-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: container-tools:rhel8 security, bug fix, and enhancement update
Advisory ID:       RHSA-2021:4154-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2021:4154
Issue date:        2021-11-09
CVE Names:         CVE-2021-3602 CVE-2021-20291 
=====================================================================

1. Summary:

An update for the container-tools:rhel8 module is now available for Red Hat
Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

The container-tools module contains tools for working with containers,
notably podman, buildah, skopeo, and runc.

Security Fix(es):

* buildah: Host environment variables leaked in build container when using
chroot isolation (CVE-2021-3602)

* containers/storage: DoS via malicious image (CVE-2021-20291)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.5 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1914687 - Rebase to github.com/containers/toolbox
1928935 - RFE: Let `podman volume prune` show the volumes that are going to be removed
1932399 - IPv6 errors after exiting crictl
1933775 - shortname for ubi8-minimal leads to "Repo not found" error [RHEL 8.5]
1933776 - podman 3.0.1 ships with a v2 go module [RHEL 8.5]
1934415 - Work on 8.5.0 container-tools module.
1934480 - Podman will pull image for rootless CNI
1937641 - Regression: Overlay mounts is broken on existing directories. [rhel-8.5.0]
1937830 - regressions cp command in Podman v3.0 [rhel-8.5.0]
1939485 - CVE-2021-20291 containers/storage: DoS via malicious image
1940037 - toolbox does not provide /:/host mount required for sosreport
1940054 - Support logging into a registry if necessary
1940082 - toolbox does not support a config file
1940493 - [gss][podman]Getting the error while starting container "Error: readlink /var/lib/containers/storage/overlay/l/XXX no such file or directory" [rhel-8.5.0]
1941380 - Podman - secondary groups not available in container when using userns=keep-id
1947432 - podman run --pid=host command causes OCI permission error
1947999 - rootless podman --cgroup-manager=cgroupfs run command causes OCI permission error when CGroups V2 is enabled
1952204 - shortnames for containerized images
1952698 - Permission on /dev/null are changing from 666 to 777 after running podman as root
1957299 - Podman "--format" does not support "join"
1957840 - kubelet service fail to load EnvironmentFile due to SELinux denial
1957904 - Confined selinux users of type staff_u and user_u cannot run rootless podman containers
1958353 - "rootless-cni-infra": executable file not found in $PATH: OCI not found
1960948 - Error refreshing container XXX: error acquiring lock 0 for container
1966538 - Podman returns development version
1966872 - podman's image index corrupted during WAN emulation tests
1969264 - CVE-2021-3602 buildah: Host environment variables leaked in build container when using chroot isolation
