Download
| Alert*
oval:org.secpod.oval:def:117367
crun is installed oval:org.secpod.oval:def:506494 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * buildah: Host environment variables leaked in build container when using chroot isolation * containers/storage: DoS via malicious image For more details about the secur ... oval:org.secpod.oval:def:506528 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * buildah: Host environment variables leaked in build container when using chroot isolation For more details about the security issue, including the impact, a CVSS score, ... oval:org.secpod.oval:def:504747 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters * QEMU: slirp: networking out-of-bounds read information disclosure vulne ... oval:org.secpod.oval:def:1506199 aardvark-dns [2:1.1.0-5] - fix Two aardvark-dns instances trying to use the same port on the same interface - Resolves: #2130234 buildah [1:1.27.2-2] - update to the latest content of https://github.com/containers/buildah/tree/release-1.27 - Resolves: #2136438 [1:1.27.2-1] - update to the latest con ... oval:org.secpod.oval:def:507287 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * podman: possible information disclosure and modification * buildah: possible information disclosure and modification For more details about the security issue, includin ... oval:org.secpod.oval:def:507262 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * cri-o: memory exhaustion on the node when access to the kube api * golang: crash in a golang.org/x/crypto/ssh server * runc: incorrect handling of inheritable capabilit ... oval:org.secpod.oval:def:507303 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * golang: net/http/httputil: panic due to racy read of persistConn after handler panic * cri-o: memory exhaustion on the node when access to the kube api * golang: crash ... oval:org.secpod.oval:def:1506184 aardvark-dns [2:1.1.0-4] - remove windows binaries and regenerate vendor tarball - Related: #2061390 [2:1.1.0-3] - add gating.yaml - Related: #2061390 [2:1.1.0-2] - bump Epoch to preserve upgrade path - Related: #2061390 [1.1.0-1] - initial import - Related: #2061390 buildah [1:1.27.0-2] - fix CVE-2 ... oval:org.secpod.oval:def:1506180 buildah [1:1.24.5-2] - update to the latest content of https://github.com/containers/buildah/tree/release-1.24 - Related: #2061390 [1:1.24.5-1] - update to the latest content of https://github.com/containers/buildah/tree/release-1.24 - Related: #2061390 cockpit-podman [46-1] - update to https://gi ... oval:org.secpod.oval:def:4501283 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * buildah: Host environment variables leaked in build container when using chroot isolation For more details about the security issue, including the impact, a CVSS score, ... oval:org.secpod.oval:def:1505450 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:1505218 buildah [1.19.9-1] - update to the latest content of https://github.com/containers/buildah/tree/release-1.19 - fixes CVE-2021-3602 - Related: #1977943 oval:org.secpod.oval:def:119756 crun is a runtime for running OCI containers oval:org.secpod.oval:def:2500994 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:4501295 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * buildah: Host environment variables leaked in build container when using chroot isolation * containers/storage: DoS via malicious image For more details about the secur ... oval:org.secpod.oval:def:118753 crun is a runtime for running OCI containers oval:org.secpod.oval:def:118780 crun is a runtime for running OCI containers oval:org.secpod.oval:def:117370 crun is a runtime for running OCI containers oval:org.secpod.oval:def:117366 crun is a runtime for running OCI containers oval:org.secpod.oval:def:1505688 buildah [1.19.9-3] - update to the latest content of https://github.com/containers/buildah/tree/release-1.19 - Resolves: #2067540 container-selinux [2:2.178.0-2] - remove conflict on udica - we still ship udica 2.4 in 3.0-8.6.0 - Related: #2067540 [2:2.178.0-1] - update to https://github.com/contai ... oval:org.secpod.oval:def:2500540 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:4500933 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * psgo: Privilege escalation in "podman top" * prometheus/client_golang: Denial of service using InstrumentHandlerCounter * podman: Default inheritable capabilities for l ... oval:org.secpod.oval:def:1505676 buildah [1:1.24.2-4] - update to the latest content of https://github.com/containers/buildah/tree/release-1.24 - Related: #2059296 [1:1.24.2-3] - switch to RHEL maintenance branch which fixes CVE-2022-27651 - Resolves: #2067559 [1:1.24.2-2] - Add patch to fix bash symtax for gating tests - Upstream ... oval:org.secpod.oval:def:4500072 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. oval:org.secpod.oval:def:73645 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * runc: vulnerable to symlink exchange attack For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information ... oval:org.secpod.oval:def:2500251 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:4500026 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. oval:org.secpod.oval:def:1505583 buildah [1.19.9-2] - update to the latest content of https://github.com/containers/buildah/tree/release-1.19 - fixes CVE-2022-27651 - Resolves: #2067539 podman [3.0.1-8] - update to the latest content of https://github.com/containers/podman/tree/v3.0.1-rhel - fixes