-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================                   Red Hat Security Advisory

Synopsis:          Low: container-tools:rhel8 security, bug fix, and enhancement update
Advisory ID:       RHSA-2022:7822-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:7822
Issue date:        2022-11-08
CVE Names:         CVE-2022-2989 CVE-2022-2990 
====================================================================
1. Summary:

An update for the container-tools:rhel8 module is now available for Red Hat
Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact
of Low. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

The container-tools module contains tools for working with containers,
notably podman, buildah, skopeo, and runc.

Security Fix(es):

* podman: possible information disclosure and modification (CVE-2022-2989)

* buildah: possible information disclosure and modification (CVE-2022-2990)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Bug Fix(es):

* podman creates lock file in /etc/cni/net.d/cni.lock instead of /run/lock/
(BZ#2125644)

* (podman image trust) does not support the new trust type "sigstoreSigned
" (BZ#2125645)

* podman kill may deadlock (BZ#2125647)

* Error: runc: exec failed: unable to start container process: open
/dev/pts/0: operation not permitted: OCI permission denied [RHEL 8.7]
(BZ#2125648)

* containers-common-1-44 is missing RPM-GPG-KEY-redhat-beta [RHEL 8.7]
(BZ#2125686)

* ADD Dockerfile reference is not validating HTTP status code [rhel8-8.7.0]
(BZ#2129767)

* Two aardvark-dns instances trying to use the same port on the same
interface. [rhel-8.7.0.z] (netavark) (BZ#2130234)

* containers config.json gets empty after sudden power loss (BZ#2130236)

* PANIC podman API service endpoint handler panic (BZ#2132412)

* Podman container got global IPv6 address unexpectedly even when macvlan
network is created for pure IPv4 network (BZ#2133390)

* Skopeo push image to redhat quay with sigstore was failed (BZ#2136406)

* Podman push image to redhat quay with sigstore was failed (BZ#2136433)

* Buildah push image to redhat quay with sigstore was failed (BZ#2136438)

* Two aardvark-dns instances trying to use the same port on the same
interface. [rhel-8.8] (aardvark-dns) (BZ#2137295)

Enhancement(s):

* [RFE]Podman support to perform custom actions on unhealthy containers(BZ#2130911)

* [RFE] python-podman: Podman support to perform custom actions on
unhealthy containers (BZ#2132360)

* Podman volume plugin timeout should be configurable (BZ#2132992)

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2121445 - CVE-2022-2989 podman: possible information disclosure and modification
2121453 - CVE-2022-2990 buildah: possible information disclosure and modification
2125644 - podman creates lock file in /etc/cni/net.d/cni.lock instead of /run/lock/ [rhel-8.7.0.z]
2125645 - (podman image trust) does not support the new trust type "sigstoreSigned " [rhel-8.7.0.z]
2125647 - podman kill may deadlock [rhel-8.7.0.z]
2125648 - Error: runc: exec failed: unable to start container process: open /dev/pts/0: operation not permitted: OCI permission denied [RHEL 8.7] [rhel-8.7.0.z]
2125686 - containers-common-1-44 is missing RPM-GPG-KEY-redhat-beta [RHEL 8.7] [rhel-8.7.0.z]
2129767 - ADD Dockerfile reference is not validating HTTP status code [rhel8-8.7.0]
2130234 - Two aardvark-dns instances trying to use the same port on the same interface. [rhel-8.7.0.z] (netavark)
2130236 - containers config.json gets empty after sudden power loss [rhel-8.7.0.z]
2130911 - [RFE]Podman support to perform custom actions on unhealthy containers [rhel-8.7.0.z]
2132360 - [RFE] python-podman: Podman support to perform custom actions on unhealthy containers [rhel-8.7.0.z]
2132412 - PANIC podman API service endpoint handler panic [rhel-8.7.0.z]
2132992 - Podman volume plugin timeout should be configurable [rhel-8.7.0.z]
2133390 - Podman container got global IPv6 address unexpectedly even when macvlan network is created for pure IPv4 network [rhel-8.7.0.z]
2136406 - Skopeo  push image to redhat quay with sigstore was failed [rhel-8.7.0.z]
2136433 - Podman push image to redhat quay with sigstore was failed [rhel-8.7.0.z]
2136438 - Buildah  push image to redhat quay with sigstore was failed [rhel-8.7.0.z]
2137295 - Two aardvark-dns instances trying to use the same port on the same interface. [rhel-8.8] (aardvark-dns) [rhel-8.7.0.z]