1972150 - Image fails to prune from registry, preventing subsequent prunes
1972209 - Under load, container failed to be created due to missing cgroup scope
1972211 - When running a lot of one-off containers, podman hangs forever
1972282 - TMPDIR is not working in podman pull and podman load
1972648 - Update shortname list
1973418 - kubelet service fail to load EnvironmentFile due to SELinux denial (Re-opened)
1976283 - podman search does not return an exact match
1977280 - registries.conf mixes v1 and v2 syntax
1977673 - podman v3.2.2 writes image events too early
1978415 - Supply the python-podman package in RHEL 8.5.0
1978556 - podman v3.2.2 - error resolving image of another architecture
1978647 - [RFE] Podman secrets for RHEL 8.4
1979497 - podman v3.2.2 - cannot get logs when running in namespace with /var/log overmounted
1980212 - [Cockpit 8.5] [ja_JP, ko_KR] Podman Container Page is not localized
1982593 - podman 3.2 - CNI-in-slirp4netns DNS gets broken when running a rootful container after running a rootless container
1982762 - podman v3.2.2 - race condition with rootless cni networking
1985499 - podman: Cannot run Fedora 35/RHEL 9 Beta images due to clone3 incompatibility
1985905 - Podman report unsupported pull policy if set imagePullPolicy with capitalized Word
1987049 - inability to start container with runc caused by redundant seccomp rules
1993209 - new containers-common packaging conflicts with redhat-release
1993249 - Make volume removal with third-party drivers consistent with Docker behavior
1995041 - Rebase udica to v0.2.5
1998191 - Suggest a way forward if coreos/toolbox was used
1999144 - podman update to 3.3 removes default network config
2000943 - podman auto update fails to login to registry after podman upgrade to 3.2
2004562 - Switch to using the Toolbox-specific UBI image by default
2005018 - [8.4.0.z] kubelet service fail to load EnvironmentFile due to SELinux denial (Re-opened)

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:
buildah-1.22.3-2.module+el8.5.0+12582+56d94c81.src.rpm
cockpit-podman-33-1.module+el8.5.0+12582+56d94c81.src.rpm
conmon-2.0.29-1.module+el8.5.0+12582+56d94c81.src.rpm
container-selinux-2.167.0-1.module+el8.5.0+12582+56d94c81.src.rpm
containernetworking-plugins-1.0.0-1.module+el8.5.0+12582+56d94c81.src.rpm
containers-common-1-2.module+el8.5.0+12582+56d94c81.src.rpm
criu-3.15-3.module+el8.5.0+12582+56d94c81.src.rpm
crun-1.0-1.module+el8.5.0+12582+56d94c81.src.rpm
fuse-overlayfs-1.7.1-1.module+el8.5.0+12582+56d94c81.src.rpm
libslirp-4.4.0-1.module+el8.5.0+12582+56d94c81.src.rpm
oci-seccomp-bpf-hook-1.2.3-3.module+el8.5.0+12582+56d94c81.src.rpm
podman-3.3.1-9.module+el8.5.0+12697+018f24d7.src.rpm
python-podman-3.2.0-2.module+el8.5.0+12582+56d94c81.src.rpm
runc-1.0.2-1.module+el8.5.0+12582+56d94c81.src.rpm
skopeo-1.4.2-0.1.module+el8.5.0+12582+56d94c81.src.rpm
