Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2020.1249 container-tools:1.0 security update 8 April 2020 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: container-tools:rhel8 container-tools:1.0 Publisher: Red Hat Operating System: Red Hat Impact/Access: Execute Arbitrary Code/Commands -- Existing Account Denial of Service -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2020-8608 CVE-2020-7039 Reference: ESB-2020.1241 ESB-2020.1191 ESB-2020.1169 ESB-2020.1166 Original Bulletin: https://access.redhat.com/errata/RHSA-2020:1360 https://access.redhat.com/errata/RHSA-2020:1379 Comment: This bulletin contains two (2) Red Hat security advisories. - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: container-tools:1.0 security update Advisory ID: RHSA-2020:1360-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:1360 Issue date: 2020-04-07 CVE Names: CVE-2020-7039 ===================================================================== 1. Summary: An update for the container-tools:1.0 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): * QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu() (CVE-2020-7039) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1791551 - CVE-2020-7039 QEMU: slirp: OOB buffer access while emulating tcp protocols in tcp_emu() 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: buildah-1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef.src.rpm container-selinux-2.94-1.git1e99f1d.module+el8.1.0+3468+011f0ab0.src.rpm containernetworking-plugins-0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef.src.rpm fuse-overlayfs-0.3-5.module+el8.1.0+3468+011f0ab0.src.rpm oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0.src.rpm oci-umount-2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0.src.rpm podman-1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef.src.rpm runc-1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef.src.rpm skopeo-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c.src.rpm slirp4netns-0.1-4.dev.gitc4e1bc5.module+el8.1.0+5654+5237a55d.src.rpm aarch64: buildah-1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef.aarch64.rpm buildah-debuginfo-1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef.aarch64.rpm buildah-debugsource-1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef.aarch64.rpm containernetworking-plugins-0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef.aarch64.rpm containernetworking-plugins-debuginfo-0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef.aarch64.rpm containernetworking-plugins-debugsource-0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef.aarch64.rpm containers-common-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c.aarch64.rpm fuse-overlayfs-0.3-5.module+el8.1.0+3468+011f0ab0.aarch64.rpm fuse-overlayfs-debuginfo-0.3-5.module+el8.1.0+3468+011f0ab0.aarch64.rpm fuse-overlayfs-debugsource-0.3-5.module+el8.1.0+3468+011f0ab0.aarch64.rpm oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0.aarch64.rpm oci-systemd-hook-debuginfo-0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0.aarch64.rpm oci-systemd-hook-debugsource-0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0.aarch64.rpm