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:
aardvark-dns-1.1.0-5.module+el8.7.0+17064+3b31f55c.src.rpm
buildah-1.27.2-2.module+el8.7.0+17064+3b31f55c.src.rpm
cockpit-podman-53-1.module+el8.7.0+17064+3b31f55c.src.rpm
conmon-2.1.4-1.module+el8.7.0+17064+3b31f55c.src.rpm
container-selinux-2.189.0-1.module+el8.7.0+17064+3b31f55c.src.rpm
containernetworking-plugins-1.1.1-3.module+el8.7.0+17064+3b31f55c.src.rpm
containers-common-1-43.module+el8.7.0+17064+3b31f55c.src.rpm
criu-3.15-3.module+el8.7.0+17064+3b31f55c.src.rpm
crun-1.5-1.module+el8.7.0+17064+3b31f55c.src.rpm
fuse-overlayfs-1.9-1.module+el8.7.0+17064+3b31f55c.src.rpm
libslirp-4.4.0-1.module+el8.7.0+17064+3b31f55c.src.rpm
netavark-1.1.0-7.module+el8.7.0+17064+3b31f55c.src.rpm
oci-seccomp-bpf-hook-1.2.6-1.module+el8.7.0+17064+3b31f55c.src.rpm
podman-4.2.0-4.module+el8.7.0+17064+3b31f55c.src.rpm
python-podman-4.2.1-1.module+el8.7.0+17064+3b31f55c.src.rpm
runc-1.1.4-1.module+el8.7.0+17064+3b31f55c.src.rpm
skopeo-1.9.3-1.module+el8.7.0+17064+3b31f55c.src.rpm
slirp4netns-1.2.0-2.module+el8.7.0+17064+3b31f55c.src.rpm
toolbox-0.0.99.3-0.6.module+el8.7.0+17064+3b31f55c.src.rpm
udica-0.2.6-3.module+el8.7.0+17064+3b31f55c.src.rpm

