Operating System:

[RedHat]

Published:

06 November 2020

Protect yourself against future threats.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2020.3890
      container-tools:rhel8 security, bug fix, and enhancement update
                              6 November 2020

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           container-tools
Publisher:         Red Hat
Operating System:  Red Hat
Impact/Access:     Access Privileged Data         -- Existing Account
                   Denial of Service              -- Existing Account
                   Provide Misleading Information -- Existing Account
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-14040 CVE-2020-10756 CVE-2020-10749

Reference:         ESB-2020.3081
                   ESB-2020.2095

Original Bulletin: 
   https://access.redhat.com/errata/RHSA-2020:4694

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: container-tools:rhel8 security, bug fix, and enhancement update
Advisory ID:       RHSA-2020:4694-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2020:4694
Issue date:        2020-11-03
CVE Names:         CVE-2020-10749 CVE-2020-10756 CVE-2020-14040 
=====================================================================

1. Summary:

An update for the container-tools:rhel8 module is now available for Red Hat
Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

The container-tools module contains tools for working with containers,
notably podman, buildah, skopeo, and runc.

Security Fix(es):

* containernetworking/plugins: IPv6 router advertisements allow for MitM
attacks on IPv4 clusters (CVE-2020-10749)

* QEMU: slirp: networking out-of-bounds read information disclosure
vulnerability (CVE-2020-10756)

* golang.org/x/text: possibility to trigger an infinite loop in
encoding/unicode could lead to crash (CVE-2020-14040)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.3 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1682970 - [RFE] Default location of setting up HTTP_Proxy for podman
1752079 - podman docker command fails at COPY - overwriting existing file
1785242 - container-tools: Provides: docker gone from podman-docker subpackage
1800815 - "podman login" writes auth.json in a location "skopeo copy" does not expect
1801874 - Podman segmentation error when a Dockerfile specifies an image by its digest
1804193 - Podman support for FIPS Mode requires a bind mount inside the container [container-tools-rhel8-rhel-8.3.0/podman]
1804195 - Podman support for FIPS Mode requires a bind mount inside the container [stream-container-tools-rhel8-rhel-8.2.0/podman]
1813845 - [RFE] HTTP/REST API for podman
1814928 - "podman exec -it" will hang with leading keyboard input
1818694 - Golang panic when pushing image to a scaled image-registry
1821193 - Update container-tools 8.3.0 components to stable releases
1822038 - buildah is not expanding env vars in file paths [stream-container-tools-rhel8-rhel-8.3.0/buildah]
1825789 - Crash on filtering anonymous images
1827794 - Podman search does not have pagination support
1833220 - CVE-2020-10749 containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters
1835986 - CVE-2020-10756 QEMU: slirp: networking out-of-bounds read information disclosure vulnerability
1837755 - --init feature useless out of the box
1847544 - Socket-activated Varlink (io.podman.socket) fails after first call
1849557 - Rootless Podman does not properly close and remove temporary files
1850230 - Using toolbox with fedora:latest image fails, exec fails with "OCI runtime command not found"
1853230 - The output from "podman images" is malformed if a repository contains a port
1853652 - CVE-2020-14040 golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash
1857606 - error loading kheaders module
1858862 - Podman build from url failed to get correct temp directory for store files
1860126 - podman run namespace in man page ambiguous
1866153 - podman search doesn't add limit to a query against v2. By default v2 returns 100 items.
1866833 - Podman 1.9.3 fails to run container when /etc/secuity/limits.conf is used
1867447 - error bind mounting /dev from host into mount namespace
1868612 - Image tag not derived correctly
1872263 - Update podman to 2.0.5
1877463 - Remove oci-seccomp-bpf-hook package from default packages installed by container-tools-rhel8-8.3.0
1879622 - `podman images --all` fails on images with digest