slirp4netns-1.1.8-1.module+el8.5.0+12582+56d94c81.src.rpm
toolbox-0.0.99.3-0.4.module+el8.5.0+12682+a4eeb084.src.rpm
udica-0.2.5-2.module+el8.5.0+12582+56d94c81.src.rpm

aarch64:
buildah-1.22.3-2.module+el8.5.0+12582+56d94c81.aarch64.rpm
buildah-debuginfo-1.22.3-2.module+el8.5.0+12582+56d94c81.aarch64.rpm
buildah-debugsource-1.22.3-2.module+el8.5.0+12582+56d94c81.aarch64.rpm
buildah-tests-1.22.3-2.module+el8.5.0+12582+56d94c81.aarch64.rpm
buildah-tests-debuginfo-1.22.3-2.module+el8.5.0+12582+56d94c81.aarch64.rpm
conmon-2.0.29-1.module+el8.5.0+12582+56d94c81.aarch64.rpm
conmon-debuginfo-2.0.29-1.module+el8.5.0+12582+56d94c81.aarch64.rpm
conmon-debugsource-2.0.29-1.module+el8.5.0+12582+56d94c81.aarch64.rpm
containernetworking-plugins-1.0.0-1.module+el8.5.0+12582+56d94c81.aarch64.rpm
containernetworking-plugins-debuginfo-1.0.0-1.module+el8.5.0+12582+56d94c81.aarch64.rpm
containernetworking-plugins-debugsource-1.0.0-1.module+el8.5.0+12582+56d94c81.aarch64.rpm
crit-3.15-3.module+el8.5.0+12582+56d94c81.aarch64.rpm
criu-3.15-3.module+el8.5.0+12582+56d94c81.aarch64.rpm
criu-debuginfo-3.15-3.module+el8.5.0+12582+56d94c81.aarch64.rpm
criu-debugsource-3.15-3.module+el8.5.0+12582+56d94c81.aarch64.rpm
criu-devel-3.15-3.module+el8.5.0+12582+56d94c81.aarch64.rpm
criu-libs-3.15-3.module+el8.5.0+12582+56d94c81.aarch64.rpm
criu-libs-debuginfo-3.15-3.module+el8.5.0+12582+56d94c81.aarch64.rpm
crun-1.0-1.module+el8.5.0+12582+56d94c81.aarch64.rpm
crun-debuginfo-1.0-1.module+el8.5.0+12582+56d94c81.aarch64.rpm
crun-debugsource-1.0-1.module+el8.5.0+12582+56d94c81.aarch64.rpm
fuse-overlayfs-1.7.1-1.module+el8.5.0+12582+56d94c81.aarch64.rpm
fuse-overlayfs-debuginfo-1.7.1-1.module+el8.5.0+12582+56d94c81.aarch64.rpm
fuse-overlayfs-debugsource-1.7.1-1.module+el8.5.0+12582+56d94c81.aarch64.rpm
libslirp-4.4.0-1.module+el8.5.0+12582+56d94c81.aarch64.rpm
libslirp-debuginfo-4.4.0-1.module+el8.5.0+12582+56d94c81.aarch64.rpm
libslirp-debugsource-4.4.0-1.module+el8.5.0+12582+56d94c81.aarch64.rpm
libslirp-devel-4.4.0-1.module+el8.5.0+12582+56d94c81.aarch64.rpm
oci-seccomp-bpf-hook-1.2.3-3.module+el8.5.0+12582+56d94c81.aarch64.rpm
oci-seccomp-bpf-hook-debuginfo-1.2.3-3.module+el8.5.0+12582+56d94c81.aarch64.rpm
oci-seccomp-bpf-hook-debugsource-1.2.3-3.module+el8.5.0+12582+56d94c81.aarch64.rpm
podman-3.3.1-9.module+el8.5.0+12697+018f24d7.aarch64.rpm
podman-catatonit-3.3.1-9.module+el8.5.0+12697+018f24d7.aarch64.rpm
podman-catatonit-debuginfo-3.3.1-9.module+el8.5.0+12697+018f24d7.aarch64.rpm
podman-debuginfo-3.3.1-9.module+el8.5.0+12697+018f24d7.aarch64.rpm
podman-debugsource-3.3.1-9.module+el8.5.0+12697+018f24d7.aarch64.rpm
podman-gvproxy-3.3.1-9.module+el8.5.0+12697+018f24d7.aarch64.rpm
podman-gvproxy-debuginfo-3.3.1-9.module+el8.5.0+12697+018f24d7.aarch64.rpm
podman-plugins-3.3.1-9.module+el8.5.0+12697+018f24d7.aarch64.rpm
