RedHat: RHSA-2022-7954:01 Moderate: podman security and bug fix upd...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

=====================================================================
                   Red Hat Security Advisory

Synopsis:          Moderate: podman security and bug fix update
Advisory ID:       RHSA-2022:7954-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2022:7954
Issue date:        2022-11-15
CVE Names:         CVE-2020-28851 CVE-2020-28852 CVE-2021-4024 
                   CVE-2021-20199 CVE-2021-20291 CVE-2021-33197 
                   CVE-2021-34558 CVE-2022-27191 
=====================================================================

1. Summary:

An update for podman is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 9) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

The podman tool manages pods, container images, and containers. It is part
of the libpod library, which is for applications that use container pods.
Container pods is a concept in Kubernetes.

Security Fix(es):

* golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing
- -u- extension (CVE-2020-28851)

* golang.org/x/text: Panic in language.ParseAcceptLanguage while processing
bcp47 tag (CVE-2020-28852)

* podman: podman machine spawns gvproxy with port bound to all IPs
(CVE-2021-4024)

* podman: Remote traffic to rootless containers is seen as orginating from
localhost (CVE-2021-20199)

* containers/storage: DoS via malicious image (CVE-2021-20291)

* golang: net/http/httputil: ReverseProxy forwards connection headers if
first one is empty (CVE-2021-33197)

* golang: crypto/tls: certificate of wrong type is causing TLS client to
panic (CVE-2021-34558)

* golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 9.1 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

1913333 - CVE-2020-28851 golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension
1913338 - CVE-2020-28852 golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag
1919050 - CVE-2021-20199 podman: Remote traffic to rootless containers is seen as orginating from localhost
1939485 - CVE-2021-20291 containers/storage: DoS via malicious image
1972303 - TMPDIR is not working in podman pull and podman load [rhel-9.0 beta]
1983596 - CVE-2021-34558 golang: crypto/tls: certificate of wrong type is causing TLS client to panic
1989570 - CVE-2021-33197 golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty
2026675 - CVE-2021-4024 podman: podman machine spawns gvproxy with port bound to all IPs
2040379 - Podman exe failed to cleanup dir with NFS
2064702 - CVE-2022-27191 golang: crash in a golang.org/x/crypto/ssh server
2081349 - podman defaults to old network stack on RHEL9
2088116 - podman does not require netavark
2092798 - podman installation includes runc as a dependency
2097694 - Allow mounting -v /run:/run without leaking .containerenv file to the host

6. Package List:

Red Hat Enterprise Linux AppStream (v. 9):

Source:
podman-4.2.0-3.el9.src.rpm

aarch64:
podman-4.2.0-3.el9.aarch64.rpm
podman-catatonit-debuginfo-4.2.0-3.el9.aarch64.rpm
podman-debuginfo-4.2.0-3.el9.aarch64.rpm
podman-debugsource-4.2.0-3.el9.aarch64.rpm
podman-gvproxy-4.2.0-3.el9.aarch64.rpm
podman-gvproxy-debuginfo-4.2.0-3.el9.aarch64.rpm
podman-plugins-4.2.0-3.el9.aarch64.rpm
podman-plugins-debuginfo-4.2.0-3.el9.aarch64.rpm
podman-remote-4.2.0-3.el9.aarch64.rpm
podman-remote-debuginfo-4.2.0-3.el9.aarch64.rpm
podman-tests-4.2.0-3.el9.aarch64.rpm

noarch:
podman-docker-4.2.0-3.el9.noarch.rpm

ppc64le:
podman-4.2.0-3.el9.ppc64le.rpm
podman-catatonit-debuginfo-4.2.0-3.el9.ppc64le.rpm
podman-debuginfo-4.2.0-3.el9.ppc64le.rpm
podman-debugsource-4.2.0-3.el9.ppc64le.rpm
podman-gvproxy-4.2.0-3.el9.ppc64le.rpm
podman-gvproxy-debuginfo-4.2.0-3.el9.ppc64le.rpm
podman-plugins-4.2.0-3.el9.ppc64le.rpm
podman-plugins-debuginfo-4.2.0-3.el9.ppc64le.rpm
podman-remote-4.2.0-3.el9.ppc64le.rpm
podman-remote-debuginfo-4.2.0-3.el9.ppc64le.rpm
podman-tests-4.2.0-3.el9.ppc64le.rpm

s390x:
podman-4.2.0-3.el9.s390x.rpm
podman-catatonit-debuginfo-4.2.0-3.el9.s390x.rpm
podman-debuginfo-4.2.0-3.el9.s390x.rpm
podman-debugsource-4.2.0-3.el9.s390x.rpm
podman-gvproxy-4.2.0-3.el9.s390x.rpm
podman-gvproxy-debuginfo-4.2.0-3.el9.s390x.rpm
podman-plugins-4.2.0-3.el9.s390x.rpm
podman-plugins-debuginfo-4.2.0-3.el9.s390x.rpm
podman-remote-4.2.0-3.el9.s390x.rpm
podman-remote-debuginfo-4.2.0-3.el9.s390x.rpm
podman-tests-4.2.0-3.el9.s390x.rpm