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:
buildah-1.15.1-2.module+el8.3.0+8221+97165c3f.src.rpm
cockpit-podman-18.1-2.module+el8.3.0+8221+97165c3f.src.rpm
conmon-2.0.20-2.module+el8.3.0+8221+97165c3f.src.rpm
container-selinux-2.144.0-1.module+el8.3.0+8221+97165c3f.src.rpm
containernetworking-plugins-0.8.6-2.module+el8.3.0+8221+97165c3f.src.rpm
criu-3.14-2.module+el8.3.0+8221+97165c3f.src.rpm
crun-0.14.1-2.module+el8.3.0+8221+97165c3f.src.rpm
fuse-overlayfs-1.1.2-3.module+el8.3.0+8221+97165c3f.src.rpm
libslirp-4.3.1-1.module+el8.3.0+8221+97165c3f.src.rpm
oci-seccomp-bpf-hook-1.1.2-3.module+el8.3.0+8221+97165c3f.src.rpm
podman-2.0.5-5.module+el8.3.0+8221+97165c3f.src.rpm
python-podman-api-1.2.0-0.2.gitd0a45fe.module+el8.3.0+8221+97165c3f.src.rpm
runc-1.0.0-68.rc92.module+el8.3.0+8221+97165c3f.src.rpm
skopeo-1.1.1-3.module+el8.3.0+8221+97165c3f.src.rpm
slirp4netns-1.1.4-2.module+el8.3.0+8221+97165c3f.src.rpm
toolbox-0.0.8-1.module+el8.3.0+8221+97165c3f.src.rpm
udica-0.2.2-1.module+el8.3.0+8221+97165c3f.src.rpm

aarch64:
buildah-1.15.1-2.module+el8.3.0+8221+97165c3f.aarch64.rpm
buildah-debuginfo-1.15.1-2.module+el8.3.0+8221+97165c3f.aarch64.rpm
buildah-debugsource-1.15.1-2.module+el8.3.0+8221+97165c3f.aarch64.rpm
buildah-tests-1.15.1-2.module+el8.3.0+8221+97165c3f.aarch64.rpm
buildah-tests-debuginfo-1.15.1-2.module+el8.3.0+8221+97165c3f.aarch64.rpm
conmon-2.0.20-2.module+el8.3.0+8221+97165c3f.aarch64.rpm
containernetworking-plugins-0.8.6-2.module+el8.3.0+8221+97165c3f.aarch64.rpm
containernetworking-plugins-debuginfo-0.8.6-2.module+el8.3.0+8221+97165c3f.aarch64.rpm
containernetworking-plugins-debugsource-0.8.6-2.module+el8.3.0+8221+97165c3f.aarch64.rpm
containers-common-1.1.1-3.module+el8.3.0+8221+97165c3f.aarch64.rpm
crit-3.14-2.module+el8.3.0+8221+97165c3f.aarch64.rpm
criu-3.14-2.module+el8.3.0+8221+97165c3f.aarch64.rpm
criu-debuginfo-3.14-2.module+el8.3.0+8221+97165c3f.aarch64.rpm
criu-debugsource-3.14-2.module+el8.3.0+8221+97165c3f.aarch64.rpm
crun-0.14.1-2.module+el8.3.0+8221+97165c3f.aarch64.rpm