podman-plugins-debuginfo-3.3.1-9.module+el8.5.0+12697+018f24d7.aarch64.rpm
podman-remote-3.3.1-9.module+el8.5.0+12697+018f24d7.aarch64.rpm
podman-remote-debuginfo-3.3.1-9.module+el8.5.0+12697+018f24d7.aarch64.rpm
podman-tests-3.3.1-9.module+el8.5.0+12697+018f24d7.aarch64.rpm
python3-criu-3.15-3.module+el8.5.0+12582+56d94c81.aarch64.rpm
runc-1.0.2-1.module+el8.5.0+12582+56d94c81.aarch64.rpm
runc-debuginfo-1.0.2-1.module+el8.5.0+12582+56d94c81.aarch64.rpm
runc-debugsource-1.0.2-1.module+el8.5.0+12582+56d94c81.aarch64.rpm
skopeo-1.4.2-0.1.module+el8.5.0+12582+56d94c81.aarch64.rpm
skopeo-debuginfo-1.4.2-0.1.module+el8.5.0+12582+56d94c81.aarch64.rpm
skopeo-debugsource-1.4.2-0.1.module+el8.5.0+12582+56d94c81.aarch64.rpm
skopeo-tests-1.4.2-0.1.module+el8.5.0+12582+56d94c81.aarch64.rpm
slirp4netns-1.1.8-1.module+el8.5.0+12582+56d94c81.aarch64.rpm
slirp4netns-debuginfo-1.1.8-1.module+el8.5.0+12582+56d94c81.aarch64.rpm
slirp4netns-debugsource-1.1.8-1.module+el8.5.0+12582+56d94c81.aarch64.rpm
toolbox-0.0.99.3-0.4.module+el8.5.0+12682+a4eeb084.aarch64.rpm
toolbox-debuginfo-0.0.99.3-0.4.module+el8.5.0+12682+a4eeb084.aarch64.rpm
toolbox-debugsource-0.0.99.3-0.4.module+el8.5.0+12682+a4eeb084.aarch64.rpm
toolbox-tests-0.0.99.3-0.4.module+el8.5.0+12682+a4eeb084.aarch64.rpm

noarch:
cockpit-podman-33-1.module+el8.5.0+12582+56d94c81.noarch.rpm
container-selinux-2.167.0-1.module+el8.5.0+12582+56d94c81.noarch.rpm
containers-common-1-2.module+el8.5.0+12582+56d94c81.noarch.rpm
podman-docker-3.3.1-9.module+el8.5.0+12697+018f24d7.noarch.rpm
python3-podman-3.2.0-2.module+el8.5.0+12582+56d94c81.noarch.rpm
udica-0.2.5-2.module+el8.5.0+12582+56d94c81.noarch.rpm

ppc64le:
buildah-1.22.3-2.module+el8.5.0+12582+56d94c81.ppc64le.rpm
buildah-debuginfo-1.22.3-2.module+el8.5.0+12582+56d94c81.ppc64le.rpm
buildah-debugsource-1.22.3-2.module+el8.5.0+12582+56d94c81.ppc64le.rpm
buildah-tests-1.22.3-2.module+el8.5.0+12582+56d94c81.ppc64le.rpm
buildah-tests-debuginfo-1.22.3-2.module+el8.5.0+12582+56d94c81.ppc64le.rpm
conmon-2.0.29-1.module+el8.5.0+12582+56d94c81.ppc64le.rpm
conmon-debuginfo-2.0.29-1.module+el8.5.0+12582+56d94c81.ppc64le.rpm
conmon-debugsource-2.0.29-1.module+el8.5.0+12582+56d94c81.ppc64le.rpm
containernetworking-plugins-1.0.0-1.module+el8.5.0+12582+56d94c81.ppc64le.rpm
containernetworking-plugins-debuginfo-1.0.0-1.module+el8.5.0+12582+56d94c81.ppc64le.rpm
containernetworking-plugins-debugsource-1.0.0-1.module+el8.5.0+12582+56d94c81.ppc64le.rpm
crit-3.15-3.module+el8.5.0+12582+56d94c81.ppc64le.rpm
criu-3.15-3.module+el8.5.0+12582+56d94c81.ppc64le.rpm
criu-debuginfo-3.15-3.module+el8.5.0+12582+56d94c81.ppc64le.rpm
criu-debugsource-3.15-3.module+el8.5.0+12582+56d94c81.ppc64le.rpm
criu-devel-3.15-3.module+el8.5.0+12582+56d94c81.ppc64le.rpm
criu-libs-3.15-3.module+el8.5.0+12582+56d94c81.ppc64le.rpm
criu-libs-debuginfo-3.15-3.module+el8.5.0+12582+56d94c81.ppc64le.rpm
crun-1.0-1.module+el8.5.0+12582+56d94c81.ppc64le.rpm