aarch64:
aardvark-dns-1.1.0-5.module+el8.7.0+17064+3b31f55c.aarch64.rpm
buildah-1.27.2-2.module+el8.7.0+17064+3b31f55c.aarch64.rpm
buildah-debuginfo-1.27.2-2.module+el8.7.0+17064+3b31f55c.aarch64.rpm
buildah-debugsource-1.27.2-2.module+el8.7.0+17064+3b31f55c.aarch64.rpm
buildah-tests-1.27.2-2.module+el8.7.0+17064+3b31f55c.aarch64.rpm
buildah-tests-debuginfo-1.27.2-2.module+el8.7.0+17064+3b31f55c.aarch64.rpm
conmon-2.1.4-1.module+el8.7.0+17064+3b31f55c.aarch64.rpm
conmon-debuginfo-2.1.4-1.module+el8.7.0+17064+3b31f55c.aarch64.rpm
conmon-debugsource-2.1.4-1.module+el8.7.0+17064+3b31f55c.aarch64.rpm
containernetworking-plugins-1.1.1-3.module+el8.7.0+17064+3b31f55c.aarch64.rpm
containernetworking-plugins-debuginfo-1.1.1-3.module+el8.7.0+17064+3b31f55c.aarch64.rpm
containernetworking-plugins-debugsource-1.1.1-3.module+el8.7.0+17064+3b31f55c.aarch64.rpm
containers-common-1-43.module+el8.7.0+17064+3b31f55c.aarch64.rpm
crit-3.15-3.module+el8.7.0+17064+3b31f55c.aarch64.rpm
criu-3.15-3.module+el8.7.0+17064+3b31f55c.aarch64.rpm
criu-debuginfo-3.15-3.module+el8.7.0+17064+3b31f55c.aarch64.rpm
criu-debugsource-3.15-3.module+el8.7.0+17064+3b31f55c.aarch64.rpm
criu-devel-3.15-3.module+el8.7.0+17064+3b31f55c.aarch64.rpm
criu-libs-3.15-3.module+el8.7.0+17064+3b31f55c.aarch64.rpm
criu-libs-debuginfo-3.15-3.module+el8.7.0+17064+3b31f55c.aarch64.rpm
crun-1.5-1.module+el8.7.0+17064+3b31f55c.aarch64.rpm
crun-debuginfo-1.5-1.module+el8.7.0+17064+3b31f55c.aarch64.rpm
crun-debugsource-1.5-1.module+el8.7.0+17064+3b31f55c.aarch64.rpm
fuse-overlayfs-1.9-1.module+el8.7.0+17064+3b31f55c.aarch64.rpm
fuse-overlayfs-debuginfo-1.9-1.module+el8.7.0+17064+3b31f55c.aarch64.rpm
fuse-overlayfs-debugsource-1.9-1.module+el8.7.0+17064+3b31f55c.aarch64.rpm
libslirp-4.4.0-1.module+el8.7.0+17064+3b31f55c.aarch64.rpm
libslirp-debuginfo-4.4.0-1.module+el8.7.0+17064+3b31f55c.aarch64.rpm
libslirp-debugsource-4.4.0-1.module+el8.7.0+17064+3b31f55c.aarch64.rpm
libslirp-devel-4.4.0-1.module+el8.7.0+17064+3b31f55c.aarch64.rpm
netavark-1.1.0-7.module+el8.7.0+17064+3b31f55c.aarch64.rpm