crun-debuginfo-0.14.1-2.module+el8.3.0+8221+97165c3f.aarch64.rpm
crun-debugsource-0.14.1-2.module+el8.3.0+8221+97165c3f.aarch64.rpm
fuse-overlayfs-1.1.2-3.module+el8.3.0+8221+97165c3f.aarch64.rpm
fuse-overlayfs-debuginfo-1.1.2-3.module+el8.3.0+8221+97165c3f.aarch64.rpm
fuse-overlayfs-debugsource-1.1.2-3.module+el8.3.0+8221+97165c3f.aarch64.rpm
libslirp-4.3.1-1.module+el8.3.0+8221+97165c3f.aarch64.rpm
libslirp-debuginfo-4.3.1-1.module+el8.3.0+8221+97165c3f.aarch64.rpm
libslirp-debugsource-4.3.1-1.module+el8.3.0+8221+97165c3f.aarch64.rpm
libslirp-devel-4.3.1-1.module+el8.3.0+8221+97165c3f.aarch64.rpm
oci-seccomp-bpf-hook-1.1.2-3.module+el8.3.0+8221+97165c3f.aarch64.rpm
oci-seccomp-bpf-hook-debuginfo-1.1.2-3.module+el8.3.0+8221+97165c3f.aarch64.rpm
oci-seccomp-bpf-hook-debugsource-1.1.2-3.module+el8.3.0+8221+97165c3f.aarch64.rpm
podman-2.0.5-5.module+el8.3.0+8221+97165c3f.aarch64.rpm
podman-catatonit-2.0.5-5.module+el8.3.0+8221+97165c3f.aarch64.rpm
podman-catatonit-debuginfo-2.0.5-5.module+el8.3.0+8221+97165c3f.aarch64.rpm
podman-debuginfo-2.0.5-5.module+el8.3.0+8221+97165c3f.aarch64.rpm
podman-debugsource-2.0.5-5.module+el8.3.0+8221+97165c3f.aarch64.rpm
podman-remote-2.0.5-5.module+el8.3.0+8221+97165c3f.aarch64.rpm
podman-remote-debuginfo-2.0.5-5.module+el8.3.0+8221+97165c3f.aarch64.rpm
podman-tests-2.0.5-5.module+el8.3.0+8221+97165c3f.aarch64.rpm
python3-criu-3.14-2.module+el8.3.0+8221+97165c3f.aarch64.rpm
runc-1.0.0-68.rc92.module+el8.3.0+8221+97165c3f.aarch64.rpm
runc-debuginfo-1.0.0-68.rc92.module+el8.3.0+8221+97165c3f.aarch64.rpm
runc-debugsource-1.0.0-68.rc92.module+el8.3.0+8221+97165c3f.aarch64.rpm
skopeo-1.1.1-3.module+el8.3.0+8221+97165c3f.aarch64.rpm
skopeo-debuginfo-1.1.1-3.module+el8.3.0+8221+97165c3f.aarch64.rpm
skopeo-debugsource-1.1.1-3.module+el8.3.0+8221+97165c3f.aarch64.rpm
skopeo-tests-1.1.1-3.module+el8.3.0+8221+97165c3f.aarch64.rpm
slirp4netns-1.1.4-2.module+el8.3.0+8221+97165c3f.aarch64.rpm
slirp4netns-debuginfo-1.1.4-2.module+el8.3.0+8221+97165c3f.aarch64.rpm
slirp4netns-debugsource-1.1.4-2.module+el8.3.0+8221+97165c3f.aarch64.rpm

