Oracle Linux Security Advisory ELSA-2022-1566

https://linux.oracle.com/errata/ELSA-2022-1566.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
buildah-1.11.6-10.0.1.module+el8.5.0+20636+305c97cc.x86_64.rpm
buildah-tests-1.11.6-10.0.1.module+el8.5.0+20636+305c97cc.x86_64.rpm
cockpit-podman-11-1.module+el8.5.0+20636+305c97cc.noarch.rpm
conmon-2.0.15-1.module+el8.5.0+20636+305c97cc.x86_64.rpm
containernetworking-plugins-0.8.3-4.0.1.module+el8.5.0+20636+305c97cc.x86_64.rpm
containers-common-0.1.41-4.0.1.module+el8.5.0+20636+305c97cc.x86_64.rpm
container-selinux-2.130.0-1.module+el8.5.0+20636+305c97cc.noarch.rpm
crit-3.12-9.module+el8.5.0+20636+305c97cc.x86_64.rpm
criu-3.12-9.module+el8.5.0+20636+305c97cc.x86_64.rpm
fuse-overlayfs-0.7.8-1.module+el8.5.0+20636+305c97cc.x86_64.rpm
podman-1.6.4-28.0.1.module+el8.5.0+20636+305c97cc.x86_64.rpm
podman-docker-1.6.4-28.0.1.module+el8.5.0+20636+305c97cc.noarch.rpm
podman-remote-1.6.4-28.0.1.module+el8.5.0+20636+305c97cc.x86_64.rpm
podman-tests-1.6.4-28.0.1.module+el8.5.0+20636+305c97cc.x86_64.rpm
python3-criu-3.12-9.module+el8.5.0+20636+305c97cc.x86_64.rpm
python-podman-api-1.2.0-0.2.gitd0a45fe.module+el8.5.0+20636+305c97cc.noarch.rpm
runc-1.0.0-66.rc10.module+el8.5.0+20636+305c97cc.x86_64.rpm
skopeo-0.1.41-4.0.1.module+el8.5.0+20636+305c97cc.x86_64.rpm
skopeo-tests-0.1.41-4.0.1.module+el8.5.0+20636+305c97cc.x86_64.rpm
slirp4netns-0.4.2-3.git21fdece.module+el8.5.0+20636+305c97cc.x86_64.rpm
udica-0.2.1-2.module+el8.5.0+20636+305c97cc.noarch.rpm

aarch64:
buildah-1.11.6-10.0.1.module+el8.5.0+20636+305c97cc.aarch64.rpm
buildah-tests-1.11.6-10.0.1.module+el8.5.0+20636+305c97cc.aarch64.rpm
cockpit-podman-11-1.module+el8.5.0+20636+305c97cc.noarch.rpm
conmon-2.0.15-1.module+el8.5.0+20636+305c97cc.aarch64.rpm
containernetworking-plugins-0.8.3-4.0.1.module+el8.5.0+20636+305c97cc.aarch64.rpm
containers-common-0.1.41-4.0.1.module+el8.5.0+20636+305c97cc.aarch64.rpm
container-selinux-2.130.0-1.module+el8.5.0+20636+305c97cc.noarch.rpm
crit-3.12-9.module+el8.5.0+20636+305c97cc.aarch64.rpm
criu-3.12-9.module+el8.5.0+20636+305c97cc.aarch64.rpm
fuse-overlayfs-0.7.8-1.module+el8.5.0+20636+305c97cc.aarch64.rpm
podman-1.6.4-28.0.1.module+el8.5.0+20636+305c97cc.aarch64.rpm
podman-docker-1.6.4-28.0.1.module+el8.5.0+20636+305c97cc.noarch.rpm
podman-remote-1.6.4-28.0.1.module+el8.5.0+20636+305c97cc.aarch64.rpm
podman-tests-1.6.4-28.0.1.module+el8.5.0+20636+305c97cc.aarch64.rpm
python3-criu-3.12-9.module+el8.5.0+20636+305c97cc.aarch64.rpm
python-podman-api-1.2.0-0.2.gitd0a45fe.module+el8.5.0+20636+305c97cc.noarch.rpm
runc-1.0.0-66.rc10.module+el8.5.0+20636+305c97cc.aarch64.rpm
skopeo-0.1.41-4.0.1.module+el8.5.0+20636+305c97cc.aarch64.rpm
skopeo-tests-0.1.41-4.0.1.module+el8.5.0+20636+305c97cc.aarch64.rpm
slirp4netns-0.4.2-3.git21fdece.module+el8.5.0+20636+305c97cc.aarch64.rpm
udica-0.2.1-2.module+el8.5.0+20636+305c97cc.noarch.rpm