oci-seccomp-bpf-hook-1.2.6-1.module+el8.7.0+17064+3b31f55c.aarch64.rpm
oci-seccomp-bpf-hook-debuginfo-1.2.6-1.module+el8.7.0+17064+3b31f55c.aarch64.rpm
oci-seccomp-bpf-hook-debugsource-1.2.6-1.module+el8.7.0+17064+3b31f55c.aarch64.rpm
podman-4.2.0-4.module+el8.7.0+17064+3b31f55c.aarch64.rpm
podman-catatonit-4.2.0-4.module+el8.7.0+17064+3b31f55c.aarch64.rpm
podman-catatonit-debuginfo-4.2.0-4.module+el8.7.0+17064+3b31f55c.aarch64.rpm
podman-debuginfo-4.2.0-4.module+el8.7.0+17064+3b31f55c.aarch64.rpm
podman-debugsource-4.2.0-4.module+el8.7.0+17064+3b31f55c.aarch64.rpm
podman-gvproxy-4.2.0-4.module+el8.7.0+17064+3b31f55c.aarch64.rpm
podman-gvproxy-debuginfo-4.2.0-4.module+el8.7.0+17064+3b31f55c.aarch64.rpm
podman-plugins-4.2.0-4.module+el8.7.0+17064+3b31f55c.aarch64.rpm
podman-plugins-debuginfo-4.2.0-4.module+el8.7.0+17064+3b31f55c.aarch64.rpm
podman-remote-4.2.0-4.module+el8.7.0+17064+3b31f55c.aarch64.rpm
podman-remote-debuginfo-4.2.0-4.module+el8.7.0+17064+3b31f55c.aarch64.rpm
podman-tests-4.2.0-4.module+el8.7.0+17064+3b31f55c.aarch64.rpm
python3-criu-3.15-3.module+el8.7.0+17064+3b31f55c.aarch64.rpm
runc-1.1.4-1.module+el8.7.0+17064+3b31f55c.aarch64.rpm
runc-debuginfo-1.1.4-1.module+el8.7.0+17064+3b31f55c.aarch64.rpm
runc-debugsource-1.1.4-1.module+el8.7.0+17064+3b31f55c.aarch64.rpm
skopeo-1.9.3-1.module+el8.7.0+17064+3b31f55c.aarch64.rpm
skopeo-debuginfo-1.9.3-1.module+el8.7.0+17064+3b31f55c.aarch64.rpm
skopeo-debugsource-1.9.3-1.module+el8.7.0+17064+3b31f55c.aarch64.rpm
skopeo-tests-1.9.3-1.module+el8.7.0+17064+3b31f55c.aarch64.rpm
slirp4netns-1.2.0-2.module+el8.7.0+17064+3b31f55c.aarch64.rpm
slirp4netns-debuginfo-1.2.0-2.module+el8.7.0+17064+3b31f55c.aarch64.rpm
slirp4netns-debugsource-1.2.0-2.module+el8.7.0+17064+3b31f55c.aarch64.rpm
toolbox-0.0.99.3-0.6.module+el8.7.0+17064+3b31f55c.aarch64.rpm
toolbox-debuginfo-0.0.99.3-0.6.module+el8.7.0+17064+3b31f55c.aarch64.rpm
toolbox-debugsource-0.0.99.3-0.6.module+el8.7.0+17064+3b31f55c.aarch64.rpm
toolbox-tests-0.0.99.3-0.6.module+el8.7.0+17064+3b31f55c.aarch64.rpm