oci-umount-2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0.aarch64.rpm oci-umount-debuginfo-2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0.aarch64.rpm oci-umount-debugsource-2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0.aarch64.rpm podman-1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef.aarch64.rpm podman-debuginfo-1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef.aarch64.rpm podman-debugsource-1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef.aarch64.rpm runc-1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef.aarch64.rpm runc-debuginfo-1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef.aarch64.rpm runc-debugsource-1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef.aarch64.rpm skopeo-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c.aarch64.rpm skopeo-debuginfo-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c.aarch64.rpm skopeo-debugsource-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c.aarch64.rpm slirp4netns-0.1-4.dev.gitc4e1bc5.module+el8.1.0+5654+5237a55d.aarch64.rpm slirp4netns-debuginfo-0.1-4.dev.gitc4e1bc5.module+el8.1.0+5654+5237a55d.aarch64.rpm slirp4netns-debugsource-0.1-4.dev.gitc4e1bc5.module+el8.1.0+5654+5237a55d.aarch64.rpm noarch: container-selinux-2.94-1.git1e99f1d.module+el8.1.0+3468+011f0ab0.noarch.rpm podman-docker-1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef.noarch.rpm ppc64le: buildah-1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef.ppc64le.rpm buildah-debuginfo-1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef.ppc64le.rpm buildah-debugsource-1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef.ppc64le.rpm containernetworking-plugins-0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef.ppc64le.rpm containernetworking-plugins-debuginfo-0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef.ppc64le.rpm containernetworking-plugins-debugsource-0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef.ppc64le.rpm containers-common-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c.ppc64le.rpm fuse-overlayfs-0.3-5.module+el8.1.0+3468+011f0ab0.ppc64le.rpm fuse-overlayfs-debuginfo-0.3-5.module+el8.1.0+3468+011f0ab0.ppc64le.rpm fuse-overlayfs-debugsource-0.3-5.module+el8.1.0+3468+011f0ab0.ppc64le.rpm oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0.ppc64le.rpm oci-systemd-hook-debuginfo-0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0.ppc64le.rpm oci-systemd-hook-debugsource-0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0.ppc64le.rpm oci-umount-2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0.ppc64le.rpm oci-umount-debuginfo-2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0.ppc64le.rpm oci-umount-debugsource-2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0.ppc64le.rpm podman-1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef.ppc64le.rpm podman-debuginfo-1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef.ppc64le.rpm podman-debugsource-1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef.ppc64le.rpm runc-1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef.ppc64le.rpm runc-debuginfo-1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef.ppc64le.rpm