-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

====================================================================                   Red Hat Security Advisory

Synopsis:          Moderate: container-tools:rhel8 security, bug fix, and enhancement update
Advisory ID:       RHSA-2023:2758-01
Product:           Red Hat Enterprise Linux
Advisory URL:      https://access.redhat.com/errata/RHSA-2023:2758
Issue date:        2023-05-16
CVE Names:         CVE-2022-1705 CVE-2022-1962 CVE-2022-27664 
                   CVE-2022-28131 CVE-2022-30629 CVE-2022-30630 
                   CVE-2022-30631 CVE-2022-30632 CVE-2022-30633 
                   CVE-2022-30635 CVE-2022-32148 CVE-2022-32189 
                   CVE-2022-41717 CVE-2023-0778 
====================================================================
1. Summary:

An update for the container-tools:rhel8 module is now available for Red Hat
Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.

2. Relevant releases/architectures:

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

3. Description:

The container-tools module contains tools for working with containers,
notably podman, buildah, skopeo, and runc.

Security Fix(es):

* golang: net/http: improper sanitization of Transfer-Encoding header
(CVE-2022-1705)

* golang: go/parser: stack exhaustion in all Parse* functions
(CVE-2022-1962)

* golang: net/http: handle server errors after sending GOAWAY
(CVE-2022-27664)

* golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)

* golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)

* golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)

* golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)

* golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)

* golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)

* golang: net/http/httputil: NewSingleHostReverseProxy - omit
X-Forwarded-For not working (CVE-2022-32148)

* golang: net/http: excessive memory growth in a Go server accepting HTTP/2
requests (CVE-2022-41717)

* podman: symlink exchange attack in podman export volume (CVE-2023-0778)

* golang: crypto/tls: session tickets lack random ticket_age_add
(CVE-2022-30629)

* golang: math/big: decoding big.Float and big.Rat types can panic if the
encoded message is too short, potentially allowing a denial of service
(CVE-2022-32189)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.8 Release Notes linked from the References section.

4. Solution:

For details on how to apply this update, which includes the changes
described in this advisory, refer to:

https://access.redhat.com/articles/11258

5. Bugs fixed (https://bugzilla.redhat.com/):

2033280 - [container-tools:rhel8/toolbox] toolbox list contains duplicate entries for images with multiple names
2047290 - Update container-tools:rhel8/toolbox to 0.0.99.3
2059658 - join template in podman inspect errors when new line is selected as a separator
2080458 - Podman volume plugin timeout should be configurable
2089790 - Backport podman's PR 14319 in RHEL's podman 4.0 banch
2090166 - Error in man podman run manual
2092793 - CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add
2097708 - [RFE]Podman support to perform custom actions on unhealthy containers2106396 - avc:  denied  { ioctl } for  pid=510216 comm="iptables" path="/var/lib/containers/storage/overlay/7d65c03c0ff08daf6366d735723151aa1f2cf165d51be30f62bded9ed586b838/merged" dev="overlay" ino=42308193 scontext=unconfined_u:system_r:iptables_t:s0-s0:c0.c1023
2107342 - CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read
2107371 - CVE-2022-30630 golang: io/fs: stack exhaustion in Glob
2107374 - CVE-2022-1705 golang: net/http: improper sanitization of Transfer-Encoding header
2107376 - CVE-2022-1962 golang: go/parser: stack exhaustion in all Parse* functions
2107383 - CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working
2107386 - CVE-2022-30632 golang: path/filepath: stack exhaustion in Glob
2107388 - CVE-2022-30635 golang: encoding/gob: stack exhaustion in Decoder.Decode
2107390 - CVE-2022-28131 golang: encoding/xml: stack exhaustion in Decoder.Skip
2107392 - CVE-2022-30633 golang: encoding/xml: stack exhaustion in Unmarshal
2113814 - CVE-2022-32189 golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service
2116481 - Two aardvark-dns instances trying to use the same port on the same interface (netavark)
2116922 - podman creates lock file in /etc/cni/net.d/cni.lock instead of /run/lock/
2120435 - (podman image trust) does not support the new trust type "sigstoreSigned "
2121841 - Multiple default gateways are created inside container if there are multiple interfaces
2123415 - Pulling images from registry.access.redhat.com fails to find RPM-GPG-KEY-redhat-beta keys
2124414 - aardvark-dns: Always return both A and AAAA records no matter what QTYPE is specified in DNS request
2124416 - aardvark-dns: Recursion Available bit is not set in response header
2124669 - CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY
2124705 - containers-common-1-44 is missing RPM-GPG-KEY-redhat-beta [RHEL 8.7]
2124952 - Podman volume plugin timeout should be configurable [RHEL 8.8.0]
2126243 - Podman container got global IPv6 address unexpectedly even when macvlan network is created for pure IPv4 network
2126697 - containers config.json gets empty after sudden power loss
2128675 - Need way to tell aardvark DNS to refer to a particular DNS, and not host's configured DNS
