Oracle Linux Security Advisory ELSA-2023-7202

https://linux.oracle.com/errata/ELSA-2023-7202.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
aardvark-dns-1.0.1-38.0.1.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm
buildah-1.24.6-7.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm
buildah-tests-1.24.6-7.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm
cockpit-podman-46-1.module+el8.9.0+90086+8f2d6fb1.noarch.rpm
conmon-2.1.4-2.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm
container-selinux-2.205.0-3.module+el8.9.0+90086+8f2d6fb1.noarch.rpm
containernetworking-plugins-1.1.1-5.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm
containers-common-1-38.0.1.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm
crit-3.15-3.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm
criu-3.15-3.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm
criu-devel-3.15-3.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm
criu-libs-3.15-3.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm
crun-1.8.7-1.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm
fuse-overlayfs-1.9-2.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm
libslirp-4.4.0-1.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm
libslirp-devel-4.4.0-1.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm
netavark-1.0.1-38.0.1.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm
oci-seccomp-bpf-hook-1.2.5-2.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm
podman-4.0.2-24.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm
podman-catatonit-4.0.2-24.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm
podman-docker-4.0.2-24.module+el8.9.0+90086+8f2d6fb1.noarch.rpm
podman-gvproxy-4.0.2-24.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm
podman-plugins-4.0.2-24.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm
podman-remote-4.0.2-24.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm
podman-tests-4.0.2-24.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm
python3-criu-3.15-3.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm
python3-podman-4.0.0-2.module+el8.9.0+90086+8f2d6fb1.noarch.rpm
runc-1.1.5-2.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm
skopeo-1.6.2-9.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm
skopeo-tests-1.6.2-9.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm
slirp4netns-1.1.8-3.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm
udica-0.2.6-4.module+el8.9.0+90086+8f2d6fb1.noarch.rpm

aarch64:
cockpit-podman-46-1.module+el8.9.0+90086+8f2d6fb1.noarch.rpm
container-selinux-2.205.0-3.module+el8.9.0+90086+8f2d6fb1.noarch.rpm
podman-docker-4.0.2-24.module+el8.9.0+90086+8f2d6fb1.noarch.rpm
python3-podman-4.0.0-2.module+el8.9.0+90086+8f2d6fb1.noarch.rpm
udica-0.2.6-4.module+el8.9.0+90086+8f2d6fb1.noarch.rpm
aardvark-dns-1.0.1-38.0.1.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm
buildah-1.24.6-7.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm
buildah-tests-1.24.6-7.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm
conmon-2.1.4-2.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm
containernetworking-plugins-1.1.1-5.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm
containers-common-1-38.0.1.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm
crit-3.15-3.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm
criu-3.15-3.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm
criu-devel-3.15-3.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm
criu-libs-3.15-3.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm
crun-1.8.7-1.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm
fuse-overlayfs-1.9-2.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm
libslirp-4.4.0-1.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm
libslirp-devel-4.4.0-1.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm
netavark-1.0.1-38.0.1.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm
oci-seccomp-bpf-hook-1.2.5-2.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm
podman-4.0.2-24.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm
podman-catatonit-4.0.2-24.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm
podman-gvproxy-4.0.2-24.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm
podman-plugins-4.0.2-24.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm
podman-remote-4.0.2-24.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm
podman-tests-4.0.2-24.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm
python3-criu-3.15-3.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm
runc-1.1.5-2.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm
skopeo-1.6.2-9.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm
skopeo-tests-1.6.2-9.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm
slirp4netns-1.1.8-3.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm


SRPMS:
https://oss.oracle.com:443/ol8/SRPMS-updates//buildah-1.24.6-7.module+el8.9.0+90086+8f2d6fb1.src.rpm
https://oss.oracle.com:443/ol8/SRPMS-updates//cockpit-podman-46-1.module+el8.9.0+90086+8f2d6fb1.src.rpm
https://oss.oracle.com:443/ol8/SRPMS-updates//conmon-2.1.4-2.module+el8.9.0+90086+8f2d6fb1.src.rpm
https://oss.oracle.com:443/ol8/SRPMS-updates//containernetworking-plugins-1.1.1-5.module+el8.9.0+90086+8f2d6fb1.src.rpm
https://oss.oracle.com:443/ol8/SRPMS-updates//containers-common-1-38.0.1.module+el8.9.0+90086+8f2d6fb1.src.rpm
https://oss.oracle.com:443/ol8/SRPMS-updates//container-selinux-2.205.0-3.module+el8.9.0+90086+8f2d6fb1.src.rpm
https://oss.oracle.com:443/ol8/SRPMS-updates//criu-3.15-3.module+el8.9.0+90086+8f2d6fb1.src.rpm
https://oss.oracle.com:443/ol8/SRPMS-updates//crun-1.8.7-1.module+el8.9.0+90086+8f2d6fb1.src.rpm
https://oss.oracle.com:443/ol8/SRPMS-updates//fuse-overlayfs-1.9-2.module+el8.9.0+90086+8f2d6fb1.src.rpm
https://oss.oracle.com:443/ol8/SRPMS-updates//libslirp-4.4.0-1.module+el8.9.0+90086+8f2d6fb1.src.rpm
https://oss.oracle.com:443/ol8/SRPMS-updates//oci-seccomp-bpf-hook-1.2.5-2.module+el8.9.0+90086+8f2d6fb1.src.rpm
https://oss.oracle.com:443/ol8/SRPMS-updates//podman-4.0.2-24.module+el8.9.0+90086+8f2d6fb1.src.rpm
https://oss.oracle.com:443/ol8/SRPMS-updates//python-podman-4.0.0-2.module+el8.9.0+90086+8f2d6fb1.src.rpm
https://oss.oracle.com:443/ol8/SRPMS-updates//runc-1.1.5-2.module+el8.9.0+90086+8f2d6fb1.src.rpm
https://oss.oracle.com:443/ol8/SRPMS-updates//skopeo-1.6.2-9.module+el8.9.0+90086+8f2d6fb1.src.rpm
https://oss.oracle.com:443/ol8/SRPMS-updates//slirp4netns-1.1.8-3.module+el8.9.0+90086+8f2d6fb1.src.rpm
https://oss.oracle.com:443/ol8/SRPMS-updates//udica-0.2.6-4.module+el8.9.0+90086+8f2d6fb1.src.rpm

Related CVEs:

CVE-2023-29406




Description of changes:

buildah
[1:1.24.6-7]
- rebuild for CVE-2023-29406
- Related: #2176055

cockpit-podman
[46-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/46
- Related: #2061390

conmon
[2:2.1.4-2]
- update to https://github.com/containers/conmon/releases/tag/v2.1.4
- Related: #2176055

containernetworking-plugins
[1:1.1.1-5]
- add Epoch in Provides
- Related: #2176055

containers-common
[1-38.0.1]
- Updated removed references [Orabug: 33473101] (Alex Burmashev)
- Adjust registries.conf (Nikita Gerasimov)
- remove references to RedHat registry (Nikita Gerasimov)

container-selinux
[2:2.205.0-3]
- fix build for stable module
- Related: #2176055

criu
[3.15-3]
- add Requires: criu-libs = %{version}-%{release} in criu-devel
- add gating tests
- Related: #1934415

crun
fuse-overlayfs
libslirp
oci-seccomp-bpf-hook
[1.2.5-2]
- fix compatibility with the new bcc
- Related: #2176055

podman
[2:4.0.2-24]
- rebuild for CVE-2023-29406
- Related: #2176055

python-podman
[4.0.0-2]
- bump to v4.0.0
- Related: #2176055

runc
[1:1.1.5-2]
- rebuild for following CVEs: CVE-2022-41724
- Resolves: #2179971


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle8: ELSA-2023-7202: container-tools:4.0 Moderate Security Update