runc-debugsource-1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef.ppc64le.rpm skopeo-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c.ppc64le.rpm skopeo-debuginfo-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c.ppc64le.rpm skopeo-debugsource-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c.ppc64le.rpm slirp4netns-0.1-4.dev.gitc4e1bc5.module+el8.1.0+5654+5237a55d.ppc64le.rpm slirp4netns-debuginfo-0.1-4.dev.gitc4e1bc5.module+el8.1.0+5654+5237a55d.ppc64le.rpm slirp4netns-debugsource-0.1-4.dev.gitc4e1bc5.module+el8.1.0+5654+5237a55d.ppc64le.rpm s390x: buildah-1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef.s390x.rpm buildah-debuginfo-1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef.s390x.rpm buildah-debugsource-1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef.s390x.rpm containernetworking-plugins-0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef.s390x.rpm containernetworking-plugins-debuginfo-0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef.s390x.rpm containernetworking-plugins-debugsource-0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef.s390x.rpm containers-common-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c.s390x.rpm fuse-overlayfs-0.3-5.module+el8.1.0+3468+011f0ab0.s390x.rpm fuse-overlayfs-debuginfo-0.3-5.module+el8.1.0+3468+011f0ab0.s390x.rpm fuse-overlayfs-debugsource-0.3-5.module+el8.1.0+3468+011f0ab0.s390x.rpm oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0.s390x.rpm oci-systemd-hook-debuginfo-0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0.s390x.rpm oci-systemd-hook-debugsource-0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0.s390x.rpm oci-umount-2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0.s390x.rpm oci-umount-debuginfo-2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0.s390x.rpm oci-umount-debugsource-2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0.s390x.rpm podman-1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef.s390x.rpm podman-debuginfo-1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef.s390x.rpm podman-debugsource-1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef.s390x.rpm runc-1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef.s390x.rpm runc-debuginfo-1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef.s390x.rpm runc-debugsource-1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef.s390x.rpm skopeo-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c.s390x.rpm skopeo-debuginfo-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c.s390x.rpm skopeo-debugsource-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c.s390x.rpm slirp4netns-0.1-4.dev.gitc4e1bc5.module+el8.1.0+5654+5237a55d.s390x.rpm slirp4netns-debuginfo-0.1-4.dev.gitc4e1bc5.module+el8.1.0+5654+5237a55d.s390x.rpm slirp4netns-debugsource-0.1-4.dev.gitc4e1bc5.module+el8.1.0+5654+5237a55d.s390x.rpm x86_64: buildah-1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef.x86_64.rpm buildah-debuginfo-1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef.x86_64.rpm buildah-debugsource-1.5-6.gite94b4f9.module+el8.1.0+4908+72a45cef.x86_64.rpm containernetworking-plugins-0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef.x86_64.rpm