5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N
An update that solves one vulnerability and has two fixes
is now available.
Description:
This update for podman fixes the following issues:
Security issue fixed:
Non-security issues fixed:
add dependency to timezone package or podman fails to build a container
(bsc#1178122)
Install new auto-update system units
Update to v2.1.1 (bsc#1178392):
podman info
command now includes the cgroup manager Podman isChanges in v2.1.0
podman image mount
, has been added. This allows forpodman save
and podman load
commands can now create and loadpodman network
commands, andpodman build
on ADD
and COPY
instructions.dockerignore
ispodman run
and podman create
commands now support a new mode--cgroups
option, --cgroups=split
. Podman will createpodman run
and podman create
commands can now specify--network
option as follows:--net slirp4netns:opt1,opt2
. This allows for, among other things,podman ps
command now features a new option, --storage
, topodman run
and podman create
commands now feature a--sdnotify
option to control the behavior of systemd’s sdnotifyType=notify
units.podman run
command now features a --preserve-fds
podman run
and podman create
commands can now create:O
option to a bind mount-v /test:/test:O
). Overlay volume mounts will mount a directorypodman play kube
command now supports the Socket HostPath typepodman play kube
command now supports read-only mounts.podman play kube
command now supports setting labels on podspodman play kube
command now supports setting containerpodman play kube
command now properly handles HostAlias
podman generate kube
command now adds entries to /etc/hosts
--host-add
generated YAML as HostAlias
entries.podman play kube
and podman generate kube
commands nowshareProcessNamespace
to share the PID namespacepodman volume ls
command now supports the dangling
filter topodman run
and podman create
commands now feature a--umask
option to set the umask of the created container.podman create
and podman run
commands now feature a --tz
containers.conf
configuration file.--mount
option of podman run
and podman create
nowtype=devpts
, to add a devpts
mount to/dev/
from the host into the container, but still create a--security-opt
flag to podman run
and podman create
nowproc-opts
, to specify options for the/proc
filesystem.crun
OCI runtime now supports a new option topodman run
and podman create
, --cgroup-conf
, which allows forpodman create
and podman run
commands now support a--override-variant
option, to override the architecture variant of--runtime-flags
,podman manifest add
command now supports the --cert-dir
,--auth-file
, --creds
, and --tls-verify
podman exec
command would previously print error messagesexec session exited with non-zero exit code -1
) when the command run exited with a non-0 exit code. It nopodman exec
command will still exit with the same/run
. This was previously limited to 65k innoexec
, but is now unlimited size and mountedexec
.podman system reset
command no longer removes configurationlast
parameter to the Libpod container list endpoint now haslimit
[#6413].filter
query parameter [#6797].noTrunc
option to the Libpod image search endpoint.This update was imported from the SUSE:SLE-15-SP1:Update update project.
Patch Instructions:
To install this openSUSE Security Update use the SUSE recommended installation methods
like YaST online_update or “zypper patch”.
Alternatively you can run the command listed for your product:
openSUSE Leap 15.1:
zypper in -t patch openSUSE-2020-2039=1
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
openSUSE Leap | 15.1 | x86_64 | < - openSUSE Leap 15.1 (x86_64): | - openSUSE Leap 15.1 (x86_64):.x86_64.rpm | |
openSUSE Leap | 15.1 | noarch | < - openSUSE Leap 15.1 (noarch): | - openSUSE Leap 15.1 (noarch):.noarch.rpm |
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:S/C:P/I:N/A:N