crun-debuginfo-1.0-1.module+el8.5.0+12582+56d94c81.ppc64le.rpm
crun-debugsource-1.0-1.module+el8.5.0+12582+56d94c81.ppc64le.rpm
fuse-overlayfs-1.7.1-1.module+el8.5.0+12582+56d94c81.ppc64le.rpm
fuse-overlayfs-debuginfo-1.7.1-1.module+el8.5.0+12582+56d94c81.ppc64le.rpm
fuse-overlayfs-debugsource-1.7.1-1.module+el8.5.0+12582+56d94c81.ppc64le.rpm
libslirp-4.4.0-1.module+el8.5.0+12582+56d94c81.ppc64le.rpm
libslirp-debuginfo-4.4.0-1.module+el8.5.0+12582+56d94c81.ppc64le.rpm
libslirp-debugsource-4.4.0-1.module+el8.5.0+12582+56d94c81.ppc64le.rpm
libslirp-devel-4.4.0-1.module+el8.5.0+12582+56d94c81.ppc64le.rpm
oci-seccomp-bpf-hook-1.2.3-3.module+el8.5.0+12582+56d94c81.ppc64le.rpm
oci-seccomp-bpf-hook-debuginfo-1.2.3-3.module+el8.5.0+12582+56d94c81.ppc64le.rpm
oci-seccomp-bpf-hook-debugsource-1.2.3-3.module+el8.5.0+12582+56d94c81.ppc64le.rpm
podman-3.3.1-9.module+el8.5.0+12697+018f24d7.ppc64le.rpm
podman-catatonit-3.3.1-9.module+el8.5.0+12697+018f24d7.ppc64le.rpm
podman-catatonit-debuginfo-3.3.1-9.module+el8.5.0+12697+018f24d7.ppc64le.rpm
podman-debuginfo-3.3.1-9.module+el8.5.0+12697+018f24d7.ppc64le.rpm
podman-debugsource-3.3.1-9.module+el8.5.0+12697+018f24d7.ppc64le.rpm
podman-gvproxy-3.3.1-9.module+el8.5.0+12697+018f24d7.ppc64le.rpm
podman-gvproxy-debuginfo-3.3.1-9.module+el8.5.0+12697+018f24d7.ppc64le.rpm
podman-plugins-3.3.1-9.module+el8.5.0+12697+018f24d7.ppc64le.rpm
podman-plugins-debuginfo-3.3.1-9.module+el8.5.0+12697+018f24d7.ppc64le.rpm
podman-remote-3.3.1-9.module+el8.5.0+12697+018f24d7.ppc64le.rpm
podman-remote-debuginfo-3.3.1-9.module+el8.5.0+12697+018f24d7.ppc64le.rpm
podman-tests-3.3.1-9.module+el8.5.0+12697+018f24d7.ppc64le.rpm
python3-criu-3.15-3.module+el8.5.0+12582+56d94c81.ppc64le.rpm
runc-1.0.2-1.module+el8.5.0+12582+56d94c81.ppc64le.rpm
runc-debuginfo-1.0.2-1.module+el8.5.0+12582+56d94c81.ppc64le.rpm
runc-debugsource-1.0.2-1.module+el8.5.0+12582+56d94c81.ppc64le.rpm
skopeo-1.4.2-0.1.module+el8.5.0+12582+56d94c81.ppc64le.rpm
skopeo-debuginfo-1.4.2-0.1.module+el8.5.0+12582+56d94c81.ppc64le.rpm
skopeo-debugsource-1.4.2-0.1.module+el8.5.0+12582+56d94c81.ppc64le.rpm
skopeo-tests-1.4.2-0.1.module+el8.5.0+12582+56d94c81.ppc64le.rpm
slirp4netns-1.1.8-1.module+el8.5.0+12582+56d94c81.ppc64le.rpm
slirp4netns-debuginfo-1.1.8-1.module+el8.5.0+12582+56d94c81.ppc64le.rpm
slirp4netns-debugsource-1.1.8-1.module+el8.5.0+12582+56d94c81.ppc64le.rpm
toolbox-0.0.99.3-0.4.module+el8.5.0+12682+a4eeb084.ppc64le.rpm
toolbox-debuginfo-0.0.99.3-0.4.module+el8.5.0+12682+a4eeb084.ppc64le.rpm
toolbox-debugsource-0.0.99.3-0.4.module+el8.5.0+12682+a4eeb084.ppc64le.rpm
toolbox-tests-0.0.99.3-0.4.module+el8.5.0+12682+a4eeb084.ppc64le.rpm

s390x:
buildah-1.22.3-2.module+el8.5.0+12582+56d94c81.s390x.rpm
buildah-debuginfo-1.22.3-2.module+el8.5.0+12582+56d94c81.s390x.rpm
buildah-debugsource-1.22.3-2.module+el8.5.0+12582+56d94c81.s390x.rpm