noarch:
cockpit-podman-53-1.module+el8.7.0+17064+3b31f55c.noarch.rpm
container-selinux-2.189.0-1.module+el8.7.0+17064+3b31f55c.noarch.rpm
podman-docker-4.2.0-4.module+el8.7.0+17064+3b31f55c.noarch.rpm
python3-podman-4.2.1-1.module+el8.7.0+17064+3b31f55c.noarch.rpm
udica-0.2.6-3.module+el8.7.0+17064+3b31f55c.noarch.rpm

ppc64le:
aardvark-dns-1.1.0-5.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
buildah-1.27.2-2.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
buildah-debuginfo-1.27.2-2.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
buildah-debugsource-1.27.2-2.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
buildah-tests-1.27.2-2.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
buildah-tests-debuginfo-1.27.2-2.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
conmon-2.1.4-1.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
conmon-debuginfo-2.1.4-1.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
conmon-debugsource-2.1.4-1.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
containernetworking-plugins-1.1.1-3.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
containernetworking-plugins-debuginfo-1.1.1-3.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
containernetworking-plugins-debugsource-1.1.1-3.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
containers-common-1-43.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
crit-3.15-3.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
criu-3.15-3.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
criu-debuginfo-3.15-3.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
criu-debugsource-3.15-3.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
criu-devel-3.15-3.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
criu-libs-3.15-3.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
criu-libs-debuginfo-3.15-3.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
crun-1.5-1.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
crun-debuginfo-1.5-1.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
crun-debugsource-1.5-1.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
fuse-overlayfs-1.9-1.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
fuse-overlayfs-debuginfo-1.9-1.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
fuse-overlayfs-debugsource-1.9-1.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
libslirp-4.4.0-1.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
libslirp-debuginfo-4.4.0-1.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
libslirp-debugsource-4.4.0-1.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
libslirp-devel-4.4.0-1.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
netavark-1.1.0-7.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
oci-seccomp-bpf-hook-1.2.6-1.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
oci-seccomp-bpf-hook-debuginfo-1.2.6-1.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
oci-seccomp-bpf-hook-debugsource-1.2.6-1.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
podman-4.2.0-4.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
podman-catatonit-4.2.0-4.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
podman-catatonit-debuginfo-4.2.0-4.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
podman-debuginfo-4.2.0-4.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
podman-debugsource-4.2.0-4.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
podman-gvproxy-4.2.0-4.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
podman-gvproxy-debuginfo-4.2.0-4.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
podman-plugins-4.2.0-4.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
podman-plugins-debuginfo-4.2.0-4.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
podman-remote-4.2.0-4.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
podman-remote-debuginfo-4.2.0-4.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
podman-tests-4.2.0-4.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
python3-criu-3.15-3.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
runc-1.1.4-1.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
runc-debuginfo-1.1.4-1.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
runc-debugsource-1.1.4-1.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
skopeo-1.9.3-1.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
skopeo-debuginfo-1.9.3-1.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
skopeo-debugsource-1.9.3-1.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
skopeo-tests-1.9.3-1.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
slirp4netns-1.2.0-2.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
slirp4netns-debuginfo-1.2.0-2.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
slirp4netns-debugsource-1.2.0-2.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
toolbox-0.0.99.3-0.6.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
toolbox-debuginfo-0.0.99.3-0.6.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
toolbox-debugsource-0.0.99.3-0.6.module+el8.7.0+17064+3b31f55c.ppc64le.rpm
toolbox-tests-0.0.99.3-0.6.module+el8.7.0+17064+3b31f55c.ppc64le.rpm