2131741 - [RFE] python-podman: Podman support to perform custom actions on unhealthy containers2131836 - PANIC podman API service endpoint handler panic
2135970 - Podman push image to redhat quay with sigstore was failed
2135973 - Skopeo  push image to redhat quay with sigstore was failed
2136319 - Buildah  push image to redhat quay with sigstore was failed
2136933 - Two aardvark-dns instances trying to use the same port on the same interface. [rhel-8.8] (aardvark-dns)
2138434 - podman: ubi8 sticky bit removed from /tmp
2139052 - The udica version in RHEL 8.7(0.2.6-3) is lower than RHEL 8.6(0.2.6-4)
2139724 - [cockpit-podman] RHEL 8.8 Tier 0 Localization
2140084 - SIGSEGV: segmentation violation on s390x
2140087 - SIGSEGV: segmentation violation on s390x
2141452 - buildah: ubi8 sticky bit removed from /tmp
2142711 - Static MAC address is not working inside the container in podman-netavark-mcvlan
2144754 - FailingStreak is not reset to 0 when the container starts again.
2152516 - "docker build" doesn't work anymore if it is targeting a podman server
2153036 - multiple dbus user processes being spawned
2155828 - podman rm leaves running container behind
2157930 - podman exec fails with Error: an exec session with ID already exists: exec session already exists
2158084 - Amend crun package dependencies [rhel-8.8]
2158469 - Update shortnames.conf
2161274 - CVE-2022-41717 golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests
2161682 - Podman v4.4RC1 can't find /etc/cni/net.d
2163759 - [container-tools:rhel8/toolbox] Support RHEL 9 Toolbx containers2165875 - podman can not start a rootless container with option --privileged and runtime runc
2168256 - CVE-2023-0778 podman: symlink exchange attack in podman export volume

6. Package List:

Red Hat Enterprise Linux AppStream (v. 8):

Source:
aardvark-dns-1.5.0-2.module+el8.8.0+18060+3f21f2cc.src.rpm
buildah-1.29.1-1.module+el8.8.0+18195+471da4bb.src.rpm
cockpit-podman-63.1-1.module+el8.8.0+18286+cd236dce.src.rpm
conmon-2.1.6-1.module+el8.8.0+18098+9b44df5f.src.rpm
container-selinux-2.205.0-2.module+el8.8.0+18438+15d3aa65.src.rpm
containernetworking-plugins-1.2.0-1.module+el8.8.0+18060+3f21f2cc.src.rpm
containers-common-1-63.module+el8.8.0+18438+15d3aa65.src.rpm
criu-3.15-3.module+el8.8.0+18060+3f21f2cc.src.rpm
crun-1.8.1-2.module+el8.8.0+18418+f0e540fe.src.rpm
fuse-overlayfs-1.10-1.module+el8.8.0+18060+3f21f2cc.src.rpm
libslirp-4.4.0-1.module+el8.8.0+18060+3f21f2cc.src.rpm
netavark-1.5.0-4.module+el8.8.0+18060+3f21f2cc.src.rpm
oci-seccomp-bpf-hook-1.2.8-1.module+el8.8.0+18060+3f21f2cc.src.rpm
podman-4.4.1-8.module+el8.8.0+18438+15d3aa65.src.rpm
python-podman-4.4.1-1.module+el8.8.0+18275+3a56cc62.src.rpm
runc-1.1.4-1.module+el8.8.0+18060+3f21f2cc.src.rpm
skopeo-1.11.2-0.2.module+el8.8.0+18251+ad5b274c.src.rpm
slirp4netns-1.2.0-2.module+el8.8.0+18060+3f21f2cc.src.rpm
toolbox-0.0.99.3-7.module+el8.8.0+18119+e3deee03.src.rpm
udica-0.2.6-20.module+el8.8.0+18060+3f21f2cc.src.rpm