noarch:
cockpit-podman-18.1-2.module+el8.3.0+8221+97165c3f.noarch.rpm
container-selinux-2.144.0-1.module+el8.3.0+8221+97165c3f.noarch.rpm
podman-docker-2.0.5-5.module+el8.3.0+8221+97165c3f.noarch.rpm
python-podman-api-1.2.0-0.2.gitd0a45fe.module+el8.3.0+8221+97165c3f.noarch.rpm
toolbox-0.0.8-1.module+el8.3.0+8221+97165c3f.noarch.rpm
udica-0.2.2-1.module+el8.3.0+8221+97165c3f.noarch.rpm

ppc64le:
buildah-1.15.1-2.module+el8.3.0+8221+97165c3f.ppc64le.rpm
buildah-debuginfo-1.15.1-2.module+el8.3.0+8221+97165c3f.ppc64le.rpm
buildah-debugsource-1.15.1-2.module+el8.3.0+8221+97165c3f.ppc64le.rpm
buildah-tests-1.15.1-2.module+el8.3.0+8221+97165c3f.ppc64le.rpm
buildah-tests-debuginfo-1.15.1-2.module+el8.3.0+8221+97165c3f.ppc64le.rpm
conmon-2.0.20-2.module+el8.3.0+8221+97165c3f.ppc64le.rpm
containernetworking-plugins-0.8.6-2.module+el8.3.0+8221+97165c3f.ppc64le.rpm
containernetworking-plugins-debuginfo-0.8.6-2.module+el8.3.0+8221+97165c3f.ppc64le.rpm
containernetworking-plugins-debugsource-0.8.6-2.module+el8.3.0+8221+97165c3f.ppc64le.rpm
containers-common-1.1.1-3.module+el8.3.0+8221+97165c3f.ppc64le.rpm
crit-3.14-2.module+el8.3.0+8221+97165c3f.ppc64le.rpm
criu-3.14-2.module+el8.3.0+8221+97165c3f.ppc64le.rpm
criu-debuginfo-3.14-2.module+el8.3.0+8221+97165c3f.ppc64le.rpm
criu-debugsource-3.14-2.module+el8.3.0+8221+97165c3f.ppc64le.rpm
crun-0.14.1-2.module+el8.3.0+8221+97165c3f.ppc64le.rpm
crun-debuginfo-0.14.1-2.module+el8.3.0+8221+97165c3f.ppc64le.rpm
crun-debugsource-0.14.1-2.module+el8.3.0+8221+97165c3f.ppc64le.rpm
fuse-overlayfs-1.1.2-3.module+el8.3.0+8221+97165c3f.ppc64le.rpm
fuse-overlayfs-debuginfo-1.1.2-3.module+el8.3.0+8221+97165c3f.ppc64le.rpm
fuse-overlayfs-debugsource-1.1.2-3.module+el8.3.0+8221+97165c3f.ppc64le.rpm
libslirp-4.3.1-1.module+el8.3.0+8221+97165c3f.ppc64le.rpm
libslirp-debuginfo-4.3.1-1.module+el8.3.0+8221+97165c3f.ppc64le.rpm
libslirp-debugsource-4.3.1-1.module+el8.3.0+8221+97165c3f.ppc64le.rpm
libslirp-devel-4.3.1-1.module+el8.3.0+8221+97165c3f.ppc64le.rpm
oci-seccomp-bpf-hook-1.1.2-3.module+el8.3.0+8221+97165c3f.ppc64le.rpm
oci-seccomp-bpf-hook-debuginfo-1.1.2-3.module+el8.3.0+8221+97165c3f.ppc64le.rpm
oci-seccomp-bpf-hook-debugsource-1.1.2-3.module+el8.3.0+8221+97165c3f.ppc64le.rpm
podman-2.0.5-5.module+el8.3.0+8221+97165c3f.ppc64le.rpm
podman-catatonit-2.0.5-5.module+el8.3.0+8221+97165c3f.ppc64le.rpm
podman-catatonit-debuginfo-2.0.5-5.module+el8.3.0+8221+97165c3f.ppc64le.rpm
podman-debuginfo-2.0.5-5.module+el8.3.0+8221+97165c3f.ppc64le.rpm
podman-debugsource-2.0.5-5.module+el8.3.0+8221+97165c3f.ppc64le.rpm
podman-remote-2.0.5-5.module+el8.3.0+8221+97165c3f.ppc64le.rpm
podman-remote-debuginfo-2.0.5-5.module+el8.3.0+8221+97165c3f.ppc64le.rpm
podman-tests-2.0.5-5.module+el8.3.0+8221+97165c3f.ppc64le.rpm
python3-criu-3.14-2.module+el8.3.0+8221+97165c3f.ppc64le.rpm
runc-1.0.0-68.rc92.module+el8.3.0+8221+97165c3f.ppc64le.rpm
runc-debuginfo-1.0.0-68.rc92.module+el8.3.0+8221+97165c3f.ppc64le.rpm
runc-debugsource-1.0.0-68.rc92.module+el8.3.0+8221+97165c3f.ppc64le.rpm
skopeo-1.1.1-3.module+el8.3.0+8221+97165c3f.ppc64le.rpm
skopeo-debuginfo-1.1.1-3.module+el8.3.0+8221+97165c3f.ppc64le.rpm
skopeo-debugsource-1.1.1-3.module+el8.3.0+8221+97165c3f.ppc64le.rpm
skopeo-tests-1.1.1-3.module+el8.3.0+8221+97165c3f.ppc64le.rpm
slirp4netns-1.1.4-2.module+el8.3.0+8221+97165c3f.ppc64le.rpm
slirp4netns-debuginfo-1.1.4-2.module+el8.3.0+8221+97165c3f.ppc64le.rpm
slirp4netns-debugsource-1.1.4-2.module+el8.3.0+8221+97165c3f.ppc64le.rpm