buildah-tests-1.22.3-2.module+el8.5.0+12582+56d94c81.s390x.rpm
buildah-tests-debuginfo-1.22.3-2.module+el8.5.0+12582+56d94c81.s390x.rpm
conmon-2.0.29-1.module+el8.5.0+12582+56d94c81.s390x.rpm
conmon-debuginfo-2.0.29-1.module+el8.5.0+12582+56d94c81.s390x.rpm
conmon-debugsource-2.0.29-1.module+el8.5.0+12582+56d94c81.s390x.rpm
containernetworking-plugins-1.0.0-1.module+el8.5.0+12582+56d94c81.s390x.rpm
containernetworking-plugins-debuginfo-1.0.0-1.module+el8.5.0+12582+56d94c81.s390x.rpm
containernetworking-plugins-debugsource-1.0.0-1.module+el8.5.0+12582+56d94c81.s390x.rpm
crit-3.15-3.module+el8.5.0+12582+56d94c81.s390x.rpm
criu-3.15-3.module+el8.5.0+12582+56d94c81.s390x.rpm
criu-debuginfo-3.15-3.module+el8.5.0+12582+56d94c81.s390x.rpm
criu-debugsource-3.15-3.module+el8.5.0+12582+56d94c81.s390x.rpm
criu-devel-3.15-3.module+el8.5.0+12582+56d94c81.s390x.rpm
criu-libs-3.15-3.module+el8.5.0+12582+56d94c81.s390x.rpm
criu-libs-debuginfo-3.15-3.module+el8.5.0+12582+56d94c81.s390x.rpm
crun-1.0-1.module+el8.5.0+12582+56d94c81.s390x.rpm
crun-debuginfo-1.0-1.module+el8.5.0+12582+56d94c81.s390x.rpm
crun-debugsource-1.0-1.module+el8.5.0+12582+56d94c81.s390x.rpm
fuse-overlayfs-1.7.1-1.module+el8.5.0+12582+56d94c81.s390x.rpm
fuse-overlayfs-debuginfo-1.7.1-1.module+el8.5.0+12582+56d94c81.s390x.rpm
fuse-overlayfs-debugsource-1.7.1-1.module+el8.5.0+12582+56d94c81.s390x.rpm
libslirp-4.4.0-1.module+el8.5.0+12582+56d94c81.s390x.rpm
libslirp-debuginfo-4.4.0-1.module+el8.5.0+12582+56d94c81.s390x.rpm
libslirp-debugsource-4.4.0-1.module+el8.5.0+12582+56d94c81.s390x.rpm
libslirp-devel-4.4.0-1.module+el8.5.0+12582+56d94c81.s390x.rpm
oci-seccomp-bpf-hook-1.2.3-3.module+el8.5.0+12582+56d94c81.s390x.rpm
oci-seccomp-bpf-hook-debuginfo-1.2.3-3.module+el8.5.0+12582+56d94c81.s390x.rpm
oci-seccomp-bpf-hook-debugsource-1.2.3-3.module+el8.5.0+12582+56d94c81.s390x.rpm
podman-3.3.1-9.module+el8.5.0+12697+018f24d7.s390x.rpm
podman-catatonit-3.3.1-9.module+el8.5.0+12697+018f24d7.s390x.rpm
podman-catatonit-debuginfo-3.3.1-9.module+el8.5.0+12697+018f24d7.s390x.rpm
podman-debuginfo-3.3.1-9.module+el8.5.0+12697+018f24d7.s390x.rpm
podman-debugsource-3.3.1-9.module+el8.5.0+12697+018f24d7.s390x.rpm
podman-gvproxy-3.3.1-9.module+el8.5.0+12697+018f24d7.s390x.rpm
podman-gvproxy-debuginfo-3.3.1-9.module+el8.5.0+12697+018f24d7.s390x.rpm
podman-plugins-3.3.1-9.module+el8.5.0+12697+018f24d7.s390x.rpm
podman-plugins-debuginfo-3.3.1-9.module+el8.5.0+12697+018f24d7.s390x.rpm
podman-remote-3.3.1-9.module+el8.5.0+12697+018f24d7.s390x.rpm
podman-remote-debuginfo-3.3.1-9.module+el8.5.0+12697+018f24d7.s390x.rpm
podman-tests-3.3.1-9.module+el8.5.0+12697+018f24d7.s390x.rpm
python3-criu-3.15-3.module+el8.5.0+12582+56d94c81.s390x.rpm
runc-1.0.2-1.module+el8.5.0+12582+56d94c81.s390x.rpm
runc-debuginfo-1.0.2-1.module+el8.5.0+12582+56d94c81.s390x.rpm
runc-debugsource-1.0.2-1.module+el8.5.0+12582+56d94c81.s390x.rpm
