Download
| Alert*
oval:org.secpod.oval:def:502699
containernetworking-plugins is installed oval:org.secpod.oval:def:503434 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * QEMU: slirp: heap buffer overflow during packet reassembly * containers/image: not enforcing TLS when sending username+password credentials to token servers leading to c ... oval:org.secpod.oval:def:503650 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu For more details about the security issue, including the impact, a CVSS score, acknowledgments, a ... oval:org.secpod.oval:def:66473 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * QEMU: slirp: heap buffer overflow during packet reassembly * containers/image: not enforcing TLS when sending username+password credentials to token servers leading to c ... oval:org.secpod.oval:def:66540 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu For more details about the security issue, including the impact, a CVSS score, acknowledgments, a ... oval:org.secpod.oval:def:506494 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * buildah: Host environment variables leaked in build container when using chroot isolation * containers/storage: DoS via malicious image For more details about the secur ... oval:org.secpod.oval:def:506528 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * buildah: Host environment variables leaked in build container when using chroot isolation For more details about the security issue, including the impact, a CVSS score, ... oval:org.secpod.oval:def:2501003 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:2501002 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:504747 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters * QEMU: slirp: networking out-of-bounds read information disclosure vulne ... oval:org.secpod.oval:def:1504763 buildah [1.11.6-8.0.1] - Reduce unnecessary writable mounts in NaiveDiffDriver [Orabug: 31025483] - Fixes troubles with oracle registry login [Orabug: 29937283] [1.11.6-8] - exclude i686 arch - Related: #1821193 [1.11.6-7] - fix "CVE-2020-10696 buildah: crafted input tar file may lead to local file ... oval:org.secpod.oval:def:2500401 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:2500996 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:1504749 buildah [1.5-8.gite94b4f9.0.1] - Fixes troubles with oracle registry login [Orabug: 29937283] [1.5-8.gite94b4f9] - bump release to preserve upgrade path - Related: #1821193 [1.5-4.gite94b4f9] - fix "CVE-2020-10696 buildah: crafted input tar file may lead to local file overwriting during image build ... oval:org.secpod.oval:def:4501292 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * podman: container users permissions are not respected in privileged containers For more details about the security issue, including the impact, a CVSS score, acknowledgm ... oval:org.secpod.oval:def:1506199 aardvark-dns [2:1.1.0-5] - fix Two aardvark-dns instances trying to use the same port on the same interface - Resolves: #2130234 buildah [1:1.27.2-2] - update to the latest content of https://github.com/containers/buildah/tree/release-1.27 - Resolves: #2136438 [1:1.27.2-1] - update to the latest con ... oval:org.secpod.oval:def:507287 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * podman: possible information disclosure and modification * buildah: possible information disclosure and modification For more details about the security issue, includin ... oval:org.secpod.oval:def:507262 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * cri-o: memory exhaustion on the node when access to the kube api * golang: crash in a golang.org/x/crypto/ssh server * runc: incorrect handling of inheritable capabilit ... oval:org.secpod.oval:def:507303 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * golang: net/http/httputil: panic due to racy read of persistConn after handler panic * cri-o: memory exhaustion on the node when access to the kube api * golang: crash ... oval:org.secpod.oval:def:1506184 aardvark-dns [2:1.1.0-4] - remove windows binaries and regenerate vendor tarball - Related: #2061390 [2:1.1.0-3] - add gating.yaml - Related: #2061390 [2:1.1.0-2] - bump Epoch to preserve upgrade path - Related: #2061390 [1.1.0-1] - initial import - Related: #2061390 buildah [1:1.27.0-2] - fix CVE-2 ... oval:org.secpod.oval:def:1506180 buildah [1:1.24.5-2] - update to the latest content of https://github.com/containers/buildah/tree/release-1.24 - Related: #2061390 [1:1.24.5-1] - update to the latest content of https://github.com/containers/buildah/tree/release-1.24 - Related: #2061390 cockpit-podman [46-1] - update to https://gi ... oval:org.secpod.oval:def:4501283 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * buildah: Host environment variables leaked in build container when using chroot isolation For more details about the security issue, including the impact, a CVSS score, ... oval:org.secpod.oval:def:1505450 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1505218 buildah [1.19.9-1] - update to the latest content of https://github.com/containers/buildah/tree/release-1.19 - fixes CVE-2021-3602 - Related: #1977943 oval:org.secpod.oval:def:4501269 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * buildah: Host environment variables leaked in build container when using chroot isolation For more details about the security issue, including the impact, a CVSS score, ... oval:org.secpod.oval:def:2500995 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:2500994 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:4501295 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * buildah: Host environment variables leaked in build container when using chroot isolation * containers/storage: DoS via malicious image For more details about the secur ... oval:org.secpod.oval:def:1505242 buildah [1.11.6-9.0.1] - Reduce unnecessary writable mounts in NaiveDiffDriver [Orabug: 31025483] - Fixes troubles with oracle registry login [Orabug: 29937283] [1.11.6-9] - update to the latest content of https://github.com/containers/buildah/tree/release-1.11-rhel - fixes CVE-2021-3602 - Related: ... oval:org.secpod.oval:def:1505316 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1505284 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:116742 The CNI project consists of a specification and libraries for writing plugins to configure network interfaces in Linux containers, along with a number of supported plugins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is delete ... oval:org.secpod.oval:def:116762 The CNI project consists of a specification and libraries for writing plugins to configure network interfaces in Linux containers, along with a number of supported plugins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is delete ... oval:org.secpod.oval:def:1505585 buildah [1.11.6-10.0.1] - Handling redirect from the docker registry [Orabug: 29874238] - Reduce unnecessary writable mounts in NaiveDiffDriver [Orabug: 31025483] [1.11.6-10] - update to the latest content of https://github.com/containers/buildah/tree/release-1.11-rhel - fixes CVE-2022-27649 podman ... oval:org.secpod.oval:def:2500629 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:1505688 buildah [1.19.9-3] - update to the latest content of https://github.com/containers/buildah/tree/release-1.19 - Resolves: #2067540 container-selinux [2:2.178.0-2] - remove conflict on udica - we still ship udica 2.4 in 3.0-8.6.0 - Related: #2067540 [2:2.178.0-1] - update to https://github.com/contai ... oval:org.secpod.oval:def:2500540 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:4500933 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * psgo: Privilege escalation in "podman top" * prometheus/client_golang: Denial of service using InstrumentHandlerCounter * podman: Default inheritable capabilities for l ... oval:org.secpod.oval:def:1505676 buildah [1:1.24.2-4] - update to the latest content of https://github.com/containers/buildah/tree/release-1.24 - Related: #2059296 [1:1.24.2-3] - switch to RHEL maintenance branch which fixes CVE-2022-27651 - Resolves: #2067559 [1:1.24.2-2] - Add patch to fix bash symtax for gating tests - Upstream ... oval:org.secpod.oval:def:4500072 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. oval:org.secpod.oval:def:2500251 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:2500378 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:4500026 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. oval:org.secpod.oval:def:1505583 buildah [1.19.9-2] - update to the latest content of https://github.com/containers/buildah/tree/release-1.19 - fixes CVE-2022-27651 - Resolves: #2067539 podman [3.0.1-8] - update to the latest content of https://github.com/containers/podman/tree/v3.0.1-rhel - fixes CVE-2022-27649 - Resolves: #206751 ... oval:org.secpod.oval:def:4500098 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. oval:org.secpod.oval:def:2500419 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:1504953 runc [1.0.0-65.rc10] - fix CVE-2021-30465 - Resolves: #1955650 oval:org.secpod.oval:def:4501281 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference * podman: Remote traffic to rootless containers is seen as orginating from localho ... oval:org.secpod.oval:def:2500477 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:73610 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference * podman: Remote traffic to rootless containers is seen as orginating from localho ... oval:org.secpod.oval:def:1505205 cockpit-podman [29-2] - fix gating test failure for cockpit-podman - Related: #1914884 [29-1] - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/29 - Related: #1883490 conmon [2:2.0.26-1] - update to https://github.com/containers/conmon/releases/tag/v2.0.26 - Related: #188349 ... oval:org.secpod.oval:def:2500252 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:1504647 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:68023 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters * QEMU: slirp: networking out-of-bounds read information disclosure vulne ... oval:org.secpod.oval:def:1505288 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:2500997 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:2500891 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:2500888 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:2500998 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:504373 