s390x:
buildah-1.15.1-2.module+el8.3.0+8221+97165c3f.s390x.rpm
buildah-debuginfo-1.15.1-2.module+el8.3.0+8221+97165c3f.s390x.rpm
buildah-debugsource-1.15.1-2.module+el8.3.0+8221+97165c3f.s390x.rpm
buildah-tests-1.15.1-2.module+el8.3.0+8221+97165c3f.s390x.rpm
buildah-tests-debuginfo-1.15.1-2.module+el8.3.0+8221+97165c3f.s390x.rpm
conmon-2.0.20-2.module+el8.3.0+8221+97165c3f.s390x.rpm
containernetworking-plugins-0.8.6-2.module+el8.3.0+8221+97165c3f.s390x.rpm
containernetworking-plugins-debuginfo-0.8.6-2.module+el8.3.0+8221+97165c3f.s390x.rpm
containernetworking-plugins-debugsource-0.8.6-2.module+el8.3.0+8221+97165c3f.s390x.rpm
containers-common-1.1.1-3.module+el8.3.0+8221+97165c3f.s390x.rpm
crit-3.14-2.module+el8.3.0+8221+97165c3f.s390x.rpm
criu-3.14-2.module+el8.3.0+8221+97165c3f.s390x.rpm
criu-debuginfo-3.14-2.module+el8.3.0+8221+97165c3f.s390x.rpm
criu-debugsource-3.14-2.module+el8.3.0+8221+97165c3f.s390x.rpm
crun-0.14.1-2.module+el8.3.0+8221+97165c3f.s390x.rpm
crun-debuginfo-0.14.1-2.module+el8.3.0+8221+97165c3f.s390x.rpm
crun-debugsource-0.14.1-2.module+el8.3.0+8221+97165c3f.s390x.rpm
fuse-overlayfs-1.1.2-3.module+el8.3.0+8221+97165c3f.s390x.rpm
fuse-overlayfs-debuginfo-1.1.2-3.module+el8.3.0+8221+97165c3f.s390x.rpm
fuse-overlayfs-debugsource-1.1.2-3.module+el8.3.0+8221+97165c3f.s390x.rpm
libslirp-4.3.1-1.module+el8.3.0+8221+97165c3f.s390x.rpm
libslirp-debuginfo-4.3.1-1.module+el8.3.0+8221+97165c3f.s390x.rpm
libslirp-debugsource-4.3.1-1.module+el8.3.0+8221+97165c3f.s390x.rpm
libslirp-devel-4.3.1-1.module+el8.3.0+8221+97165c3f.s390x.rpm
oci-seccomp-bpf-hook-1.1.2-3.module+el8.3.0+8221+97165c3f.s390x.rpm
oci-seccomp-bpf-hook-debuginfo-1.1.2-3.module+el8.3.0+8221+97165c3f.s390x.rpm
oci-seccomp-bpf-hook-debugsource-1.1.2-3.module+el8.3.0+8221+97165c3f.s390x.rpm
podman-2.0.5-5.module+el8.3.0+8221+97165c3f.s390x.rpm
podman-catatonit-2.0.5-5.module+el8.3.0+8221+97165c3f.s390x.rpm
podman-catatonit-debuginfo-2.0.5-5.module+el8.3.0+8221+97165c3f.s390x.rpm
podman-debuginfo-2.0.5-5.module+el8.3.0+8221+97165c3f.s390x.rpm
podman-debugsource-2.0.5-5.module+el8.3.0+8221+97165c3f.s390x.rpm
podman-remote-2.0.5-5.module+el8.3.0+8221+97165c3f.s390x.rpm
podman-remote-debuginfo-2.0.5-5.module+el8.3.0+8221+97165c3f.s390x.rpm
podman-tests-2.0.5-5.module+el8.3.0+8221+97165c3f.s390x.rpm
python3-criu-3.14-2.module+el8.3.0+8221+97165c3f.s390x.rpm
runc-1.0.0-68.rc92.module+el8.3.0+8221+97165c3f.s390x.rpm
runc-debuginfo-1.0.0-68.rc92.module+el8.3.0+8221+97165c3f.s390x.rpm
runc-debugsource-1.0.0-68.rc92.module+el8.3.0+8221+97165c3f.s390x.rpm
skopeo-1.1.1-3.module+el8.3.0+8221+97165c3f.s390x.rpm
skopeo-debuginfo-1.1.1-3.module+el8.3.0+8221+97165c3f.s390x.rpm
skopeo-debugsource-1.1.1-3.module+el8.3.0+8221+97165c3f.s390x.rpm
skopeo-tests-1.1.1-3.module+el8.3.0+8221+97165c3f.s390x.rpm
slirp4netns-1.1.4-2.module+el8.3.0+8221+97165c3f.s390x.rpm
slirp4netns-debuginfo-1.1.4-2.module+el8.3.0+8221+97165c3f.s390x.rpm
slirp4netns-debugsource-1.1.4-2.module+el8.3.0+8221+97165c3f.s390x.rpm

x86_64:
buildah-1.15.1-2.module+el8.3.0+8221+97165c3f.x86_64.rpm
buildah-debuginfo-1.15.1-2.module+el8.3.0+8221+97165c3f.x86_64.rpm
buildah-debugsource-1.15.1-2.module+el8.3.0+8221+97165c3f.x86_64.rpm
buildah-tests-1.15.1-2.module+el8.3.0+8221+97165c3f.x86_64.rpm
buildah-tests-debuginfo-1.15.1-2.module+el8.3.0+8221+97165c3f.x86_64.rpm
conmon-2.0.20-2.module+el8.3.0+8221+97165c3f.x86_64.rpm
containernetworking-plugins-0.8.6-2.module+el8.3.0+8221+97165c3f.x86_64.rpm
containernetworking-plugins-debuginfo-0.8.6-2.module+el8.3.0+8221+97165c3f.x86_64.rpm
containernetworking-plugins-debugsource-0.8.6-2.module+el8.3.0+8221+97165c3f.x86_64.rpm
containers-common-1.1.1-3.module+el8.3.0+8221+97165c3f.x86_64.rpm
crit-3.14-2.module+el8.3.0+8221+97165c3f.x86_64.rpm
criu-3.14-2.module+el8.3.0+8221+97165c3f.x86_64.rpm
criu-debuginfo-3.14-2.module+el8.3.0+8221+97165c3f.x86_64.rpm
criu-debugsource-3.14-2.module+el8.3.0+8221+97165c3f.x86_64.rpm
crun-0.14.1-2.module+el8.3.0+8221+97165c3f.x86_64.rpm
crun-debuginfo-0.14.1-2.module+el8.3.0+8221+97165c3f.x86_64.rpm
crun-debugsource-0.14.1-2.module+el8.3.0+8221+97165c3f.x86_64.rpm
fuse-overlayfs-1.1.2-3.module+el8.3.0+8221+97165c3f.x86_64.rpm
fuse-overlayfs-debuginfo-1.1.2-3.module+el8.3.0+8221+97165c3f.x86_64.rpm
fuse-overlayfs-debugsource-1.1.2-3.module+el8.3.0+8221+97165c3f.x86_64.rpm
libslirp-4.3.1-1.module+el8.3.0+8221+97165c3f.x86_64.rpm
libslirp-debuginfo-4.3.1-1.module+el8.3.0+8221+97165c3f.x86_64.rpm
libslirp-debugsource-4.3.1-1.module+el8.3.0+8221+97165c3f.x86_64.rpm
libslirp-devel-4.3.1-1.module+el8.3.0+8221+97165c3f.x86_64.rpm
oci-seccomp-bpf-hook-1.1.2-3.module+el8.3.0+8221+97165c3f.x86_64.rpm
oci-seccomp-bpf-hook-debuginfo-1.1.2-3.module+el8.3.0+8221+97165c3f.x86_64.rpm
oci-seccomp-bpf-hook-debugsource-1.1.2-3.module+el8.3.0+8221+97165c3f.x86_64.rpm
podman-2.0.5-5.module+el8.3.0+8221+97165c3f.x86_64.rpm
podman-catatonit-2.0.5-5.module+el8.3.0+8221+97165c3f.x86_64.rpm
podman-catatonit-debuginfo-2.0.5-5.module+el8.3.0+8221+97165c3f.x86_64.rpm
podman-debuginfo-2.0.5-5.module+el8.3.0+8221+97165c3f.x86_64.rpm
podman-debugsource-2.0.5-5.module+el8.3.0+8221+97165c3f.x86_64.rpm
podman-remote-2.0.5-5.module+el8.3.0+8221+97165c3f.x86_64.rpm
podman-remote-debuginfo-2.0.5-5.module+el8.3.0+8221+97165c3f.x86_64.rpm
podman-tests-2.0.5-5.module+el8.3.0+8221+97165c3f.x86_64.rpm
python3-criu-3.14-2.module+el8.3.0+8221+97165c3f.x86_64.rpm
runc-1.0.0-68.rc92.module+el8.3.0+8221+97165c3f.x86_64.rpm
runc-debuginfo-1.0.0-68.rc92.module+el8.3.0+8221+97165c3f.x86_64.rpm
runc-debugsource-1.0.0-68.rc92.module+el8.3.0+8221+97165c3f.x86_64.rpm
skopeo-1.1.1-3.module+el8.3.0+8221+97165c3f.x86_64.rpm
skopeo-debuginfo-1.1.1-3.module+el8.3.0+8221+97165c3f.x86_64.rpm
skopeo-debugsource-1.1.1-3.module+el8.3.0+8221+97165c3f.x86_64.rpm
skopeo-tests-1.1.1-3.module+el8.3.0+8221+97165c3f.x86_64.rpm
slirp4netns-1.1.4-2.module+el8.3.0+8221+97165c3f.x86_64.rpm
slirp4netns-debuginfo-1.1.4-2.module+el8.3.0+8221+97165c3f.x86_64.rpm
slirp4netns-debugsource-1.1.4-2.module+el8.3.0+8221+97165c3f.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-10749
https://access.redhat.com/security/cve/CVE-2020-10756
https://access.redhat.com/security/cve/CVE-2020-14040
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/