s390x:
aardvark-dns-1.1.0-5.module+el8.7.0+17064+3b31f55c.s390x.rpm
buildah-1.27.2-2.module+el8.7.0+17064+3b31f55c.s390x.rpm
buildah-debuginfo-1.27.2-2.module+el8.7.0+17064+3b31f55c.s390x.rpm
buildah-debugsource-1.27.2-2.module+el8.7.0+17064+3b31f55c.s390x.rpm
buildah-tests-1.27.2-2.module+el8.7.0+17064+3b31f55c.s390x.rpm
buildah-tests-debuginfo-1.27.2-2.module+el8.7.0+17064+3b31f55c.s390x.rpm
conmon-2.1.4-1.module+el8.7.0+17064+3b31f55c.s390x.rpm
conmon-debuginfo-2.1.4-1.module+el8.7.0+17064+3b31f55c.s390x.rpm
conmon-debugsource-2.1.4-1.module+el8.7.0+17064+3b31f55c.s390x.rpm
containernetworking-plugins-1.1.1-3.module+el8.7.0+17064+3b31f55c.s390x.rpm
containernetworking-plugins-debuginfo-1.1.1-3.module+el8.7.0+17064+3b31f55c.s390x.rpm
containernetworking-plugins-debugsource-1.1.1-3.module+el8.7.0+17064+3b31f55c.s390x.rpm
containers-common-1-43.module+el8.7.0+17064+3b31f55c.s390x.rpm
crit-3.15-3.module+el8.7.0+17064+3b31f55c.s390x.rpm
criu-3.15-3.module+el8.7.0+17064+3b31f55c.s390x.rpm
criu-debuginfo-3.15-3.module+el8.7.0+17064+3b31f55c.s390x.rpm
criu-debugsource-3.15-3.module+el8.7.0+17064+3b31f55c.s390x.rpm
criu-devel-3.15-3.module+el8.7.0+17064+3b31f55c.s390x.rpm
criu-libs-3.15-3.module+el8.7.0+17064+3b31f55c.s390x.rpm
criu-libs-debuginfo-3.15-3.module+el8.7.0+17064+3b31f55c.s390x.rpm
crun-1.5-1.module+el8.7.0+17064+3b31f55c.s390x.rpm
crun-debuginfo-1.5-1.module+el8.7.0+17064+3b31f55c.s390x.rpm
crun-debugsource-1.5-1.module+el8.7.0+17064+3b31f55c.s390x.rpm
fuse-overlayfs-1.9-1.module+el8.7.0+17064+3b31f55c.s390x.rpm
fuse-overlayfs-debuginfo-1.9-1.module+el8.7.0+17064+3b31f55c.s390x.rpm
fuse-overlayfs-debugsource-1.9-1.module+el8.7.0+17064+3b31f55c.s390x.rpm
libslirp-4.4.0-1.module+el8.7.0+17064+3b31f55c.s390x.rpm
libslirp-debuginfo-4.4.0-1.module+el8.7.0+17064+3b31f55c.s390x.rpm
libslirp-debugsource-4.4.0-1.module+el8.7.0+17064+3b31f55c.s390x.rpm
libslirp-devel-4.4.0-1.module+el8.7.0+17064+3b31f55c.s390x.rpm
netavark-1.1.0-7.module+el8.7.0+17064+3b31f55c.s390x.rpm
oci-seccomp-bpf-hook-1.2.6-1.module+el8.7.0+17064+3b31f55c.s390x.rpm
oci-seccomp-bpf-hook-debuginfo-1.2.6-1.module+el8.7.0+17064+3b31f55c.s390x.rpm
oci-seccomp-bpf-hook-debugsource-1.2.6-1.module+el8.7.0+17064+3b31f55c.s390x.rpm
podman-4.2.0-4.module+el8.7.0+17064+3b31f55c.s390x.rpm
podman-catatonit-4.2.0-4.module+el8.7.0+17064+3b31f55c.s390x.rpm
podman-catatonit-debuginfo-4.2.0-4.module+el8.7.0+17064+3b31f55c.s390x.rpm
podman-debuginfo-4.2.0-4.module+el8.7.0+17064+3b31f55c.s390x.rpm
podman-debugsource-4.2.0-4.module+el8.7.0+17064+3b31f55c.s390x.rpm
podman-gvproxy-4.2.0-4.module+el8.7.0+17064+3b31f55c.s390x.rpm
podman-gvproxy-debuginfo-4.2.0-4.module+el8.7.0+17064+3b31f55c.s390x.rpm
podman-plugins-4.2.0-4.module+el8.7.0+17064+3b31f55c.s390x.rpm
podman-plugins-debuginfo-4.2.0-4.module+el8.7.0+17064+3b31f55c.s390x.rpm
podman-remote-4.2.0-4.module+el8.7.0+17064+3b31f55c.s390x.rpm
podman-remote-debuginfo-4.2.0-4.module+el8.7.0+17064+3b31f55c.s390x.rpm
podman-tests-4.2.0-4.module+el8.7.0+17064+3b31f55c.s390x.rpm
python3-criu-3.15-3.module+el8.7.0+17064+3b31f55c.s390x.rpm
runc-1.1.4-1.module+el8.7.0+17064+3b31f55c.s390x.rpm
runc-debuginfo-1.1.4-1.module+el8.7.0+17064+3b31f55c.s390x.rpm
runc-debugsource-1.1.4-1.module+el8.7.0+17064+3b31f55c.s390x.rpm
skopeo-1.9.3-1.module+el8.7.0+17064+3b31f55c.s390x.rpm
skopeo-debuginfo-1.9.3-1.module+el8.7.0+17064+3b31f55c.s390x.rpm
skopeo-debugsource-1.9.3-1.module+el8.7.0+17064+3b31f55c.s390x.rpm
skopeo-tests-1.9.3-1.module+el8.7.0+17064+3b31f55c.s390x.rpm
slirp4netns-1.2.0-2.module+el8.7.0+17064+3b31f55c.s390x.rpm
slirp4netns-debuginfo-1.2.0-2.module+el8.7.0+17064+3b31f55c.s390x.rpm
slirp4netns-debugsource-1.2.0-2.module+el8.7.0+17064+3b31f55c.s390x.rpm
toolbox-0.0.99.3-0.6.module+el8.7.0+17064+3b31f55c.s390x.rpm
toolbox-debuginfo-0.0.99.3-0.6.module+el8.7.0+17064+3b31f55c.s390x.rpm
toolbox-debugsource-0.0.99.3-0.6.module+el8.7.0+17064+3b31f55c.s390x.rpm
toolbox-tests-0.0.99.3-0.6.module+el8.7.0+17064+3b31f55c.s390x.rpm