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

Summary

buildah [1:1.24.6-7] - rebuild for CVE-2023-29406 - Related: #2176055 cockpit-podman [46-1] - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/46 - Related: #2061390 conmon [2:2.1.4-2] - update to https://github.com/containers/conmon/releases/tag/v2.1.4 - Related: #2176055 containernetworking-plugins [1:1.1.1-5] - add Epoch in Provides - Related: #2176055 containers-common [1-38.0.1] - Updated removed references [Orabug: 33473101] (Alex Burmashev) - Adjust registries.conf (Nikita Gerasimov) - remove references to RedHat registry (Nikita Gerasimov) container-selinux [2:2.205.0-3] - fix build for stable module - Related: #2176055 criu [3.15-3] - add Requires: criu-libs = %{version}-%{release} in criu-devel - add gating tests - Related: #1934415 crun fuse-overlayfs libslirp oci-seccomp-bpf-hook [1.2.5-2] - fix compatibility with the new bcc - Related: #2176055 podman [2:4.0.2-24] - rebuild for CVE-2023-29406 - Related: #2176055 python-podman [4.0.0-2] - bump to v4.0.0 - Related: #2176055 runc [1:1.1.5-2] - rebuild for following CVEs: CVE-2022-41724 - Resolves: #2179971

SRPMs

https://oss.oracle.com:443/ol8/SRPMS-updates//buildah-1.24.6-7.module+el8.9.0+90086+8f2d6fb1.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//cockpit-podman-46-1.module+el8.9.0+90086+8f2d6fb1.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//conmon-2.1.4-2.module+el8.9.0+90086+8f2d6fb1.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//containernetworking-plugins-1.1.1-5.module+el8.9.0+90086+8f2d6fb1.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//containers-common-1-38.0.1.module+el8.9.0+90086+8f2d6fb1.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//container-selinux-2.205.0-3.module+el8.9.0+90086+8f2d6fb1.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//criu-3.15-3.module+el8.9.0+90086+8f2d6fb1.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//crun-1.8.7-1.module+el8.9.0+90086+8f2d6fb1.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//fuse-overlayfs-1.9-2.module+el8.9.0+90086+8f2d6fb1.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//libslirp-4.4.0-1.module+el8.9.0+90086+8f2d6fb1.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//oci-seccomp-bpf-hook-1.2.5-2.module+el8.9.0+90086+8f2d6fb1.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//podman-4.0.2-24.module+el8.9.0+90086+8f2d6fb1.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//python-podman-4.0.0-2.module+el8.9.0+90086+8f2d6fb1.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//runc-1.1.5-2.module+el8.9.0+90086+8f2d6fb1.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//skopeo-1.6.2-9.module+el8.9.0+90086+8f2d6fb1.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//slirp4netns-1.1.8-3.module+el8.9.0+90086+8f2d6fb1.src.rpm https://oss.oracle.com:443/ol8/SRPMS-updates//udica-0.2.6-4.module+el8.9.0+90086+8f2d6fb1.src.rpm

x86_64

aardvark-dns-1.0.1-38.0.1.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm buildah-1.24.6-7.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm buildah-tests-1.24.6-7.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm cockpit-podman-46-1.module+el8.9.0+90086+8f2d6fb1.noarch.rpm conmon-2.1.4-2.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm container-selinux-2.205.0-3.module+el8.9.0+90086+8f2d6fb1.noarch.rpm containernetworking-plugins-1.1.1-5.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm containers-common-1-38.0.1.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm crit-3.15-3.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm criu-3.15-3.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm criu-devel-3.15-3.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm criu-libs-3.15-3.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm crun-1.8.7-1.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm fuse-overlayfs-1.9-2.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm libslirp-4.4.0-1.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm libslirp-devel-4.4.0-1.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm netavark-1.0.1-38.0.1.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm oci-seccomp-bpf-hook-1.2.5-2.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm podman-4.0.2-24.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm podman-catatonit-4.0.2-24.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm podman-docker-4.0.2-24.module+el8.9.0+90086+8f2d6fb1.noarch.rpm podman-gvproxy-4.0.2-24.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm podman-plugins-4.0.2-24.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm podman-remote-4.0.2-24.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm podman-tests-4.0.2-24.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm python3-criu-3.15-3.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm python3-podman-4.0.0-2.module+el8.9.0+90086+8f2d6fb1.noarch.rpm runc-1.1.5-2.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm skopeo-1.6.2-9.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm skopeo-tests-1.6.2-9.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm slirp4netns-1.1.8-3.module+el8.9.0+90086+8f2d6fb1.x86_64.rpm udica-0.2.6-4.module+el8.9.0+90086+8f2d6fb1.noarch.rpm

