Fedora 36: manifest-tool 2023-a4baceec07
Summary
This tool was mainly created for the purpose of viewing, creating, and
pushing the new manifests list object type in the Docker registry. Manifest
lists are defined in the v2.2 image specification and exist mainly for the
purpose of supporting multi-architecture and/or multi-platform images within
a Docker registry.
Update to latest upstream release
* Fri Mar 3 2023 Josh Boyer
- Update to latest upstream release
- Fixes RhBug 2174535 CVE-2023-25173
[ 1 ] Bug #2106664 - manifest-tool-2.0.8 is available
https://bugzilla.redhat.com/show_bug.cgi?id=2106664
[ 2 ] Bug #2163549 - CVE-2022-3064 manifest-tool: go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents [fedora-all]
https://bugzilla.redhat.com/show_bug.cgi?id=2163549
[ 3 ] Bug #2174535 - manifest-tool: containerd: Supplementary groups are not set up properly [fedora-36]
https://bugzilla.redhat.com/show_bug.cgi?id=2174535
su -c 'dnf upgrade --advisory FEDORA-2023-a4baceec07' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/
Do not reply to spam, report it: https://pagure.io/login/
FEDORA-2023-a4baceec07 2023-03-15 00:44:59.865765 Product : Fedora 36 Version : 2.0.8 Release : 1.fc36 URL : https://github.com/estesp/manifest-tool Summary : A command line tool used for creating manifest list objects Description : This tool was mainly created for the purpose of viewing, creating, and pushing the new manifests list object type in the Docker registry. Manifest lists are defined in the v2.2 image specification and exist mainly for the purpose of supporting multi-architecture and/or multi-platform images within a Docker registry. Update to latest upstream release * Fri Mar 3 2023 Josh Boyer - 2.0.8-1 - Update to latest upstream release - Fixes RhBug 2174535 CVE-2023-25173 [ 1 ] Bug #2106664 - manifest-tool-2.0.8 is available https://bugzilla.redhat.com/show_bug.cgi?id=2106664 [ 2 ] Bug #2163549 - CVE-2022-3064 manifest-tool: go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2163549 [ 3 ] Bug #2174535 - manifest-tool: containerd: Supplementary groups are not set up properly [fedora-36] https://bugzilla.redhat.com/show_bug.cgi?id=2174535 su -c 'dnf upgrade --advisory FEDORA-2023-a4baceec07' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/ Do not reply to spam, report it: https://pagure.io/login/
Change Log
References
Update Instructions