x86_64:
podman-4.2.0-3.el9.x86_64.rpm
podman-catatonit-debuginfo-4.2.0-3.el9.x86_64.rpm
podman-debuginfo-4.2.0-3.el9.x86_64.rpm
podman-debugsource-4.2.0-3.el9.x86_64.rpm
podman-gvproxy-4.2.0-3.el9.x86_64.rpm
podman-gvproxy-debuginfo-4.2.0-3.el9.x86_64.rpm
podman-plugins-4.2.0-3.el9.x86_64.rpm
podman-plugins-debuginfo-4.2.0-3.el9.x86_64.rpm
podman-remote-4.2.0-3.el9.x86_64.rpm
podman-remote-debuginfo-4.2.0-3.el9.x86_64.rpm
podman-tests-4.2.0-3.el9.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2020-28851
https://access.redhat.com/security/cve/CVE-2020-28852
https://access.redhat.com/security/cve/CVE-2021-4024
https://access.redhat.com/security/cve/CVE-2021-20199
https://access.redhat.com/security/cve/CVE-2021-20291
https://access.redhat.com/security/cve/CVE-2021-33197
https://access.redhat.com/security/cve/CVE-2021-34558
https://access.redhat.com/security/cve/CVE-2022-27191
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2022 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBY3PhTNzjgjWX9erEAQi3cg/+MBUAmnN6lN8i+PpVh7F+cKBIZF08OYvD
ILPTVTIUYchZ1I6YhNJDV5zYe4erHJ2kK6Hx0ougoDHFIJYFrzrh5wRyAA0rYq69
9j+tSW5strpI3+umJjusRkwR4G/0w6WUUMWyMRAWwB8iFs/aV9SYp/Me+63hkL96
EUdq5zeMKgL8YSngno5cNRB64m+Loz+xL3xUBDI6D/tQTNQJieXQrt4OmRcHy5mL
aergtSamlu0LTG4WFbAEjuXg3aG+YbRsDZK/pcSyGE3HpQGytXwPyl5kaTuZa2A1
lLCJuT03Y9pNKe4CLNwZVN54tVXcuAYoZRKdt2+ezaa86pNIwSdd11QO8UZNNi5a
FvvOH9QUm68l2ZE6Et5v3qj/gTzh3m+mhPONc4qDnCpEpUiIx8/ufSls3yJdk38r
eiUDwySfDnLkqcHSDkvK4XHoGeMNFeX5Inc5aEMWObJp0UsY7853rmmQxAP0znsA
zRkA/2txdIyKEOjX2Ndc5/weVZZnm2hINyalQYMGKpfKFosEtls7Fzqw6u0uKZxA
FbhQXlZG345K3WS+m8VK0wtXmxVjbaK9kaQ2FvEORsCFKITEaK5SoFtgvf2JOcCd
sO/Pzy+6k/wu1DsyRqurc4DKMtylJvf2ICsGB6rxbmwif76Q7RoW6aVKc/pFdZA3
50yYHqkbOJU=
=0pbG
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
[email protected]
https://listman.redhat.com/mailman/listinfo/rhsa-announce

RedHat: RHSA-2022-7954:01 Moderate: podman security and bug fix update

An update for podman is now available for Red Hat Enterprise Linux 9

Summary

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.
Security Fix(es):
* golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing - -u- extension (CVE-2020-28851)
* golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag (CVE-2020-28852)
* podman: podman machine spawns gvproxy with port bound to all IPs (CVE-2021-4024)
* podman: Remote traffic to rootless containers is seen as orginating from localhost (CVE-2021-20199)
* containers/storage: DoS via malicious image (CVE-2021-20291)
* golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty (CVE-2021-33197)
* golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558)
* golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.1 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changesdescribed in this advisory, refer to:https://access.redhat.com/articles/11258

References

https://access.redhat.com/security/cve/CVE-2020-28851 https://access.redhat.com/security/cve/CVE-2020-28852 https://access.redhat.com/security/cve/CVE-2021-4024 https://access.redhat.com/security/cve/CVE-2021-20199 https://access.redhat.com/security/cve/CVE-2021-20291 https://access.redhat.com/security/cve/CVE-2021-33197 https://access.redhat.com/security/cve/CVE-2021-34558 https://access.redhat.com/security/cve/CVE-2022-27191 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/9/html/9.1_release_notes/index