aarch64:
aardvark-dns-1.5.0-2.module+el8.8.0+18060+3f21f2cc.aarch64.rpm
buildah-1.29.1-1.module+el8.8.0+18195+471da4bb.aarch64.rpm
buildah-debuginfo-1.29.1-1.module+el8.8.0+18195+471da4bb.aarch64.rpm
buildah-debugsource-1.29.1-1.module+el8.8.0+18195+471da4bb.aarch64.rpm
buildah-tests-1.29.1-1.module+el8.8.0+18195+471da4bb.aarch64.rpm
buildah-tests-debuginfo-1.29.1-1.module+el8.8.0+18195+471da4bb.aarch64.rpm
conmon-2.1.6-1.module+el8.8.0+18098+9b44df5f.aarch64.rpm
conmon-debuginfo-2.1.6-1.module+el8.8.0+18098+9b44df5f.aarch64.rpm
conmon-debugsource-2.1.6-1.module+el8.8.0+18098+9b44df5f.aarch64.rpm
containernetworking-plugins-1.2.0-1.module+el8.8.0+18060+3f21f2cc.aarch64.rpm
containernetworking-plugins-debuginfo-1.2.0-1.module+el8.8.0+18060+3f21f2cc.aarch64.rpm
containernetworking-plugins-debugsource-1.2.0-1.module+el8.8.0+18060+3f21f2cc.aarch64.rpm
containers-common-1-63.module+el8.8.0+18438+15d3aa65.aarch64.rpm
crit-3.15-3.module+el8.8.0+18060+3f21f2cc.aarch64.rpm
criu-3.15-3.module+el8.8.0+18060+3f21f2cc.aarch64.rpm
criu-debuginfo-3.15-3.module+el8.8.0+18060+3f21f2cc.aarch64.rpm
criu-debugsource-3.15-3.module+el8.8.0+18060+3f21f2cc.aarch64.rpm
criu-devel-3.15-3.module+el8.8.0+18060+3f21f2cc.aarch64.rpm
criu-libs-3.15-3.module+el8.8.0+18060+3f21f2cc.aarch64.rpm
criu-libs-debuginfo-3.15-3.module+el8.8.0+18060+3f21f2cc.aarch64.rpm
crun-1.8.1-2.module+el8.8.0+18418+f0e540fe.aarch64.rpm
crun-debuginfo-1.8.1-2.module+el8.8.0+18418+f0e540fe.aarch64.rpm
crun-debugsource-1.8.1-2.module+el8.8.0+18418+f0e540fe.aarch64.rpm
fuse-overlayfs-1.10-1.module+el8.8.0+18060+3f21f2cc.aarch64.rpm
fuse-overlayfs-debuginfo-1.10-1.module+el8.8.0+18060+3f21f2cc.aarch64.rpm
fuse-overlayfs-debugsource-1.10-1.module+el8.8.0+18060+3f21f2cc.aarch64.rpm
libslirp-4.4.0-1.module+el8.8.0+18060+3f21f2cc.aarch64.rpm
libslirp-debuginfo-4.4.0-1.module+el8.8.0+18060+3f21f2cc.aarch64.rpm
libslirp-debugsource-4.4.0-1.module+el8.8.0+18060+3f21f2cc.aarch64.rpm
libslirp-devel-4.4.0-1.module+el8.8.0+18060+3f21f2cc.aarch64.rpm
netavark-1.5.0-4.module+el8.8.0+18060+3f21f2cc.aarch64.rpm
oci-seccomp-bpf-hook-1.2.8-1.module+el8.8.0+18060+3f21f2cc.aarch64.rpm
oci-seccomp-bpf-hook-debuginfo-1.2.8-1.module+el8.8.0+18060+3f21f2cc.aarch64.rpm
oci-seccomp-bpf-hook-debugsource-1.2.8-1.module+el8.8.0+18060+3f21f2cc.aarch64.rpm
podman-4.4.1-8.module+el8.8.0+18438+15d3aa65.aarch64.rpm
podman-catatonit-4.4.1-8.module+el8.8.0+18438+15d3aa65.aarch64.rpm
podman-catatonit-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.aarch64.rpm
podman-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.aarch64.rpm
podman-debugsource-4.4.1-8.module+el8.8.0+18438+15d3aa65.aarch64.rpm
podman-gvproxy-4.4.1-8.module+el8.8.0+18438+15d3aa65.aarch64.rpm
podman-gvproxy-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.aarch64.rpm
podman-plugins-4.4.1-8.module+el8.8.0+18438+15d3aa65.aarch64.rpm
podman-plugins-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.aarch64.rpm
podman-remote-4.4.1-8.module+el8.8.0+18438+15d3aa65.aarch64.rpm
podman-remote-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.aarch64.rpm
podman-tests-4.4.1-8.module+el8.8.0+18438+15d3aa65.aarch64.rpm
python3-criu-3.15-3.module+el8.8.0+18060+3f21f2cc.aarch64.rpm
runc-1.1.4-1.module+el8.8.0+18060+3f21f2cc.aarch64.rpm
runc-debuginfo-1.1.4-1.module+el8.8.0+18060+3f21f2cc.aarch64.rpm
runc-debugsource-1.1.4-1.module+el8.8.0+18060+3f21f2cc.aarch64.rpm
skopeo-1.11.2-0.2.module+el8.8.0+18251+ad5b274c.aarch64.rpm
skopeo-tests-1.11.2-0.2.module+el8.8.0+18251+ad5b274c.aarch64.rpm
slirp4netns-1.2.0-2.module+el8.8.0+18060+3f21f2cc.aarch64.rpm
slirp4netns-debuginfo-1.2.0-2.module+el8.8.0+18060+3f21f2cc.aarch64.rpm
slirp4netns-debugsource-1.2.0-2.module+el8.8.0+18060+3f21f2cc.aarch64.rpm
toolbox-0.0.99.3-7.module+el8.8.0+18119+e3deee03.aarch64.rpm
toolbox-debuginfo-0.0.99.3-7.module+el8.8.0+18119+e3deee03.aarch64.rpm
toolbox-debugsource-0.0.99.3-7.module+el8.8.0+18119+e3deee03.aarch64.rpm
toolbox-tests-0.0.99.3-7.module+el8.8.0+18119+e3deee03.aarch64.rpm

noarch:
cockpit-podman-63.1-1.module+el8.8.0+18286+cd236dce.noarch.rpm
container-selinux-2.205.0-2.module+el8.8.0+18438+15d3aa65.noarch.rpm
podman-docker-4.4.1-8.module+el8.8.0+18438+15d3aa65.noarch.rpm
python3-podman-4.4.1-1.module+el8.8.0+18275+3a56cc62.noarch.rpm
udica-0.2.6-20.module+el8.8.0+18060+3f21f2cc.noarch.rpm

ppc64le:
aardvark-dns-1.5.0-2.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm
buildah-1.29.1-1.module+el8.8.0+18195+471da4bb.ppc64le.rpm
buildah-debuginfo-1.29.1-1.module+el8.8.0+18195+471da4bb.ppc64le.rpm
buildah-debugsource-1.29.1-1.module+el8.8.0+18195+471da4bb.ppc64le.rpm
buildah-tests-1.29.1-1.module+el8.8.0+18195+471da4bb.ppc64le.rpm
buildah-tests-debuginfo-1.29.1-1.module+el8.8.0+18195+471da4bb.ppc64le.rpm
conmon-2.1.6-1.module+el8.8.0+18098+9b44df5f.ppc64le.rpm
conmon-debuginfo-2.1.6-1.module+el8.8.0+18098+9b44df5f.ppc64le.rpm
conmon-debugsource-2.1.6-1.module+el8.8.0+18098+9b44df5f.ppc64le.rpm
containernetworking-plugins-1.2.0-1.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm
containernetworking-plugins-debuginfo-1.2.0-1.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm
containernetworking-plugins-debugsource-1.2.0-1.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm
containers-common-1-63.module+el8.8.0+18438+15d3aa65.ppc64le.rpm
crit-3.15-3.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm
criu-3.15-3.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm
criu-debuginfo-3.15-3.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm
criu-debugsource-3.15-3.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm
criu-devel-3.15-3.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm
criu-libs-3.15-3.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm
criu-libs-debuginfo-3.15-3.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm
crun-1.8.1-2.module+el8.8.0+18418+f0e540fe.ppc64le.rpm
crun-debuginfo-1.8.1-2.module+el8.8.0+18418+f0e540fe.ppc64le.rpm
crun-debugsource-1.8.1-2.module+el8.8.0+18418+f0e540fe.ppc64le.rpm
fuse-overlayfs-1.10-1.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm
fuse-overlayfs-debuginfo-1.10-1.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm
fuse-overlayfs-debugsource-1.10-1.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm
libslirp-4.4.0-1.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm
libslirp-debuginfo-4.4.0-1.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm
libslirp-debugsource-4.4.0-1.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm
libslirp-devel-4.4.0-1.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm
netavark-1.5.0-4.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm
oci-seccomp-bpf-hook-1.2.8-1.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm
oci-seccomp-bpf-hook-debuginfo-1.2.8-1.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm
oci-seccomp-bpf-hook-debugsource-1.2.8-1.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm
podman-4.4.1-8.module+el8.8.0+18438+15d3aa65.ppc64le.rpm
podman-catatonit-4.4.1-8.module+el8.8.0+18438+15d3aa65.ppc64le.rpm
podman-catatonit-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.ppc64le.rpm
podman-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.ppc64le.rpm
podman-debugsource-4.4.1-8.module+el8.8.0+18438+15d3aa65.ppc64le.rpm
podman-gvproxy-4.4.1-8.module+el8.8.0+18438+15d3aa65.ppc64le.rpm
podman-gvproxy-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.ppc64le.rpm
podman-plugins-4.4.1-8.module+el8.8.0+18438+15d3aa65.ppc64le.rpm
podman-plugins-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.ppc64le.rpm
podman-remote-4.4.1-8.module+el8.8.0+18438+15d3aa65.ppc64le.rpm
podman-remote-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.ppc64le.rpm
podman-tests-4.4.1-8.module+el8.8.0+18438+15d3aa65.ppc64le.rpm
python3-criu-3.15-3.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm
runc-1.1.4-1.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm
runc-debuginfo-1.1.4-1.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm
runc-debugsource-1.1.4-1.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm
skopeo-1.11.2-0.2.module+el8.8.0+18251+ad5b274c.ppc64le.rpm
skopeo-tests-1.11.2-0.2.module+el8.8.0+18251+ad5b274c.ppc64le.rpm
slirp4netns-1.2.0-2.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm
slirp4netns-debuginfo-1.2.0-2.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm
slirp4netns-debugsource-1.2.0-2.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm
toolbox-0.0.99.3-7.module+el8.8.0+18119+e3deee03.ppc64le.rpm
toolbox-debuginfo-0.0.99.3-7.module+el8.8.0+18119+e3deee03.ppc64le.rpm
toolbox-debugsource-0.0.99.3-7.module+el8.8.0+18119+e3deee03.ppc64le.rpm
toolbox-tests-0.0.99.3-7.module+el8.8.0+18119+e3deee03.ppc64le.rpm

s390x:
aardvark-dns-1.5.0-2.module+el8.8.0+18060+3f21f2cc.s390x.rpm
buildah-1.29.1-1.module+el8.8.0+18195+471da4bb.s390x.rpm
buildah-debuginfo-1.29.1-1.module+el8.8.0+18195+471da4bb.s390x.rpm
buildah-debugsource-1.29.1-1.module+el8.8.0+18195+471da4bb.s390x.rpm
buildah-tests-1.29.1-1.module+el8.8.0+18195+471da4bb.s390x.rpm
buildah-tests-debuginfo-1.29.1-1.module+el8.8.0+18195+471da4bb.s390x.rpm
conmon-2.1.6-1.module+el8.8.0+18098+9b44df5f.s390x.rpm
conmon-debuginfo-2.1.6-1.module+el8.8.0+18098+9b44df5f.s390x.rpm
conmon-debugsource-2.1.6-1.module+el8.8.0+18098+9b44df5f.s390x.rpm
containernetworking-plugins-1.2.0-1.module+el8.8.0+18060+3f21f2cc.s390x.rpm
containernetworking-plugins-debuginfo-1.2.0-1.module+el8.8.0+18060+3f21f2cc.s390x.rpm
containernetworking-plugins-debugsource-1.2.0-1.module+el8.8.0+18060+3f21f2cc.s390x.rpm
containers-common-1-63.module+el8.8.0+18438+15d3aa65.s390x.rpm
crit-3.15-3.module+el8.8.0+18060+3f21f2cc.s390x.rpm
criu-3.15-3.module+el8.8.0+18060+3f21f2cc.s390x.rpm
criu-debuginfo-3.15-3.module+el8.8.0+18060+3f21f2cc.s390x.rpm
criu-debugsource-3.15-3.module+el8.8.0+18060+3f21f2cc.s390x.rpm
criu-devel-3.15-3.module+el8.8.0+18060+3f21f2cc.s390x.rpm
criu-libs-3.15-3.module+el8.8.0+18060+3f21f2cc.s390x.rpm
criu-libs-debuginfo-3.15-3.module+el8.8.0+18060+3f21f2cc.s390x.rpm
crun-1.8.1-2.module+el8.8.0+18418+f0e540fe.s390x.rpm
crun-debuginfo-1.8.1-2.module+el8.8.0+18418+f0e540fe.s390x.rpm
crun-debugsource-1.8.1-2.module+el8.8.0+18418+f0e540fe.s390x.rpm
fuse-overlayfs-1.10-1.module+el8.8.0+18060+3f21f2cc.s390x.rpm
fuse-overlayfs-debuginfo-1.10-1.module+el8.8.0+18060+3f21f2cc.s390x.rpm
fuse-overlayfs-debugsource-1.10-1.module+el8.8.0+18060+3f21f2cc.s390x.rpm
libslirp-4.4.0-1.module+el8.8.0+18060+3f21f2cc.s390x.rpm
libslirp-debuginfo-4.4.0-1.module+el8.8.0+18060+3f21f2cc.s390x.rpm
libslirp-debugsource-4.4.0-1.module+el8.8.0+18060+3f21f2cc.s390x.rpm
libslirp-devel-4.4.0-1.module+el8.8.0+18060+3f21f2cc.s390x.rpm
netavark-1.5.0-4.module+el8.8.0+18060+3f21f2cc.s390x.rpm
oci-seccomp-bpf-hook-1.2.8-1.module+el8.8.0+18060+3f21f2cc.s390x.rpm
oci-seccomp-bpf-hook-debuginfo-1.2.8-1.module+el8.8.0+18060+3f21f2cc.s390x.rpm
oci-seccomp-bpf-hook-debugsource-1.2.8-1.module+el8.8.0+18060+3f21f2cc.s390x.rpm
podman-4.4.1-8.module+el8.8.0+18438+15d3aa65.s390x.rpm
podman-catatonit-4.4.1-8.module+el8.8.0+18438+15d3aa65.s390x.rpm
podman-catatonit-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.s390x.rpm
podman-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.s390x.rpm
podman-debugsource-4.4.1-8.module+el8.8.0+18438+15d3aa65.s390x.rpm
podman-gvproxy-4.4.1-8.module+el8.8.0+18438+15d3aa65.s390x.rpm
podman-gvproxy-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.s390x.rpm
podman-plugins-4.4.1-8.module+el8.8.0+18438+15d3aa65.s390x.rpm
podman-plugins-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.s390x.rpm
podman-remote-4.4.1-8.module+el8.8.0+18438+15d3aa65.s390x.rpm
podman-remote-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.s390x.rpm
podman-tests-4.4.1-8.module+el8.8.0+18438+15d3aa65.s390x.rpm
python3-criu-3.15-3.module+el8.8.0+18060+3f21f2cc.s390x.rpm
runc-1.1.4-1.module+el8.8.0+18060+3f21f2cc.s390x.rpm
runc-debuginfo-1.1.4-1.module+el8.8.0+18060+3f21f2cc.s390x.rpm
runc-debugsource-1.1.4-1.module+el8.8.0+18060+3f21f2cc.s390x.rpm
skopeo-1.11.2-0.2.module+el8.8.0+18251+ad5b274c.s390x.rpm
skopeo-tests-1.11.2-0.2.module+el8.8.0+18251+ad5b274c.s390x.rpm
slirp4netns-1.2.0-2.module+el8.8.0+18060+3f21f2cc.s390x.rpm
slirp4netns-debuginfo-1.2.0-2.module+el8.8.0+18060+3f21f2cc.s390x.rpm
slirp4netns-debugsource-1.2.0-2.module+el8.8.0+18060+3f21f2cc.s390x.rpm
toolbox-0.0.99.3-7.module+el8.8.0+18119+e3deee03.s390x.rpm
toolbox-debuginfo-0.0.99.3-7.module+el8.8.0+18119+e3deee03.s390x.rpm
toolbox-debugsource-0.0.99.3-7.module+el8.8.0+18119+e3deee03.s390x.rpm
toolbox-tests-0.0.99.3-7.module+el8.8.0+18119+e3deee03.s390x.rpm

