use CN for the hostname\n\n - tests: Add some tests\n\n - Update manifest add man page\n\n - Extend flags of manifest add\n\n - build(deps): bump github.com/containers/storage from 1.23.3 to 1.23.4\n\n - build(deps): bump github.com/onsi/ginkgo from 1.14.0 to 1.14.1\n\n - Bump to v1.17.0-dev\n\n - CI: expand cross-compile checks\n\n - SLE: Remove unneeded patch: CVE-2019-10214.patch\n\nUpdate to v1.16.2\n\n - fix build on 32bit arches\n\n - containerImageRef.NewImageSource(): don't always force timestamps\n\n - Add fuse module warning to image readme\n\n - Heed our retry delay option values when retrying commit/pull/push\n\n - Switch to containers/common for seccomp\n\n - Use --timestamp rather then --omit-timestamp\n\n - docs: remove outdated notice\n\n - docs: remove outdated notice\n\n - build-using-dockerfile: add a hidden --log-rusage flag\n\n - build(deps): bump github.com/containers/image/v5 from 5.5.1 to 5.5.2\n\n - Discard ReportWriter if user sets options.Quiet\n\n - build(deps): bump github.com/containers/common from 0.19.0 to 0.20.3\n\n - Fix ownership of content copied using COPY --from\n\n - newTarDigester: zero out timestamps in tar headers\n\n - Update nix pin with `make nixpkgs`\n\n - bud.bats: correct .dockerignore integration tests\n\n - Use pipes for copying\n\n - run: include stdout in error message\n\n - run: use the correct error for errors.Wrapf\n\n - copier: un-export internal types\n\n - copier: add Mkdir()\n\n - in_podman: don't get tripped up by $CIRRUS_CHANGE_TITLE\n\n - docs/buildah-commit.md: tweak some wording, add a --rm example\n\n - imagebuildah: don’t blank out destination names when COPYing\n\n - Replace retry functions with common/pkg/retry\n\n - StageExecutor.historyMatches: compare timestamps using .Equal\n\n - Update vendor of containers/common\n\n - Fix errors found in coverity scan\n\n - Change namespace handling flags to better match podman commands\n\n - conformance testing: ignore buildah.BuilderIdentityAnnotation labels\n\n - Vendor in containers/storage v1.23.0\n\n - Add buildah.IsContainer interface\n\n - Avoid feeding run_buildah to pipe\n\n - fix(buildahimage): add xz dependency in buildah image\n\n - Bump github.com/containers/common from 0.15.2 to 0.18.0\n\n - Howto for rootless image building from OpenShift\n\n - Add --omit-timestamp flag to buildah bud\n\n - Update nix pin with `make nixpkgs`\n\n - Shutdown storage on failures\n\n - Handle COPY --from when an argument is used\n\n - Bump github.com/seccomp/containers-golang from 0.5.0 to 0.6.0\n\n - Cirrus: Use newly built VM images\n\n - Bump github.com/opencontainers/runc from 1.0.0-rc91 to 1.0.0-rc92\n\n - Enhance the .dockerignore man pages\n\n - conformance: add a test for COPY from subdirectory\n\n - fix bug manifest inspct\n\n - Add documentation for .dockerignore\n\n - Add BuilderIdentityAnnotation to identify buildah version\n\n - DOC: Add quay.io/containers/buildah image to README.md\n\n - Update buildahimages readme\n\n - fix spelling mistake in 'info' command result display\n\n - Don't bind /etc/host and /etc/resolv.conf if network is not present\n\n - blobcache: avoid an unnecessary NewImage()\n\n - Build static binary with `buildGoModule`\n\n - copier: split StripSetidBits into StripSetuidBit/StripSetgidBit/StripStickyBit\n\n - tarFilterer: handle multiple archives\n\n - Fix a race we hit during conformance tests\n\n - Rework conformance testing\n\n - Update 02-registries-repositories.md\n\n - test-unit: invoke cmd/buildah tests with --flags\n\n - parse: fix a type mismatch in a test\n\n - Fix compilation of tests/testreport/testreport\n\n - build.sh: log the version of Go that we're using\n\n - test-unit: increase the test timeout to 40/45 minutes\n\n - Add the 'copier' package\n\n - Fix & add notes regarding problematic language in codebase\n\n - Add dependency on github.com/stretchr/testify/require\n\n - CompositeDigester: add the ability to filter tar streams\n\n - BATS tests: make more robust\n\n - vendor golang.org/x/text@v0.3.3\n\n - Switch golang 1.12 to golang 1.13\n\n - imagebuildah: wait for stages that might not have even started yet\n\n - chroot, run: not fail on bind mounts from /sys\n\n - chroot: do not use setgroups if it is blocked\n\n - Set engine env from containers.conf\n\n - imagebuildah: return the right stage's image as the 'final' image\n\n - Fix a help string\n\n - Deduplicate environment variables\n\n - switch containers/libpod to containers/podman\n\n - Bump github.com/containers/ocicrypt from 1.0.2 to 1.0.3\n\n - Bump github.com/opencontainers/selinux from 1.5.2 to 1.6.0\n\n - Mask out /sys/dev to prevent information leak\n\n - linux: skip errors from the runtime kill\n\n - Mask over the /sys/fs/selinux in mask branch\n\n - Add VFS additional image store to container\n\n - tests: add auth tests\n\n - Allow 'readonly' as alias to 'ro' in mount options\n\n - Ignore OS X specific consistency mount option\n\n - Bump github.com/onsi/ginkgo from 1.13.0 to 1.14.0\n\n - Bump github.com/containers/common from 0.14.0 to 0.15.2\n\n - Rootless Buildah should default to IsolationOCIRootless\n\n - imagebuildah: fix inheriting multi-stage builds\n\n - Make imagebuildah.BuildOptions.Architecture/OS optional\n\n - Make imagebuildah.BuildOptions.Jobs optional\n\n - Resolve a possible race in imagebuildah.Executor.startStage()\n\n - Switch scripts to use containers.conf\n\n - Bump openshift/imagebuilder to v1.1.6\n\n - Bump go.etcd.io/bbolt from 1.3.4 to 1.3.5\n\n - buildah, bud: support --jobs=N for parallel execution\n\n - executor: refactor build code inside new function\n\n - Add bud regression tests\n\n - Cirrus: Fix missing htpasswd in registry img\n\n - docs: clarify the 'triples' format\n\n - CHANGELOG.md: Fix markdown formatting\n\n - Add nix derivation for static builds\n\nUpdate to v1.15.1\n\n - Mask over the /sys/fs/selinux in mask branch\n\n - chroot: do not use setgroups if it is blocked\n\n - chroot, run: not fail on bind mounts from /sys\n\n - Allow 'readonly' as alias to 'ro' in mount options\n\n - Add VFS additional image store to container\n\n - vendor golang.org/x/text@v0.3.3\n\n - Make imagebuildah.BuildOptions.Architecture/OS optional\n\nUpdate to v1.15.0\n\n - Add CVE-2020-10696 to CHANGELOG.md and changelog.txt\n\n - fix lighttpd example\n\n - remove dependency on openshift struct\n\n - Warn on unset build arguments\n\n - vendor: update seccomp/containers-golang to v0.4.1\n\n - Updated docs\n\n - clean up comments\n\n - update exit code for tests\n\n - Implement commit for encryption\n\n - implementation of encrypt/decrypt push/pull/bud/from\n\n - fix resolve docker image name as transport\n\n - Add preliminary profiling support to the CLI\n\n - Evaluate symlinks in build context directory\n\n - fix error info about get signatures for containerImageSource\n\n - Add Security Policy\n\n - Cirrus: Fixes from review feedback\n\n - imagebuildah: stages shouldn't count as their base images\n\n - Update containers/common v0.10.0\n\n - Add registry to buildahimage Dockerfiles\n\n - Cirrus: Use pre-installed VM packages + F32\n\n - Cirrus: Re-enable all distro versions\n\n - Cirrus: Update to F31 + Use cache images\n\n - golangci-lint: Disable gosimple\n\n - Lower number of golangci-lint threads\n\n - Fix permissions on containers.conf\n\n - Don't force tests to use runc\n\n - Return exit code from failed containers\n\n - cgroup_manager should be under [engine]\n\n - Use c/common/pkg/auth in login/logout\n\n - Cirrus: Temporarily disable Ubuntu 19 testing\n\n - Add containers.conf to stablebyhand build\n\n - Update gitignore to exclude test Dockerfiles\n\n - Remove warning for systemd inside of container\n\n - Add patch for CVE-2019-10214. boo#1144065\n\n + CVE-2019-10214.patch\n\nChanges in podman :\n\nUpdate to v2.2.1\n\n - Changes\n\n - Due to a conflict with a previously-removed field, we were forced to modify the way image volumes (mounting images into containers using\n\n --mount type=image) were handled in the database. As a result, containers created in Podman 2.2.0 with image volume will not have them in v2.2.1, and these containers will need to be re-created.\n\n - Bugfixes\n\n - Fixed a bug where rootless Podman would, on systems without the XDG_RUNTIME_DIR environment variable defined, use an incorrect path for the PID file of the Podman pause process, causing Podman to fail to start (#8539).\n\n - Fixed a bug where containers created using Podman v1.7 and earlier were unusable in Podman due to JSON decode errors (#8613).\n\n - Fixed a bug where Podman could retrieve invalid cgroup paths, instead of erroring, for containers that were not running.\n\n - Fixed a bug where the podman system reset command would print a warning about a duplicate shutdown handler being registered.\n\n - Fixed a bug where rootless Podman would attempt to mount sysfs in circumstances where it was not allowed; some OCI runtimes (notably crun) would fall back to alternatives and not fail, but others (notably runc) would fail to run containers.\n\n - Fixed a bug where the podman run and podman create commands would fail to create containers from untagged images (#8558).\n\n - Fixed a bug where remote Podman would prompt for a password even when the server did not support password authentication (#8498).\n\n - Fixed a bug where the podman exec command did not move the Conmon process for the exec session into the correct cgroup.\n\n - Fixed a bug where shell completion for the ancestor option to podman ps --filter did not work correctly.\n\n - Fixed a bug where detached containers would not properly clean themselves up (or remove themselves if --rm was set) if the Podman command that created them was invoked with --log-level=debug.\n\n - API\n\n - Fixed a bug where the Compat Create endpoint for Containers did not properly handle the Binds and Mounts parameters in HostConfig.\n\n - Fixed a bug where the Compat Create endpoint for Containers ignored the Name query parameter.\n\n - Fixed a bug where the Compat Create endpoint for Containers did not properly handle the 'default' value for NetworkMode (this value is used extensively by docker-compose) (#8544).\n\n - Fixed a bug where the Compat Build endpoint for Images would sometimes incorrectly use the target query parameter as the image's tag.\n\n - Misc\n\n - Podman v2.2.0 vendored a non-released, custom version of the github.com/spf13/cobra package; this has been reverted to the latest upstream release to aid in packaging.\n\n - Updated the containers/image library to v5.9.0\n\nUpdate to v2.2.0\n\n - Features\n\n - Experimental support for shortname aliasing has been added. This is not enabled by default, but can be turned on by setting the environment variable CONTAINERS_SHORT_NAME_ALIASING to on. Documentation is available here and here.\n\n - Initial support has been added for the podman network connect and podman network disconnect commands, which allow existing containers to modify what networks they are connected to. At present, these commands can only be used on running containers that did not specify\n --network=none when they were created.\n\n - The podman run command now supports the --network-alias option to set network aliases (additional names the container can be accessed at from other containers via DNS if the dnsname CNI plugin is in use). Aliases can also be added and removed using the new podman network connect and podman network disconnect commands. Please note that this requires a new release (v1.1.0) of the dnsname plugin, and will only work on newly-created CNI networks.\n\n - The podman generate kube command now features support for exporting container's memory and CPU limits (#7855).\n\n - The podman play kube command now features support for setting CPU and Memory limits for containers (#7742).\n\n - The podman play kube command now supports persistent volumes claims using Podman named volumes.\n\n - The podman play kube command now supports Kubernetes configmaps via the --configmap option (#7567).\n\n - The podman play kube command now supports a --log-driver option to set the log driver for created containers.\n\n - The podman play kube command now supports a --start option, enabled by default, to start the pod after creating it. This allows for podman play kube to be more easily used in systemd unitfiles.\n\n - The podman network create command now supports the\n --ipv6 option to enable dual-stack IPv6 networking for created networks (#7302).\n\n - The podman inspect command can now inspect pods, networks, and volumes, in addition to containers and images (#6757).\n\n - The --mount option for podman run and podman create now supports a new type, image, to mount the contents of an image into the container at a given location.\n\n - The Bash and ZSH completions have been completely reworked and have received significant enhancements! Additionally, support for Fish completions and completions for the podman-remote executable have been added.\n\n - The --log-opt option for podman create and podman run now supports the max-size option to set the maximum size for a container's logs (#7434).\n\n - The --network option to the podman pod create command now allows pods to be configured to use slirp4netns networking, even when run as root (#6097).\n\n - The podman pod stop, podman pod pause, podman pod unpause, and podman pod kill commands now work on multiple containers in parallel and should be significantly faster.\n\n - The podman search command now supports a --list-tags option to list all available tags for a single image in a single repository.\n\n - The podman search command can now output JSON using the\n --format=json option.\n\n - The podman diff and podman mount commands now work with all containers in the storage library, including those not created by Podman. This allows them to be used with Buildah and CRI-O containers.\n\n - The podman container exists command now features a\n --external option to check if a container exists not just in Podman, but also in the storage library. This will allow Podman to identify Buildah and CRI-O containers.\n\n - The --tls-verify and --authfile options have been enabled for use with remote Podman.\n\n - The /etc/hosts file now includes the container's name and hostname (both pointing to localhost) when the container is run with --net=none (#8095).\n\n - The podman events command now supports filtering events based on the labels of the container they occurred on using the --filter label=key=value option.\n\n - The podman volume ls command now supports filtering volumes based on their labels using the --filter label=key=value option.\n\n - The --volume and --mount options to podman run and podman create now support two new mount propagation options, unbindable and runbindable.\n\n - The name and id filters for podman pod ps now match based on a regular expression, instead of requiring an exact match.\n\n - The podman pod ps command now supports a new filter status, that matches pods in a certain state.\n\n - Changes\n\n - The podman network rm --force command will now also remove pods that are using the network (#7791).\n\n - The podman volume rm, podman network rm, and podman pod rm commands now return exit code 1 if the object specified for removal does not exist, and exit code 2 if the object is in use and the --force option was not given.\n\n - If /dev/fuse is passed into Podman containers as a device, Podman will open it before starting the container to ensure that the kernel module is loaded on the host and the device is usable in the container.\n\n - Global Podman options that were not supported with remote operation have been removed from podman-remote (e.g. --cgroup-manager, --storage-driver).\n\n - Many errors have been changed to remove repetition and be more clear as to what has gone wrong.\n\n - The --storage option to podman rm is now enabled by default, with slightly changed semantics. If the given container does not exist in Podman but does exist in the storage library, it will be removed even without the\n --storage option. If the container exists in Podman it will be removed normally. The --storage option for podman rm is now deprecated and will be removed in a future release.\n\n - The --storage option to podman ps has been renamed to\n --external. An alias has been added so the old form of the option will continue to work.\n\n - Podman now delays the SIGTERM and SIGINT signals during container creation to ensure that Podman is not stopped midway through creating a container resulting in potential resource leakage (#7941).\n\n - The podman save command now strips signatures from images it is exporting, as the formats we export to do not support signatures (#7659).\n\n - A new Degraded state has been added to pods. Pods that have some, but not all, of their containers running are now considered to be Degraded instead of Running.\n\n - Podman will now print a warning when conflicting network options related to port forwarding (e.g. --publish and\n --net=host) are specified when creating a container.\n\n - The --restart on-failure and --rm options for containers no longer conflict. When both are specified, the container will be restarted if it exits with a non-zero error code, and removed if it exits cleanly (#7906).\n\n - Remote Podman will no longer use settings from the client's containers.conf; defaults will instead be provided by the server's containers.conf (#7657).\n\n - The podman network rm command now has a new alias, podman network remove (#8402).\n\n - Bugfixes\n\n - Fixed a bug where podman load on the remote client did not error when attempting to load a directory, which is not yet supported for remote use.\n\n - Fixed a bug where rootless Podman could hang when the newuidmap binary was not installed (#7776).\n\n - Fixed a bug where the --pull option to podman run, podman create, and podman build did not match Docker's behavior.\n\n - Fixed a bug where sysctl settings from the containers.conf configuration file were applied, even if the container did not join the namespace associated with a sysctl.\n\n - Fixed a bug where Podman would not return the text of errors encounted when trying to run a healthcheck for a container.\n\n - Fixed a bug where Podman was accidentally setting the containers environment variable in addition to the expected container environment variable.\n\n - Fixed a bug where rootless Podman using CNI networking did not properly clean up DNS entries for removed containers (#7789).\n\n - Fixed a bug where the podman untag --all command was not supported with remote Podman.\n\n - Fixed a bug where the podman system service command could time out even if active attach connections were present (#7826).\n\n - Fixed a bug where the podman system service command would sometimes never time out despite no active connections being present.\n\n - Fixed a bug where Podman's handling of capabilities, specifically inheritable, did not match Docker's.\n\n - Fixed a bug where podman run would fail if the image specified was a manifest list and had already been pulled (#7798).\n\n - Fixed a bug where Podman did not take search registries into account when looking up images locally (#6381).\n\n - Fixed a bug where the podman manifest inspect command would fail for images that had already been pulled (#7726).\n\n - Fixed a bug where rootless Podman would not add supplemental GIDs to containers when when a user, but not a group, was set via the --user option to podman create and podman run and sufficient GIDs were available to add the groups (#7782).\n\n - Fixed a bug where remote Podman commands did not properly handle cases where the user gave a name that could also be a short ID for a pod or container (#7837).\n\n - Fixed a bug where podman image prune could leave images ready to be pruned after podman image prune was run (#7872).\n\n - Fixed a bug where the podman logs command with the journald log driver would not read all available logs (#7476).\n\n - Fixed a bug where the --rm and --restart options to podman create and podman run did not conflict when a restart policy that is not on-failure was chosen (#7878).\n\n - Fixed a bug where the --format 'table (( .Field ))' option to numerous Podman commands ceased to function on Podman v2.0 and up.\n\n - Fixed a bug where pods did not properly share an SELinux label between their containers, resulting in containers being unable to see the processes of other containers when the pod shared a PID namespace (#7886).\n\n - Fixed a bug where the --namespace option to podman ps did not work with the remote client (#7903).\n\n - Fixed a bug where rootless Podman incorrectly calculated the number of UIDs available in the container if multiple different ranges of UIDs were specified.\n\n - Fixed a bug where the /etc/hosts file would not be correctly populated for containers in a user namespace (#7490).\n\n - Fixed a bug where the podman network create and podman network remove commands could race when run in parallel, with unpredictable results (#7807).\n\n - Fixed a bug where the -p option to podman run, podman create, and podman pod create would, when given only a single number (e.g. -p 80), assign the same port for both host and container, instead of generating a random host port (#7947).\n\n - Fixed a bug where Podman containers did not properly store the cgroup manager they were created with, causing them to stop functioning after the cgroup manager was changed in containers.conf or with the --cgroup-manager option (#7830).\n\n - Fixed a bug where the podman inspect command did not include information on the CNI networks a container was connected to if it was not running.\n\n - Fixed a bug where the podman attach command would not print a newline after detaching from the container (#7751).\n\n - Fixed a bug where the HOME environment variable was not set properly in containers when the --userns=keep-id option was set (#8004).\n\n - Fixed a bug where the podman container restore command could panic when the container in question was in a pod (#8026).\n\n - Fixed a bug where the output of the podman image trust show --raw command was not properly formatted.\n\n - Fixed a bug where the podman runlabel command could panic if a label to run was not given (#8038).\n\n - Fixed a bug where the podman run and podman start\n --attach commands would exit with an error when the user detached manually using the detach keys on remote Podman (#7979).\n\n - Fixed a bug where rootless CNI networking did not use the dnsname CNI plugin if it was not available on the host, despite it always being available in the container used for rootless networking (#8040).\n\n - Fixed a bug where Podman did not properly handle cases where an OCI runtime is specified by its full path, and could revert to using another OCI runtime with the same binary path that existed in the system $PATH on subsequent invocations.\n\n - Fixed a bug where the --net=host option to podman create and podman run would cause the /etc/hosts file to be incorrectly populated (#8054).\n\n - Fixed a bug where the podman inspect command did not include container network information when the container shared its network namespace (IE, joined a pod or another container's network namespace via\n --net=container:...) (#8073).\n\n - Fixed a bug where the podman ps command did not include information on all ports a container was publishing.\n\n - Fixed a bug where the podman build command incorrectly forwarded STDIN into build containers from RUN instructions.\n\n - Fixed a bug where the podman wait command's --interval option did not work when units were not specified for the duration (#8088).\n\n - Fixed a bug where the --detach-keys and --detach options could be passed to podman create despite having no effect (and not making sense in that context).\n\n - Fixed a bug where Podman could not start containers if running on a system without a /etc/resolv.conf file (which occurs on some WSL2 images) (#8089).\n\n - Fixed a bug where the --extract option to podman cp was nonfunctional.\n\n - Fixed a bug where the --cidfile option to podman run would, when the container was not run with --detach, only create the file after the container exited (#8091).\n\n - Fixed a bug where the podman images and podman images -a commands could panic and not list any images when certain improperly-formatted images were present in storage (#8148).\n\n - Fixed a bug where the podman events command could, when the journald events backend was in use, become nonfunctional when a badly-formatted event or a log message that container certain string was present in the journal (#8125).\n\n - Fixed a bug where remote Podman would, when using SSH transport, not authenticate to the server using hostkeys when connecting on a port other than 22 (#8139).\n\n - Fixed a bug where the podman attach command would not exit when containers stopped (#8154).\n\n - Fixed a bug where Podman did not properly clean paths before verifying them, resulting in Podman refusing to start if the root or temporary directories were specified with extra trailing / characters (#8160).\n\n - Fixed a bug where remote Podman did not support hashed hostnames in the known_hosts file on the host for establishing connections (#8159).\n\n - Fixed a bug where the podman image exists command would return non-zero (false) when multiple potential matches for the given name existed.\n\n - Fixed a bug where the podman manifest inspect command on images that are not manifest lists would error instead of inspecting the image (#8023).\n\n - Fixed a bug where the podman system service command would fail if the directory the Unix socket was to be created inside did not exist (#8184).\n\n - Fixed a bug where pods that shared the IPC namespace (which is done by default) did not share a /dev/shm filesystem between all containers in the pod (#8181).\n\n - Fixed a bug where filters passed to podman volume list were not inclusive (#6765).\n\n - Fixed a bug where the podman volume create command would fail when the volume's data directory already existed (as might occur when a volume was not completely removed) (#8253).\n\n - Fixed a bug where the podman run and podman create commands would deadlock when trying to create a container that mounted the same named volume at multiple locations (e.g. podman run -v testvol:/test1 -v testvol:/test2) (#8221).\n\n - Fixed a bug where the parsing of the --net option to podman build was incorrect (#8322).\n\n - Fixed a bug where the podman build command would print the ID of the built image twice when using remote Podman (#8332).\n\n - Fixed a bug where the podman stats command did not show memory limits for containers (#8265).\n\n - Fixed a bug where the podman pod inspect command printed the static MAC address of the pod in a non-human-readable format (#8386).\n\n - Fixed a bug where the --tls-verify option of the podman play kube command had its logic inverted (false would enforce the use of TLS, true would disable it).\n\n - Fixed a bug where the podman network rm command would error when trying to remove macvlan networks and rootless CNI networks (#8491).\n\n - Fixed a bug where Podman was not setting sane defaults for missing XDG_ environment variables.\n\n - Fixed a bug where remote Podman would check if volume paths to be mounted in the container existed on the host, not the server (#8473).\n\n - Fixed a bug where the podman manifest create and podman manifest add commands on local images would drop any images in the manifest not pulled by the host.\n\n - Fixed a bug where networks made by podman network create did not include the tuning plugin, and as such did not support setting custom MAC addresses (#8385).\n\n - Fixed a bug where container healthchecks did not use $PATH when searching for the Podman executable to run the healthcheck.\n\n - Fixed a bug where the --ip-range option to podman network create did not properly handle non-classful subnets when calculating the last usable IP for DHCP assignment (#8448).\n\n - Fixed a bug where the podman container ps alias for podman ps was missing (#8445).\n\n - API\n\n - The Compat Create endpoint for Container has received a major refactor to share more code with the Libpod Create endpoint, and should be significantly more stable.\n\n - A Compat endpoint for exporting multiple images at once, GET /images/get, has been added (#7950).\n\n - The Compat Network Connect and Network Disconnect endpoints have been added.\n\n - Endpoints that deal with image registries now support a X-Registry-Config header to specify registry authentication configuration.\n\n - The Compat Create endpoint for images now properly supports specifying images by digest.\n\n - The Libpod Build endpoint for images now supports an httpproxy query parameter which, if set to true, will forward the server's HTTP proxy settings into the build container for RUN instructions.\n\n - The Libpod Untag endpoint for images will now remove all tags for the given image if no repository and tag are specified for removal.\n\n - Fixed a bug where the Ping endpoint misspelled a header name (Libpod-Buildha-Version instead of Libpod-Buildah-Version).\n\n - Fixed a bug where the Ping endpoint sent an extra newline at the end of its response where Docker did not.\n\n - Fixed a bug where the Compat Logs endpoint for containers did not send a newline character after each log line.\n\n - Fixed a bug where the Compat Logs endpoint for containers would mangle line endings to change newline characters to add a preceding carriage return (#7942).\n\n - Fixed a bug where the Compat Inspect endpoint for Containers did not properly list the container's stop signal (#7917).\n\n - Fixed a bug where the Compat Inspect endpoint for Containers formatted the container's create time incorrectly (#7860).\n\n - Fixed a bug where the Compat Inspect endpoint for Containers did not include the container's Path, Args, and Restart Count.\n\n - Fixed a bug where the Compat Inspect endpoint for Containers prefixed added and dropped capabilities with CAP_ (Docker does not do so).\n\n - Fixed a bug where the Compat Info endpoint for the Engine did not include configured registries.\n\n - Fixed a bug where the server could panic if a client closed a connection midway through an image pull (#7896).\n\n - Fixed a bug where the Compat Create endpoint for volumes returned an error when a volume with the same name already existed, instead of succeeding with a 201 code (#7740).\n\n - Fixed a bug where a client disconnecting from the Libpod or Compat events endpoints could result in the server using 100% CPU (#7946).\n\n - Fixed a bug where the 'no such image' error message sent by the Compat Inspect endpoint for Images returned a 404 status code with an error that was improperly formatted for Docker compatibility.\n\n - Fixed a bug where the Compat Create endpoint for networks did not properly set a default for the driver parameter if it was not provided by the client.\n\n - Fixed a bug where the Compat Inspect endpoint for images did not populate the RootFS field of the response.\n\n - Fixed a bug where the Compat Inspect endpoint for images would omit the ParentId field if the image had no parent, and the Created field if the image did not have a creation time.\n\n - Fixed a bug where the Compat Remove endpoint for Networks did not support the Force query parameter.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2021-02-22T00:00:00", "type": "nessus", "title": "openSUSE Security Update : buildah / libcontainers-common / podman (openSUSE-2021-310)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-10214", "CVE-2020-10696"], "modified": "2021-02-24T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:buildah", "p-cpe:/a:novell:opensuse:libcontainers-common", "p-cpe:/a:novell:opensuse:podman", "p-cpe:/a:novell:opensuse:podman-cni-config", "cpe:/o:novell:opensuse:15.2"], "id": "OPENSUSE-2021-310.NASL", "href": "https://www.tenable.com/plugins/nessus/146649", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2021-310.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(146649);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/02/24\");\n\n script_cve_id(\"CVE-2019-10214\", \"CVE-2020-10696\");\n\n script_name(english:\"openSUSE Security Update : buildah / libcontainers-common / podman (openSUSE-2021-310)\");\n script_summary(english:\"Check for the openSUSE-2021-310 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for buildah, libcontainers-common, podman fixes the\nfollowing issues :\n\nChanges in libcontainers-common :\n\n - Update common to 0.33.0\n\n - Update image to 5.9.0\n\n - Update podman to 2.2.1\n\n - Update storage to 1.24.5\n\n - Switch to seccomp profile provided by common instead of\n podman\n\n - Update containers.conf to match latest version\n\nChanges in buildah :\n\nUpdate to version 1.19.2 :\n\n - Update vendor of containers/storage and\n containers/common\n\n - Buildah inspect should be able to inspect manifests\n\n - Make buildah push support pushing manifests lists and\n digests\n\n - Fix handling of TMPDIR environment variable\n\n - Add support for --manifest flags\n\n - Upper directory should match mode of destination\n directory\n\n - Only grab the OS, Arch if the user actually specified\n them\n\n - Use --arch and --os and --variant options to select\n architecture and os\n\n - Cirrus: Track libseccomp and golang version\n\n - copier.PutOptions: add an 'IgnoreDevices' flag\n\n - fix: `rmi --prune` when parent image is in store.\n\n - build(deps): bump github.com/containers/storage from\n 1.24.3 to 1.24.4\n\n - build(deps): bump github.com/containers/common from\n 0.31.1 to 0.31.2\n\n - Allow users to specify stdin into containers\n\n - Drop log message on failure to mount on /sys file\n systems to info\n\n - Spelling\n\n - SELinux no longer requires a tag.\n\n - build(deps): bump github.com/opencontainers/selinux from\n 1.6.0 to 1.8.0\n\n - build(deps): bump github.com/containers/common from\n 0.31.0 to 0.31.1\n\n - Update nix pin with `make nixpkgs`\n\n - Switch references of /var/run -> /run\n\n - Allow FROM to be overriden with from option\n\n - copier: don't assume we can chroot() on Unixy systems\n\n - copier: add PutOptions.NoOverwriteDirNonDir,\n Get/PutOptions.Rename\n\n - copier: handle replacing directories with\n not-directories\n\n - copier: Put: skip entries with zero-length names\n\n - build(deps): bump github.com/containers/storage from\n 1.24.2 to 1.24.3\n\n - Add U volume flag to chown source volumes\n\n - Turn off PRIOR_UBUNTU Test until vm is updated\n\n - pkg, cli: rootless uses correct isolation\n\n - build(deps): bump github.com/onsi/gomega from 1.10.3 to\n 1.10.4\n\n - update installation doc to reflect current status\n\n - Move away from using docker.io\n\n - enable short-name aliasing\n\n - build(deps): bump github.com/containers/storage from\n 1.24.1 to 1.24.2\n\n - build(deps): bump github.com/containers/common from\n 0.30.0 to 0.31.0\n\n - Throw errors when using bogus --network flags\n\n - pkg/supplemented test: replace our null blobinfocache\n\n - build(deps): bump github.com/containers/common from\n 0.29.0 to 0.30.0\n\n - inserts forgotten quotation mark\n\n - Not prefer use local image create/add manifest\n\n - Add container information to .containerenv\n\n - Add --ignorefile flag to use alternate .dockerignore\n flags\n\n - Add a source debug build\n\n - Fix crash on invalid filter commands\n\n - build(deps): bump github.com/containers/common from\n 0.27.0 to 0.29.0\n\n - Switch to using containers/common pkg's\n\n - fix: non-portable shebang #2812\n\n - Remove copy/paste errors that leaked `Podman` into man\n pages.\n\n - Add suggests cpp to spec file\n\n - Apply suggestions from code review\n\n - update docs for debian testing and unstable\n\n - imagebuildah: disable pseudo-terminals for RUN\n\n - Compute diffID for mapped-layer at creating image source\n\n - intermediateImageExists: ignore images whose history we\n can't read\n\n - Bump to v1.19.0-dev\n\n - build(deps): bump github.com/containers/common from\n 0.26.3 to 0.27.0\n\n - Fix testing error caused by simultanious merge\n\n - Vendor in containers/storage v1.24.0\n\n - short-names aliasing\n\n - Add --policy flag to buildah pull\n\n - Stop overwrapping and stuttering\n\n - copier.Get(): ignore ENOTSUP/ENOSYS when listing xattrs\n\n - Run: don't forcibly disable UTS namespaces in rootless\n mode\n\n - test: ensure non-directory in a Dockerfile path is\n handled correctly\n\n - Add a few tests for `pull` command\n\n - Fix buildah config --cmd to handle array\n\n - build(deps): bump github.com/containers/storage from\n 1.23.8 to 1.23.9\n\n - Fix NPE when Dockerfile path contains non-directory\n entries\n\n - Update buildah bud man page from podman build man page\n\n - Move declaration of decryption-keys to common cli\n\n - Run: correctly call copier.Mkdir\n\n - util: digging UID/GID out of os.FileInfo should work on\n Unix\n\n - imagebuildah.getImageTypeAndHistoryAndDiffIDs: cache\n results\n\n - Verify userns-uid-map and userns-gid-map input\n\n - Use CPP, CC and flags in dep check scripts\n\n - Avoid overriding LDFLAGS in Makefile\n\n - ADD: handle --chown on URLs\n\n - Update nix pin with `make nixpkgs`\n\n - (*Builder).Run: MkdirAll: handle EEXIST error\n\n - copier: try to force loading of nsswitch modules before\n chroot()\n\n - fix MkdirAll usage\n\n - build(deps): bump github.com/containers/common from\n 0.26.2 to 0.26.3\n\n - build(deps): bump github.com/containers/storage from\n 1.23.7 to 1.23.8\n\n - Use osusergo build tag for static build\n\n - imagebuildah: cache should take image format into\n account\n\n - Bump to v1.18.0-dev\n\nUpdate to version 1.17.1 :\n\n - copier.Get(): ignore ENOTSUP/ENOSYS when listing xattrs\n\n - copier: try to force loading of nsswitch modules before\n chroot()\n\n - ADD: handle --chown on URLs\n\n - imagebuildah: cache should take image format into\n account\n\n - Update CI configuration for the release-1.17 branch\n\nadded cni to requires as its needed for buildah to run \n\nUpdate to v1.17.0 (boo#1165184)\n\n - Handle cases where other tools mount/unmount containers\n\n - overlay.MountReadOnly: support RO overlay mounts\n\n - overlay: use fusermount for rootless umounts\n\n - overlay: fix umount\n\n - Switch default log level of Buildah to Warn. Users need\n to see these messages\n\n - Drop error messages about OCI/Docker format to Warning\n level\n\n - build(deps): bump github.com/containers/common from\n 0.26.0 to 0.26.2\n\n - tests/testreport: adjust for API break in storage\n v1.23.6\n\n - build(deps): bump github.com/containers/storage from\n 1.23.5 to 1.23.7\n\n - build(deps): bump github.com/fsouza/go-dockerclient from\n 1.6.5 to 1.6.6\n\n - copier: put: ignore Typeflag='g'\n\n - Use curl to get repo file (fix #2714)\n\n - build(deps): bump github.com/containers/common from\n 0.25.0 to 0.26.0\n\n - build(deps): bump github.com/spf13/cobra from 1.0.0 to\n 1.1.1\n\n - Remove docs that refer to bors, since we're not using it\n\n - Buildah bud should not use stdin by default\n\n - bump containerd, docker, and golang.org/x/sys\n\n - Makefile: cross: remove windows.386 target\n\n - copier.copierHandlerPut: don't check length when there\n are errors\n\n - Stop excessive wrapping\n\n - CI: require that conformance tests pass\n\n - bump(github.com/openshift/imagebuilder) to v1.1.8\n\n - Skip tlsVerify insecure BUILD_REGISTRY_SOURCES\n\n - Fix build path wrong containers/podman#7993\n\n - refactor pullpolicy to avoid deps\n\n - build(deps): bump github.com/containers/common from\n 0.24.0 to 0.25.0\n\n - CI: run gating tasks with a lot more memory\n\n - ADD and COPY: descend into excluded directories,\n sometimes\n\n - copier: add more context to a couple of error messages\n\n - copier: check an error earlier\n\n - copier: log stderr output as debug on success\n\n - Update nix pin with make nixpkgs\n\n - Set directory ownership when copied with ID mapping\n\n - build(deps): bump github.com/sirupsen/logrus from 1.6.0\n to 1.7.0\n\n - build(deps): bump github.com/containers/common from\n 0.23.0 to 0.24.0\n\n - Cirrus: Remove bors artifacts\n\n - Sort build flag definitions alphabetically\n\n - ADD: only expand archives at the right time\n\n - Remove configuration for bors\n\n - Shell Completion for podman build flags\n\n - Bump c/common to v0.24.0\n\n - New CI check: xref --help vs man pages\n\n - CI: re-enable several linters\n\n - Move --userns-uid-map/--userns-gid-map description into\n buildah man page\n\n - add: preserve ownerships and permissions on ADDed\n archives\n\n - Makefile: tweak the cross-compile target\n\n - Bump containers/common to v0.23.0\n\n - chroot: create bind mount targets 0755 instead of 0700\n\n - Change call to Split() to safer SplitN()\n\n - chroot: fix handling of errno seccomp rules\n\n - build(deps): bump github.com/containers/image/v5 from\n 5.5.2 to 5.6.0\n\n - Add In Progress section to contributing\n\n - integration tests: make sure tests run in\n $(topdir)/tests\n\n - Run(): ignore containers.conf's environment\n configuration\n\n - Warn when setting healthcheck in OCI format\n\n - Cirrus: Skip git-validate on branches\n\n - tools: update git-validation to the latest commit\n\n - tools: update golangci-lint to v1.18.0\n\n - Add a few tests of push command\n\n - Add(): fix handling of relative paths with no ContextDir\n\n - build(deps): bump github.com/containers/common from\n 0.21.0 to 0.22.0\n\n - Lint: Use same linters as podman\n\n - Validate: reference HEAD\n\n - Fix buildah mount to display container names not ids\n\n - Update nix pin with make nixpkgs\n\n - Add missing --format option in buildah from man page\n\n - Fix up code based on codespell\n\n - build(deps): bump github.com/openshift/imagebuilder from\n 1.1.6 to 1.1.7\n\n - build(deps): bump github.com/containers/storage from\n 1.23.4 to 1.23.5\n\n - Improve buildah completions\n\n - Cirrus: Fix validate commit epoch\n\n - Fix bash completion of manifest flags\n\n - Uniform some man pages\n\n - Update Buildah Tutorial to address BZ1867426\n\n - Update bash completion of manifest add sub command\n\n - copier.Get(): hard link targets shouldn't be relative\n paths\n\n - build(deps): bump github.com/onsi/gomega from 1.10.1 to\n 1.10.2\n\n - Pass timestamp down to history lines\n\n - Timestamp gets updated everytime you inspect an image\n\n - bud.bats: use absolute paths in newly-added tests\n\n - contrib/cirrus/lib.sh: don't use CN for the hostname\n\n - tests: Add some tests\n\n - Update manifest add man page\n\n - Extend flags of manifest add\n\n - build(deps): bump github.com/containers/storage from\n 1.23.3 to 1.23.4\n\n - build(deps): bump github.com/onsi/ginkgo from 1.14.0 to\n 1.14.1\n\n - Bump to v1.17.0-dev\n\n - CI: expand cross-compile checks\n\n - SLE: Remove unneeded patch: CVE-2019-10214.patch\n\nUpdate to v1.16.2\n\n - fix build on 32bit arches\n\n - containerImageRef.NewImageSource(): don't always force\n timestamps\n\n - Add fuse module warning to image readme\n\n - Heed our retry delay option values when retrying\n commit/pull/push\n\n - Switch to containers/common for seccomp\n\n - Use --timestamp rather then --omit-timestamp\n\n - docs: remove outdated notice\n\n - docs: remove outdated notice\n\n - build-using-dockerfile: add a hidden --log-rusage flag\n\n - build(deps): bump github.com/containers/image/v5 from\n 5.5.1 to 5.5.2\n\n - Discard ReportWriter if user sets options.Quiet\n\n - build(deps): bump github.com/containers/common from\n 0.19.0 to 0.20.3\n\n - Fix ownership of content copied using COPY --from\n\n - newTarDigester: zero out timestamps in tar headers\n\n - Update nix pin with `make nixpkgs`\n\n - bud.bats: correct .dockerignore integration tests\n\n - Use pipes for copying\n\n - run: include stdout in error message\n\n - run: use the correct error for errors.Wrapf\n\n - copier: un-export internal types\n\n - copier: add Mkdir()\n\n - in_podman: don't get tripped up by $CIRRUS_CHANGE_TITLE\n\n - docs/buildah-commit.md: tweak some wording, add a --rm\n example\n\n - imagebuildah: don’t blank out destination names\n when COPYing\n\n - Replace retry functions with common/pkg/retry\n\n - StageExecutor.historyMatches: compare timestamps using\n .Equal\n\n - Update vendor of containers/common\n\n - Fix errors found in coverity scan\n\n - Change namespace handling flags to better match podman\n commands\n\n - conformance testing: ignore\n buildah.BuilderIdentityAnnotation labels\n\n - Vendor in containers/storage v1.23.0\n\n - Add buildah.IsContainer interface\n\n - Avoid feeding run_buildah to pipe\n\n - fix(buildahimage): add xz dependency in buildah image\n\n - Bump github.com/containers/common from 0.15.2 to 0.18.0\n\n - Howto for rootless image building from OpenShift\n\n - Add --omit-timestamp flag to buildah bud\n\n - Update nix pin with `make nixpkgs`\n\n - Shutdown storage on failures\n\n - Handle COPY --from when an argument is used\n\n - Bump github.com/seccomp/containers-golang from 0.5.0 to\n 0.6.0\n\n - Cirrus: Use newly built VM images\n\n - Bump github.com/opencontainers/runc from 1.0.0-rc91 to\n 1.0.0-rc92\n\n - Enhance the .dockerignore man pages\n\n - conformance: add a test for COPY from subdirectory\n\n - fix bug manifest inspct\n\n - Add documentation for .dockerignore\n\n - Add BuilderIdentityAnnotation to identify buildah\n version\n\n - DOC: Add quay.io/containers/buildah image to README.md\n\n - Update buildahimages readme\n\n - fix spelling mistake in 'info' command result display\n\n - Don't bind /etc/host and /etc/resolv.conf if network is\n not present\n\n - blobcache: avoid an unnecessary NewImage()\n\n - Build static binary with `buildGoModule`\n\n - copier: split StripSetidBits into\n StripSetuidBit/StripSetgidBit/StripStickyBit\n\n - tarFilterer: handle multiple archives\n\n - Fix a race we hit during conformance tests\n\n - Rework conformance testing\n\n - Update 02-registries-repositories.md\n\n - test-unit: invoke cmd/buildah tests with --flags\n\n - parse: fix a type mismatch in a test\n\n - Fix compilation of tests/testreport/testreport\n\n - build.sh: log the version of Go that we're using\n\n - test-unit: increase the test timeout to 40/45 minutes\n\n - Add the 'copier' package\n\n - Fix & add notes regarding problematic language in\n codebase\n\n - Add dependency on github.com/stretchr/testify/require\n\n - CompositeDigester: add the ability to filter tar streams\n\n - BATS tests: make more robust\n\n - vendor golang.org/x/text@v0.3.3\n\n - Switch golang 1.12 to golang 1.13\n\n - imagebuildah: wait for stages that might not have even\n started yet\n\n - chroot, run: not fail on bind mounts from /sys\n\n - chroot: do not use setgroups if it is blocked\n\n - Set engine env from containers.conf\n\n - imagebuildah: return the right stage's image as the\n 'final' image\n\n - Fix a help string\n\n - Deduplicate environment variables\n\n - switch containers/libpod to containers/podman\n\n - Bump github.com/containers/ocicrypt from 1.0.2 to 1.0.3\n\n - Bump github.com/opencontainers/selinux from 1.5.2 to\n 1.6.0\n\n - Mask out /sys/dev to prevent information leak\n\n - linux: skip errors from the runtime kill\n\n - Mask over the /sys/fs/selinux in mask branch\n\n - Add VFS additional image store to container\n\n - tests: add auth tests\n\n - Allow 'readonly' as alias to 'ro' in mount options\n\n - Ignore OS X specific consistency mount option\n\n - Bump github.com/onsi/ginkgo from 1.13.0 to 1.14.0\n\n - Bump github.com/containers/common from 0.14.0 to 0.15.2\n\n - Rootless Buildah should default to IsolationOCIRootless\n\n - imagebuildah: fix inheriting multi-stage builds\n\n - Make imagebuildah.BuildOptions.Architecture/OS optional\n\n - Make imagebuildah.BuildOptions.Jobs optional\n\n - Resolve a possible race in\n imagebuildah.Executor.startStage()\n\n - Switch scripts to use containers.conf\n\n - Bump openshift/imagebuilder to v1.1.6\n\n - Bump go.etcd.io/bbolt from 1.3.4 to 1.3.5\n\n - buildah, bud: support --jobs=N for parallel execution\n\n - executor: refactor build code inside new function\n\n - Add bud regression tests\n\n - Cirrus: Fix missing htpasswd in registry img\n\n - docs: clarify the 'triples' format\n\n - CHANGELOG.md: Fix markdown formatting\n\n - Add nix derivation for static builds\n\nUpdate to v1.15.1\n\n - Mask over the /sys/fs/selinux in mask branch\n\n - chroot: do not use setgroups if it is blocked\n\n - chroot, run: not fail on bind mounts from /sys\n\n - Allow 'readonly' as alias to 'ro' in mount options\n\n - Add VFS additional image store to container\n\n - vendor golang.org/x/text@v0.3.3\n\n - Make imagebuildah.BuildOptions.Architecture/OS optional\n\nUpdate to v1.15.0\n\n - Add CVE-2020-10696 to CHANGELOG.md and changelog.txt\n\n - fix lighttpd example\n\n - remove dependency on openshift struct\n\n - Warn on unset build arguments\n\n - vendor: update seccomp/containers-golang to v0.4.1\n\n - Updated docs\n\n - clean up comments\n\n - update exit code for tests\n\n - Implement commit for encryption\n\n - implementation of encrypt/decrypt push/pull/bud/from\n\n - fix resolve docker image name as transport\n\n - Add preliminary profiling support to the CLI\n\n - Evaluate symlinks in build context directory\n\n - fix error info about get signatures for\n containerImageSource\n\n - Add Security Policy\n\n - Cirrus: Fixes from review feedback\n\n - imagebuildah: stages shouldn't count as their base\n images\n\n - Update containers/common v0.10.0\n\n - Add registry to buildahimage Dockerfiles\n\n - Cirrus: Use pre-installed VM packages + F32\n\n - Cirrus: Re-enable all distro versions\n\n - Cirrus: Update to F31 + Use cache images\n\n - golangci-lint: Disable gosimple\n\n - Lower number of golangci-lint threads\n\n - Fix permissions on containers.conf\n\n - Don't force tests to use runc\n\n - Return exit code from failed containers\n\n - cgroup_manager should be under [engine]\n\n - Use c/common/pkg/auth in login/logout\n\n - Cirrus: Temporarily disable Ubuntu 19 testing\n\n - Add containers.conf to stablebyhand build\n\n - Update gitignore to exclude test Dockerfiles\n\n - Remove warning for systemd inside of container\n\n - Add patch for CVE-2019-10214. boo#1144065\n\n + CVE-2019-10214.patch\n\nChanges in podman :\n\nUpdate to v2.2.1\n\n - Changes\n\n - Due to a conflict with a previously-removed field, we\n were forced to modify the way image volumes (mounting\n images into containers using\n\n --mount type=image) were handled in the database. As a\n result, containers created in Podman 2.2.0 with image\n volume will not have them in v2.2.1, and these\n containers will need to be re-created.\n\n - Bugfixes\n\n - Fixed a bug where rootless Podman would, on systems\n without the XDG_RUNTIME_DIR environment variable\n defined, use an incorrect path for the PID file of the\n Podman pause process, causing Podman to fail to start\n (#8539).\n\n - Fixed a bug where containers created using Podman v1.7\n and earlier were unusable in Podman due to JSON decode\n errors (#8613).\n\n - Fixed a bug where Podman could retrieve invalid cgroup\n paths, instead of erroring, for containers that were not\n running.\n\n - Fixed a bug where the podman system reset command would\n print a warning about a duplicate shutdown handler being\n registered.\n\n - Fixed a bug where rootless Podman would attempt to mount\n sysfs in circumstances where it was not allowed; some\n OCI runtimes (notably crun) would fall back to\n alternatives and not fail, but others (notably runc)\n would fail to run containers.\n\n - Fixed a bug where the podman run and podman create\n commands would fail to create containers from untagged\n images (#8558).\n\n - Fixed a bug where remote Podman would prompt for a\n password even when the server did not support password\n authentication (#8498).\n\n - Fixed a bug where the podman exec command did not move\n the Conmon process for the exec session into the correct\n cgroup.\n\n - Fixed a bug where shell completion for the ancestor\n option to podman ps --filter did not work correctly.\n\n - Fixed a bug where detached containers would not properly\n clean themselves up (or remove themselves if --rm was\n set) if the Podman command that created them was invoked\n with --log-level=debug.\n\n - API\n\n - Fixed a bug where the Compat Create endpoint for\n Containers did not properly handle the Binds and Mounts\n parameters in HostConfig.\n\n - Fixed a bug where the Compat Create endpoint for\n Containers ignored the Name query parameter.\n\n - Fixed a bug where the Compat Create endpoint for\n Containers did not properly handle the 'default' value\n for NetworkMode (this value is used extensively by\n docker-compose) (#8544).\n\n - Fixed a bug where the Compat Build endpoint for Images\n would sometimes incorrectly use the target query\n parameter as the image's tag.\n\n - Misc\n\n - Podman v2.2.0 vendored a non-released, custom version of\n the github.com/spf13/cobra package; this has been\n reverted to the latest upstream release to aid in\n packaging.\n\n - Updated the containers/image library to v5.9.0\n\nUpdate to v2.2.0\n\n - Features\n\n - Experimental support for shortname aliasing has been\n added. This is not enabled by default, but can be turned\n on by setting the environment variable\n CONTAINERS_SHORT_NAME_ALIASING to on. Documentation is\n available here and here.\n\n - Initial support has been added for the podman network\n connect and podman network disconnect commands, which\n allow existing containers to modify what networks they\n are connected to. At present, these commands can only be\n used on running containers that did not specify\n --network=none when they were created.\n\n - The podman run command now supports the --network-alias\n option to set network aliases (additional names the\n container can be accessed at from other containers via\n DNS if the dnsname CNI plugin is in use). Aliases can\n also be added and removed using the new podman network\n connect and podman network disconnect commands. Please\n note that this requires a new release (v1.1.0) of the\n dnsname plugin, and will only work on newly-created CNI\n networks.\n\n - The podman generate kube command now features support\n for exporting container's memory and CPU limits (#7855).\n\n - The podman play kube command now features support for\n setting CPU and Memory limits for containers (#7742).\n\n - The podman play kube command now supports persistent\n volumes claims using Podman named volumes.\n\n - The podman play kube command now supports Kubernetes\n configmaps via the --configmap option (#7567).\n\n - The podman play kube command now supports a --log-driver\n option to set the log driver for created containers.\n\n - The podman play kube command now supports a --start\n option, enabled by default, to start the pod after\n creating it. This allows for podman play kube to be more\n easily used in systemd unitfiles.\n\n - The podman network create command now supports the\n --ipv6 option to enable dual-stack IPv6 networking for\n created networks (#7302).\n\n - The podman inspect command can now inspect pods,\n networks, and volumes, in addition to containers and\n images (#6757).\n\n - The --mount option for podman run and podman create now\n supports a new type, image, to mount the contents of an\n image into the container at a given location.\n\n - The Bash and ZSH completions have been completely\n reworked and have received significant enhancements!\n Additionally, support for Fish completions and\n completions for the podman-remote executable have been\n added.\n\n - The --log-opt option for podman create and podman run\n now supports the max-size option to set the maximum size\n for a container's logs (#7434).\n\n - The --network option to the podman pod create command\n now allows pods to be configured to use slirp4netns\n networking, even when run as root (#6097).\n\n - The podman pod stop, podman pod pause, podman pod\n unpause, and podman pod kill commands now work on\n multiple containers in parallel and should be\n significantly faster.\n\n - The podman search command now supports a --list-tags\n option to list all available tags for a single image in\n a single repository.\n\n - The podman search command can now output JSON using the\n --format=json option.\n\n - The podman diff and podman mount commands now work with\n all containers in the storage library, including those\n not created by Podman. This allows them to be used with\n Buildah and CRI-O containers.\n\n - The podman container exists command now features a\n --external option to check if a container exists not\n just in Podman, but also in the storage library. This\n will allow Podman to identify Buildah and CRI-O\n containers.\n\n - The --tls-verify and --authfile options have been\n enabled for use with remote Podman.\n\n - The /etc/hosts file now includes the container's name\n and hostname (both pointing to localhost) when the\n container is run with --net=none (#8095).\n\n - The podman events command now supports filtering events\n based on the labels of the container they occurred on\n using the --filter label=key=value option.\n\n - The podman volume ls command now supports filtering\n volumes based on their labels using the --filter\n label=key=value option.\n\n - The --volume and --mount options to podman run and\n podman create now support two new mount propagation\n options, unbindable and runbindable.\n\n - The name and id filters for podman pod ps now match\n based on a regular expression, instead of requiring an\n exact match.\n\n - The podman pod ps command now supports a new filter\n status, that matches pods in a certain state.\n\n - Changes\n\n - The podman network rm --force command will now also\n remove pods that are using the network (#7791).\n\n - The podman volume rm, podman network rm, and podman pod\n rm commands now return exit code 1 if the object\n specified for removal does not exist, and exit code 2 if\n the object is in use and the --force option was not\n given.\n\n - If /dev/fuse is passed into Podman containers as a\n device, Podman will open it before starting the\n container to ensure that the kernel module is loaded on\n the host and the device is usable in the container.\n\n - Global Podman options that were not supported with\n remote operation have been removed from podman-remote\n (e.g. --cgroup-manager, --storage-driver).\n\n - Many errors have been changed to remove repetition and\n be more clear as to what has gone wrong.\n\n - The --storage option to podman rm is now enabled by\n default, with slightly changed semantics. If the given\n container does not exist in Podman but does exist in the\n storage library, it will be removed even without the\n --storage option. If the container exists in Podman it\n will be removed normally. The --storage option for\n podman rm is now deprecated and will be removed in a\n future release.\n\n - The --storage option to podman ps has been renamed to\n --external. An alias has been added so the old form of\n the option will continue to work.\n\n - Podman now delays the SIGTERM and SIGINT signals during\n container creation to ensure that Podman is not stopped\n midway through creating a container resulting in\n potential resource leakage (#7941).\n\n - The podman save command now strips signatures from\n images it is exporting, as the formats we export to do\n not support signatures (#7659).\n\n - A new Degraded state has been added to pods. Pods that\n have some, but not all, of their containers running are\n now considered to be Degraded instead of Running.\n\n - Podman will now print a warning when conflicting network\n options related to port forwarding (e.g. --publish and\n --net=host) are specified when creating a container.\n\n - The --restart on-failure and --rm options for containers\n no longer conflict. When both are specified, the\n container will be restarted if it exits with a non-zero\n error code, and removed if it exits cleanly (#7906).\n\n - Remote Podman will no longer use settings from the\n client's containers.conf; defaults will instead be\n provided by the server's containers.conf (#7657).\n\n - The podman network rm command now has a new alias,\n podman network remove (#8402).\n\n - Bugfixes\n\n - Fixed a bug where podman load on the remote client did\n not error when attempting to load a directory, which is\n not yet supported for remote use.\n\n - Fixed a bug where rootless Podman could hang when the\n newuidmap binary was not installed (#7776).\n\n - Fixed a bug where the --pull option to podman run,\n podman create, and podman build did not match Docker's\n behavior.\n\n - Fixed a bug where sysctl settings from the\n containers.conf configuration file were applied, even if\n the container did not join the namespace associated with\n a sysctl.\n\n - Fixed a bug where Podman would not return the text of\n errors encounted when trying to run a healthcheck for a\n container.\n\n - Fixed a bug where Podman was accidentally setting the\n containers environment variable in addition to the\n expected container environment variable.\n\n - Fixed a bug where rootless Podman using CNI networking\n did not properly clean up DNS entries for removed\n containers (#7789).\n\n - Fixed a bug where the podman untag --all command was not\n supported with remote Podman.\n\n - Fixed a bug where the podman system service command\n could time out even if active attach connections were\n present (#7826).\n\n - Fixed a bug where the podman system service command\n would sometimes never time out despite no active\n connections being present.\n\n - Fixed a bug where Podman's handling of capabilities,\n specifically inheritable, did not match Docker's.\n\n - Fixed a bug where podman run would fail if the image\n specified was a manifest list and had already been\n pulled (#7798).\n\n - Fixed a bug where Podman did not take search registries\n into account when looking up images locally (#6381).\n\n - Fixed a bug where the podman manifest inspect command\n would fail for images that had already been pulled\n (#7726).\n\n - Fixed a bug where rootless Podman would not add\n supplemental GIDs to containers when when a user, but\n not a group, was set via the --user option to podman\n create and podman run and sufficient GIDs were available\n to add the groups (#7782).\n\n - Fixed a bug where remote Podman commands did not\n properly handle cases where the user gave a name that\n could also be a short ID for a pod or container (#7837).\n\n - Fixed a bug where podman image prune could leave images\n ready to be pruned after podman image prune was run\n (#7872).\n\n - Fixed a bug where the podman logs command with the\n journald log driver would not read all available logs\n (#7476).\n\n - Fixed a bug where the --rm and --restart options to\n podman create and podman run did not conflict when a\n restart policy that is not on-failure was chosen\n (#7878).