x86_64:
aardvark-dns-1.1.0-5.module+el8.7.0+17064+3b31f55c.x86_64.rpm
buildah-1.27.2-2.module+el8.7.0+17064+3b31f55c.x86_64.rpm
buildah-debuginfo-1.27.2-2.module+el8.7.0+17064+3b31f55c.x86_64.rpm
buildah-debugsource-1.27.2-2.module+el8.7.0+17064+3b31f55c.x86_64.rpm
buildah-tests-1.27.2-2.module+el8.7.0+17064+3b31f55c.x86_64.rpm
buildah-tests-debuginfo-1.27.2-2.module+el8.7.0+17064+3b31f55c.x86_64.rpm
conmon-2.1.4-1.module+el8.7.0+17064+3b31f55c.x86_64.rpm
conmon-debuginfo-2.1.4-1.module+el8.7.0+17064+3b31f55c.x86_64.rpm
conmon-debugsource-2.1.4-1.module+el8.7.0+17064+3b31f55c.x86_64.rpm
containernetworking-plugins-1.1.1-3.module+el8.7.0+17064+3b31f55c.x86_64.rpm
containernetworking-plugins-debuginfo-1.1.1-3.module+el8.7.0+17064+3b31f55c.x86_64.rpm
containernetworking-plugins-debugsource-1.1.1-3.module+el8.7.0+17064+3b31f55c.x86_64.rpm
containers-common-1-43.module+el8.7.0+17064+3b31f55c.x86_64.rpm
crit-3.15-3.module+el8.7.0+17064+3b31f55c.x86_64.rpm
criu-3.15-3.module+el8.7.0+17064+3b31f55c.x86_64.rpm
criu-debuginfo-3.15-3.module+el8.7.0+17064+3b31f55c.x86_64.rpm
criu-debugsource-3.15-3.module+el8.7.0+17064+3b31f55c.x86_64.rpm
criu-devel-3.15-3.module+el8.7.0+17064+3b31f55c.x86_64.rpm
criu-libs-3.15-3.module+el8.7.0+17064+3b31f55c.x86_64.rpm
criu-libs-debuginfo-3.15-3.module+el8.7.0+17064+3b31f55c.x86_64.rpm
crun-1.5-1.module+el8.7.0+17064+3b31f55c.x86_64.rpm
crun-debuginfo-1.5-1.module+el8.7.0+17064+3b31f55c.x86_64.rpm
crun-debugsource-1.5-1.module+el8.7.0+17064+3b31f55c.x86_64.rpm
fuse-overlayfs-1.9-1.module+el8.7.0+17064+3b31f55c.x86_64.rpm
fuse-overlayfs-debuginfo-1.9-1.module+el8.7.0+17064+3b31f55c.x86_64.rpm
fuse-overlayfs-debugsource-1.9-1.module+el8.7.0+17064+3b31f55c.x86_64.rpm
libslirp-4.4.0-1.module+el8.7.0+17064+3b31f55c.x86_64.rpm
libslirp-debuginfo-4.4.0-1.module+el8.7.0+17064+3b31f55c.x86_64.rpm
libslirp-debugsource-4.4.0-1.module+el8.7.0+17064+3b31f55c.x86_64.rpm
libslirp-devel-4.4.0-1.module+el8.7.0+17064+3b31f55c.x86_64.rpm
netavark-1.1.0-7.module+el8.7.0+17064+3b31f55c.x86_64.rpm
oci-seccomp-bpf-hook-1.2.6-1.module+el8.7.0+17064+3b31f55c.x86_64.rpm
oci-seccomp-bpf-hook-debuginfo-1.2.6-1.module+el8.7.0+17064+3b31f55c.x86_64.rpm
oci-seccomp-bpf-hook-debugsource-1.2.6-1.module+el8.7.0+17064+3b31f55c.x86_64.rpm
podman-4.2.0-4.module+el8.7.0+17064+3b31f55c.x86_64.rpm
podman-catatonit-4.2.0-4.module+el8.7.0+17064+3b31f55c.x86_64.rpm
podman-catatonit-debuginfo-4.2.0-4.module+el8.7.0+17064+3b31f55c.x86_64.rpm
podman-debuginfo-4.2.0-4.module+el8.7.0+17064+3b31f55c.x86_64.rpm