aarch64

cockpit-podman-46-1.module+el8.9.0+90086+8f2d6fb1.noarch.rpm container-selinux-2.205.0-3.module+el8.9.0+90086+8f2d6fb1.noarch.rpm podman-docker-4.0.2-24.module+el8.9.0+90086+8f2d6fb1.noarch.rpm python3-podman-4.0.0-2.module+el8.9.0+90086+8f2d6fb1.noarch.rpm udica-0.2.6-4.module+el8.9.0+90086+8f2d6fb1.noarch.rpm aardvark-dns-1.0.1-38.0.1.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm buildah-1.24.6-7.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm buildah-tests-1.24.6-7.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm conmon-2.1.4-2.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm containernetworking-plugins-1.1.1-5.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm containers-common-1-38.0.1.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm crit-3.15-3.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm criu-3.15-3.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm criu-devel-3.15-3.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm criu-libs-3.15-3.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm crun-1.8.7-1.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm fuse-overlayfs-1.9-2.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm libslirp-4.4.0-1.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm libslirp-devel-4.4.0-1.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm netavark-1.0.1-38.0.1.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm oci-seccomp-bpf-hook-1.2.5-2.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm podman-4.0.2-24.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm podman-catatonit-4.0.2-24.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm podman-gvproxy-4.0.2-24.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm podman-plugins-4.0.2-24.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm podman-remote-4.0.2-24.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm podman-tests-4.0.2-24.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm python3-criu-3.15-3.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm runc-1.1.5-2.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm skopeo-1.6.2-9.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm skopeo-tests-1.6.2-9.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm slirp4netns-1.1.8-3.module+el8.9.0+90086+8f2d6fb1.aarch64.rpm

i386

Severity
Related CVEs: CVE-2023-29406

Related News

Linux Mint 22: Elevating Security and Usability for Admins
3 - 5 min read
Linux Mint has has long been recognized as a versatile and user-friendly distribution and has earned great popularity among administrators and
Exim 4.98 Addresses Critical Vulnerabilities, Bolsters Email Server Security
2 - 4 min read
Exim is one of Unix-like systems' most widely used mail transfer agents. It's essential for email delivery and handling and is a significant part of
Recent OpenSSH RCE Bug Explained: Impact & Mitigations
2 - 4 min read
In an era where cybersecurity threats loom larger than ever, the discovery of a Remote Code Execution (RCE) vulnerability in OpenSSH by Qualys’
CVE-2024-4577: A Swiftly Weaponized Vulnerability for Ransomware Distribution
2 - 4 min read
Security researchers recently issued an update detailing how attackers are exploiting a PHP code execution vulnerability to spread TellYouThePass
Play Ransomware Group Unleashes New Threat on ESXi Environments: Analysis & Mitigation Strategies
3 - 5 min read
The Play ransomware group, well-known for its double-extortion tactics, recently unveiled a Linux variant targeting ESXi environments. This
Critical Linux Kernel Vulnerabilities Patched in Ubuntu Azure Systems
2 - 4 min read
Canonical has fixed several recently identified critical Linux kernel vulnerabilities in July 2024. These vulnerabilities primarily affect Microsoft
The Urgent Need for Secure Software Development: New Report Serves as a Wake-Up Call for the Industry
3 - 5 min read
The Linux Foundation and Open Source Security Foundation recently published a report entitled "Secure Software Development Education 2024
Severe Linux Kernel Privilege Escalation Bugs Could Compromise Entire Systems
2 - 4 min read
The Cybersecurity and Infrastructure Security Agency (CISA) recently added a new Linux kernel privilege escalation bug ( CVE-2024-1086 ) to its

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved