Alerts This Week
Warning Icon 1 916
Alerts This Week
Warning Icon 1 916

Red Hat: RHSA-2020:3053-01 Moderate: Container-Tools:rhel8 Security Issue

red hat
Calendar Grey July 21, 2020
Dist Redhat Esm H88
Canonical issues a significant minor patch for the ubuntu:20.04 package focusing on a critical vulnerability.
An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Summary

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.
Security Fix(es):
* QEMU: slirp: use-after-free in ip_reass() function in ip_input.c (CVE-2020-1983)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.2 Release Notes linked from the References section.

Topics%20covered

Topics Covered

security advisory red hat bug fix moderate impact container-tools

References

https://access.redhat.com/security/cve/CVE-2020-1983 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.2_release_notes/index

Package List

Red Hat Enterprise Linux AppStream (v. 8):
Source: buildah-1.14.9-1.module+el8.2.1+6689+748e6520.src.rpm cockpit-podman-17-1.module+el8.2.1+6636+bf4db4ab.src.rpm conmon-2.0.17-1.module+el8.2.1+6771+3533eb4c.src.rpm container-selinux-2.135.0-1.module+el8.2.1+6849+893e4f4a.src.rpm containernetworking-plugins-0.8.6-1.module+el8.2.1+6626+598993b4.src.rpm criu-3.14-2.module+el8.2.1+6750+e53a300c.src.rpm fuse-overlayfs-1.0.0-2.module+el8.2.1+6465+1a51e8b6.src.rpm libslirp-4.3.0-3.module+el8.2.1+6816+bedf4f91.src.rpm podman-1.9.3-2.module+el8.2.1+6867+366c07d6.src.rpm python-podman-api-1.2.0-0.2.gitd0a45fe.module+el8.2.1+6465+1a51e8b6.src.rpm runc-1.0.0-66.rc10.module+el8.2.1+6465+1a51e8b6.src.rpm skopeo-1.0.0-1.module+el8.2.1+6676+604e1b26.src.rpm slirp4netns-1.0.1-1.module+el8.2.1+6595+03641d72.src.rpm toolbox-0.0.7-1.module+el8.2.1+6465+1a51e8b6.src.rpm udica-0.2.1-2.module+el8.2.1+6465+1a51e8b6.src.rpm
aarch64: buildah-1.14.9-1.module+el8.2.1+6689+748e6520.aarch64.rpm buildah-debuginfo-1.14.9-1.module+el8.2.1+6689+748e6520.aarch64.rpm buildah-debugsource-1.14.9-1.module+el8.2.1+6689+748e6520.aarch64.rpm buildah-tests-1.14.9-1.module+el8.2.1+6689+748e6520.aarch64.rpm buildah-tests-debuginfo-1.14.9-1.module+el8.2.1+6689+748e6520.aarch64.rpm

Read the Full Advisory


Advisory ID: RHSA-2020:3053-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:3053
Issue date: 2020-07-21

Topic

An update for the container-tools:rhel8 module is now available for Red HatEnterprise Linux 8.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.

Topics%20covered

Topics Covered

security advisory red hat bug fix moderate impact container-tools

Relevant Releases Architectures

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

Bugs Fixed

1703261 - podman containers unable to communicate via IP to one container when use port forward on host

1782408 - [RFE] podman exec support for --env-file

1784950 - Podman support for FIPS Mode requires a bind mount inside the container

1785480 - podman reuses wrong cached image

1806044 - 'yum -y install buildah fuse-overlayfs --exclude container-selinux' throws error

1807379 - podman exec does not reads from stdin

1808483 - Workdir doesn't have correct ownership with podman build

1809648 - Pushing container image built with rootless podman fails with: "file integrity checksum failed"

1810874 - "podman container prune" cannot prune zombie container.

1811779 - RFE: skopeo sync command

1815170 - podman-docker seems packed with wrong path of podman manual.

1815991 - can't update named volume path

1822037 - buildah is not expanding env vars in file paths [stream-container-tools-rhel8-rhel-8.2.1/buildah]

1826486 - specfile: need to include and ship containers.conf

1829061 - Signature verification incorrectly uses mirror’s references

1829825 - CVE-2020-1983 QEMU: slirp: use-after-free in ip_reass() function in ip_input.c

1833390 - Podman does not respect configuration in "/etc/containers/registries.conf.d"

1836440 - Signature verification incorrectly uses mirror’s references

1838991 - Need to fix bugs found by coverity.

1839065 - Privileged containers should be unconfined_t

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here