CVE-2022-27649 - Resolves: #206751 ... oval:org.secpod.oval:def:4500098 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. oval:org.secpod.oval:def:2500419 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:2500477 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:73610 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference * podman: Remote traffic to rootless containers is seen as orginating from localho ... oval:org.secpod.oval:def:1505205 cockpit-podman [29-2] - fix gating test failure for cockpit-podman - Related: #1914884 [29-1] - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/29 - Related: #1883490 conmon [2:2.0.26-1] - update to https://github.com/containers/conmon/releases/tag/v2.0.26 - Related: #188349 ... oval:org.secpod.oval:def:2500252 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:1504647 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:68023 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters * QEMU: slirp: networking out-of-bounds read information disclosure vulne ... oval:org.secpod.oval:def:1505288 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:2500891 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:2500888 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:2501220 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:4501506 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * golang: net/http: insufficient sanitization of Host header For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other rela ... oval:org.secpod.oval:def:95281 buildah [1:1.24.6-7] - rebuild for CVE-2023-29406 - Related: #2176055 cockpit-podman [46-1] - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/46 - Related: #2061390 conmon [2:2.1.4-2] - update to https://github.com/containers/conmon/releases/tag/v2.1.4 - Related: #2176055 co ... oval:org.secpod.oval:def:1506790 runc [1:1.1.4-1.0.1] - rootless: fix /sys/fs/cgroup mounts to prevent CVE-2023-25809 - rootfs: prohibit symlinks that conflicts with readonlyPaths and/or maskedPaths to prevent CVE-2023-27561 - Prohibit /proc and /sys to be symlinks to prevent CVE-2023-28642 - JIRA: OLDIS-25589 oval:org.secpod.oval:def:1506775 runc [1:1.1.4-1.0.1] - rootless: fix /sys/fs/cgroup mounts to prevent CVE-2023-25809 - rootfs: prohibit symlinks that conflicts with readonlyPaths and/or maskedPaths to prevent CVE-2023-27561 - Prohibit /proc and /sys to be symlinks to prevent CVE-2023-28642 - JIRA: OLDIS-25589 oval:org.secpod.oval:def:1506183 buildah [1.19.9-6] - update to the latest content of https://github.com/containers/buildah/tree/release-1.19 - Related: #2061390 [1.19.9-5] - update to the latest content of https://github.com/containers/buildah/tree/release-1.19 - Related: #2061390 [1.19.9-4] - update to the latest content of htt ... oval:org.secpod.oval:def:507747 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * golang: net/http: improper sanitization of Transfer-Encoding header * golang: go/parser: stack exhaustion in all Parse* functions * golang: net/http: handle server erro ... oval:org.secpod.oval:def:1506787 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:2500884 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:507725 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * golang: net/http: improper sanitization of Transfer-Encoding header * golang: go/parser: stack exhaustion in all Parse* functions * golang: net/http: handle server erro ... oval:org.secpod.oval:def:2501244 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:2501232 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:507338 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: * golang: net/http: improper sanitization of Transfer-Encoding header * cri-o: memory exhaustion on the node when access to the kube api * golang: go/parser: stack exhaus ... oval:org.secpod.oval:def:1506777 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:509020 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: runc: file descriptor leak For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE ... oval:org.secpod.oval:def:1507368 buildah cockpit-podman conmon containernetworking-plugins containers-common container-selinux criu crun fuse-overlayfs libslirp oci-seccomp-bpf-hook podman [2:4.0.2-26] - rebuild with golang 1.20.12 for CVE-2023-39326 python-podman runc [1:1.1.12-1.0.1] - rebuild with golang 1.20.12 for CVE-2023-393 ... oval:org.secpod.oval:def:509030 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: runc: file descriptor leak A Red Hat Security Bulletin which addresses further details about the Leaky Vessels flaw is available in the References section. golang: net/ht ... oval:org.secpod.oval:def:509098 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: golang: archive/tar: unbounded memory consumption when reading headers golang: net/http/httputil: ReverseProxy should not forward unparseable query parameters golang: net ... oval:org.secpod.oval:def:2501387 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. oval:org.secpod.oval:def:509222 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix: buildah: full container escape at build time For more details about the security issue, including the impact, a CVSS score, acknowledgments, and other related information, ... oval:org.secpod.oval:def:509306 The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Bug Fix: container_init_t does not possess ptrace process context [rhel-8.9.0.z] Security Fix: podman: full container escape at build time |