\n\n - Fixed a bug where the --format 'table (( .Field ))'\n option to numerous Podman commands ceased to function on\n Podman v2.0 and up.\n\n - Fixed a bug where pods did not properly share an SELinux\n label between their containers, resulting in containers\n being unable to see the processes of other containers\n when the pod shared a PID namespace (#7886).\n\n - Fixed a bug where the --namespace option to podman ps\n did not work with the remote client (#7903).\n\n - Fixed a bug where rootless Podman incorrectly calculated\n the number of UIDs available in the container if\n multiple different ranges of UIDs were specified.\n\n - Fixed a bug where the /etc/hosts file would not be\n correctly populated for containers in a user namespace\n (#7490).\n\n - Fixed a bug where the podman network create and podman\n network remove commands could race when run in parallel,\n with unpredictable results (#7807).\n\n - Fixed a bug where the -p option to podman run, podman\n create, and podman pod create would, when given only a\n single number (e.g. -p 80), assign the same port for\n both host and container, instead of generating a random\n host port (#7947).\n\n - Fixed a bug where Podman containers did not properly\n store the cgroup manager they were created with, causing\n them to stop functioning after the cgroup manager was\n changed in containers.conf or with the --cgroup-manager\n option (#7830).\n\n - Fixed a bug where the podman inspect command did not\n include information on the CNI networks a container was\n connected to if it was not running.\n\n - Fixed a bug where the podman attach command would not\n print a newline after detaching from the container\n (#7751).\n\n - Fixed a bug where the HOME environment variable was not\n set properly in containers when the --userns=keep-id\n option was set (#8004).\n\n - Fixed a bug where the podman container restore command\n could panic when the container in question was in a pod\n (#8026).\n\n - Fixed a bug where the output of the podman image trust\n show --raw command was not properly formatted.\n\n - Fixed a bug where the podman runlabel command could\n panic if a label to run was not given (#8038).\n\n - Fixed a bug where the podman run and podman start\n --attach commands would exit with an error when the user\n detached manually using the detach keys on remote Podman\n (#7979).\n\n - Fixed a bug where rootless CNI networking did not use\n the dnsname CNI plugin if it was not available on the\n host, despite it always being available in the container\n used for rootless networking (#8040).\n\n - Fixed a bug where Podman did not properly handle cases\n where an OCI runtime is specified by its full path, and\n could revert to using another OCI runtime with the same\n binary path that existed in the system $PATH on\n subsequent invocations.\n\n - Fixed a bug where the --net=host option to podman create\n and podman run would cause the /etc/hosts file to be\n incorrectly populated (#8054).\n\n - Fixed a bug where the podman inspect command did not\n include container network information when the container\n shared its network namespace (IE, joined a pod or\n another container's network namespace via\n --net=container:...) (#8073).\n\n - Fixed a bug where the podman ps command did not include\n information on all ports a container was publishing.\n\n - Fixed a bug where the podman build command incorrectly\n forwarded STDIN into build containers from RUN\n instructions.\n\n - Fixed a bug where the podman wait command's --interval\n option did not work when units were not specified for\n the duration (#8088).\n\n - Fixed a bug where the --detach-keys and --detach options\n could be passed to podman create despite having no\n effect (and not making sense in that context).\n\n - Fixed a bug where Podman could not start containers if\n running on a system without a /etc/resolv.conf file\n (which occurs on some WSL2 images) (#8089).\n\n - Fixed a bug where the --extract option to podman cp was\n nonfunctional.\n\n - Fixed a bug where the --cidfile option to podman run\n would, when the container was not run with --detach,\n only create the file after the container exited (#8091).\n\n - Fixed a bug where the podman images and podman images -a\n commands could panic and not list any images when\n certain improperly-formatted images were present in\n storage (#8148).\n\n - Fixed a bug where the podman events command could, when\n the journald events backend was in use, become\n nonfunctional when a badly-formatted event or a log\n message that container certain string was present in the\n journal (#8125).\n\n - Fixed a bug where remote Podman would, when using SSH\n transport, not authenticate to the server using hostkeys\n when connecting on a port other than 22 (#8139).\n\n - Fixed a bug where the podman attach command would not\n exit when containers stopped (#8154).\n\n - Fixed a bug where Podman did not properly clean paths\n before verifying them, resulting in Podman refusing to\n start if the root or temporary directories were\n specified with extra trailing / characters (#8160).\n\n - Fixed a bug where remote Podman did not support hashed\n hostnames in the known_hosts file on the host for\n establishing connections (#8159).\n\n - Fixed a bug where the podman image exists command would\n return non-zero (false) when multiple potential matches\n for the given name existed.\n\n - Fixed a bug where the podman manifest inspect command on\n images that are not manifest lists would error instead\n of inspecting the image (#8023).\n\n - Fixed a bug where the podman system service command\n would fail if the directory the Unix socket was to be\n created inside did not exist (#8184).\n\n - Fixed a bug where pods that shared the IPC namespace\n (which is done by default) did not share a /dev/shm\n filesystem between all containers in the pod (#8181).\n\n - Fixed a bug where filters passed to podman volume list\n were not inclusive (#6765).\n\n - Fixed a bug where the podman volume create command would\n fail when the volume's data directory already existed\n (as might occur when a volume was not completely\n removed) (#8253).\n\n - Fixed a bug where the podman run and podman create\n commands would deadlock when trying to create a\n container that mounted the same named volume at multiple\n locations (e.g. podman run -v testvol:/test1 -v\n testvol:/test2) (#8221).\n\n - Fixed a bug where the parsing of the --net option to\n podman build was incorrect (#8322).\n\n - Fixed a bug where the podman build command would print\n the ID of the built image twice when using remote Podman\n (#8332).\n\n - Fixed a bug where the podman stats command did not show\n memory limits for containers (#8265).\n\n - Fixed a bug where the podman pod inspect command printed\n the static MAC address of the pod in a\n non-human-readable format (#8386).\n\n - Fixed a bug where the --tls-verify option of the podman\n play kube command had its logic inverted (false would\n enforce the use of TLS, true would disable it).\n\n - Fixed a bug where the podman network rm command would\n error when trying to remove macvlan networks and\n rootless CNI networks (#8491).\n\n - Fixed a bug where Podman was not setting sane defaults\n for missing XDG_ environment variables.\n\n - Fixed a bug where remote Podman would check if volume\n paths to be mounted in the container existed on the\n host, not the server (#8473).\n\n - Fixed a bug where the podman manifest create and podman\n manifest add commands on local images would drop any\n images in the manifest not pulled by the host.\n\n - Fixed a bug where networks made by podman network create\n did not include the tuning plugin, and as such did not\n support setting custom MAC addresses (#8385).\n\n - Fixed a bug where container healthchecks did not use\n $PATH when searching for the Podman executable to run\n the healthcheck.\n\n - Fixed a bug where the --ip-range option to podman\n network create did not properly handle non-classful\n subnets when calculating the last usable IP for DHCP\n assignment (#8448).\n\n - Fixed a bug where the podman container ps alias for\n podman ps was missing (#8445).\n\n - API\n\n - The Compat Create endpoint for Container has received a\n major refactor to share more code with the Libpod Create\n endpoint, and should be significantly more stable.\n\n - A Compat endpoint for exporting multiple images at once,\n GET /images/get, has been added (#7950).\n\n - The Compat Network Connect and Network Disconnect\n endpoints have been added.\n\n - Endpoints that deal with image registries now support a\n X-Registry-Config header to specify registry\n authentication configuration.\n\n - The Compat Create endpoint for images now properly\n supports specifying images by digest.\n\n - The Libpod Build endpoint for images now supports an\n httpproxy query parameter which, if set to true, will\n forward the server's HTTP proxy settings into the build\n container for RUN instructions.\n\n - The Libpod Untag endpoint for images will now remove all\n tags for the given image if no repository and tag are\n specified for removal.\n\n - Fixed a bug where the Ping endpoint misspelled a header\n name (Libpod-Buildha-Version instead of\n Libpod-Buildah-Version).\n\n - Fixed a bug where the Ping endpoint sent an extra\n newline at the end of its response where Docker did not.\n\n - Fixed a bug where the Compat Logs endpoint for\n containers did not send a newline character after each\n log line.\n\n - Fixed a bug where the Compat Logs endpoint for\n containers would mangle line endings to change newline\n characters to add a preceding carriage return (#7942).\n\n - Fixed a bug where the Compat Inspect endpoint for\n Containers did not properly list the container's stop\n signal (#7917).\n\n - Fixed a bug where the Compat Inspect endpoint for\n Containers formatted the container's create time\n incorrectly (#7860).\n\n - Fixed a bug where the Compat Inspect endpoint for\n Containers did not include the container's Path, Args,\n and Restart Count.\n\n - Fixed a bug where the Compat Inspect endpoint for\n Containers prefixed added and dropped capabilities with\n CAP_ (Docker does not do so).\n\n - Fixed a bug where the Compat Info endpoint for the\n Engine did not include configured registries.\n\n - Fixed a bug where the server could panic if a client\n closed a connection midway through an image pull\n (#7896).\n\n - Fixed a bug where the Compat Create endpoint for volumes\n returned an error when a volume with the same name\n already existed, instead of succeeding with a 201 code\n (#7740).\n\n - Fixed a bug where a client disconnecting from the Libpod\n or Compat events endpoints could result in the server\n using 100% CPU (#7946).\n\n - Fixed a bug where the 'no such image' error message sent\n by the Compat Inspect endpoint for Images returned a 404\n status code with an error that was improperly formatted\n for Docker compatibility.\n\n - Fixed a bug where the Compat Create endpoint for\n networks did not properly set a default for the driver\n parameter if it was not provided by the client.\n\n - Fixed a bug where the Compat Inspect endpoint for images\n did not populate the RootFS field of the response.\n\n - Fixed a bug where the Compat Inspect endpoint for images\n would omit the ParentId field if the image had no\n parent, and the Created field if the image did not have\n a creation time.\n\n - Fixed a bug where the Compat Remove endpoint for\n Networks did not support the Force query parameter.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1144065\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1165184\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected buildah / libcontainers-common / podman packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:buildah\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcontainers-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:podman\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:podman-cni-config\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.2\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/25\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2021/02/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2021/02/22\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.2)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.2\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(x86_64)$\") audit(AUDIT_ARCH_NOT, \"x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.2\", reference:\"buildah-1.19.2-lp152.2.3.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"libcontainers-common-20210112-lp152.2.6.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"podman-2.2.1-lp152.4.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.2\", reference:\"podman-cni-config-2.2.1-lp152.4.9.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());\n else security_hole(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"buildah / libcontainers-common / podman / podman-cni-config\");\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-03T16:33:19", "description": "The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:0770-1 advisory.\n\n - The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launch a MiTM attack and steal login credentials or bearer tokens. (CVE-2019-10214)\n\n - A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to the user's system anywhere that the user has permissions. (CVE-2020-10696)\n\n - An improper limitation of path name flaw was found in containernetworking/cni in versions before 0.8.1.\n When specifying the plugin to load in the 'type' field in the network configuration, it is possible to use special elements such as ../ separators to reference binaries elsewhere on the system. This flaw allows an attacker to execute other existing binaries other than the cni plugins/types, such as 'reboot'. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.\n (CVE-2021-20206)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2022-03-22T00:00:00", "type": "nessus", "title": "SUSE SLES15 Security Update : buildah (SUSE-SU-2022:0770-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-10214", "CVE-2020-10696", "CVE-2021-20206"], "modified": "2022-03-22T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:buildah", "cpe:/o:novell:suse_linux:15"], "id": "SUSE_SU-2022-0770-1.NASL", "href": "https://www.tenable.com/plugins/nessus/159162", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable, Inc.\n#\n# The package checks in this plugin were extracted from\n# SUSE update advisory SUSE-SU-2022:0770-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(159162);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/22\");\n\n script_cve_id(\"CVE-2019-10214\", \"CVE-2020-10696\", \"CVE-2021-20206\");\n script_xref(name:\"SuSE\", value:\"SUSE-SU-2022:0770-1\");\n\n script_name(english:\"SUSE SLES15 Security Update : buildah (SUSE-SU-2022:0770-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe SUSE-SU-2022:0770-1 advisory.\n\n - The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise\n Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the\n container registry authorization service. An attacker could use this vulnerability to launch a MiTM attack\n and steal login credentials or bearer tokens. (CVE-2019-10214)\n\n - A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to\n trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to\n the user's system anywhere that the user has permissions. (CVE-2020-10696)\n\n - An improper limitation of path name flaw was found in containernetworking/cni in versions before 0.8.1.\n When specifying the plugin to load in the 'type' field in the network configuration, it is possible to use\n special elements such as ../ separators to reference binaries elsewhere on the system. This flaw allows\n an attacker to execute other existing binaries other than the cni plugins/types, such as 'reboot'. The\n highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.\n (CVE-2021-20206)\n\nNote that Nessus has not tested for these issues but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1187812\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192999\");\n # https://lists.suse.com/pipermail/sle-security-updates/2022-March/010404.html\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?70aac159\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-10214\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-10696\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-20206\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected buildah package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10696\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/22\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:buildah\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:15\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nvar os_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'SUSE');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES15)$\", string:os_ver)) audit(AUDIT_OS_NOT, 'SUSE SLES15', 'SUSE ' + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'SUSE ' + os_ver, cpu);\n\nvar sp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES15\" && (! preg(pattern:\"^(3)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES15 SP3\", os_ver + \" SP\" + sp);\n\nvar pkgs = [\n {'reference':'buildah-1.23.1-150300.8.3.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLES_SAP-release-15.3'},\n {'reference':'buildah-1.23.1-150300.8.3.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SLE_HPC-release-15.3'},\n {'reference':'buildah-1.23.1-150300.8.3.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SUSE-Manager-Proxy-release-4.2'},\n {'reference':'buildah-1.23.1-150300.8.3.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'SUSE-Manager-Server-release-4.2'},\n {'reference':'buildah-1.23.1-150300.8.3.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sle-module-containers-release-15.3'},\n {'reference':'buildah-1.23.1-150300.8.3.1', 'sp':'3', 'release':'SLES15', 'rpm_spec_vers_cmp':TRUE, 'exists_check':'sles-release-15.3'}\n];\n\nvar ltss_caveat_required = FALSE;\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var sp = NULL;\n var cpu = NULL;\n var exists_check = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (exists_check) {\n if (!rpm_exists(release:release, rpm:exists_check)) continue;\n if ('ltss' >< tolower(exists_check)) ltss_caveat_required = TRUE;\n }\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'buildah');\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2022-08-03T16:33:01", "description": "The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2022:0770-1 advisory.\n\n - The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launch a MiTM attack and steal login credentials or bearer tokens. (CVE-2019-10214)\n\n - A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to the user's system anywhere that the user has permissions. (CVE-2020-10696)\n\n - An improper limitation of path name flaw was found in containernetworking/cni in versions before 0.8.1.\n When specifying the plugin to load in the 'type' field in the network configuration, it is possible to use special elements such as ../ separators to reference binaries elsewhere on the system. This flaw allows an attacker to execute other existing binaries other than the cni plugins/types, such as 'reboot'. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.\n (CVE-2021-20206)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "cvss3": {"score": 8.8, "vector": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H"}, "published": "2022-03-10T00:00:00", "type": "nessus", "title": "openSUSE 15 Security Update : buildah (openSUSE-SU-2022:0770-1)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2019-10214", "CVE-2020-10696", "CVE-2021-20206"], "modified": "2022-03-10T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:buildah", "cpe:/o:novell:opensuse:15.3"], "id": "OPENSUSE-2022-0770-1.NASL", "href": "https://www.tenable.com/plugins/nessus/158778", "sourceData": "#%NASL_MIN_LEVEL 70300\n##\n# (C) Tenable Network Security, Inc.\n#\n# The package checks in this plugin were extracted from\n# openSUSE Security Update openSUSE-SU-2022:0770-1. The text itself\n# is copyright (C) SUSE.\n##\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(158778);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2022/03/10\");\n\n script_cve_id(\"CVE-2019-10214\", \"CVE-2020-10696\", \"CVE-2021-20206\");\n\n script_name(english:\"openSUSE 15 Security Update : buildah (openSUSE-SU-2022:0770-1)\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote SUSE host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote SUSE Linux SUSE15 host has a package installed that is affected by multiple vulnerabilities as referenced in\nthe openSUSE-SU-2022:0770-1 advisory.