skopeo-1.4.2-0.1.module+el8.5.0+12582+56d94c81.s390x.rpm
skopeo-debuginfo-1.4.2-0.1.module+el8.5.0+12582+56d94c81.s390x.rpm
skopeo-debugsource-1.4.2-0.1.module+el8.5.0+12582+56d94c81.s390x.rpm
skopeo-tests-1.4.2-0.1.module+el8.5.0+12582+56d94c81.s390x.rpm
slirp4netns-1.1.8-1.module+el8.5.0+12582+56d94c81.s390x.rpm
slirp4netns-debuginfo-1.1.8-1.module+el8.5.0+12582+56d94c81.s390x.rpm
slirp4netns-debugsource-1.1.8-1.module+el8.5.0+12582+56d94c81.s390x.rpm
toolbox-0.0.99.3-0.4.module+el8.5.0+12682+a4eeb084.s390x.rpm
toolbox-debuginfo-0.0.99.3-0.4.module+el8.5.0+12682+a4eeb084.s390x.rpm
toolbox-debugsource-0.0.99.3-0.4.module+el8.5.0+12682+a4eeb084.s390x.rpm
toolbox-tests-0.0.99.3-0.4.module+el8.5.0+12682+a4eeb084.s390x.rpm

x86_64:
buildah-1.22.3-2.module+el8.5.0+12582+56d94c81.x86_64.rpm
buildah-debuginfo-1.22.3-2.module+el8.5.0+12582+56d94c81.x86_64.rpm
buildah-debugsource-1.22.3-2.module+el8.5.0+12582+56d94c81.x86_64.rpm
buildah-tests-1.22.3-2.module+el8.5.0+12582+56d94c81.x86_64.rpm
buildah-tests-debuginfo-1.22.3-2.module+el8.5.0+12582+56d94c81.x86_64.rpm
conmon-2.0.29-1.module+el8.5.0+12582+56d94c81.x86_64.rpm
conmon-debuginfo-2.0.29-1.module+el8.5.0+12582+56d94c81.x86_64.rpm
conmon-debugsource-2.0.29-1.module+el8.5.0+12582+56d94c81.x86_64.rpm
containernetworking-plugins-1.0.0-1.module+el8.5.0+12582+56d94c81.x86_64.rpm
containernetworking-plugins-debuginfo-1.0.0-1.module+el8.5.0+12582+56d94c81.x86_64.rpm
containernetworking-plugins-debugsource-1.0.0-1.module+el8.5.0+12582+56d94c81.x86_64.rpm
crit-3.15-3.module+el8.5.0+12582+56d94c81.x86_64.rpm
criu-3.15-3.module+el8.5.0+12582+56d94c81.x86_64.rpm
criu-debuginfo-3.15-3.module+el8.5.0+12582+56d94c81.x86_64.rpm
criu-debugsource-3.15-3.module+el8.5.0+12582+56d94c81.x86_64.rpm
criu-devel-3.15-3.module+el8.5.0+12582+56d94c81.x86_64.rpm
criu-libs-3.15-3.module+el8.5.0+12582+56d94c81.x86_64.rpm
criu-libs-debuginfo-3.15-3.module+el8.5.0+12582+56d94c81.x86_64.rpm
crun-1.0-1.module+el8.5.0+12582+56d94c81.x86_64.rpm
crun-debuginfo-1.0-1.module+el8.5.0+12582+56d94c81.x86_64.rpm
crun-debugsource-1.0-1.module+el8.5.0+12582+56d94c81.x86_64.rpm
fuse-overlayfs-1.7.1-1.module+el8.5.0+12582+56d94c81.x86_64.rpm
fuse-overlayfs-debuginfo-1.7.1-1.module+el8.5.0+12582+56d94c81.x86_64.rpm
fuse-overlayfs-debugsource-1.7.1-1.module+el8.5.0+12582+56d94c81.x86_64.rpm
libslirp-4.4.0-1.module+el8.5.0+12582+56d94c81.x86_64.rpm
libslirp-debuginfo-4.4.0-1.module+el8.5.0+12582+56d94c81.x86_64.rpm
libslirp-debugsource-4.4.0-1.module+el8.5.0+12582+56d94c81.x86_64.rpm
libslirp-devel-4.4.0-1.module+el8.5.0+12582+56d94c81.x86_64.rpm
oci-seccomp-bpf-hook-1.2.3-3.module+el8.5.0+12582+56d94c81.x86_64.rpm
oci-seccomp-bpf-hook-debuginfo-1.2.3-3.module+el8.5.0+12582+56d94c81.x86_64.rpm
oci-seccomp-bpf-hook-debugsource-1.2.3-3.module+el8.5.0+12582+56d94c81.x86_64.rpm
podman-3.3.1-9.module+el8.5.0+12697+018f24d7.x86_64.rpm