Package List

Red Hat Enterprise Linux AppStream (v. 9):
Source: podman-4.2.0-3.el9.src.rpm
aarch64: podman-4.2.0-3.el9.aarch64.rpm podman-catatonit-debuginfo-4.2.0-3.el9.aarch64.rpm podman-debuginfo-4.2.0-3.el9.aarch64.rpm podman-debugsource-4.2.0-3.el9.aarch64.rpm podman-gvproxy-4.2.0-3.el9.aarch64.rpm podman-gvproxy-debuginfo-4.2.0-3.el9.aarch64.rpm podman-plugins-4.2.0-3.el9.aarch64.rpm podman-plugins-debuginfo-4.2.0-3.el9.aarch64.rpm podman-remote-4.2.0-3.el9.aarch64.rpm podman-remote-debuginfo-4.2.0-3.el9.aarch64.rpm podman-tests-4.2.0-3.el9.aarch64.rpm
noarch: podman-docker-4.2.0-3.el9.noarch.rpm
ppc64le: podman-4.2.0-3.el9.ppc64le.rpm podman-catatonit-debuginfo-4.2.0-3.el9.ppc64le.rpm podman-debuginfo-4.2.0-3.el9.ppc64le.rpm podman-debugsource-4.2.0-3.el9.ppc64le.rpm podman-gvproxy-4.2.0-3.el9.ppc64le.rpm podman-gvproxy-debuginfo-4.2.0-3.el9.ppc64le.rpm podman-plugins-4.2.0-3.el9.ppc64le.rpm podman-plugins-debuginfo-4.2.0-3.el9.ppc64le.rpm podman-remote-4.2.0-3.el9.ppc64le.rpm podman-remote-debuginfo-4.2.0-3.el9.ppc64le.rpm podman-tests-4.2.0-3.el9.ppc64le.rpm
s390x: podman-4.2.0-3.el9.s390x.rpm podman-catatonit-debuginfo-4.2.0-3.el9.s390x.rpm podman-debuginfo-4.2.0-3.el9.s390x.rpm podman-debugsource-4.2.0-3.el9.s390x.rpm podman-gvproxy-4.2.0-3.el9.s390x.rpm podman-gvproxy-debuginfo-4.2.0-3.el9.s390x.rpm podman-plugins-4.2.0-3.el9.s390x.rpm podman-plugins-debuginfo-4.2.0-3.el9.s390x.rpm podman-remote-4.2.0-3.el9.s390x.rpm podman-remote-debuginfo-4.2.0-3.el9.s390x.rpm podman-tests-4.2.0-3.el9.s390x.rpm
x86_64: podman-4.2.0-3.el9.x86_64.rpm podman-catatonit-debuginfo-4.2.0-3.el9.x86_64.rpm podman-debuginfo-4.2.0-3.el9.x86_64.rpm podman-debugsource-4.2.0-3.el9.x86_64.rpm podman-gvproxy-4.2.0-3.el9.x86_64.rpm podman-gvproxy-debuginfo-4.2.0-3.el9.x86_64.rpm podman-plugins-4.2.0-3.el9.x86_64.rpm podman-plugins-debuginfo-4.2.0-3.el9.x86_64.rpm podman-remote-4.2.0-3.el9.x86_64.rpm podman-remote-debuginfo-4.2.0-3.el9.x86_64.rpm podman-tests-4.2.0-3.el9.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

Severity
Advisory ID: RHSA-2022:7954-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2022:7954
Issued Date: : 2022-11-15
CVE Names: CVE-2020-28851 CVE-2020-28852 CVE-2021-4024 CVE-2021-20199 CVE-2021-20291 CVE-2021-33197 CVE-2021-34558 CVE-2022-27191

Topic

An update for podman is now available for Red Hat Enterprise Linux 9.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.

Relevant Releases Architectures

Red Hat Enterprise Linux AppStream (v. 9) - aarch64, noarch, ppc64le, s390x, x86_64

Bugs Fixed

1913333 - CVE-2020-28851 golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension

1913338 - CVE-2020-28852 golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag

1919050 - CVE-2021-20199 podman: Remote traffic to rootless containers is seen as orginating from localhost

1939485 - CVE-2021-20291 containers/storage: DoS via malicious image

1972303 - TMPDIR is not working in podman pull and podman load [rhel-9.0 beta]

1983596 - CVE-2021-34558 golang: crypto/tls: certificate of wrong type is causing TLS client to panic

1989570 - CVE-2021-33197 golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty

2026675 - CVE-2021-4024 podman: podman machine spawns gvproxy with port bound to all IPs

2040379 - Podman exe failed to cleanup dir with NFS

2064702 - CVE-2022-27191 golang: crash in a golang.org/x/crypto/ssh server

2081349 - podman defaults to old network stack on RHEL9

2088116 - podman does not require netavark

2092798 - podman installation includes runc as a dependency

2097694 - Allow mounting -v /run:/run without leaking .containerenv file to the host

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.