Fedora 33: FEDORA-2020-7b6058fec9 Critical: Skopeo Security Update

Command line utility to inspect images and repositories directly on Docker

registries without the need to pull them

autobuilt v2.1.0, Security fix for CVE-2020-14370 ---- correct release tag

on account of prior faulty build_tag macro ---- Add back in capability

SYS_CHROOT. ---- Remove fchmodat2 from seccomp filters, since it is not in

upstream kernel yet. ---- Remove dangerous capabilities by default. ----Autobuilt v1.1.1

* Fri Oct 2 2020 Lokesh Mandvekar - 1:1.2.0-3

- Resolves: #1880094

- rebuild for bodhi sake

* Fri Oct 2 2020 Dan Walsh - 1:1.2.0-2

- Add SETFCAP back into default capabilities

* Thu Oct 1 2020 Lokesh Mandvekar - 1:1.2.0-1

- bump to v1.2.0

* Thu Oct 1 2020 Lokesh Mandvekar - 1:1.1.1-11

- fix skopeo gating test

* Mon Sep 28 2020 Lokesh Mandvekar - 1:1.1.1-10

- tests subpackage requires openssl

* Fri Sep 25 2020 Dan Walsh - 1:1.1.1-9

- Modify the range of groups used in net.ipv4.ping_group_range to be 1 so that

- it will work more easily with User Namespaces

- Also turn back on AUDIT_WRITE until seccomp.json file is fixed

* Wed Sep 23 2020 Lokesh Mandvekar - 1:1.1.1-8

- correct release tag on account of prior faulty build_tag macro

* Mon Sep 21 2020 RH Container Bot - 1:1.1.1-1

- autobuilt v1.1.1

* Mon Sep 21 2020 Dan Walsh - 1:1.1.1-7

- Add SYS_CHROOT back into default capabilities

* Mon Sep 21 2020 RH Container Bot - 1:1.1.1-1

- autobuilt v1.1.1

* Mon Sep 21 2020 Dan Walsh - 1:1.1.1-6

- Remove fchmodat2 from seccomp.json (This syscall does not exist yet)

* Thu Sep 17 2020 RH Container Bot - 1:1.1.1-1

- autobuilt v1.1.1

* Thu Sep 17 2020 Dan Walsh - 1:1.1.1-5

- Remove NET_RAW, SYS_CHROOT, MKNOD and AUDIT_WRITE from default list of capabilities

- Turn on ping for 65k users

* Sat Sep 12 2020 Dan Walsh - 1:1.1.1-4

- update man pages

- Update seccomp rules

- Update configuration files in containers-common

- Update configuration files in containers-storage

* Wed Sep 2 2020 RH Container Bot - 1:1.1.1-1

- autobuilt v1.1.1

* Mon Aug 10 2020 RH Container Bot - 1:1.1.1-30.dev.git0c2c7f4

- autobuilt 0c2c7f4

* Sun Aug 9 2020 RH Container Bot - 1:1.1.1-29.dev.git0f94dbc

- autobuilt 0f94dbc

* Sat Aug 8 2020 RH Container Bot - 1:1.1.1-28.dev.gitbaeaad6

- autobuilt baeaad6

* Fri Aug 7 2020 RH Container Bot - 1:1.1.1-27.dev.git78d2f67

- autobuilt 78d2f67

* Mon Aug 3 2020 RH Container Bot - 1:1.1.1-26.dev.gitc052ed7

- autobuilt c052ed7

* Mon Aug 3 2020 RH Container Bot - 1:1.1.1-25.dev.git5e88eb5

- autobuilt 5e88eb5

* Sun Aug 2 2020 Dan Walsh - 1:1.1.1-23.dev.git62fd5a7

- Update configuration files in containers-common

- Update configuration files in containers-storage

* Sat Aug 1 2020 Fedora Release Engineering - 1:1.1.1-23.dev.git62fd5a7

- Second attempt - Rebuilt for

https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild

* Fri Jul 31 2020 RH Container Bot - 1:1.1.1-22.dev.git62fd5a7

- autobuilt 62fd5a7

* Thu Jul 30 2020 RH Container Bot - 1:1.1.1-21.dev.git6252c22

- autobuilt 6252c22

* Wed Jul 29 2020 Fedora Release Engineering - 1:1.1.1-20.dev.git153f18d

- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild

* Thu Jul 23 2020 RH Container Bot - 1:1.1.1-19.dev.git153f18d

- autobuilt 153f18d

* Sat Jul 18 2020 RH Container Bot - 1:1.1.1-18.dev.git494d237

- autobuilt 494d237

* Fri Jul 17 2020 RH Container Bot - 1:1.1.1-17.dev.git89fb89a

- autobuilt 89fb89a

* Thu Jul 16 2020 RH Container Bot - 1:1.1.1-16.dev.git29eec32

- autobuilt 29eec32

* Thu Jul 16 2020 RH Container Bot - 1:1.1.1-15.dev.git2fa7b99

- autobuilt 2fa7b99

* Sat Jul 11 2020 RH Container Bot - 1:1.1.1-14.dev.git6284ceb

- autobuilt 6284ceb

* Sat Jul 11 2020 RH Container Bot - 1:1.1.1-13.dev.git6e295a2

- autobuilt 6e295a2

* Fri Jul 10 2020 RH Container Bot - 1:1.1.1-12.dev.gitf63685f

- autobuilt f63685f

* Thu Jul 9 2020 RH Container Bot - 1:1.1.1-11.dev.gitdc5f68f

- autobuilt dc5f68f

* Thu Jul 9 2020 RH Container Bot - 1:1.1.1-10.dev.git840c487

- autobuilt 840c487

* Wed Jul 8 2020 RH Container Bot - 1:1.1.1-9.dev.gitee72e80

- autobuilt ee72e80

* Thu Jul 2 2020 RH Container Bot - 1:1.1.1-8.dev.git6182aa3

- autobuilt 6182aa3

* Wed Jul 1 2020 RH Container Bot - 1:1.1.1-7.dev.gitac6b871

- autobuilt ac6b871

* Tue Jun 30 2020 Dan Walsh - 1:1.1.1-6.dev.gitba8cbf5

- Update configuration files in containers-common

* Fri Jun 26 2020 RH Container Bot - 1:1.1.1-5.dev.gitba8cbf5

- autobuilt ba8cbf5

* Mon Jun 22 2020 RH Container Bot - 1:1.1.1-4.dev.git7815c8a

- autobuilt 7815c8a

* Mon Jun 22 2020 RH Container Bot - 1:1.1.1-3.dev.git233e61c

- autobuilt 233e61c

* Thu Jun 18 2020 RH Container Bot - 1:1.1.1-2.dev.git96bd4a0

- bump to 1.1.1

- autobuilt 96bd4a0

* Thu Jun 18 2020 RH Container Bot - 1:1.0.1-17.dev.git6b78619

- autobuilt 6b78619

[ 1 ] Bug #1874268 - CVE-2020-14370 podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API

https://bugzilla.redhat.com/show_bug.cgi?id=1874268

su -c 'dnf upgrade --advisory FEDORA-2020-7b6058fec9' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/