podman-debugsource-4.2.0-4.module+el8.7.0+17064+3b31f55c.x86_64.rpm
podman-gvproxy-4.2.0-4.module+el8.7.0+17064+3b31f55c.x86_64.rpm
podman-gvproxy-debuginfo-4.2.0-4.module+el8.7.0+17064+3b31f55c.x86_64.rpm
podman-plugins-4.2.0-4.module+el8.7.0+17064+3b31f55c.x86_64.rpm
podman-plugins-debuginfo-4.2.0-4.module+el8.7.0+17064+3b31f55c.x86_64.rpm
podman-remote-4.2.0-4.module+el8.7.0+17064+3b31f55c.x86_64.rpm
podman-remote-debuginfo-4.2.0-4.module+el8.7.0+17064+3b31f55c.x86_64.rpm
podman-tests-4.2.0-4.module+el8.7.0+17064+3b31f55c.x86_64.rpm
python3-criu-3.15-3.module+el8.7.0+17064+3b31f55c.x86_64.rpm
runc-1.1.4-1.module+el8.7.0+17064+3b31f55c.x86_64.rpm
runc-debuginfo-1.1.4-1.module+el8.7.0+17064+3b31f55c.x86_64.rpm
runc-debugsource-1.1.4-1.module+el8.7.0+17064+3b31f55c.x86_64.rpm
skopeo-1.9.3-1.module+el8.7.0+17064+3b31f55c.x86_64.rpm
skopeo-debuginfo-1.9.3-1.module+el8.7.0+17064+3b31f55c.x86_64.rpm
skopeo-debugsource-1.9.3-1.module+el8.7.0+17064+3b31f55c.x86_64.rpm
skopeo-tests-1.9.3-1.module+el8.7.0+17064+3b31f55c.x86_64.rpm
slirp4netns-1.2.0-2.module+el8.7.0+17064+3b31f55c.x86_64.rpm
slirp4netns-debuginfo-1.2.0-2.module+el8.7.0+17064+3b31f55c.x86_64.rpm
slirp4netns-debugsource-1.2.0-2.module+el8.7.0+17064+3b31f55c.x86_64.rpm
toolbox-0.0.99.3-0.6.module+el8.7.0+17064+3b31f55c.x86_64.rpm
toolbox-debuginfo-0.0.99.3-0.6.module+el8.7.0+17064+3b31f55c.x86_64.rpm
toolbox-debugsource-0.0.99.3-0.6.module+el8.7.0+17064+3b31f55c.x86_64.rpm
toolbox-tests-0.0.99.3-0.6.module+el8.7.0+17064+3b31f55c.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-2989
https://access.redhat.com/security/cve/CVE-2022-2990
https://access.redhat.com/security/updates/classification/#low
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBY2pSIdzjgjWX9erEAQgQig//V6DFERNvymBJxu9aW0I3CKQyZhH0xs/G
9UskUY5W1I8+4CNIOJH7VawYgcFnLgHQF95NwKi/q5a/sZnFoTjP2d1WpsLZeC3U
nSu2jOjlx1vtAOB4jIZ8iVKgImkRnjtd13+5Fvx1Ic36CZzecbLZNyRLHcPD3hah
PN5Bv15bhQbv72IzJRCld1zH8jHirtiRiKMyoSXpE+9ps/2jMIksl+gIdxNx8lTe
LHNkp/KR9CX+1tXlLIT1WFWJGOHw9LEz+t4CzPVi1yQ96ecaks+UjZlQMyMCMRPo
chnoWaR8JBhNLTyVHTS6bfTA1Oopp8MO+a6c1CrCnu4/AtofUV2h5vBD915kCKPg
luKblXuKZlVe2QQhWcgFuEOnwIMe5du7oaEHHsPAuRpLDr94czWZp+E/yi2y62+J
bv6i4oIbP8wn8WQtxRFK9vtB6awN2Uucy6PjqaCyM8W4xUIO5aHC8b+6tSLr6AoN
p+RyXAfD9y8K6behqN0ttfLdkEcFpjMGvTy903jO3o3LafVVHukUiQ9Mr/daoqoQ
V8MD0/n316BNQyvXoslfYoiTarH2GzLdMiGbMfDHhx8oNXMHfhsjO28l+kgH4syB
fc3/L9O2yt9JusI3Q+1t3oE5PiHx2wJWB0b6i41+wK+U+YaNOLDCNwMy4sKyU0e7
QNrruKCRDck=Bji6
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce