(RHSA-2020:2681) Low: skopeo security and bug fix update

2020-06-2314:00:36

access.redhat.com

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

0.001 Low

EPSS

Percentile

21.4%

JSON

The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files.

Security Fix(es):

containers/image: Container images read entire image manifest into memory (CVE-2020-1702)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

Proposed registries.conf for RHEL 7.8 (BZ#1810052)

OSVersionArchitecturePackageVersionFilename
RedHat7s390xskopeo< 0.1.40-11.el7_8skopeo-0.1.40-11.el7_8.s390x.rpm
RedHat7x86_64skopeo-debuginfo< 0.1.40-11.el7_8skopeo-debuginfo-0.1.40-11.el7_8.x86_64.rpm
RedHat7s390xskopeo-debuginfo< 0.1.40-11.el7_8skopeo-debuginfo-0.1.40-11.el7_8.s390x.rpm
RedHat7ppc64leskopeo< 0.1.40-11.el7_8skopeo-0.1.40-11.el7_8.ppc64le.rpm
RedHat7ppc64lecontainers-common< 0.1.40-11.el7_8containers-common-0.1.40-11.el7_8.ppc64le.rpm
RedHat7x86_64containers-common< 0.1.40-11.el7_8containers-common-0.1.40-11.el7_8.x86_64.rpm
RedHat7ppc64leskopeo-debuginfo< 0.1.40-11.el7_8skopeo-debuginfo-0.1.40-11.el7_8.ppc64le.rpm
RedHat7s390xcontainers-common< 0.1.40-11.el7_8containers-common-0.1.40-11.el7_8.s390x.rpm
RedHat7x86_64skopeo< 0.1.40-11.el7_8skopeo-0.1.40-11.el7_8.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	7	s390x	skopeo	< 0.1.40-11.el7_8	skopeo-0.1.40-11.el7_8.s390x.rpm
RedHat	7	x86_64	skopeo-debuginfo	< 0.1.40-11.el7_8	skopeo-debuginfo-0.1.40-11.el7_8.x86_64.rpm
RedHat	7	s390x	skopeo-debuginfo	< 0.1.40-11.el7_8	skopeo-debuginfo-0.1.40-11.el7_8.s390x.rpm
RedHat	7	ppc64le	skopeo	< 0.1.40-11.el7_8	skopeo-0.1.40-11.el7_8.ppc64le.rpm
RedHat	7	ppc64le	containers-common	< 0.1.40-11.el7_8	containers-common-0.1.40-11.el7_8.ppc64le.rpm
RedHat	7	x86_64	containers-common	< 0.1.40-11.el7_8	containers-common-0.1.40-11.el7_8.x86_64.rpm
RedHat	7	ppc64le	skopeo-debuginfo	< 0.1.40-11.el7_8	skopeo-debuginfo-0.1.40-11.el7_8.ppc64le.rpm
RedHat	7	s390x	containers-common	< 0.1.40-11.el7_8	containers-common-0.1.40-11.el7_8.s390x.rpm
RedHat	7	x86_64	skopeo	< 0.1.40-11.el7_8	skopeo-0.1.40-11.el7_8.x86_64.rpm