\n\n - The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise\n Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the\n container registry authorization service. An attacker could use this vulnerability to launch a MiTM attack\n and steal login credentials or bearer tokens. (CVE-2019-10214)\n\n - A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to\n trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to\n the user's system anywhere that the user has permissions. (CVE-2020-10696)\n\n - An improper limitation of path name flaw was found in containernetworking/cni in versions before 0.8.1.\n When specifying the plugin to load in the 'type' field in the network configuration, it is possible to use\n special elements such as ../ separators to reference binaries elsewhere on the system. This flaw allows\n an attacker to execute other existing binaries other than the cni plugins/types, such as 'reboot'. The\n highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.\n (CVE-2021-20206)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1187812\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.suse.com/1192999\");\n # https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WFIDXN6UAK2I4PPVFPBE4STNQH2FZQ4A/\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?e80e5ef4\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2019-10214\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2020-10696\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.suse.com/security/cve/CVE-2021-20206\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected buildah package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10696\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/09/23\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2022/03/09\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2022/03/10\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:buildah\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.3\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"SuSE Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nvar release = get_kb_item('Host/SuSE/release');\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, 'openSUSE');\nvar os_ver = pregmatch(pattern: \"^SUSE([\\d.]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'openSUSE');\nos_ver = os_ver[1];\nif (release !~ \"^(SUSE15\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, 'openSUSE', '15.3', release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nvar cpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'openSUSE ' + os_ver, cpu);\n\nvar pkgs = [\n {'reference':'buildah-1.23.1-150300.8.3.1', 'release':'SUSE15.3', 'rpm_spec_vers_cmp':TRUE}\n];\n\nvar flag = 0;\nforeach package_array ( pkgs ) {\n var reference = NULL;\n var release = NULL;\n var cpu = NULL;\n var rpm_spec_vers_cmp = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = package_array['release'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (reference && release) {\n if (rpm_check(release:release, cpu:cpu, reference:reference, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_HOLE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n var tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'buildah');\n}\n", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "github": [{"lastseen": "2021-12-22T11:54:10", "description": "A path traversal flaw was found in Buildah in versions before 1.14.5. This flaw allows an attacker to trick a user into building a malicious container image hosted on an HTTP(s) server and then write files to the user's system anywhere that the user has permissions.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-05-18T18:32:41", "type": "github", "title": "Path Traversal in Buildah", "bulletinFamily": "software", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10696"], "modified": "2021-05-18T18:32:41", "id": "GHSA-FX8W-MJVM-HVPC", "href": "https://github.com/advisories/GHSA-fx8w-mjvm-hvpc", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "redhat": [{"lastseen": "2021-10-19T20:37:47", "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\nSecurity Fix(es):\n\n* buildah: crafted input tar file may lead to local file overwriting during image build process (CVE-2020-10696)\n\nFor more details about the security issue(s), including the impact, a CVSS\nscore, acknowledgments, and other related information, refer to the CVE\npage(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-04-14T12:11:30", "type": "redhat", "title": "(RHSA-2020:1401) Important: OpenShift Container Platform 4.2.28 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10696"], "modified": "2020-04-14T12:18:41", "id": "RHSA-2020:1401", "href": "https://access.redhat.com/errata/RHSA-2020:1401", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-19T20:41:08", "description": "The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.\n\nSecurity Fix(es):\n\n* buildah: Crafted input tar file may lead to local file overwrite during image build process (CVE-2020-10696)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-04-28T16:07:22", "type": "redhat", "title": "(RHSA-2020:1931) Important: container-tools:2.0 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10696"], "modified": "2020-04-28T16:43:28", "id": "RHSA-2020:1931", "href": "https://access.redhat.com/errata/RHSA-2020:1931", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-19T20:39:55", "description": "The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.\n\nSecurity Fix(es):\n\n* buildah: Crafted input tar file may lead to local file overwrite during image build process (CVE-2020-10696)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* conflicting requests: failed to install container-tools:1.0 (BZ#1813776)\n\n* podman run container error with avc denied (BZ#1816541)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-04-28T16:06:48", "type": "redhat", "title": "(RHSA-2020:1926) Important: container-tools:1.0 security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10696"], "modified": "2020-04-28T16:43:19", "id": "RHSA-2020:1926", "href": "https://access.redhat.com/errata/RHSA-2020:1926", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-19T20:38:58", "description": "The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.\n\nSecurity Fix(es):\n\n* buildah: Crafted input tar file may lead to local file overwrite during image build process (CVE-2020-10696)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-04-28T16:07:32", "type": "redhat", "title": "(RHSA-2020:1932) Important: container-tools:rhel8 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10696"], "modified": "2020-04-28T16:43:26", "id": "RHSA-2020:1932", "href": "https://access.redhat.com/errata/RHSA-2020:1932", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-19T20:40:28", "description": "The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.\n\nSecurity Fix(es):\n\n* buildah: Crafted input tar file may lead to local file overwrite during image build process (CVE-2020-10696)\n\n* proglottis/gpgme: Use-after-free in GPGME bindings during container image pull (CVE-2020-8945)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-05-12T19:18:06", "type": "redhat", "title": "(RHSA-2020:2117) Important: podman security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10696", "CVE-2020-8945"], "modified": "2020-05-12T19:34:41", "id": "RHSA-2020:2117", "href": "https://access.redhat.com/errata/RHSA-2020:2117", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-19T20:40:46", "description": "The podman tool manages Pods, container images, and containers. It is part of the libpod library, which is for applications that use container Pods. Container Pods is a concept in Kubernetes.\n\nSecurity Fix(es):\n\n* buildah: a crafted input tar file could overwrite local files during the image build process (CVE-2020-10696)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-04-14T15:17:11", "type": "redhat", "title": "(RHSA-2020:1396) Low: OpenShift Container Platform 4.3.12 podman security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10696", "CVE-2020-8945"], "modified": "2020-04-22T01:54:48", "id": "RHSA-2020:1396", "href": "https://access.redhat.com/errata/RHSA-2020:1396", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-10-19T20:38:19", "description": "The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images.\n\nSecurity Fix(es):\n\n* buildah: Crafted input tar file may lead to local file overwrite during image build process (CVE-2020-10696)\n\n* containers/image: Container images read entire image manifest into memory (CVE-2020-1702)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* buildah is not expanding env vars in file paths (BZ#1822031)", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-05-12T19:17:47", "type": "redhat", "title": "(RHSA-2020:2116) Important: buildah security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10696", "CVE-2020-1702"], "modified": "2020-05-12T19:34:43", "id": "RHSA-2020:2116", "href": "https://access.redhat.com/errata/RHSA-2020:2116", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "oraclelinux": [{"lastseen": "2021-07-28T14:24:57", "description": "buildah\n[1.11.6-7.0.1]\n- Fixes troubles with oracle registry login [Orabug: 29937283]\n[1.11.6-7]\n- fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file overwriting during image build process'\n- Resolves: #1819393\nconmon\n[2:2.0.6-1.0.1]\n- Remove upstream references [Orabug: 30871880]\n[2:2.0.6-1]\n- update to 2.0.6\n- Related: RHELPLAN-25139\npodman\n[1.6.4-11.0.1]\n- delivering fix for [Orabug: 29874238] by Nikita Gerasimov \n[1.6.4-11]\n- fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file overwriting during image build process'\n- Resolves: #1819391\npython-podman-api\n[1.2.0-0.2.gitd0a45fe]\n- revert update to 1.6.0 due to new python3-pbr dependency which\n is not in RHEL\n- Related: RHELPLAN-25139\nskopeo\n[0.1.40-9.0.1]\n- Add oracle registry into the conf file [Orabug: 29845934 31306708]\n- Fix oracle registry login issues [Orabug: 29937192]\n[1:0.1.40-9]\n- add docker.io into the default registry list\n- Related: #1810053", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-05-12T00:00:00", "type": "oraclelinux", "title": "container-tools:2.0 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-10696"], "modified": "2020-05-12T00:00:00", "id": "ELSA-2020-1931", "href": "http://linux.oracle.com/errata/ELSA-2020-1931.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:24:29", "description": "buildah\n[1.11.6-8.0.1]\n- Fixes troubles with oracle registry login [Orabug: 29937283]\n[1.11.6-8]\n- fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file overwriting during image build process'\n- Resolves: #1817742\n[1.11.6-7]\n- fix 'COPY command takes long time with buildah'\n- Resolves: #1806120\ncockpit-podman\n[12-1]\n- Configure CPU share for system containers\n- Translation updates\nconmon\n[2:2.0.6-1.0.1]\n- Remove upstream references [Orabug: 30871880]\n[2:2.0.6-1]\n- update to 2.0.6\n- Related: RHELPLAN-25139\ncontainernetworking-plugins\n[0.8.3-5.0.1]\n- Disable debuginfo\n[0.8.3-5]\n- compile with no_openssl\n- Related: RHELPLAN-25139\npodman\n[1.6.4-11.0.1]\n- delivering fix for [Orabug: 29874238] by Nikita Gerasimov \n[1.6.4-11]\n- fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file overwriting during image build process'\n- Resolves: #1817747\npython-podman-api\n[1.2.0-0.2.gitd0a45fe]\n- revert update to 1.6.0 due to new python3-pbr dependency which\n is not in RHEL\n- Related: RHELPLAN-25139\nrunc\n[1.0.0-65.rc10]\n- address CVE-2019-19921 by updating to rc10\n- Resolves: #1801887\nskopeo\n[0.1.40-11.0.1]\n- Add oracle registry into the conf file [Orabug: 29845934 31306708]\n- Fix oracle registry login issues [Orabug: 29937192]\n[1:0.1.40-11]\n- add docker.io into the default registry list\n- Related: #1810053", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2020-05-12T00:00:00", "type": "oraclelinux", "title": "container-tools:ol8 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-19921", "CVE-2020-10696"], "modified": "2020-05-12T00:00:00", "id": "ELSA-2020-1932", "href": "http://linux.oracle.com/errata/ELSA-2020-1932.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-28T14:24:40", "description": "buildah\n[1.11.6-8.0.1]\n- Reduce unnecessary writable mounts in NaiveDiffDriver [Orabug: 31025483]\n- Fixes troubles with oracle registry login [Orabug: 29937283]\n[1.11.6-8]\n- exclude i686 arch\n- Related: #1821193\n[1.11.6-7]\n- fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file overwriting during image build process'\n- Resolves: #1819393\n[1.11.6-6]\n- fix 'COPY command takes long time with buildah'\n- Resolves: #1806118\n[1.11.6-5]\n- fix CVE-2020-1702\n- Resolves: #1801930\n- adding the first phase of FIPS fix\n- Related: #1784952\n[1.11.6-4]\n- compile in FIPS mode\n- Related: RHELPLAN-25139\n[1.11.6-3]\n- be sure to use golang >= 1.12.12-4\n- Related: RHELPLAN-25139\n[1.11.6-2]\n- fix chroot: unmount with MNT_DETACH instead of UnmountMountpoints()\n- bug reference 1772179\n- Related: RHELPLAN-25139\n[1.11.6-1]\n- update to buildah 1.11.6\n- Related: RHELPLAN-25139\n[1.11.5-1]\n- update to buildah 1.11.5\n- Related: RHELPLAN-25139\n[1.11.4-2]\n- fix %gobuild macro to not to ignore BUILDTAGS\n- Related: RHELPLAN-25139\n[1.11.4-1]\n- update to 1.11.4\n- Related: RHELPLAN-25139\n[1.9.0-5]\n- Use autosetup macro again.\n[1.9.0-4]\n- Fix CVE-2019-10214 (#1734653).\n[1.9.0-3]\n- Resolves: #1721247 - enable fips mode\n[1.9.0-2]\n- Resolves: #1720654 - tests subpackage depends on golang explicitly\n[1.9.0-1]\n- Resolves: #1720654 - rebase to v1.9.0\n[1.8.3-1]\n- Resolves: #1720654 - rebase to v1.8.3\n[1.8-0.git021d607]\n- package system tests\n[1.5-3.gite94b4f9]\n- re-enable debuginfo\n[1.5-2.gite94b4f9]\n- go toolset not in scl anymore\n[1.5-1.gite94b4f9]\n- rebase\n[1.4-3.git608fa84]\n- fedora-like go compiler macro in buildrequires is enough\n[1.4-2.git608fa84]\n- rebase\n[1.3-3.git4888163]\n- Resolves: #1615611 - rebuild with gobuild tag 'no_openssl'\n[1.3-2.git4888163]\n- Resolves: #1614009 - built with updated scl-ized go-toolset dep\n- build with %gobuild\n[1.3-1]\n- Bump to v1.3\n- Vendor in lates containers/image\n- build-using-dockerfile: let -t include transports again\n- Block use of /proc/acpi and /proc/keys from inside containers\n- Fix handling of --registries-conf\n- Fix becoming a maintainer link\n- add optional CI test fo darwin\n- Don't pass a nil error to errors.Wrapf()\n- image filter test: use kubernetes/pause as a 'since'\n- Add --cidfile option to from\n- vendor: update containers/storage\n- Contributors need to find the CONTRIBUTOR.md file easier\n- Add a --loglevel option to build-with-dockerfile\n- Create Development plan\n- cmd: Code improvement\n- allow buildah cross compile for a darwin target\n- Add unused function param lint check\n- docs: Follow man-pages(7) suggestions for SYNOPSIS\n- Start using github.com/seccomp/containers-golang\n- umount: add all option to umount all mounted containers\n- runConfigureNetwork(): remove an unused parameter\n- Update github.com/opencontainers/selinux\n- Fix buildah bud --layers\n- Force ownership of /etc/hosts and /etc/resolv.conf to 0:0\n- main: if unprivileged, reexec in a user namespace\n- Vendor in latest imagebuilder\n- Reduce the complexity of the buildah.Run function\n- mount: output it before replacing lastError\n- Vendor in latest selinux-go code\n- Implement basic recognition of the '--isolation' option\n- Run(): try to resolve non-absolute paths using /usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/home/opc/.local/bin:/home/opc/bin\n- Run(): don't include any default environment variables\n- build without seccomp\n- vendor in latest runtime-tools\n- bind/mount_unsupported.go: remove import errors\n- Update github.com/opencontainers/runc\n- Add Capabilities lists to BuilderInfo\n- Tweaks for commit tests\n- commit: recognize committing to second storage locations\n- Fix ARGS parsing for run commands\n- Add info on registries.conf to from manpage\n- Switch from using docker to podman for testing in .papr\n- buildah: set the HTTP User-Agent\n- ONBUILD tutorial\n- Add information about the configuration files to the install docs\n- Makefile: add uninstall\n- Add tilde info for push to troubleshooting\n- mount: support multiple inputs\n- Use the right formatting when adding entries to /etc/hosts\n- Vendor in latest go-selinux bindings\n- Allow --userns-uid-map/--userns-gid-map to be global options\n- bind: factor out UnmountMountpoints\n- Run(): simplify runCopyStdio()\n- Run(): handle POLLNVAL results\n- Run(): tweak terminal mode handling\n- Run(): rename 'copyStdio' to 'copyPipes'\n- Run(): don't set a Pdeathsig for the runtime\n- Run(): add options for adding and removing capabilities\n- Run(): don't use a callback when a slice will do\n- setupSeccomp(): refactor\n- Change RunOptions.Stdin/Stdout/Stderr to just be Reader/Writers\n- Escape use of '_' in .md docs\n- Break out getProcIDMappings()\n- Break out SetupIntermediateMountNamespace()\n- Add Multi From Demo\n- Use the c/image conversion code instead of converting configs manually\n- Don't throw away the manifest MIME type and guess again\n- Consolidate loading manifest and config in initConfig\n- Pass a types.Image to Builder.initConfig\n- Require an image ID in importBuilderDataFromImage\n- Use c/image/manifest.GuessMIMEType instead of a custom heuristic\n- Do not ignore any parsing errors in initConfig\n- Explicitly handle 'from scratch' images in Builder.initConfig\n- Fix parsing of OCI images\n- Simplify dead but dangerous-looking error handling\n- Don't ignore v2s1 history if docker_version is not set\n- Add --rm and --force-rm to buildah bud\n- Add --all,-a flag to buildah images\n- Separate stdio buffering from writing\n- Remove tty check from images --format\n- Add environment variable BUILDAH_RUNTIME\n- Add --layers and --no-cache to buildah bud\n- Touch up images man\n- version.md: fix DESCRIPTION\n- tests: add containers test\n- tests: add images test\n- images: fix usage\n- fix make clean error\n- Change 'registries' to 'container registries' in man\n- add commit test\n- Add(): learn to record hashes of what we add\n- Minor update to buildah config documentation for entrypoint\n- Bump to v1.2-dev\n- Add registries.conf link to a few man pages\n[1.2-3]\n- do not depend on btrfs-progs for rhel8\n[1.2-2]\n- buildah does not require ostree\n[1.2-1]\n- Vendor in latest containers/image\n- build-using-dockerfile: let -t include transports again\n- Block use of /proc/acpi and /proc/keys from inside containers\n- Fix handling of --registries-conf\n- Fix becoming a maintainer link\n- add optional CI test fo darwin\n- Don't pass a nil error to errors.Wrapf()\n- image filter test: use kubernetes/pause as a 'since'\n- Add --cidfile option to from\n- vendor: update containers/storage\n- Contributors need to find the CONTRIBUTOR.md file easier\n- Add a --loglevel option to build-with-dockerfile\n- Create Development plan\n- cmd: Code improvement\n- allow buildah cross compile for a darwin target\n- Add unused function param lint check\n- docs: Follow man-pages(7) suggestions for SYNOPSIS\n- Start using github.com/seccomp/containers-golang\n- umount: add all option to umount all mounted containers\n- runConfigureNetwork(): remove an unused parameter\n- Update github.com/opencontainers/selinux\n- Fix buildah bud --layers\n- Force ownership of /etc/hosts and /etc/resolv.conf to 0:0\n- main: if unprivileged, reexec in a user namespace\n- Vendor in latest imagebuilder\n- Reduce the complexity of the buildah.Run function\n- mount: output it before replacing lastError\n- Vendor in latest selinux-go code\n- Implement basic recognition of the '--isolation' option\n- Run(): try to resolve non-absolute paths using /usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/home/opc/.local/bin:/home/opc/bin\n- Run(): don't include any default environment variables\n- build without seccomp\n- vendor in latest runtime-tools\n- bind/mount_unsupported.go: remove import errors\n- Update github.com/opencontainers/runc\n- Add Capabilities lists to BuilderInfo\n- Tweaks for commit tests\n- commit: recognize committing to second storage locations\n- Fix ARGS parsing for run commands\n- Add info on registries.conf to from manpage\n- Switch from using docker to podman for testing in .papr\n- buildah: set the HTTP User-Agent\n- ONBUILD tutorial\n- Add information about the configuration files to the install docs\n- Makefile: add uninstall\n- Add tilde info for push to troubleshooting\n- mount: support multiple inputs\n- Use the right formatting when adding entries to /etc/hosts\n- Vendor in latest go-selinux bindings\n- Allow --userns-uid-map/--userns-gid-map to be global options\n- bind: factor out UnmountMountpoints\n- Run(): simplify runCopyStdio()\n- Run(): handle POLLNVAL results\n- Run(): tweak terminal mode