containernetworking-plugins-debuginfo-0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef.x86_64.rpm containernetworking-plugins-debugsource-0.7.4-4.git9ebe139.module+el8.1.0+4908+72a45cef.x86_64.rpm containers-common-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c.x86_64.rpm fuse-overlayfs-0.3-5.module+el8.1.0+3468+011f0ab0.x86_64.rpm fuse-overlayfs-debuginfo-0.3-5.module+el8.1.0+3468+011f0ab0.x86_64.rpm fuse-overlayfs-debugsource-0.3-5.module+el8.1.0+3468+011f0ab0.x86_64.rpm oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0.x86_64.rpm oci-systemd-hook-debuginfo-0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0.x86_64.rpm oci-systemd-hook-debugsource-0.1.15-2.git2d0b8a3.module+el8.1.0+3468+011f0ab0.x86_64.rpm oci-umount-2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0.x86_64.rpm oci-umount-debuginfo-2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0.x86_64.rpm oci-umount-debugsource-2.3.4-2.git87f9237.module+el8.1.0+3468+011f0ab0.x86_64.rpm podman-1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef.x86_64.rpm podman-debuginfo-1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef.x86_64.rpm podman-debugsource-1.0.0-4.git921f98f.module+el8.1.0+4908+72a45cef.x86_64.rpm runc-1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef.x86_64.rpm runc-debuginfo-1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef.x86_64.rpm runc-debugsource-1.0.0-56.rc5.dev.git2abd837.module+el8.1.0+4908+72a45cef.x86_64.rpm skopeo-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c.x86_64.rpm skopeo-debuginfo-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c.x86_64.rpm skopeo-debugsource-0.1.32-6.git1715c90.module+el8.1.0+4903+9bde5d6c.x86_64.rpm slirp4netns-0.1-4.dev.gitc4e1bc5.module+el8.1.0+5654+5237a55d.x86_64.rpm slirp4netns-debuginfo-0.1-4.dev.gitc4e1bc5.module+el8.1.0+5654+5237a55d.x86_64.rpm slirp4netns-debugsource-0.1-4.dev.gitc4e1bc5.module+el8.1.0+5654+5237a55d.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-7039 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXoyKctzjgjWX9erEAQhmBhAAmotvHKiPMICDVVeZ4FmYDP6msJ/IRnNC bqUJhlrq0z/yEeRmmfLAB5mIuU11due9/pNWPoo/dOtm3yHBf6OL/O2fJc5IJeHt 1OL2SCa4FW6tvUEBnQ5YrBpTFE5vADryvIxoi1SYbqnb2D/puVQgEA8NGPxN/885 HZYza24wGfP859sZsvSWerL8lrqWhmjaSN2FsxPja1km3ztPDre6JdOqTd1LRBRG xPzNH4XJhVic1Qe2gP6QMjTlsmjA5V8TRBQUl36g743yvCiWxpDiSS1o0DfBmwex ptZlOAbPMDW2SIAW4lOSoIqd1VWEu8EEABjyuriUQQXmnAmeo58bVJrhiLgKS0h1 3XxTUuGvslaqbi+jqYFKmRBm/UI+5B/zzXcv3jiwNV/XsYpCiyKyOjILqQSuUVeD iHVWn84MPZWmo50oSE7FFzMJPJSrhuL+L1Vvc74EpTYKJRLVo0TJ2O4KqPfUUnO6 6EL3gIH2IHabesRIjtWOlhwSFDsSW33L9yUh3WxQHg+KqwtBLEcBw+UfMWUkKmdJ ZtgOZDF8YfiU9r7DK3tsuizVoCg0ZS1PSllSQFE5xZYM+Oh5fgouLr2kUSFEO2E6 dLR4rNNeWrCakuj5YZ2V1f9F0Yiw7n8s4DeJlzLuwv1P68xQ9Cv2VaZDW6tv96jr PzxluEy+kO8= =tzHC - -----END PGP SIGNATURE----- - -------------------------------------------------------------------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: container-tools:rhel8 security and bug fix update Advisory ID: RHSA-2020:1379-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2020:1379 Issue date: 2020-04-07 CVE Names: CVE-2020-8608 ===================================================================== 1. Summary: An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): * QEMU: Slirp: potential OOB access due to unsafe snprintf() usages (CVE-2020-8608) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * useradd and groupadd fail under rootless Buildah and podman [stream-container-tools-rhel8-rhel-8.1.1] (BZ#1803495) * Podman support for FIPS Mode requires a bind mount inside the container [stream-container-tools-rhel8-rhel-8.1.1/buildah] (BZ#1804188) * Podman support for FIPS Mode requires a bind mount inside the container [stream-container-tools-rhel8-rhel-8.1.1/podman] (BZ#1804194) * fuse-overlayfs segfault [stream-container-tools-rhel8-rhel-8.1.1/fuse-overlayfs] (BZ#1805016) * buildah COPY command is slow when .dockerignore file is not present [stream-container-tools-rhel8-rhel-8.1.1/buildah] (BZ#1806119) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1798453 - CVE-2020-8608 QEMU: Slirp: potential OOB access due to unsafe snprintf() usages 1803495 - useradd and groupadd fail under rootless Buildah and podman [stream-container-tools-rhel8-rhel-8.1.1] 1804188 - Podman support for FIPS Mode requires a bind mount inside the container [stream-container-tools-rhel8-rhel-8.1.1/buildah] 1804194 - Podman support for FIPS Mode requires a bind mount inside the container [stream-container-tools-rhel8-rhel-8.1.1/podman] 1805016 - fuse-overlayfs segfault [stream-container-tools-rhel8-rhel-8.1.1/fuse-overlayfs] 1806119 - buildah COPY command is slow when .dockerignore file is not present [stream-container-tools-rhel8-rhel-8.1.1/buildah] 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: buildah-1.11.6-6.module+el8.1.1+5865+cc793d95.src.rpm cockpit-podman-11-1.module+el8.1.1+5259+bcdd613a.src.rpm conmon-2.0.6-1.module+el8.1.1+5259+bcdd613a.src.rpm container-selinux-2.124.0-1.module+el8.1.1+5259+bcdd613a.src.rpm containernetworking-plugins-0.8.3-4.module+el8.1.1+5259+bcdd613a.src.rpm fuse-overlayfs-0.7.2-5.module+el8.1.1+6114+953c5a57.src.rpm podman-1.6.4-4.module+el8.1.1+5885+44006e55.src.rpm python-podman-api-1.2.0-0.2.gitd0a45fe.module+el8.1.1+5259+bcdd613a.src.rpm runc-1.0.0-64.rc9.module+el8.1.1+5259+bcdd613a.src.rpm skopeo-0.1.40-8.module+el8.1.1+5351+506397b0.src.rpm slirp4netns-0.4.2-3.git21fdece.module+el8.1.1+5657+524a77d7.src.rpm toolbox-0.0.4-1.module+el8.1.1+4407+ac444e5d.src.rpm udica-0.2.1-2.module+el8.1.1+4975+482d6f5d.src.rpm aarch64: buildah-1.11.6-6.module+el8.1.1+5865+cc793d95.aarch64.rpm buildah-debuginfo-1.11.6-6.module+el8.1.1+5865+cc793d95.aarch64.rpm buildah-debugsource-1.11.6-6.module+el8.1.1+5865+cc793d95.aarch64.rpm buildah-tests-1.11.6-6.module+el8.1.1+5865+cc793d95.aarch64.rpm buildah-tests-debuginfo-1.11.6-6.module+el8.1.1+5865+cc793d95.aarch64.rpm conmon-2.0.6-1.module+el8.1.1+5259+bcdd613a.aarch64.rpm containernetworking-plugins-0.8.3-4.module+el8.1.1+5259+bcdd613a.aarch64.rpm containernetworking-plugins-debuginfo-0.8.3-4.module+el8.1.1+5259+bcdd613a.aarch64.rpm containernetworking-plugins-debugsource-0.8.3-4.module+el8.1.1+5259+bcdd613a.aarch64.rpm containers-common-0.1.40-8.module+el8.1.1+5351+506397b0.aarch64.rpm fuse-overlayfs-0.7.2-5.module+el8.1.1+6114+953c5a57.aarch64.rpm fuse-overlayfs-debuginfo-0.7.2-5.module+el8.1.1+6114+953c5a57.aarch64.rpm fuse-overlayfs-debugsource-0.7.2-5.module+el8.1.1+6114+953c5a57.aarch64.rpm podman-1.6.4-4.module+el8.1.1+5885+44006e55.aarch64.rpm podman-debuginfo-1.6.4-4.module+el8.1.1+5885+44006e55.aarch64.rpm podman-debugsource-1.6.4-4.module+el8.1.1+5885+44006e55.aarch64.rpm podman-remote-1.6.4-4.module+el8.1.1+5885+44006e55.aarch64.rpm podman-remote-debuginfo-1.6.4-4.module+el8.1.1+5885+44006e55.aarch64.rpm podman-tests-1.6.4-4.module+el8.1.1+5885+44006e55.aarch64.rpm runc-1.0.0-64.rc9.module+el8.1.1+5259+bcdd613a.aarch64.rpm runc-debuginfo-1.0.0-64.rc9.module+el8.1.1+5259+bcdd613a.aarch64.rpm runc-debugsource-1.0.0-64.rc9.module+el8.1.1+5259+bcdd613a.aarch64.rpm skopeo-0.1.40-8.module+el8.1.1+5351+506397b0.aarch64.rpm skopeo-debuginfo-0.1.40-8.module+el8.1.1+5351+506397b0.aarch64.rpm skopeo-debugsource-0.1.40-8.module+el8.1.1+5351+506397b0.aarch64.rpm skopeo-tests-0.1.40-8.module+el8.1.1+5351+506397b0.aarch64.rpm slirp4netns-0.4.2-3.git21fdece.module+el8.1.1+5657+524a77d7.aarch64.rpm slirp4netns-debuginfo-0.4.2-3.git21fdece.module+el8.1.1+5657+524a77d7.aarch64.rpm slirp4netns-debugsource-0.4.2-3.git21fdece.module+el8.1.1+5657+524a77d7.aarch64.rpm toolbox-0.0.4-1.module+el8.1.1+4407+ac444e5d.aarch64.rpm noarch: cockpit-podman-11-1.module+el8.1.1+5259+bcdd613a.noarch.rpm container-selinux-2.124.0-1.module+el8.1.1+5259+bcdd613a.noarch.rpm podman-docker-1.6.4-4.module+el8.1.1+5885+44006e55.noarch.rpm podman-manpages-1.6.4-4.module+el8.1.1+5885+44006e55.noarch.rpm python-podman-api-1.2.0-0.2.gitd0a45fe.module+el8.1.1+5259+bcdd613a.noarch.rpm udica-0.2.1-2.module+el8.1.1+4975+482d6f5d.noarch.rpm ppc64le: buildah-1.11.6-6.module+el8.1.1+5865+cc793d95.ppc64le.rpm buildah-debuginfo-1.11.6-6.module+el8.1.1+5865+cc793d95.ppc64le.rpm buildah-debugsource-1.11.6-6.module+el8.1.1+5865+cc793d95.ppc64le.rpm buildah-tests-1.11.6-6.module+el8.1.1+5865+cc793d95.ppc64le.rpm buildah-tests-debuginfo-1.11.6-6.module+el8.1.1+5865+cc793d95.ppc64le.rpm conmon-2.0.6-1.module+el8.1.1+5259+bcdd613a.ppc64le.rpm containernetworking-plugins-0.8.3-4.module+el8.1.1+5259+bcdd613a.ppc64le.rpm containernetworking-plugins-debuginfo-0.8.3-4.module+el8.1.1+5259+bcdd613a.ppc64le.rpm containernetworking-plugins-debugsource-0.8.3-4.module+el8.1.1+5259+bcdd613a.ppc64le.rpm containers-common-0.1.40-8.module+el8.1.1+5351+506397b0.ppc64le.rpm fuse-overlayfs-0.7.2-5.module+el8.1.1+6114+953c5a57.ppc64le.rpm fuse-overlayfs-debuginfo-0.7.2-5.module+el8.1.1+6114+953c5a57.ppc64le.rpm fuse-overlayfs-debugsource-0.7.2-5.module+el8.1.1+6114+953c5a57.ppc64le.rpm podman-1.6.4-4.module+el8.1.1+5885+44006e55.ppc64le.rpm podman-debuginfo-1.6.4-4.module+el8.1.1+5885+44006e55.ppc64le.rpm podman-debugsource-1.6.4-4.module+el8.1.1+5885+44006e55.ppc64le.rpm podman-remote-1.6.4-4.module+el8.1.1+5885+44006e55.ppc64le.rpm podman-remote-debuginfo-1.6.4-4.module+el8.1.1+5885+44006e55.ppc64le.rpm podman-tests-1.6.4-4.module+el8.1.1+5885+44006e55.ppc64le.rpm runc-1.0.0-64.rc9.module+el8.1.1+5259+bcdd613a.ppc64le.rpm runc-debuginfo-1.0.0-64.rc9.module+el8.1.1+5259+bcdd613a.ppc64le.rpm runc-debugsource-1.0.0-64.rc9.module+el8.1.1+5259+bcdd613a.ppc64le.rpm skopeo-0.1.40-8.module+el8.1.1+5351+506397b0.ppc64le.rpm skopeo-debuginfo-0.1.40-8.module+el8.1.1+5351+506397b0.ppc64le.rpm skopeo-debugsource-0.1.40-8.module+el8.1.1+5351+506397b0.ppc64le.rpm skopeo-tests-0.1.40-8.module+el8.1.1+5351+506397b0.ppc64le.rpm slirp4netns-0.4.2-3.git21fdece.module+el8.1.1+5657+524a77d7.ppc64le.rpm slirp4netns-debuginfo-0.4.2-3.git21fdece.module+el8.1.1+5657+524a77d7.ppc64le.rpm slirp4netns-debugsource-0.4.2-3.git21fdece.module+el8.1.1+5657+524a77d7.ppc64le.rpm toolbox-0.0.4-1.module+el8.1.1+4407+ac444e5d.ppc64le.rpm s390x: buildah-1.11.6-6.module+el8.1.1+5865+cc793d95.s390x.rpm buildah-debuginfo-1.11.6-6.module+el8.1.1+5865+cc793d95.s390x.rpm buildah-debugsource-1.11.6-6.module+el8.1.1+5865+cc793d95.s390x.rpm buildah-tests-1.11.6-6.module+el8.1.1+5865+cc793d95.s390x.rpm buildah-tests-debuginfo-1.11.6-6.module+el8.1.1+5865+cc793d95.s390x.rpm conmon-2.0.6-1.module+el8.1.1+5259+bcdd613a.s390x.rpm containernetworking-plugins-0.8.3-4.module+el8.1.1+5259+bcdd613a.s390x.rpm containernetworking-plugins-debuginfo-0.8.3-4.module+el8.1.1+5259+bcdd613a.s390x.rpm containernetworking-plugins-debugsource-0.8.3-4.module+el8.1.1+5259+bcdd613a.s390x.rpm containers-common-0.1.40-8.module+el8.1.1+5351+506397b0.s390x.rpm fuse-overlayfs-0.7.2-5.module+el8.1.1+6114+953c5a57.s390x.rpm fuse-overlayfs-debuginfo-0.7.2-5.module+el8.1.1+6114+953c5a57.s390x.rpm fuse-overlayfs-debugsource-0.7.2-5.module+el8.1.1+6114+953c5a57.s390x.rpm podman-1.6.4-4.module+el8.1.1+5885+44006e55.s390x.rpm podman-debuginfo-1.6.4-4.module+el8.1.1+5885+44006e55.s390x.rpm podman-debugsource-1.6.4-4.module+el8.1.1+5885+44006e55.s390x.rpm podman-remote-1.6.4-4.module+el8.1.1+5885+44006e55.s390x.rpm podman-remote-debuginfo-1.6.4-4.module+el8.1.1+5885+44006e55.s390x.rpm podman-tests-1.6.4-4.module+el8.1.1+5885+44006e55.s390x.rpm runc-1.0.0-64.rc9.module+el8.1.1+5259+bcdd613a.s390x.rpm runc-debuginfo-1.0.0-64.rc9.module+el8.1.1+5259+bcdd613a.s390x.rpm runc-debugsource-1.0.0-64.rc9.module+el8.1.1+5259+bcdd613a.s390x.rpm skopeo-0.1.40-8.module+el8.1.1+5351+506397b0.s390x.rpm skopeo-debuginfo-0.1.40-8.module+el8.1.1+5351+506397b0.s390x.rpm skopeo-debugsource-0.1.40-8.module+el8.1.1+5351+506397b0.s390x.rpm skopeo-tests-0.1.40-8.module+el8.1.1+5351+506397b0.s390x.rpm slirp4netns-0.4.2-3.git21fdece.module+el8.1.1+5657+524a77d7.s390x.rpm slirp4netns-debuginfo-0.4.2-3.git21fdece.module+el8.1.1+5657+524a77d7.s390x.rpm slirp4netns-debugsource-0.4.2-3.git21fdece.module+el8.1.1+5657+524a77d7.s390x.rpm toolbox-0.0.4-1.module+el8.1.1+4407+ac444e5d.s390x.rpm x86_64: buildah-1.11.6-6.module+el8.1.1+5865+cc793d95.x86_64.rpm buildah-debuginfo-1.11.6-6.module+el8.1.1+5865+cc793d95.x86_64.rpm buildah-debugsource-1.11.6-6.module+el8.1.1+5865+cc793d95.x86_64.rpm buildah-tests-1.11.6-6.module+el8.1.1+5865+cc793d95.x86_64.rpm buildah-tests-debuginfo-1.11.6-6.module+el8.1.1+5865+cc793d95.x86_64.rpm conmon-2.0.6-1.module+el8.1.1+5259+bcdd613a.x86_64.rpm containernetworking-plugins-0.8.3-4.module+el8.1.1+5259+bcdd613a.x86_64.rpm containernetworking-plugins-debuginfo-0.8.3-4.module+el8.1.1+5259+bcdd613a.x86_64.rpm containernetworking-plugins-debugsource-0.8.3-4.module+el8.1.1+5259+bcdd613a.x86_64.rpm containers-common-0.1.40-8.module+el8.1.1+5351+506397b0.x86_64.rpm fuse-overlayfs-0.7.2-5.module+el8.1.1+6114+953c5a57.x86_64.rpm fuse-overlayfs-debuginfo-0.7.2-5.module+el8.1.1+6114+953c5a57.x86_64.rpm fuse-overlayfs-debugsource-0.7.2-5.module+el8.1.1+6114+953c5a57.x86_64.rpm podman-1.6.4-4.module+el8.1.1+5885+44006e55.x86_64.rpm podman-debuginfo-1.6.4-4.module+el8.1.1+5885+44006e55.x86_64.rpm podman-debugsource-1.6.4-4.module+el8.1.1+5885+44006e55.x86_64.rpm podman-remote-1.6.4-4.module+el8.1.1+5885+44006e55.x86_64.rpm podman-remote-debuginfo-1.6.4-4.module+el8.1.1+5885+44006e55.x86_64.rpm podman-tests-1.6.4-4.module+el8.1.1+5885+44006e55.x86_64.rpm runc-1.0.0-64.rc9.module+el8.1.1+5259+bcdd613a.x86_64.rpm runc-debuginfo-1.0.0-64.rc9.module+el8.1.1+5259+bcdd613a.x86_64.rpm runc-debugsource-1.0.0-64.rc9.module+el8.1.1+5259+bcdd613a.x86_64.rpm skopeo-0.1.40-8.module+el8.1.1+5351+506397b0.x86_64.rpm skopeo-debuginfo-0.1.40-8.module+el8.1.1+5351+506397b0.x86_64.rpm skopeo-debugsource-0.1.40-8.module+el8.1.1+5351+506397b0.x86_64.rpm skopeo-tests-0.1.40-8.module+el8.1.1+5351+506397b0.x86_64.rpm slirp4netns-0.4.2-3.git21fdece.module+el8.1.1+5657+524a77d7.x86_64.rpm slirp4netns-debuginfo-0.4.2-3.git21fdece.module+el8.1.1+5657+524a77d7.x86_64.rpm slirp4netns-debugsource-0.4.2-3.git21fdece.module+el8.1.1+5657+524a77d7.x86_64.rpm toolbox-0.0.4-1.module+el8.1.1+4407+ac444e5d.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2020-8608 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is <secalert@redhat.com>. More contact details at https://access.redhat.com/security/team/contact/ Copyright 2020 Red Hat, Inc. - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBXoxWp9zjgjWX9erEAQiNUw//cNqTOF0N/18+TmM0Y7JZDsmBT/OXhhos rteDnwgWj6wfIjylHzGnPWOy0/yu+1mOep0n4/bPMbEvVDV/Szy4I3scYescZWwZ rT//KY5cEmb9e0G1Qfoc+rEATg9cRFUlyVtlF3hjKfiwPwWaY6o1JaKP/3sYEo2z a3ggqqefqbxzTCgiQWeMTcDsEWbba+abyNfrA1Nv/3Gx08IXy+wJgsIQXqHLcg6f PJYIjcYanbfAuhXQXc8MPRcfs/Vfz1MU+9V88UnlaXNAxbTmpmlbu1yV7Et5oiB8 Dzfu0EycZj/d4sn0JlN/RkbVs/NtMbgUWH5Fu/MMTYLwqqphHMMA45BRGEjkbRpg moqQGwR0UMGZsdwTtetZrmEevsiYec1JIz8t2mkhVBLj2hdUIC5XKVJvHl3nI3N0 /G6FBXuSr7W1ob7S8fumyAHPdZcd+4BgD8kBy6E3BKU+R5CxuGNGTp5d8tN4fEaw 1QJZtwxSj4eCpO3NEO/dlhURnY1uONXR77pc7Bz5kxvyJezAGvWBagEUbfhAkn2q 8nhHNKJ8FYhURUci7TVcWNwTvcr2ARQ25KYpetCxzrTLL7PfhvRE4Lva3N5iBgUi qB49WydfMgO2DuqQ4KGy0mO0Iii+DWgmZvnd5pg3gG8KRlXMWKU/HpiTdrpuNmnX DCqfiPe8vv0= =PYdc - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXo1aKWaOgq3Tt24GAQh98g/9HzEuLBR64CL7w87nH7DC81elbfnQ+oqR ltNCJxLRnWqYrD93YplcRZjQAXKUSnh694UiFjKpe+lrRwizLYocHwXEEzoZO02A N3uMwPUUxUVQMBrbRhjuBwM6Odt+MMCjwA6nCSZ5OTYLbpSk6csNSYDvU4AISFSM TAJIA6N8XhNeZYiZEmKU7JtY2UMamDyJsfaN1J1Kz7HilvG5XwKfbnnLmLhbF+eR nZAfHEyXKbQFf/XYMbQ1/+1VwlSh2HdNg2TwTgXPnJw5Y/1J/+hnaV9RtTm1h0ca Pg10L/ksZanowGKvE6wWs8SFNfljqPbAlluiUWJ1dKKItRzSOmN19reW0dHePH7N J1JbdL1raKwZGuwrzHEVt+KbeWmlmJcLy+0p0cmpvQVRi+90coxeMFEBgEoo+glc mOykyxFpwjAdtoEMg9Qt/ZpXheJiNwh4MI+t0excCIK0t3FiT8K6YFoFto/pR702 8syG/4QdJNiuPJEg9/OtYMTUMjzCYHh/9JAETW2hM9z9ecW54ImxwqgsP+mPSNep ku9G4B22CWZPPYJZ4iuEu6wVZAjWH1F3w7OO4n6C2ubiXfdYN/k1kjPTX/E+TbwZ eufT7kuHWDzGr1EZqYUOINMoEc1nNUzTUPJjogaLynVtRZZhm6wuDkYX0n3m6pw6 VBZI9xKArPo= =4sGz -----END PGP SIGNATURE-----