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu For more details about the security issue, including the impact, a CVSS score, acknowledgments, a ... oval:org.secpod.oval:def:2501220 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:4501506 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * golang: net/http: insufficient sanitization of Host header For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other rela ... oval:org.secpod.oval:def:95281 buildah [1:1.24.6-7] - rebuild for CVE-2023-29406 - Related: #2176055 cockpit-podman [46-1] - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/46 - Related: #2061390 conmon [2:2.1.4-2] - update to https://github.com/containers/conmon/releases/tag/v2.1.4 - Related: #2176055 co ... oval:org.secpod.oval:def:1506790 runc [1:1.1.4-1.0.1] - rootless: fix /sys/fs/cgroup mounts to prevent CVE-2023-25809 - rootfs: prohibit symlinks that conflicts with readonlyPaths and/or maskedPaths to prevent CVE-2023-27561 - Prohibit /proc and /sys to be symlinks to prevent CVE-2023-28642 - JIRA: OLDIS-25589 oval:org.secpod.oval:def:1506775 runc [1:1.1.4-1.0.1] - rootless: fix /sys/fs/cgroup mounts to prevent CVE-2023-25809 - rootfs: prohibit symlinks that conflicts with readonlyPaths and/or maskedPaths to prevent CVE-2023-27561 - Prohibit /proc and /sys to be symlinks to prevent CVE-2023-28642 - JIRA: OLDIS-25589 oval:org.secpod.oval:def:1505321 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1506183 buildah [1.19.9-6] - update to the latest content of https://github.com/containers/buildah/tree/release-1.19 - Related: #2061390 [1.19.9-5] - update to the latest content of https://github.com/containers/buildah/tree/release-1.19 - Related: #2061390 [1.19.9-4] - update to the latest content of htt ... oval:org.secpod.oval:def:2500884 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:2600393 The Container Network Interface project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources ... oval:org.secpod.oval:def:2501244 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:2501232 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:507338 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * golang: net/http: improper sanitization of Transfer-Encoding header * cri-o: memory exhaustion on the node when access to the kube api * golang: go/parser: stack exhaus ... oval:org.secpod.oval:def:509020 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: runc: file descriptor leak For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE ... oval:org.secpod.oval:def:1507368 buildah cockpit-podman conmon containernetworking-plugins containers-common container-selinux criu crun fuse-overlayfs libslirp oci-seccomp-bpf-hook podman [2:4.0.2-26] - rebuild with golang 1.20.12 for CVE-2023-39326 python-podman runc [1:1.1.12-1.0.1] - rebuild with golang 1.20.12 for CVE-2023-393 ... oval:org.secpod.oval:def:509030 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: runc: file descriptor leak A Red Hat Security Bulletin which addresses further details about the Leaky Vessels flaw is available in the References section. golang: net/ht ... oval:org.secpod.oval:def:509098 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: golang: archive/tar: unbounded memory consumption when reading headers golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters golang: net ... oval:org.secpod.oval:def:2600583 The Container Network Interface project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources ... oval:org.secpod.oval:def:503512 The Container Network Interface project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources ... oval:org.secpod.oval:def:2501010 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:2501387 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:509222 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: buildah: full container escape at build time For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, ... oval:org.secpod.oval:def:509306 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Bug Fix: container_init_t does not possess ptrace process context [rhel-8.9.0.z] Security Fix: podman: full container escape at build time oval:org.secpod.oval:def:1506787 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:507725 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * golang: net/http: improper sanitization of Transfer-Encoding header * golang: go/parser: stack exhaustion in all Parse* functions * golang: net/http: handle server erro ... oval:org.secpod.oval:def:507747 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * golang: net/http: improper sanitization of Transfer-Encoding header * golang: go/parser: stack exhaustion in all Parse* functions * golang: net/http: handle server erro ... oval:org.secpod.oval:def:507688 The Container Network Interface project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources ... oval:org.secpod.oval:def:1506688 [1:1.2.0-1] - update to https://github.com/containernetworking/plugins/releases/tag/v1.2.0 - Related: #2124478 oval:org.secpod.oval:def:1506777 The advisory is missing the security advisory description. For more information please visit the reference link |