handling\n- Run(): rename 'copyStdio' to 'copyPipes'\n- Run(): don't set a Pdeathsig for the runtime\n- Run(): add options for adding and removing capabilities\n- Run(): don't use a callback when a slice will do\n- setupSeccomp(): refactor\n- Change RunOptions.Stdin/Stdout/Stderr to just be Reader/Writers\n- Escape use of '_' in .md docs\n- Break out getProcIDMappings()\n- Break out SetupIntermediateMountNamespace()\n- Add Multi From Demo\n- Use the c/image conversion code instead of converting configs manually\n- Don't throw away the manifest MIME type and guess again\n- Consolidate loading manifest and config in initConfig\n- Pass a types.Image to Builder.initConfig\n- Require an image ID in importBuilderDataFromImage\n- Use c/image/manifest.GuessMIMEType instead of a custom heuristic\n- Do not ignore any parsing errors in initConfig\n- Explicitly handle 'from scratch' images in Builder.initConfig\n- Fix parsing of OCI images\n- Simplify dead but dangerous-looking error handling\n- Don't ignore v2s1 history if docker_version is not set\n- Add --rm and --force-rm to buildah bud\n- Add --all,-a flag to buildah images\n- Separate stdio buffering from writing\n- Remove tty check from images --format\n- Add environment variable BUILDAH_RUNTIME\n- Add --layers and --no-cache to buildah bud\n- Touch up images man\n- version.md: fix DESCRIPTION\n- tests: add containers test\n- tests: add images test\n- images: fix usage\n- fix make clean error\n- Change 'registries' to 'container registries' in man\n- add commit test\n- Add(): learn to record hashes of what we add\n- Minor update to buildah config documentation for entrypoint\n- Add registries.conf link to a few man pages\n[1.1-1]\n- Drop capabilities if running container processes as non root\n- Print Warning message if cmd will not be used based on entrypoint\n- Update 01-intro.md\n- Shouldn't add insecure registries to list of search registries\n- Report errors on bad transports specification when pushing images\n- Move parsing code out of common for namespaces and into pkg/parse.go\n- Add disable-content-trust noop flag to bud\n- Change freenode chan to buildah\n- runCopyStdio(): don't close stdin unless we saw POLLHUP\n- Add registry errors for pull\n- runCollectOutput(): just read until the pipes are closed on us\n- Run(): provide redirection for stdio\n- rmi, rm: add test\n- add mount test\n- Add parameter judgment for commands that do not require parameters\n- Add context dir to bud command in baseline test\n- run.bats: check that we can run with symlinks in the bundle path\n- Give better messages to users when image can not be found\n- use absolute path for bundlePath\n- Add environment variable to buildah --format\n- rm: add validation to args and all option\n- Accept json array input for config entrypoint\n- Run(): process RunOptions.Mounts, and its flags\n- Run(): only collect error output from stdio pipes if we created some\n- Add OnBuild support for Dockerfiles\n- Quick fix on demo readme\n- run: fix validate flags\n- buildah bud should require a context directory or URL\n- Touchup tutorial for run changes\n- Validate common bud and from flags\n- images: Error if the specified imagename does not exist\n- inspect: Increase err judgments to avoid panic\n- add test to inspect\n- buildah bud picks up ENV from base image\n- Extend the amount of time travis_wait should wait\n- Add a make target for Installing CNI plugins\n- Add tests for namespace control flags\n- copy.bats: check ownerships in the container\n- Fix SELinux test errors when SELinux is enabled\n- Add example CNI configurations\n- Run: set supplemental group IDs\n- Run: use a temporary mount namespace\n- Use CNI to configure container networks\n- add/secrets/commit: Use mappings when setting permissions on added content\n- Add CLI options for specifying namespace and cgroup setup\n- Always set mappings when using user namespaces\n- Run(): break out creation of stdio pipe descriptors\n- Read UID/GID mapping information from containers and images\n- Additional bud CI tests\n- Run integration tests under travis_wait in Travis\n- build-using-dockerfile: add --annotation\n- Implement --squash for build-using-dockerfile and commit\n- Vendor in latest container/storage for devicemapper support\n- add test to inspect\n- Vendor github.com/onsi/ginkgo and github.com/onsi/gomega\n- Test with Go 1.10, too\n- Add console syntax highlighting to troubleshooting page\n- bud.bats: print '' before checking its contents\n- Manage 'Run' containers more closely\n- Break Builder.Run()'s 'run runc' bits out\n- util.ResolveName(): handle completion for tagged/digested image names\n- Handle /etc/hosts and /etc/resolv.conf properly in container\n- Documentation fixes\n- Make it easier to parse our temporary directory as an image name\n- Makefile: list new pkg/ subdirectoris as dependencies for buildah\n- containerImageSource: return more-correct errors\n- API cleanup: PullPolicy and TerminalPolicy should be types\n- Make 'run --terminal' and 'run -t' aliases for 'run --tty'\n- Vendor github.com/containernetworking/cni v0.6.0\n- Update github.com/containers/storage\n- Update github.com/projectatomic/libpod\n- Add support for buildah bud --label\n- buildah push/from can push and pull images with no reference\n- Vendor in latest containers/image\n- Update gometalinter to fix install.tools error\n- Update troubleshooting with new run workaround\n- Added a bud demo and tidied up\n- Attempt to download file from url, if fails assume Dockerfile\n- Add buildah bud CI tests for ENV variables\n- Re-enable rpm .spec version check and new commit test\n- Update buildah scratch demo to support el7\n- Added Docker compatibility demo\n- Update to F28 and new run format in baseline test\n- Touchup man page short options across man pages\n- Added demo dir and a demo. chged distrorlease\n- builder-inspect: fix format option\n- Add cpu-shares short flag (-c) and cpu-shares CI tests\n- Minor fixes to formatting in rpm spec changelog\n- Fix rpm .spec changelog formatting\n- CI tests and minor fix for cache related noop flags\n- buildah-from: add effective value to mount propagation\n[1.0-1]\n- Remove buildah run cmd and entrypoint execution\n- Add Files section with registries.conf to pertinent man pages\n- Force 'localhost' as a default registry\n- Add --compress, --rm, --squash flags as a noop for bud\n- Add FIPS mode secret to buildah run and bud\n- Add config --comment/--domainname/--history-comment/--hostname\n- Add support for --iidfile to bud and commit\n- Add /bin/sh -c to entrypoint in config\n- buildah images and podman images are listing different sizes\n- Remove tarball as an option from buildah push --help\n- Update entrypoint behaviour to match docker\n- Display imageId after commit\n- config: add support for StopSignal\n- Allow referencing stages as index and names\n- Add multi-stage builds support\n- Vendor in latest imagebuilder, to get mixed case AS support\n- Allow umount to have multi-containers\n- Update buildah push doc\n- buildah bud walks symlinks\n- Imagename is required for commit atm, update manpage\n[0.16-3.git532e267]\n- Resolves: #1573681\n- built commit 532e267\n[0.16.0-2.git6f7d05b]\n- built commit 6f7d05b\n[0.16-1]\n- Add support for shell\n- Vendor in latest containers/image\n- \t docker-archive generates docker legacy compatible images\n-\t Do not create subdirectories for layers with no configs\n- \t Ensure the layer IDs in legacy docker/tarfile metadata are unique\n-\t docker-archive: repeated layers are symlinked in the tar file\n-\t sysregistries: remove all trailing slashes\n-\t Improve docker/* error messages\n-\t Fix failure to make auth directory\n-\t Create a new slice in Schema1.UpdateLayerInfos\n-\t Drop unused storageImageDestination.{image,systemContext}\n-\t Load a *storage.Image only once in storageImageSource\n-\t Support gzip for docker-archive files\n-\t Remove .tar extension from blob and config file names\n-\t ostree, src: support copy of compressed layers\n-\t ostree: re-pull layer if it misses uncompressed_digest|uncompressed_size\n-\t image: fix docker schema v1 -> OCI conversion\n-\t Add /etc/containers/certs.d as default certs directory\n- Change image time to locale, add troubleshooting.md, add logo to other mds\n- Allow --cmd parameter to have commands as values\n- Document the mounts.conf file\n- Fix man pages to format correctly\n- buildah from now supports pulling images using the following transports:\n- docker-archive, oci-archive, and dir.\n- If the user overrides the storage driver, the options should be dropped\n- Show Config/Manifest as JSON string in inspect when format is not set\n- Adds feature to pull compressed docker-archive files\n[0.15-1]\n- Fix handling of buildah run command options\n[0.14-1]\n- If commonOpts do not exist, we should return rather then segfault\n- Display full error string instead of just status\n- Implement --volume and --shm-size for bud and from\n- Fix secrets patch for buildah bud\n- Fixes the naming issue of blobs and config for the dir transport by removing the .tar extension\n[0.13-1.git99066e0]\n- use correct version\n[0.12-4.git99066e0]\n- enable debuginfo\n[0.12-3.git99066e0]\n- BR: libseccomp-devel\n[0.12-2.git99066e0]\n- Resolves: #1548535\n- built commit 99066e0\n[0.12-1]\n- Added handing for simpler error message for Unknown Dockerfile instructions.\n- Change default certs directory to /etc/containers/certs.dir\n- Vendor in latest containers/image\n- Vendor in latest containers/storage\n- build-using-dockerfile: set the 'author' field for MAINTAINER\n- Return exit code 1 when buildah-rmi fails\n- Trim the image reference to just its name before calling getImageName\n- Touch up rmi -f usage statement\n- Add --format and --filter to buildah containers\n- Add --prune,-p option to rmi command\n- Add authfile param to commit\n- Fix --runtime-flag for buildah run and bud\n- format should override quiet for images\n- Allow all auth params to work with bud\n- Do not overwrite directory permissions on --chown\n- Unescape HTML characters output into the terminal\n- Fix: setting the container name to the image\n- Prompt for un/pwd if not supplied with --creds\n- Make bud be really quiet\n- Return a better error message when failed to resolve an image\n- Update auth tests and fix bud man page\n[0.11-3.git49095a8]\n- Resolves: #1542236 - add ostree and bump runc dep\n[0.11-2.git49095a8]\n- rebased to 49095a83f8622cf69532352d183337635562e261\n[0.11-1]\n- Add --all to remove containers\n- Add --all functionality to rmi\n- Show ctrid when doing rm -all\n- Ignore sequential duplicate layers when reading v2s1\n- Lots of minor bug fixes\n- Vendor in latest containers/image and containers/storage\n[0.10-2]\n- Fix checkin\n[0.10-1]\n- Display Config and Manifest as strings\n- Bump containers/image\n- Use configured registries to resolve image names\n- Update to work with newer image library\n- Add --chown option to add/copy commands\n[0.9-2.git04ea079]\n- build for all arches\n[0.9-1]\n- Allow push to use the image id\n- Make sure builtin volumes have the correct label\n[0.8-1]\n- Buildah bud was failing on SELinux machines, this fixes this\n- Block access to certain kernel file systems inside of the container\n[0.7-1]\n- Ignore errors when trying to read containers buildah.json for loading SELinux reservations\n- Use credentials from kpod login for buildah\n- Adds support for converting manifest types when using the dir transport\n- Rework how we do UID resolution in images\n- Bump github.com/vbatts/tar-split\n- Set option.terminal appropriately in run\n[0.5-5.gitf7dc659]\n- revert building for s390x, it is intended for rhel 7.5\n[0.5-4]\n- Add requires for container-selinux\n[0.5-3.gitf7dc659]\n- build for s390x, https://bugzilla.redhat.com/show_bug.cgi?id=1482234\n[0.5-2]\n- Bump github.com/vbatts/tar-split\n- Fixes CVE That could allow a container image to cause a DOS\n[0.5-1]\n- Add secrets patch to buildah\n- Add proper SELinux labeling to buildah run\n- Add tls-verify to bud command\n- Make filtering by date use the image's date\n- images: don't list unnamed images twice\n- Fix timeout issue\n- Add further tty verbiage to buildah run\n- Make inspect try an image on failure if type not specified\n- Add support for \n- Tons of bug fixes and code cleanup\n[0.4-2.git01db066]\n- bump to latest version\n- set GIT_COMMIT at build-time\n[0.4-1.git9cbccf88c]\n- Add default transport to push if not provided\n- Avoid trying to print a nil ImageReference\n- Add authentication to commit and push\n- Add information on buildah from man page on transports\n- Remove --transport flag\n- Run: do not complain about missing volume locations\n- Add credentials to buildah from\n- Remove export command\n- Run(): create the right working directory\n- Improve 'from' behavior with unnamed references\n- Avoid parsing image metadata for dates and layers\n- Read the image's creation date from public API\n- Bump containers/storage and containers/image\n- Don't panic if an image's ID can't be parsed\n- Turn on --enable-gc when running gometalinter\n- rmi: handle truncated image IDs\n[0.4-1.git9cbccf8]\n- bump to v0.4\n[0.3-4.gitb9b2a8a]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild\n[0.3-3.gitb9b2a8a]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild\n[0.3-2.gitb9b2a8a7e]\n- Bump for inclusion of OCI 1.0 Runtime and Image Spec\n[0.2.0-1.gitac2aad6]\n- buildah run: Add support for -- ending options parsing\n- buildah Add/Copy support for glob syntax\n- buildah commit: Add flag to remove containers on commit\n- buildah push: Improve man page and help information\n- buildah run: add a way to disable PTY allocation\n- Buildah docs: clarify --runtime-flag of run command\n- Update to match newer storage and image-spec APIs\n- Update containers/storage and containers/image versions\n- buildah export: add support\n- buildah images: update commands\n- buildah images: Add JSON output option\n- buildah rmi: update commands\n- buildah containers: Add JSON output option\n- buildah version: add command\n- buildah run: Handle run without an explicit command correctly\n- Ensure volume points get created, and with perms\n- buildah containers: Add a -a/--all option\n[0.1.0-2.git597d2ab9]\n- Release Candidate 1\n- All features have now been implemented.\n[0.0.1-1.git7a0a5333]\n- First package for Fedora\ncockpit-podman\nconmon\ncontainernetworking-plugins\n[0.8.3-4.0.1]\n- Disable debuginfo\n[0.8.3-4]\n- compile with no_openssl\n- Related: RHELPLAN-25139\n[0.8.3-3]\n- compile in FIPS mode\n- Related: RHELPLAN-25139\n[0.8.3-2]\n- be sure to use golang >= 1.12.12-4\n- Related: RHELPLAN-25139\n[0.8.3-1]\n- update to 0.8.3\n- Related: RHELPLAN-25139\n[0.8.1-2]\n- backport https://github.com/coreos/go-iptables/pull/62\n from Michael Cambria\n- Resolves: #1627561\n[0.8.1-1]\n- Resolves: #1720319 - bump to v0.8.1\n[0.7.5-1]\n- Resolves: #1616063\n- bump to v0.7.5\n[0.7.4-3.git9ebe139]\n- re-enable debuginfo\n[0.7.4-2.git9ebe139]\n- rebase, removed patch that is already upstream\n[0.7.3-7.git19f2f28]\n- go tools not in scl anymore\n[0.7.3-6.git19f2f28]\n- correct tag specification format in %gobuild macro\n[0.7.3-5.git19f2f28]\n- Resolves: #1616062 - patch to revert coreos/go-iptables bump\n[0.7.3-4.git19f2f28]\n- Resolves:#1603012\n- fix versioning, upstream got it wrong at 7.2\n[0.7.2-3.git19f2f28]\n- disable i686 temporarily for appstream builds\n- update golang deps and gobuild definition\n[0.7.2-2.git19f2f28]\n- rebase\n[0.7.0-103.gitdd8ff8a]\n- enable scl with the toolset\n[0.7.0-102.gitdd8ff8a]\n- remove devel and unittest subpackages\n- use new go-toolset deps\n[0.7.0-101]\n- rebase\n- patches already upstream, removed\n[0.6.0-6]\n- Imported from Fedora\n- Renamed CNI -> plugins\n[0.6.0-4]\n- Own the libexec cni directory\n[0.6.0-3]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild\n[0.6.0-2]\n- skip settling IPv4 addresses\n[0.6.0-1]\n- rebased to 7480240de9749f9a0a5c8614b17f1f03e0c06ab9\n[0.5.2-7]\n- do not install to /opt (against Fedora Guidelines)\n[0.5.2-6]\n- Enable devel subpackage\n[0.5.2-5]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild\n[0.5.2-4]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild\n[0.5.2-3]\n- excludearch: ppc64 as it's not in goarches anymore\n- re-enable s390x\n[0.5.2-2]\n- upstream moved to github.com/containernetworking/plugins\n- built commit dcf7368\n- provides: containernetworking-plugins\n- use vendored deps because they're a lot less of a PITA\n- excludearch: s390x for now (rhbz#1466865)\n[0.5.2-1]\n- Update to 0.5.2\n- Softlink to default /opt/cni/bin directories\n[0.5.1-1]\n- Initial package\ncontainer-selinux\ncriu\nfuse-overlayfs\npodman\n[1.6.4-26.0.1]\n- Reduce unnecessary writable mounts in NaiveDiffDriver [Orabug: 31025483]\n- delivering fix for [Orabug: 29874238] by Nikita Gerasimov \n[1.6.4-26]\n- update to the latest content of https://github.com/containers/podman/tree/v1.6.4-rhel\n (https://github.com/containers/podman/commit/bcbbbc4)\n- Related: #1920382\n[1.6.4-25]\n- fix CVE-2021-20188\n- update to the latest content of https://github.com/containers/podman/tree/v1.6.4-rhel\n (https://github.com/containers/podman/commit/2c7b579)\n- Related: #1920382\npython-podman-api\n[1.2.0-0.2.gitd0a45fe]\n- revert update to 1.6.0 due to new python3-pbr dependency which\n is not in RHEL\n- Related: RHELPLAN-25139\n[1.2.0-0.1.gitd0a45fe]\n- Initial package\nrunc\nskopeo\n[1:0.1.41-4.0.1]\n- Reduce unnecessary writable mounts in NaiveDiffDriver [Orabug: 31025483]\n- Add oracle registry into the conf file [Orabug: 29845934 31306708]\n- Fix oracle registry login issues [Orabug: 29937192]\n[1:0.1.41-4]\n- add docker.io into the default registry list\n- Resolves: #1886443\n[1:0.1.41-3]\n- patch broken gating tests: improper 'jq' usage, and use 'registry:2.6'\n (instead of :2) to work around broken image pushed by docker\n[1:0.1.41-2]\n- exclude i686 arch\n- Related: #1821193\n[1:0.1.41-1]\n- update to 0.1.41\n- Related: #1821193\n[1:0.1.40-8]\n- modify registries.conf default configuration to be more secure by default\n- Resolves: #1810056\n[1:0.1.40-7]\n- Fix CVE-2020-1702.\n- Resolves: #1801928\n[1:0.1.40-6]\n- change the search order of registries and remove quay.io (#1784267)\n[1:0.1.40-5]\n- compile in FIPS mode\n- Related: RHELPLAN-25139\n[1:0.1.40-4]\n- be sure to use golang >= 1.12.12-4\n- Related: RHELPLAN-25139\n[1:0.1.40-3]\n- fix file list\n- Related: RHELPLAN-25139\n[1:0.1.40-2]\n- comment out mountopt option in order to fix gating tests\n see bug 1769769\n- Related: RHELPLAN-25139\n[1:0.1.40-1]\n- update to 0.1.40\n- Related: RHELPLAN-25139\n[1:0.1.37-5]\n- Fix CVE-2019-10214 (#1734651).\n[1:0.1.37-4]\n- fix permissions of rhel/secrets\n Resolves: #1691543\n[1:0.1.37-3]\n- Resolves: #1719994 - add registry.access.redhat.com to registries.conf\n[1:0.1.37-2]\n- Resolves: #1721247 - enable fips mode\n[1:0.1.37-1]\n- Resolves: #1720654 - rebase to v0.1.37\n[1:0.1.36-1.git6307635]\n- built upstream tag v0.1.36, including system tests\n[1:0.1.32-4.git1715c90]\n- Fixes @openshift/machine-config-operator#669\n- install /etc/containers/oci/hooks.d and /etc/containers/certs.d\n[1:0.1.32-3.git1715c90]\n- rebase\n[1:0.1.32-2.git1715c90]\n- re-enable debuginfo\n[1:0.1.31-12.gitb0b750d]\n- go tools not in scl anymore\n[1:0.1.31-11.gitb0b750d]\n- Resolves: #1615609\n- built upstream tag v0.1.31\n[1:0.1.31-10.git0144aa8]\n- Resolves: #1616069 - correct order of registries\n[1:0.1.31-9.git0144aa8]\n- Resolves: #1615609 - rebuild with gobuild tag 'no_openssl'\n[1:0.1.31-8.git0144aa8]\n- Resolves: #1614934 - containers-common soft dep on slirp4netns and\nfuse-overlayfs\n[1:0.1.31-7.git0144aa8]\n- build with %gobuild\n- use scl-ized go-toolset as dep\n- disable i686 builds temporarily because of go-toolset issues\n[1:0.1.31-6.git0144aa8]\n- add statx to seccomp.json to containers-config\n- add seccomp.json to containers-config\n[1:0.1.31-4.git0144aa8]\n- Resolves: #1597629 - handle dependency issue for skopeo-containers\n- rename skopeo-containers to containers-common as in Fedora\n[1:0.1.31-3.git0144aa8]\n- Resolves: #1583762 - btrfs dep removal needs exclude_graphdriver_btrfs\nbuildtag\n[1:0.1.31-2.git0144aa8]\n- correct bz in previous changelog\n[1:0.1.31-1.git0144aa8]\n- Resolves: #1580938 - resolve FTBFS\n- Resolves: #1583762 - remove dependency on btrfs-progs-devel\n- bump to v0.1.31 (from master)\n- built commit ca3bff6\n- use go-toolset deps for rhel8\n[0.1.29-5.git7add6fc]\n- Fix small typo in registries.conf\n[0.1.29-4.git]\n- Add policy.json.5\n[0.1.29-3.git]\n- Add registries.conf\n[0.1.29-2.git]\n- Add registries.conf man page\n[0.1.29-1.git]\n- bump to 0.1.29-1\n- Updated containers/image\n docker-archive generates docker legacy compatible images\n Do not create subdirectories for layers with no configs\n Ensure the layer IDs in legacy docker/tarfile metadata are unique\n docker-archive: repeated layers are symlinked in the tar file\n sysregistries: remove all trailing slashes\n Improve docker/* error messages\n Fix failure to make auth directory\n Create a new slice in Schema1.UpdateLayerInfos\n Drop unused storageImageDestination.