podman-catatonit-3.3.1-9.module+el8.5.0+12697+018f24d7.x86_64.rpm
podman-catatonit-debuginfo-3.3.1-9.module+el8.5.0+12697+018f24d7.x86_64.rpm
podman-debuginfo-3.3.1-9.module+el8.5.0+12697+018f24d7.x86_64.rpm
podman-debugsource-3.3.1-9.module+el8.5.0+12697+018f24d7.x86_64.rpm
podman-gvproxy-3.3.1-9.module+el8.5.0+12697+018f24d7.x86_64.rpm
podman-gvproxy-debuginfo-3.3.1-9.module+el8.5.0+12697+018f24d7.x86_64.rpm
podman-plugins-3.3.1-9.module+el8.5.0+12697+018f24d7.x86_64.rpm
podman-plugins-debuginfo-3.3.1-9.module+el8.5.0+12697+018f24d7.x86_64.rpm
podman-remote-3.3.1-9.module+el8.5.0+12697+018f24d7.x86_64.rpm
podman-remote-debuginfo-3.3.1-9.module+el8.5.0+12697+018f24d7.x86_64.rpm
podman-tests-3.3.1-9.module+el8.5.0+12697+018f24d7.x86_64.rpm
python3-criu-3.15-3.module+el8.5.0+12582+56d94c81.x86_64.rpm
runc-1.0.2-1.module+el8.5.0+12582+56d94c81.x86_64.rpm
runc-debuginfo-1.0.2-1.module+el8.5.0+12582+56d94c81.x86_64.rpm
runc-debugsource-1.0.2-1.module+el8.5.0+12582+56d94c81.x86_64.rpm
skopeo-1.4.2-0.1.module+el8.5.0+12582+56d94c81.x86_64.rpm
skopeo-debuginfo-1.4.2-0.1.module+el8.5.0+12582+56d94c81.x86_64.rpm
skopeo-debugsource-1.4.2-0.1.module+el8.5.0+12582+56d94c81.x86_64.rpm
skopeo-tests-1.4.2-0.1.module+el8.5.0+12582+56d94c81.x86_64.rpm
slirp4netns-1.1.8-1.module+el8.5.0+12582+56d94c81.x86_64.rpm
slirp4netns-debuginfo-1.1.8-1.module+el8.5.0+12582+56d94c81.x86_64.rpm
slirp4netns-debugsource-1.1.8-1.module+el8.5.0+12582+56d94c81.x86_64.rpm
toolbox-0.0.99.3-0.4.module+el8.5.0+12682+a4eeb084.x86_64.rpm
toolbox-debuginfo-0.0.99.3-0.4.module+el8.5.0+12682+a4eeb084.x86_64.rpm
toolbox-debugsource-0.0.99.3-0.4.module+el8.5.0+12682+a4eeb084.x86_64.rpm
toolbox-tests-0.0.99.3-0.4.module+el8.5.0+12682+a4eeb084.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2021-3602
https://access.redhat.com/security/cve/CVE-2021-20291
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.5_release_notes/

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2021 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBYYrextzjgjWX9erEAQgZsw//UrBplDsCk50ovZvWcb17FRhaTPTW4oD1
1ju80/AtjQPccjDn3dk/1LLtGmjZIDyHwcI51Azy91h2Gr4aR5oDzeRP+pYogsBr
aGoQkJoJ0NXHVR3rDTePRbsF63d9HBjNHubgvuIWb1OZf1DGKAmxioRwrKMiJfcg
/pGPe6hAj/ieJgFqugDe0KTKSxc0YpFJEHndr9BS+rr/M4sSBTsGGcEj4JMMaRpi
eIeXYV07x5R0CSb/cz2DA5Ol0XKCysB1MK2qxO1iTOx4zCnfqnSF5WN0ATzvcBEZ
dPQUHWtWDWThY1eNINOh+0P38ml3dEdiVPlrSlGojz6ZsaUW1TqbKaXO1hzV6bQq
bN3R+I6eed9xKiMLHFGSR6dycvGdTEoePSxgrHXaMPyXw3OV/vMtNbA1EWPRtyXi
tDc9JNDGAEib9K7YJ+MG3sbpwnKawvEdav5uWeaHC2jQd7y9QFcTsfCZCZLYm2j6
AcD2ow58wLFJ5gzAjLgPJ0YlzlfTG25nKXx2iiMGFcmPimaBVBYvWF60A4jhs605
6luIXgTSnTSe+gQPhRordt4WfjlO3xcV78g75RWXXvBJBG+NSqxo7DtjcJtHUwMY
jHHon+TvBTPIvv0gCXyYw/xN9LMMESVpO+Z1y6dtdyQaIUEtDhFqNA8uKTrD3DZu
2rTJwzhEooo=
=uvmC
-----END PGP SIGNATURE-----

--
RHSA-announce mailing list
[email protected]
https://listman.redhat.com/mailman/listinfo/rhsa-announce