SRPMS:
https://oss.oracle.com/ol8/SRPMS-updates/buildah-1.11.6-10.0.1.module+el8.5.0+20636+305c97cc.src.rpm
https://oss.oracle.com/ol8/SRPMS-updates/cockpit-podman-11-1.module+el8.5.0+20636+305c97cc.src.rpm
https://oss.oracle.com/ol8/SRPMS-updates/conmon-2.0.15-1.module+el8.5.0+20636+305c97cc.src.rpm
https://oss.oracle.com/ol8/SRPMS-updates/containernetworking-plugins-0.8.3-4.0.1.module+el8.5.0+20636+305c97cc.src.rpm
https://oss.oracle.com/ol8/SRPMS-updates/container-selinux-2.130.0-1.module+el8.5.0+20636+305c97cc.src.rpm
https://oss.oracle.com/ol8/SRPMS-updates/criu-3.12-9.module+el8.5.0+20636+305c97cc.src.rpm
https://oss.oracle.com/ol8/SRPMS-updates/fuse-overlayfs-0.7.8-1.module+el8.5.0+20636+305c97cc.src.rpm
https://oss.oracle.com/ol8/SRPMS-updates/podman-1.6.4-28.0.1.module+el8.5.0+20636+305c97cc.src.rpm
https://oss.oracle.com/ol8/SRPMS-updates/python-podman-api-1.2.0-0.2.gitd0a45fe.module+el8.5.0+20636+305c97cc.src.rpm
https://oss.oracle.com/ol8/SRPMS-updates/runc-1.0.0-66.rc10.module+el8.5.0+20636+305c97cc.src.rpm
https://oss.oracle.com/ol8/SRPMS-updates/skopeo-0.1.41-4.0.1.module+el8.5.0+20636+305c97cc.src.rpm
https://oss.oracle.com/ol8/SRPMS-updates/slirp4netns-0.4.2-3.git21fdece.module+el8.5.0+20636+305c97cc.src.rpm
https://oss.oracle.com/ol8/SRPMS-updates/udica-0.2.1-2.module+el8.5.0+20636+305c97cc.src.rpm

Related CVEs:

CVE-2022-27649
CVE-2022-27651




Description of changes:

buildah
[1.11.6-10.0.1]
- Handling redirect from the docker registry [Orabug: 29874238] (Nikita Gerasimov)
- Reduce unnecessary writable mounts in NaiveDiffDriver [Orabug: 31025483]

[1.11.6-10]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.11-rhel
  (https://github.com/containers/buildah/commit/9a4764a)
- fixes CVE-2022-27649

podman
[1.6.4-28.0.1]
- Reduce unnecessary writable mounts in NaiveDiffDriver [Orabug: 31025483]
- delivering fix for [Orabug: 29874238] by Nikita Gerasimov 

[1.6.4-28]
- update to the latest content of https://github.com/containers/podman/tree/v1.6.4-rhel
  (https://github.com/containers/podman/commit/9407ffd)
- fixes CVE-2022-27651
- Resolves: #2067545

[1.6.4-27]
- update to the latest content of https://github.com/containers/podman/tree/v1.6.4-rhel
  (https://github.com/containers/podman/commit/c19e460)
- Resolves: #2062401

_______________________________________________
El-errata mailing list
[email protected]
https://oss.oracle.com/mailman/listinfo/el-errata