8. Contact:

The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBX6I28tzjgjWX9erEAQjR4w//cI3lbSrcwIdXOW2j1cQo5Leh0raN+4i0
l70omYn9cumaVTyR0XfKuFp2sb9LjVm/Ca+96PMHxYRze6//kPfdLi9rBdHmPfE9
w5Q3nbQlAo1NzW6ExBaSnmZ1cp0/NN0y40Vzuuc5rOyMaG8eXG4mKOCJrtmkgGFs
Pw+AuPJI9fjEOaoXIPIDYD1gcABIrKQZ+H+evqzHYxoZjTSeoKXfLUG/xF8mrbQV
Heh63q9ToCCphA+Ua1MjKtT4rjqSFwhiYag4fFHsmZ8se+h+l7UvngmKkkHFaYsW
WVH0LB3TqH6nbJ5tTCu3Gn8zYs6Ug4ZRcrzK+E1Jo0unGC5F4eKHY6CixX/iPuZW
rf15ygCdTj9DAByZk/vcJ6NopW3pxuTx3/eZK9FVyV2UobQZGIpqhi5VEguZEHC7
zQGbQ8r6A6Dt1I4gvqWfZnJLE0Dc1YKNQESOBpD/TDJpNXcKmRit+KOtF0haV08g
vTD0TijqOuRhT8SyDOxNlZUXlhHl9sv2Oa0DkuueWREG1LDiG40qkzxou5jNzNeu
0zzp2q+povnxm/LbhByDltYqYOySnXvNJAq7hS6UycjyTKDtda4cbaEYXsNQN5E0
Y2q3m8iRk1Aq/+f72Y5mz25V1Xp2CYPLXnMND7KmTyR+HvrzZ5EpT4K+0yGSBqmW
xChlPLYv/e8=
=xg2W
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIUAwUBX6Sq3ONLKJtyKPYoAQiIlw/3RonaCZJ88+TJoTBgiSCAUV0iB4tqNzSC
fCccKx7CbB7UJO+is1qLcw3ZVPN1WLtaGT3iqtQbivREZwMc8fp5ka/Tf04ezH7H
RCHaY3y+p5NOMv3Hh+hTWqn0PbIRgVbFDsoyWKIGvxEqL5SA3mw7qUpdpicnYGx5
E3P2UGedOABpP2HAhIf+A/5OLGzLJQXswNEquj7XBB/i52EzmFhAs8AAA5lO6VkY
lJAvI5JU3e8F2oBoUL5ka378oMqRXHtZDHm3o5wdqytLt0OLqV9YhARj9gnPOpnb
82QQ6D96ctKhVdzabTJXcLhW9jlULZm33sofXK9Tw237PGrY5mmSK/xvsfUvTIJM
pIs1SxYoL0dmu7TcodvEyBlUvtBHHbSXqHsm2nhFRb5NK0o+Wd2RQbv2SdJGNuBe
7AcwsKGV3bZYsxP00Spzht4O+zvhFrOfPLjSX/VC5RFtjMWhBgWnxVydtLryPCTv
2PLLKlHKvpDbrZ8T3lAp0WsJ5xqSLg5WJ9EN0WD3kTnhXfZ1KEsV+IaTFcDYQlVY
2Kx1x71HQuHOdg6nEW4y3a8kohkVvWmEHQtcL9HQiWfaYAPex7NWDildvQku/TbU
BLlgkyKi8BFEKpGgTdnrodoMzIdvNj6proFxNcq5pQTyxzpfRagoppNCMDrU5SvA
Vph9UwqxQA==
=DOym
-----END PGP SIGNATURE-----