{image,systemContext}\n Load a *storage.Image only once in storageImageSource\n Support gzip for docker-archive files\n Remove .tar extension from blob and config file names\n ostree, src: support copy of compressed layers\n ostree: re-pull layer if it misses uncompressed_digest|uncompressed_size\n image: fix docker schema v1 -> OCI conversion\n Add /etc/containers/certs.d as default certs directory\n[0.1.28-2.git0270e56]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild\n[0.1.28-1.git]\n- Vendor in fixed libraries in containers/image and containers/storage\n[0.1.27-1.git]\n- Fix Conflicts to Obsoletes\n- Add better docs to man pages.\n- Use credentials from authfile for skopeo commands\n- Support storage='' in /etc/containers/storage.conf\n- Add global --override-arch and --override-os options\n[0.1.25-2.git2e8377a7]\n- Add manifest type conversion to skopeo copy\n- User can select from 3 manifest types: oci, v2s1, or v2s2\n- e.g skopeo copy --format v2s1 --compress-blobs docker-archive:alp.tar dir:my-directory\n[0.1.25-2.git7fd6f66b]\n- Force storage.conf to default to overlay\n[0.1.25-1.git7fd6f66b]\n- Fix CVE in tar-split\n- copy: add shared blob directory support for OCI sources/destinations\n- Aligning Docker version between containers/image and skopeo\n- Update image-tools, and remove the duplicate Sirupsen/logrus vendor\n- makefile: use -buildmode=pie\n[0.1.24-8.git28d4e08a]\n- Add /usr/share/containers/mounts.conf\n[0.1.24-7.git28d4e08a]\n- Bug fixes\n- Update to release\n[0.1.24-6.dev.git28d4e08]\n- skopeo-containers conflicts with docker-rhsubscription <= 2:1.13.1-31\n[0.1.24-5.dev.git28d4e08]\n- Add rhel subscription secrets data to skopeo-containers\n[0.1.24-4.dev.git28d4e08]\n- Update container/storage.conf and containers-storage.conf man page\n- Default override to true so it is consistent with RHEL.\n[0.1.24-3.dev.git28d4e08]\n- built commit 28d4e08\n[0.1.24-2.dev.git875dd2e]\n- built commit 875dd2e\n- Resolves: gh#416\n[0.1.24-1.dev.gita41cd0]\n- bump to 0.1.24-dev\n- correct a prior bogus date\n- fix macro in comment warning\n[0.1.23-6.dev.git1bbd87]\n- Change name of storage.conf.5 man page to containers-storage.conf.5, since\nit conflicts with inn package\n- Also remove default to 'overalay' in the configuration, since we should\n- allow containers storage to pick the best default for the platform.\n[0.1.23-5.git1bbd87f]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild\n[0.1.23-4.git1bbd87f]\n- Rebuild with binutils fix for ppc64le (#1475636)\n[0.1.23-3.git1bbd87f]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild\n[0.1.23-2.dev.git1bbd87]\n- Fix storage.conf man page to be storage.conf.5.gz so that it works.\n[0.1.23-1.dev.git1bbd87]\n- Support for OCI V1.0 Images\n- Update to image-spec v1.0.0 and revendor\n- Fixes for authentication\n[0.1.22-2.dev.git5d24b67]\n- Epoch: 1 for CentOS as CentOS Extras' build already has epoch set to 1\n[0.1.22-1.dev.git5d24b67]\n- Give more useful help when explaining usage\n- Also specify container-storage as a valid transport\n- Remove docker reference wherever possible\n- vendor in ostree fixes\n[0.1.21-1.dev.git0b73154]\n- Add support for storage.conf and storage-config.5.md from github container storage package\n- Bump to the latest version of skopeo\n- vendor.conf: add ostree-go\n- it is used by containers/image for pulling images to the OSTree storage.\n- fail early when image os does not match host os\n- Improve documentation on what to do with containers/image failures in test-skopeo\n- We now have the docker-archive: transport\n- Integration tests with built registries also exist\n- Support /etc/docker/certs.d\n- update image-spec to v1.0.0-rc6\n[0.1.20-1.dev.git0224d8c]\n- BZ #1380078 - New release\n[0.1.19-2.dev.git0224d8c]\n- No golang support for ppc64. Adding exclude arch. BZ #1445490\n[0.1.19-1.dev.git0224d8c]\n- bump to v0.1.19-dev\n- built commit 0224d8c\n[0.1.17-3.dev.git2b3af4a]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild\n[0.1.17-2.dev.git2b3af4a]\n- Rebuild for gpgme 1.18\n[0.1.17-1.dev.git2b3af4a]\n- bump to 0.1.17-dev\n[0.1.14-6.git550a480]\n- Fix BZ#1391932\n[0.1.14-5.git550a480]\n- Conflicts with atomic in skopeo-containers\n[0.1.14-4.git550a480]\n- built skopeo-containers\n[0.1.14-3.gitd830391]\n- built mtrmac/integrate-all-the-things commit d830391\n[0.1.14-2.git362bfc5]\n- built commit 362bfc5\n[0.1.14-1.gitffe92ed]\n- build origin/master commit ffe92ed\n[0.1.13-6]\n- https://fedoraproject.org/wiki/Changes/golang1.7\n[0.1.13-5]\n- include go-srpm-macros and compiler(go-compiler) in fedora conditionals\n- define %gobuild if not already\n- add patch to build with older version of golang\n[0.1.13-4]\n- update to v0.1.12\n[0.1.12-3]\n- fix go build source path\n[0.1.12-2]\n- update to v0.1.12\n[0.1.11-1]\n- update to v0.1.11\n[0.1.10-1]\n- update to v0.1.10\n- change runcom -> projectatomic\n[0.1.9-1]\n- update to v0.1.9\n[0.1.8-1]\n- update to v0.1.8\n[0.1.4-2]\n- https://fedoraproject.org/wiki/Changes/golang1.6\n[0.1.4]\n- First package for Fedora\nslirp4netns\nudica", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "userInteraction": "REQUIRED", "version": "3.1"}, "impactScore": 5.9}, "published": "2021-03-05T00:00:00", "type": "oraclelinux", "title": "container-tools:2.0 security update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-10214", "CVE-2020-10696", "CVE-2020-1702", "CVE-2021-20188"], "modified": "2021-03-05T00:00:00", "id": "ELSA-2021-0706", "href": "http://linux.oracle.com/errata/ELSA-2021-0706.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-30T06:24:53", "description": "buildah\n[1.5-4.0.1.gite94b4f9]\n- Fixes troubles with oracle registry login [Orabug: 29937283]\n[1.5-4.gite94b4f9]\n- fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file overwriting during image build process'\n- Resolves: #1819431\ncontainer-selinux\n[2:2.124.0-1.gitf958d0c]\n- update to 2.124.0\n- Resolves: #1816541\n[2:2.94-2.git1e99f1d]\n- rebuild because of CVE-2019-9512 and CVE-2019-9514\n- Resolves: #1766316, #1766215\nslirp4netns\n[0.1-5.dev.gitc4e1bc5]\n- backport fix for CVE-2020-7039\n- Resolves: #1791578\n[0.1-4.dev.gitc4e1bc5]\n- actually add CVE-2019-14378 patch to dist-git\n- Related: RHELPLAN-25139", "cvss3": {"exploitabilityScore": 2.8, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "HIGH", "baseScore": 8.8, "privilegesRequired": "LOW", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 5.9}, "published": "2020-05-13T00:00:00", "type": "oraclelinux", "title": "container-tools:1.0 security and bug fix update", "bulletinFamily": "unix", "cvss2": {"severity": "HIGH", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "COMPLETE", "availabilityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "baseScore": 9.3, "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 10.0, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-14378", "CVE-2019-9512", "CVE-2019-9514", "CVE-2020-10696", "CVE-2020-7039"], "modified": "2020-05-13T00:00:00", "id": "ELSA-2020-1926", "href": "http://linux.oracle.com/errata/ELSA-2020-1926.html", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2021-07-30T06:24:23", "description": "buildah\n[1.5-8.gite94b4f9.0.1]\n- Fixes troubles with oracle registry login [Orabug: 29937283]\n[1.5-8.gite94b4f9]\n- bump release to preserve upgrade path\n- Related: #1821193\n[1.5-4.gite94b4f9]\n- fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file overwriting during image build process'\n- Resolves: #1818127\n[1.5-3.gite94b4f9]\n- re-enable debuginfo\n[1.5-2.gite94b4f9]\n- go toolset not in scl anymore\n[1.5-1.gite94b4f9]\n- rebase\n[1.4-3.git608fa84]\n- fedora-like go compiler macro in buildrequires is enough\n[1.4-2.git608fa84]\n- rebase\n[1.3-3.git4888163]\n- Resolves: #1615611 - rebuild with gobuild tag 'no_openssl'\n[1.3-2.git4888163]\n- Resolves: #1614009 - built with updated scl-ized go-toolset dep\n- build with %gobuild\n[1.3-1]\n- Bump to v1.3\n- Vendor in lates containers/image\n- build-using-dockerfile: let -t include transports again\n- Block use of /proc/acpi and /proc/keys from inside containers\n- Fix handling of --registries-conf\n- Fix becoming a maintainer link\n- add optional CI test fo darwin\n- Don't pass a nil error to errors.Wrapf()\n- image filter test: use kubernetes/pause as a 'since'\n- Add --cidfile option to from\n- vendor: update containers/storage\n- Contributors need to find the CONTRIBUTOR.md file easier\n- Add a --loglevel option to build-with-dockerfile\n- Create Development plan\n- cmd: Code improvement\n- allow buildah cross compile for a darwin target\n- Add unused function param lint check\n- docs: Follow man-pages(7) suggestions for SYNOPSIS\n- Start using github.com/seccomp/containers-golang\n- umount: add all option to umount all mounted containers\n- runConfigureNetwork(): remove an unused parameter\n- Update github.com/opencontainers/selinux\n- Fix buildah bud --layers\n- Force ownership of /etc/hosts and /etc/resolv.conf to 0:0\n- main: if unprivileged, reexec in a user namespace\n- Vendor in latest imagebuilder\n- Reduce the complexity of the buildah.Run function\n- mount: output it before replacing lastError\n- Vendor in latest selinux-go code\n- Implement basic recognition of the '--isolation' option\n- Run(): try to resolve non-absolute paths using /usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/home/opc/.local/bin:/home/opc/bin\n- Run(): don't include any default environment variables\n- build without seccomp\n- vendor in latest runtime-tools\n- bind/mount_unsupported.go: remove import errors\n- Update github.com/opencontainers/runc\n- Add Capabilities lists to BuilderInfo\n- Tweaks for commit tests\n- commit: recognize committing to second storage locations\n- Fix ARGS parsing for run commands\n- Add info on registries.conf to from manpage\n- Switch from using docker to podman for testing in .papr\n- buildah: set the HTTP User-Agent\n- ONBUILD tutorial\n- Add information about the configuration files to the install docs\n- Makefile: add uninstall\n- Add tilde info for push to troubleshooting\n- mount: support multiple inputs\n- Use the right formatting when adding entries to /etc/hosts\n- Vendor in latest go-selinux bindings\n- Allow --userns-uid-map/--userns-gid-map to be global options\n- bind: factor out UnmountMountpoints\n- Run(): simplify runCopyStdio()\n- Run(): handle POLLNVAL results\n- Run(): tweak terminal mode handling\n- Run(): rename 'copyStdio' to 'copyPipes'\n- Run(): don't set a Pdeathsig for the runtime\n- Run(): add options for adding and removing capabilities\n- Run(): don't use a callback when a slice will do\n- setupSeccomp(): refactor\n- Change RunOptions.Stdin/Stdout/Stderr to just be Reader/Writers\n- Escape use of '_' in .md docs\n- Break out getProcIDMappings()\n- Break out SetupIntermediateMountNamespace()\n- Add Multi From Demo\n- Use the c/image conversion code instead of converting configs manually\n- Don't throw away the manifest MIME type and guess again\n- Consolidate loading manifest and config in initConfig\n- Pass a types.Image to Builder.initConfig\n- Require an image ID in importBuilderDataFromImage\n- Use c/image/manifest.GuessMIMEType instead of a custom heuristic\n- Do not ignore any parsing errors in initConfig\n- Explicitly handle 'from scratch' images in Builder.initConfig\n- Fix parsing of OCI images\n- Simplify dead but dangerous-looking error handling\n- Don't ignore v2s1 history if docker_version is not set\n- Add --rm and --force-rm to buildah bud\n- Add --all,-a flag to buildah images\n- Separate stdio buffering from writing\n- Remove tty check from images --format\n- Add environment variable BUILDAH_RUNTIME\n- Add --layers and --no-cache to buildah bud\n- Touch up images man\n- version.md: fix DESCRIPTION\n- tests: add containers test\n- tests: add images test\n- images: fix usage\n- fix make clean error\n- Change 'registries' to 'container registries' in man\n- add commit test\n- Add(): learn to record hashes of what we add\n- Minor update to buildah config documentation for entrypoint\n- Bump to v1.2-dev\n- Add registries.conf link to a few man pages\n[1.2-3]\n- do not depend on btrfs-progs for rhel8\n[1.2-2]\n- buildah does not require ostree\n[1.2-1]\n- Vendor in latest containers/image\n- build-using-dockerfile: let -t include transports again\n- Block use of /proc/acpi and /proc/keys from inside containers\n- Fix handling of --registries-conf\n- Fix becoming a maintainer link\n- add optional CI test fo darwin\n- Don't pass a nil error to errors.Wrapf()\n- image filter test: use kubernetes/pause as a 'since'\n- Add --cidfile option to from\n- vendor: update containers/storage\n- Contributors need to find the CONTRIBUTOR.md file easier\n- Add a --loglevel option to build-with-dockerfile\n- Create Development plan\n- cmd: Code improvement\n- allow buildah cross compile for a darwin target\n- Add unused function param lint check\n- docs: Follow man-pages(7) suggestions for SYNOPSIS\n- Start using github.com/seccomp/containers-golang\n- umount: add all option to umount all mounted containers\n- runConfigureNetwork(): remove an unused parameter\n- Update github.com/opencontainers/selinux\n- Fix buildah bud --layers\n- Force ownership of /etc/hosts and /etc/resolv.conf to 0:0\n- main: if unprivileged, reexec in a user namespace\n- Vendor in latest imagebuilder\n- Reduce the complexity of the buildah.Run function\n- mount: output it before replacing lastError\n- Vendor in latest selinux-go code\n- Implement basic recognition of the '--isolation' option\n- Run(): try to resolve non-absolute paths using /usr/local/bin:/usr/bin:/usr/local/sbin:/usr/sbin:/home/opc/.local/bin:/home/opc/bin\n- Run(): don't include any default environment variables\n- build without seccomp\n- vendor in latest runtime-tools\n- bind/mount_unsupported.go: remove import errors\n- Update github.com/opencontainers/runc\n- Add Capabilities lists to BuilderInfo\n- Tweaks for commit tests\n- commit: recognize committing to second storage locations\n- Fix ARGS parsing for run commands\n- Add info on registries.conf to from manpage\n- Switch from using docker to podman for testing in .papr\n- buildah: set the HTTP User-Agent\n- ONBUILD tutorial\n- Add information about the configuration files to the install docs\n- Makefile: add uninstall\n- Add tilde info for push to troubleshooting\n- mount: support multiple inputs\n- Use the right formatting when adding entries to /etc/hosts\n- Vendor in latest go-selinux bindings\n- Allow --userns-uid-map/--userns-gid-map to be global options\n- bind: factor out UnmountMountpoints\n- Run(): simplify runCopyStdio()\n- Run(): handle POLLNVAL results\n- Run(): tweak terminal mode handling\n- Run(): rename 'copyStdio' to 'copyPipes'\n- Run(): don't set a Pdeathsig for the runtime\n- Run(): add options for adding and removing capabilities\n- Run(): don't use a callback when a slice will do\n- setupSeccomp(): refactor\n- Change RunOptions.Stdin/Stdout/Stderr to just be Reader/Writers\n- Escape use of '_' in .md docs\n- Break out getProcIDMappings()\n- Break out SetupIntermediateMountNamespace()\n- Add Multi From Demo\n- Use the c/image conversion code instead of converting configs manually\n- Don't throw away the manifest MIME type and guess again\n- Consolidate loading manifest and config in initConfig\n- Pass a types.Image to Builder.initConfig\n- Require an image ID in importBuilderDataFromImage\n- Use c/image/manifest.GuessMIMEType instead of a custom heuristic\n- Do not ignore any parsing errors in initConfig\n- Explicitly handle 'from scratch' images in Builder.initConfig\n- Fix parsing of OCI images\n- Simplify dead but dangerous-looking error handling\n- Don't ignore v2s1 history if docker_version is not set\n- Add --rm and --force-rm to buildah bud\n- Add --all,-a flag to buildah images\n- Separate stdio buffering from writing\n- Remove tty check from images --format\n- Add environment variable BUILDAH_RUNTIME\n- Add --layers and --no-cache to buildah bud\n- Touch up images man\n- version.md: fix DESCRIPTION\n- tests: add containers test\n- tests: add images test\n- images: fix usage\n- fix make clean error\n- Change 'registries' to 'container registries' in man\n- add commit test\n- Add(): learn to record hashes of what we add\n- Minor update to buildah config documentation for entrypoint\n- Add registries.conf link to a few man pages\n[1.1-1]\n- Drop capabilities if running container processes as non root\n- Print Warning message if cmd will not be used based on entrypoint\n- Update 01-intro.md\n- Shouldn't add insecure registries to list of search registries\n- Report errors on bad transports specification when pushing images\n- Move parsing code out of common for namespaces and into pkg/parse.go\n- Add disable-content-trust noop flag to bud\n- Change freenode chan to buildah\n- runCopyStdio(): don't close stdin unless we saw POLLHUP\n- Add registry errors for pull\n- runCollectOutput(): just read until the pipes are closed on us\n- Run(): provide redirection for stdio\n- rmi, rm: add test\n- add mount test\n- Add parameter judgment for commands that do not require parameters\n- Add context dir to bud command in baseline test\n- run.bats: check that we can run with symlinks in the bundle path\n- Give better messages to users when image can not be found\n- use absolute path for bundlePath\n- Add environment variable to buildah --format\n- rm: add validation to args and all option\n- Accept json array input for config entrypoint\n- Run(): process RunOptions.Mounts, and its flags\n- Run(): only collect error output from stdio pipes if we created some\n- Add OnBuild support for Dockerfiles\n- Quick fix on demo readme\n- run: fix validate flags\n- buildah bud should require a context directory or URL\n- Touchup tutorial for run changes\n- Validate common bud and from flags\n- images: Error if the specified imagename does not exist\n- inspect: Increase err judgments to avoid panic\n- add test to inspect\n- buildah bud picks up ENV from base image\n- Extend the amount of time travis_wait should wait\n- Add a make target for Installing CNI plugins\n- Add tests for namespace control flags\n- copy.bats: check ownerships in the container\n- Fix SELinux test errors when SELinux is enabled\n- Add example CNI configurations\n- Run: set supplemental group IDs\n- Run: use a temporary mount namespace\n- Use CNI to configure container networks\n- add/secrets/commit: Use mappings when setting permissions on added content\n- Add CLI options for specifying namespace and cgroup setup\n- Always set mappings when using user namespaces\n- Run(): break out creation of stdio pipe descriptors\n- Read UID/GID mapping information from containers and images\n- Additional bud CI tests\n- Run integration tests under travis_wait in Travis\n- build-using-dockerfile: add --annotation\n- Implement --squash for build-using-dockerfile and commit\n- Vendor in latest container/storage for devicemapper support\n- add test to inspect\n- Vendor github.com/onsi/ginkgo and github.com/onsi/gomega\n- Test with Go 1.10, too\n- Add console syntax highlighting to troubleshooting page\n- bud.bats: print '' before checking its contents\n- Manage 'Run' containers more closely\n- Break Builder.Run()'s 'run runc' bits out\n- util.ResolveName(): handle completion for tagged/digested image names\n- Handle /etc/hosts and /etc/resolv.conf properly in container\n- Documentation fixes\n- Make it easier to parse our temporary directory as an image name\n- Makefile: list new pkg/ subdirectoris as dependencies for buildah\n- containerImageSource: return more-correct errors\n- API cleanup: PullPolicy and TerminalPolicy should be types\n- Make 'run --terminal' and 'run -t' aliases for 'run --tty'\n- Vendor github.com/containernetworking/cni v0.6.0\n- Update github.com/containers/storage\n- Update github.com/projectatomic/libpod\n- Add support for buildah bud --label\n- buildah push/from can push and pull images with no reference\n- Vendor in latest containers/image\n- Update gometalinter to fix install.tools error\n- Update troubleshooting with new run workaround\n- Added a bud demo and tidied up\n- Attempt to download file from url, if fails assume Dockerfile\n- Add buildah bud CI tests for ENV variables\n- Re-enable rpm .spec version check and new commit test\n- Update buildah scratch demo to support el7\n- Added Docker compatibility demo\n- Update to F28 and new run format in baseline test\n- Touchup man page short options across man pages\n- Added demo dir and a demo. chged distrorlease\n- builder-inspect: fix format option\n- Add cpu-shares short flag (-c) and cpu-shares CI tests\n- Minor fixes to formatting in rpm spec changelog\n- Fix rpm .spec changelog formatting\n- CI tests and minor fix for cache related noop flags\n- buildah-from: add effective value to mount propagation\n[1.0-1]\n- Remove buildah run cmd and entrypoint execution\n- Add Files section with registries.conf to pertinent man pages\n- Force 'localhost' as a default registry\n- Add --compress, --rm, --squash flags as a noop for bud\n- Add FIPS mode secret to buildah run and bud\n- Add config --comment/--domainname/--history-comment/--hostname\n- Add support for --iidfile to bud and commit\n- Add /bin/sh -c to entrypoint in config\n- buildah images and podman images are listing different sizes\n- Remove tarball as an option from buildah push --help\n- Update entrypoint behaviour to match docker\n- Display imageId after commit\n- config: add support for StopSignal\n- Allow referencing stages as index and names\n- Add multi-stage builds support\n- Vendor in latest imagebuilder, to get mixed case AS support\n- Allow umount to have multi-containers\n- Update buildah push doc\n- buildah bud walks symlinks\n- Imagename is required for commit atm, update manpage\n[0.16-3.git532e267]\n- Resolves: #1573681\n- built commit 532e267\n[0.16.0-2.git6f7d05b]\n- built commit 6f7d05b\n[0.16-1]\n- Add support for shell\n- Vendor in latest containers/image\n- \t docker-archive generates docker legacy compatible images\n-\t Do not create subdirectories for layers with no configs\n- \t Ensure the layer IDs in legacy docker/tarfile metadata are unique\n-\t docker-archive: repeated layers are symlinked in the tar file\n-\t sysregistries: remove all trailing slashes\n-\t Improve docker/* error messages\n-\t Fix failure to make auth directory\n-\t Create a new slice in Schema1.UpdateLayerInfos\n-\t Drop unused storageImageDestination.