new module: container-tools:3.0

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. This enhancement update adds the container-tools:3.0 module to AlmaLinux BZ1929575 For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the...

ALSA-2021:1796 Moderate: container-tools:rhel8 security, bug fix, and enhancement update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference CVE-2020-29652 podman: Remote traffic to rootless containers is seen as orginati...

Moderate: container-tools:rhel8 security, bug fix, and enhancement update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference CVE-2020-29652 podman: Remote traffic to rootless containers is seen as orginati...

RLSA-2021:1796 Moderate: container-tools:rhel8 security, bug fix, and enhancement update

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fixes: golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference CVE-2020-29652 podman: Remote traffic to rootless containers is seen as orginati...

SUSE-SU-2021:1458-1 Security update for containerd, docker, runc

This update for containerd, docker, runc fixes the following issues: - Docker was updated to 20.10.6-ce Switch version to use -ce suffix rather than ce to avoid confusing other tools bsc1182476. CVE-2021-21284: Fixed a potential privilege escalation when the root user in the remapped namespace ha...

Oracle Linux 7 : runc (ELSA-2021-9203)

The remote Oracle Linux 7 host has a package installed that is affected by a vulnerability as referenced in the ELSA-2021-9203 advisory. 1.0.0-92.rc92 - Add epoch value of 2 to allow upgrade to 1.0.0-92.rc92 from 1.0.0-93.rc93. 1.0.0-92.rc92 - Build for...

runc bug fix update

1.0.0-92.rc92 - Add epoch value of 2 to allow upgrade to 1.0.0-92.rc92 from 1.0.0-93.rc93. 1.0.0-92.rc92 - Build for https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc92...

Fedora: Security Advisory for runc (FEDORA-2021-83b3740389)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for runc (FEDORA-2021-ec00da7faa)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 34 Update: runc-1.0.0-377.rc93.fc34

The runc command can be used to start containers which are packaged in accordance with the Open Container Initiative's specifications, and to manage containers running under runc...

[SECURITY] Fedora 33 Update: runc-1.0.0-377.rc93.fc33

The runc command can be used to start containers which are packaged in accordance with the Open Container Initiative's specifications, and to manage containers running under runc...

SUSE: Security Advisory (SUSE-SU-2021:0435-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for containerd, (openSUSE-SU-2021:0278-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GO-2021-0087 Race condition in github.com/opencontainers/runc

A race while mounting volumes allows a possible symlink-exchange attack, allowing a user whom can start multiple containers with custom volume mount configurations to escape the container...

GO-2021-0085 Authorization bypass in github.com/opencontainers/runc

AppArmor restrictions may be bypassed due to improper validation of mount targets, allowing a malicious image to mount volumes over e.g. /proc...

GO-2021-0070 Privilege escalation in github.com/opencontainers/runc

GetExecUser in the github.com/opencontainers/runc/libcontainer/user package will improperly interpret numeric UIDs as usernames. If the method is used without verifying that usernames are formatted as expected, it may allow a user to gain unexpected privileges...

The vulnerability of the Runc command-line tool for starting isolated containers lies in its ability to simultaneously execute tasks using a shared resource with incorrect synchronization. This allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.

The vulnerability of the Runc container launch tool is related to an error in tracking additional processes of the container using the pid 1 of the container. Exploiting this vulnerability can allow a perpetrator to access confidential data, compromise its integrity, and cause service failures...

NewStart CGSL CORE 5.04 / MAIN 5.04 : containerd.io Multiple Vulnerabilities (NS-SA-2021-0006)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has containerd.io packages installed that are affected by multiple vulnerabilities: - runc through 1.0.0-rc8, as used in Docker through 19.03.2-ce and other products, allows AppArmor restriction bypass because...

container-tools:2.0 security update

buildah 1.11.6-8.0.1 - Reduce unnecessary writable mounts in NaiveDiffDriver Orabug: 31025483 - Fixes troubles with oracle registry login Orabug: 29937283 1.11.6-8 - exclude i686 arch - Related: 1821193 1.11.6-7 - fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local file...

Important: Red Hat Security Advisory: container-tools:2.0 security update

An update for the container-tools:2.0 module is now available for Red Hat Enterprise Linux 8.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...