{image,systemContext}\n-\t Load a *storage.Image only once in storageImageSource\n-\t Support gzip for docker-archive files\n-\t Remove .tar extension from blob and config file names\n-\t ostree, src: support copy of compressed layers\n-\t ostree: re-pull layer if it misses uncompressed_digest|uncompressed_size\n-\t image: fix docker schema v1 -> OCI conversion\n-\t Add /etc/containers/certs.d as default certs directory\n- Change image time to locale, add troubleshooting.md, add logo to other mds\n- Allow --cmd parameter to have commands as values\n- Document the mounts.conf file\n- Fix man pages to format correctly\n- buildah from now supports pulling images using the following transports:\n- docker-archive, oci-archive, and dir.\n- If the user overrides the storage driver, the options should be dropped\n- Show Config/Manifest as JSON string in inspect when format is not set\n- Adds feature to pull compressed docker-archive files\n[0.15-1]\n- Fix handling of buildah run command options\n[0.14-1]\n- If commonOpts do not exist, we should return rather then segfault\n- Display full error string instead of just status\n- Implement --volume and --shm-size for bud and from\n- Fix secrets patch for buildah bud\n- Fixes the naming issue of blobs and config for the dir transport by removing the .tar extension\n[0.13-1.git99066e0]\n- use correct version\n[0.12-4.git99066e0]\n- enable debuginfo\n[0.12-3.git99066e0]\n- BR: libseccomp-devel\n[0.12-2.git99066e0]\n- Resolves: #1548535\n- built commit 99066e0\n[0.12-1]\n- Added handing for simpler error message for Unknown Dockerfile instructions.\n- Change default certs directory to /etc/containers/certs.dir\n- Vendor in latest containers/image\n- Vendor in latest containers/storage\n- build-using-dockerfile: set the 'author' field for MAINTAINER\n- Return exit code 1 when buildah-rmi fails\n- Trim the image reference to just its name before calling getImageName\n- Touch up rmi -f usage statement\n- Add --format and --filter to buildah containers\n- Add --prune,-p option to rmi command\n- Add authfile param to commit\n- Fix --runtime-flag for buildah run and bud\n- format should override quiet for images\n- Allow all auth params to work with bud\n- Do not overwrite directory permissions on --chown\n- Unescape HTML characters output into the terminal\n- Fix: setting the container name to the image\n- Prompt for un/pwd if not supplied with --creds\n- Make bud be really quiet\n- Return a better error message when failed to resolve an image\n- Update auth tests and fix bud man page\n[0.11-3.git49095a8]\n- Resolves: #1542236 - add ostree and bump runc dep\n[0.11-2.git49095a8]\n- rebased to 49095a83f8622cf69532352d183337635562e261\n[0.11-1]\n- Add --all to remove containers\n- Add --all functionality to rmi\n- Show ctrid when doing rm -all\n- Ignore sequential duplicate layers when reading v2s1\n- Lots of minor bug fixes\n- Vendor in latest containers/image and containers/storage\n[0.10-2]\n- Fix checkin\n[0.10-1]\n- Display Config and Manifest as strings\n- Bump containers/image\n- Use configured registries to resolve image names\n- Update to work with newer image library\n- Add --chown option to add/copy commands\n[0.9-2.git04ea079]\n- build for all arches\n[0.9-1]\n- Allow push to use the image id\n- Make sure builtin volumes have the correct label\n[0.8-1]\n- Buildah bud was failing on SELinux machines, this fixes this\n- Block access to certain kernel file systems inside of the container\n[0.7-1]\n- Ignore errors when trying to read containers buildah.json for loading SELinux reservations\n- Use credentials from kpod login for buildah\n- Adds support for converting manifest types when using the dir transport\n- Rework how we do UID resolution in images\n- Bump github.com/vbatts/tar-split\n- Set option.terminal appropriately in run\n[0.5-5.gitf7dc659]\n- revert building for s390x, it is intended for rhel 7.5\n[0.5-4]\n- Add requires for container-selinux\n[0.5-3.gitf7dc659]\n- build for s390x, https://bugzilla.redhat.com/show_bug.cgi?id=1482234\n[0.5-2]\n- Bump github.com/vbatts/tar-split\n- Fixes CVE That could allow a container image to cause a DOS\n[0.5-1]\n- Add secrets patch to buildah\n- Add proper SELinux labeling to buildah run\n- Add tls-verify to bud command\n- Make filtering by date use the image's date\n- images: don't list unnamed images twice\n- Fix timeout issue\n- Add further tty verbiage to buildah run\n- Make inspect try an image on failure if type not specified\n- Add support for \n- Tons of bug fixes and code cleanup\n[0.4-2.git01db066]\n- bump to latest version\n- set GIT_COMMIT at build-time\n[0.4-1.git9cbccf88c]\n- Add default transport to push if not provided\n- Avoid trying to print a nil ImageReference\n- Add authentication to commit and push\n- Add information on buildah from man page on transports\n- Remove --transport flag\n- Run: do not complain about missing volume locations\n- Add credentials to buildah from\n- Remove export command\n- Run(): create the right working directory\n- Improve 'from' behavior with unnamed references\n- Avoid parsing image metadata for dates and layers\n- Read the image's creation date from public API\n- Bump containers/storage and containers/image\n- Don't panic if an image's ID can't be parsed\n- Turn on --enable-gc when running gometalinter\n- rmi: handle truncated image IDs\n[0.4-1.git9cbccf8]\n- bump to v0.4\n[0.3-4.gitb9b2a8a]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild\n[0.3-3.gitb9b2a8a]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild\n[0.3-2.gitb9b2a8a7e]\n- Bump for inclusion of OCI 1.0 Runtime and Image Spec\n[0.2.0-1.gitac2aad6]\n- buildah run: Add support for -- ending options parsing\n- buildah Add/Copy support for glob syntax\n- buildah commit: Add flag to remove containers on commit\n- buildah push: Improve man page and help information\n- buildah run: add a way to disable PTY allocation\n- Buildah docs: clarify --runtime-flag of run command\n- Update to match newer storage and image-spec APIs\n- Update containers/storage and containers/image versions\n- buildah export: add support\n- buildah images: update commands\n- buildah images: Add JSON output option\n- buildah rmi: update commands\n- buildah containers: Add JSON output option\n- buildah version: add command\n- buildah run: Handle run without an explicit command correctly\n- Ensure volume points get created, and with perms\n- buildah containers: Add a -a/--all option\n[0.1.0-2.git597d2ab9]\n- Release Candidate 1\n- All features have now been implemented.\n[0.0.1-1.git7a0a5333]\n- First package for Fedora\ncontainernetworking-plugins\n[0.7.4-4.git9ebe139]\n- bump release to preserve upgrade path\n- Related: #1821193\n[0.7.4-3.git9ebe139]\n- re-enable debuginfo\n[0.7.4-2.git9ebe139]\n- rebase, removed patch that is already upstream\n[0.7.3-7.git19f2f28]\n- go tools not in scl anymore\n[0.7.3-6.git19f2f28]\n- correct tag specification format in %gobuild macro\n[0.7.3-5.git19f2f28]\n- Resolves: #1616062 - patch to revert coreos/go-iptables bump\n[0.7.3-4.git19f2f28]\n- Resolves:#1603012\n- fix versioning, upstream got it wrong at 7.2\n[0.7.2-3.git19f2f28]\n- disable i686 temporarily for appstream builds\n- update golang deps and gobuild definition\n[0.7.2-2.git19f2f28]\n- rebase\n[0.7.0-103.gitdd8ff8a]\n- enable scl with the toolset\n[0.7.0-102.gitdd8ff8a]\n- remove devel and unittest subpackages\n- use new go-toolset deps\n[0.7.0-101]\n- rebase\n- patches already upstream, removed\n[0.6.0-6]\n- Imported from Fedora\n- Renamed CNI -> plugins\n[0.6.0-4]\n- Own the libexec cni directory\n[0.6.0-3]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild\n[0.6.0-2]\n- skip settling IPv4 addresses\n[0.6.0-1]\n- rebased to 7480240de9749f9a0a5c8614b17f1f03e0c06ab9\n[0.5.2-7]\n- do not install to /opt (against Fedora Guidelines)\n[0.5.2-6]\n- Enable devel subpackage\n[0.5.2-5]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild\n[0.5.2-4]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild\n[0.5.2-3]\n- excludearch: ppc64 as it's not in goarches anymore\n- re-enable s390x\n[0.5.2-2]\n- upstream moved to github.com/containernetworking/plugins\n- built commit dcf7368\n- provides: containernetworking-plugins\n- use vendored deps because they're a lot less of a PITA\n- excludearch: s390x for now (rhbz#1466865)\n[0.5.2-1]\n- Update to 0.5.2\n- Softlink to default /opt/cni/bin directories\n[0.5.1-1]\n- Initial package\ncontainer-selinux\n[2:2.124.0-1.gitf958d0c]\n- update to 2.124.0\n- Resolves: #1816541\n[2:2.94-2.git1e99f1d]\n- rebuild because of CVE-2019-9512 and CVE-2019-9514\n- Resolves: #1766316, #1766215\n[2:2.94-1.git1e99f1d]\n- Resolves: #1690286 - bump to v2.94\n- Resolves: #1693806, #1689255\n[2:2.89-1.git2521d0d]\n- bump to v2.89\n[2:2.75-1.git99e2cfd]\n- bump to v2.75\n- built commit 99e2cfd\n[2:2.74-1]\n- Resolves: #1641655 - bump to v2.74\n- built commit a62c2db\n[2:2.73-3]\n- tweak macro for fedora - applies to rhel8 as well\n[2:2.73-2]\n- moved changelog entries:\n- Define spc_t as a container_domain, so that container_runtime will transition\nto spc_t even when setup with nosuid.\n- Allow container_runtimes to setattr on callers fifo_files\n- Fix restorecon to not error on missing directory\n[2.69-3]\n- Make sure we pull in the latest selinux-policy\n[2.69-2]\n- Add map support to container-selinux for RHEL 7.5\n- Dontudit attempts to write to kernel_sysctl_t\n[2.68-1]\n- Add label for /var/lib/origin\n- Add customizable_file_t to customizable_types\n[2.67-1]\n- Add policy for container_logreader_t\n[2.66-1]\n- Allow dnsmasq to dbus chat with spc_t\n[2.64-1]\n- Allow containers to create all socket classes\n[2.62-1]\n- Label overlay directories under /var/lib/containers/ correctly\n[2.61-1]\n- Allow spc_t to load kernel modules from inside of container\n[2.60-1]\n- Allow containers to list cgroup directories\n- Transition for unconfined_service_t to container_runtime_t when executing container_runtime_exec_t.\n[2.58-2]\n- Run restorecon /usr/bin/podman in postinstall\n[2.58-1]\n- Add labels to allow podman to be run from a systemd unit file\n[2.57-1]\n- Set the version of SELinux policy required to the latest to fix build issues.\n[2.56-1]\n- Allow container_runtime_t to transition to spc_t over unlabeled files\n[2.55-1]\nAllow iptables to read container state\n Dontaudit attempts from containers to write to /proc/self\n Allow spc_t to change attributes on container_runtime_t fifo files\n[2.52-1]\n- Add better support for writing custom selinux policy for customer container domains.\n[2.51-1]\n- Allow shell_exec_t as a container_runtime_t entrypoint\n[2.50-1]\n- Allow bin_t as a container_runtime_t entrypoint\n[2.49-1]\n- Add support for MLS running container runtimes\n- Add missing allow rules for running systemd in a container\n[2.48-1]\n- Update policy to match master branch\n- Remove typebounds and replace with nnp_transition and nosuid_transition calls\n[2.41-1]\n- Add support to nnp_transition for container domains\n- Eliminates need for typebounds.\n[2.40-1]\n- Allow container_runtime_t to use user ttys\n- Fixes bounds check for container_t\n[2.39-1]\n- Allow container runtimes to use interited terminals. This helps\nsatisfy the bounds check of container_t versus container_runtime_t.\n[2.38-1]\n- Allow container runtimes to mmap container_file_t devices\n- Add labeling for rhel push plugin\n[2.37-1]\n- Allow containers to use inherited ttys\n- Allow ostree to handle labels under /var/lib/containers/ostree\n[2.36-1]\n- Allow containers to relabelto/from all file types to container_file_t\n[2.35-1]\n- Allow container to map chr_files labeled container_file_t\n[2.34-1]\n- Dontaudit container processes getattr on kernel file systems\n[2.33-1]\n- Allow containers to read /etc/resolv.conf and /etc/hosts if volume\n- mounted into container.\n[2.32-1]\n- Make sure users creating content in /var/lib with right labels\n[2.31-1]\n- Allow the container runtime to dbus chat with dnsmasq\n- add dontaudit rules for container trying to write to /proc\n[2.29-1]\n- Add support for lxcd\n- Add support for labeling of tmpfs storage created within a container.\n[2.28-1]\n- Allow a container to umount a container_file_t filesystem\n[2.27-1]\n- Allow container runtimes to work with the netfilter sockets\n- Allow container_file_t to be an entrypoint for VM's\n- Allow spc_t domains to transition to svirt_t\n[2.24-1]\n- Make sure container_runtime_t has all access of container_t\n[2.23-1]\n- Allow container runtimes to create sockets in tmp dirs\n[2.22-1]\n- Add additonal support for crio labeling.\n[2.21-3]\n- Fixup spec file conditionals\n[2:2.21-2]\n- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild\n[2.21-1]\n- Allow containers to execmod on container_share_t files.\n[2.20-2]\n- Relabel runc and crio executables\n[2.20-1]\n- Allow container processes to getsession\n[2:2.19-2.1]\n- update release tag to isolate from 7.3\n[2:2.19-1]\n- Fix mcs transition problem on stdin/stdout/stderr\n- Add labels for CRI-O\n- Allow containers to use tunnel sockets\n[2:2.15-1.1]\n- Resolves: #1451289\n- rebase to v2.15\n- built @origin/RHEL-1.12 commit 583ca40\n[2:2.10-2.1]\n- Make sure we have a late enough version of policycoreutils\n[2:2.10-1]\n- Update to the latest container-selinux patch from upstream\n- Label files under /usr/libexec/lxc as container_runtime_exec_t\n- Give container_t access to XFRM sockets\n- Allow spc_t to dbus chat with init system\n- Allow containers to read cgroup configuration mounted into a container\n[2:2.9-4]\n- Resolves: #1425574\n- built commit 79a6d70\n[2:2.9-3]\n- Resolves: #1420591\n- built @origin/RHEL-1.12 commit 8f876c4\n[2:2.9-2]\n- built @origin/RHEL-1.12 commit 33cb78b\n[2:2.8-2]\n-\n[2:2.7-1]\n- built origin/RHEL-1.12 commit 21dd37b\n[2:2.4-2]\n- correct version-release in changelog entries\n[2:2.4-1]\n- Add typebounds statement for container_t from container_runtime_t\n- We should only label runc not runc*\n[2:2.3-1]\n- Fix labeling on /usr/bin/runc.*\n- Add sandbox_net_domain access to container.te\n- Remove containers ability to look at /etc content\n[2:2.2-4]\n- use upstream's RHEL-1.12 branch, commit 56c32da for CentOS 7\n[2:2.2-3]\n- properly disable docker module in %post\n[2:2.2-2]\n- depend on selinux-policy-targeted\n- relabel docker-latest* files as well\n[2:2.2-1]\n- bump to v2.2\n- additional labeling for ocid\n[2:2.0-2]\n- install policy at level 200\n- From: Dan Walsh \n[2:2.0-1]\n- Resolves: #1406517 - bump to v2.0 (first upload to Fedora as a\nstandalone package)\n- include projectatomic/RHEL-1.12 branch commit for building on centos/rhel\n[2:1.12.4-29]\n- new package (separated from docker)\ncriu\nfuse-overlayfs\n[0.3-5]\n- revert fuse-overlayfs to commit 6d269aa\n- Resolves: #1720707\n[0.3-4.dev.gitd760789]\n- rebase\n[0.3-2]\n- rebase\n- Resolves:#1666510\n[0.1-7.dev.git50c7a50]\n- Resolves: #1640232\n- built commit 50c7a50\n[0.1-6.dev.git1c72a1a]\n- Resolves: #1614856 - add manpage\n- built commit 1c72a1a\n- add BR: go-md2man\n[0.1-5.dev.gitd40ac75]\n- built commit d40ac75\n- remove fedora bz ids\n- Exclude ix86 and ppc64\n[0.1-4.dev.git79c70fd]\n- Resolves: #1609598 - initial upload to Fedora\n- bundled gnulib\n[0.1-3.dev.git79c70fd]\n- correct license field\n[0.1-2.dev.git79c70fd]\n- fix license\n[0.1-1.dev.git13575b6]\n- First package for Fedora\noci-systemd-hook\noci-umount\npodman\n[1.0.0-8.git921f98f]\n- fix 'podman can not create user inside of container' regression introduced by\n patch for CVE-2021-20188\n- Related: #1918285\n[1.0.0-7.git921f98f]\n- fix CVE-2021-20188\n- Resolves: #1918285\n[1.0.0-6.git921f98f]\n- fix 'podman run errors out/segfaults in container-tools-1.0-8.3.0'\n- Resolves: #1882267\n[1.0.0-5.git921f98f]\n- bump release to preserve upgrade path\n- Resolves: #1821193\n[1.0.0-4.git921f98f]\n- fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file overwriting during image build process'\n- Resolves: #1818122\n[1.0.0-3.git921f98f]\n- rebuild because of CVE-2019-9512 and CVE-2019-9514\n- Resolves: #1766294, #1766322\n[1.0.0-2.git921f98f]\n- rebase\n[1.0.0-1.git82e8011]\n- rebase to v1, yay!\n- rebase conmon to 9b1f0a08285a7f74b21cc9b6bfd98a48905a7ba2\n- Resolves:#1623282\n- python interface removed, moved to https://github.com/containers/python-podman/\n[0.12.1.2-4.git9551f6b]\n- re-enable debuginfo\n[0.12.1.2-3.git9551f6b]\n- python libraries added\n- resolves: #1657180\n[0.12.1.2-2.git9551f6b]\n- rebase\n[0.11.1.1-3.git594495d]\n- go tools not in scl anymore\n[0.11.1.1-2.git594495d]\n- fedora-like buildrequires go toolset\n[0.11.1.1-1.git594495d]\n- Resolves: #1636230 - build with FIPS enabled golang toolchain\n- bump to v0.11.1.1\n- built commit 594495d\n[0.11.1-3.gita4adfe5]\n- podman-docker provides docker\n- Resolves: #1650355\n[0.11.1-2.gita4adfe5]\n- Require platform-python-setuptools instead of python3-setuptools\n- Resolves: rhbz#1650144\n[0.11.1-1.gita4adfe5]\n- bump to v0.11.1\n- built libpod commit a4adfe5\n- built conmon from cri-o commit 464dba6\n[0.10.1.3-5.gitdb08685]\n- Resolves: #1625384 - keep BR: device-mapper-devel but don't build with it\n- not having device-mapper-devel seems to have brew not recognize %{_unitdir}\n[0.10.1.3-4.gitdb08685]\n- Resolves: #1625384 - correctly add buildtags to remove devmapper\n[0.10.1.3-3.gitdb08685]\n- Resolves: #1625384 - build without device-mapper-devel (no podman support) and lvm2\n[0.10.1.3-2.gitdb08685]\n- Resolves: #1625384 - depend on lvm2\n[0.10.1.3-1.gitdb08685]\n- Resolves: #1640298 - update vendored buildah to allow building when there are\nrunning containers\n- bump to v0.10.1.3\n- built podman commit db08685\n[0.10.1.2-1.git2b4f8d1]\n- Resolves: #1625378\n- bump to v0.10.1.2\n- built podman commit 2b4f8d1\n[0.10.1.1-1.git4bea3e9]\n- bump to v0.10.1.1\n- built podman commit 4bea3e9\n[0.10.1-1.gite4a1553]\n- bump podman to v0.10.1\n- built podman commit e4a1553\n- built conmon from cri-o commit a30f93c\n[0.9.3.1-4.git1cd906d]\n- rebased cri-o to 1.11.6\n[0.9.3.1-3.git1cd906d]\n- rebase\n[0.9.2-2.git37a2afe]\n- rebase to podman 0.9.2\n- rebase to cri-o 0.11.4\n[0.9.1.1-2.git123de30]\n- rebase\n[0.8.4-1.git9f9b8cf]\n- bump to v0.8.4\n- built commit 9f9b8cf\n- upstream username changed from projectatomic to containers\n- use containernetworking-plugins >= 0.7.3-5\n[0.8.2.1-2.git7a526bb]\n- Resolves: #1615607 - rebuild with gobuild tag 'no_openssl'\n[0.8.2.1-1.git7a526bb]\n- Upstream 0.8.2.1 release\n- Add support for podman-docker\nResolves: rhbz#1615104\n[0.8.2-1.dev.git8b2d38e]\n- Resolves: #1614710 - podman search name includes registry\n- bump to v0.8.2-dev\n- built libpod commit 8b2d38e\n- built conmon from cri-o commit acc0ee7\n[0.8.1-2.git6b4ab2a]\n- Add recommends for slirp4netns and container-selinux\n[0.8.1-2.git6b4ab2a]\n- bump to v0.8.1\n- use %go{build,generate} instead of go build and go generate\n- update go deps to use scl-ized builds\n- No need for Makefile patch for python installs\n[0.8.1-1.git6b4ab2a]\n- Bump to v0.8.1\n[0.7.4-2.git079121]\n- podman should not require atomic-registries\n[0.7.4-1.dev.git9a18681]\n- bump to v0.7.4-dev\n- built commit 9a18681\n[0.7.3-2.git079121]\n- Turn on ostree support\n- Upstream 0.7.3\n[0.7.2-2.git4ca4c5f]\n- Upstream 0.7.2 release\n[0.7.1-3.git84cfdb2]\n- rebuilt\n[0.7.1