x86_64:
aardvark-dns-1.5.0-2.module+el8.8.0+18060+3f21f2cc.x86_64.rpm
buildah-1.29.1-1.module+el8.8.0+18195+471da4bb.x86_64.rpm
buildah-debuginfo-1.29.1-1.module+el8.8.0+18195+471da4bb.x86_64.rpm
buildah-debugsource-1.29.1-1.module+el8.8.0+18195+471da4bb.x86_64.rpm
buildah-tests-1.29.1-1.module+el8.8.0+18195+471da4bb.x86_64.rpm
buildah-tests-debuginfo-1.29.1-1.module+el8.8.0+18195+471da4bb.x86_64.rpm
conmon-2.1.6-1.module+el8.8.0+18098+9b44df5f.x86_64.rpm
conmon-debuginfo-2.1.6-1.module+el8.8.0+18098+9b44df5f.x86_64.rpm
conmon-debugsource-2.1.6-1.module+el8.8.0+18098+9b44df5f.x86_64.rpm
containernetworking-plugins-1.2.0-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm
containernetworking-plugins-debuginfo-1.2.0-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm
containernetworking-plugins-debugsource-1.2.0-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm
containers-common-1-63.module+el8.8.0+18438+15d3aa65.x86_64.rpm
crit-3.15-3.module+el8.8.0+18060+3f21f2cc.x86_64.rpm
criu-3.15-3.module+el8.8.0+18060+3f21f2cc.x86_64.rpm
criu-debuginfo-3.15-3.module+el8.8.0+18060+3f21f2cc.x86_64.rpm
criu-debugsource-3.15-3.module+el8.8.0+18060+3f21f2cc.x86_64.rpm
criu-devel-3.15-3.module+el8.8.0+18060+3f21f2cc.x86_64.rpm
criu-libs-3.15-3.module+el8.8.0+18060+3f21f2cc.x86_64.rpm
criu-libs-debuginfo-3.15-3.module+el8.8.0+18060+3f21f2cc.x86_64.rpm
crun-1.8.1-2.module+el8.8.0+18418+f0e540fe.x86_64.rpm
crun-debuginfo-1.8.1-2.module+el8.8.0+18418+f0e540fe.x86_64.rpm
crun-debugsource-1.8.1-2.module+el8.8.0+18418+f0e540fe.x86_64.rpm
fuse-overlayfs-1.10-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm
fuse-overlayfs-debuginfo-1.10-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm
fuse-overlayfs-debugsource-1.10-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm
libslirp-4.4.0-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm
libslirp-debuginfo-4.4.0-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm
libslirp-debugsource-4.4.0-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm
libslirp-devel-4.4.0-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm
netavark-1.5.0-4.module+el8.8.0+18060+3f21f2cc.x86_64.rpm
oci-seccomp-bpf-hook-1.2.8-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm
oci-seccomp-bpf-hook-debuginfo-1.2.8-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm
oci-seccomp-bpf-hook-debugsource-1.2.8-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm
podman-4.4.1-8.module+el8.8.0+18438+15d3aa65.x86_64.rpm
podman-catatonit-4.4.1-8.module+el8.8.0+18438+15d3aa65.x86_64.rpm
podman-catatonit-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.x86_64.rpm
podman-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.x86_64.rpm
podman-debugsource-4.4.1-8.module+el8.8.0+18438+15d3aa65.x86_64.rpm
podman-gvproxy-4.4.1-8.module+el8.8.0+18438+15d3aa65.x86_64.rpm
podman-gvproxy-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.x86_64.rpm
podman-plugins-4.4.1-8.module+el8.8.0+18438+15d3aa65.x86_64.rpm
podman-plugins-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.x86_64.rpm
podman-remote-4.4.1-8.module+el8.8.0+18438+15d3aa65.x86_64.rpm
podman-remote-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.x86_64.rpm
podman-tests-4.4.1-8.module+el8.8.0+18438+15d3aa65.x86_64.rpm
python3-criu-3.15-3.module+el8.8.0+18060+3f21f2cc.x86_64.rpm
runc-1.1.4-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm
runc-debuginfo-1.1.4-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm
runc-debugsource-1.1.4-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm
skopeo-1.11.2-0.2.module+el8.8.0+18251+ad5b274c.x86_64.rpm
skopeo-tests-1.11.2-0.2.module+el8.8.0+18251+ad5b274c.x86_64.rpm
slirp4netns-1.2.0-2.module+el8.8.0+18060+3f21f2cc.x86_64.rpm
slirp4netns-debuginfo-1.2.0-2.module+el8.8.0+18060+3f21f2cc.x86_64.rpm
slirp4netns-debugsource-1.2.0-2.module+el8.8.0+18060+3f21f2cc.x86_64.rpm
toolbox-0.0.99.3-7.module+el8.8.0+18119+e3deee03.x86_64.rpm
toolbox-debuginfo-0.0.99.3-7.module+el8.8.0+18119+e3deee03.x86_64.rpm
toolbox-debugsource-0.0.99.3-7.module+el8.8.0+18119+e3deee03.x86_64.rpm
toolbox-tests-0.0.99.3-7.module+el8.8.0+18119+e3deee03.x86_64.rpm

These packages are GPG signed by Red Hat for security.  Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/

7. References:

https://access.redhat.com/security/cve/CVE-2022-1705
https://access.redhat.com/security/cve/CVE-2022-1962
https://access.redhat.com/security/cve/CVE-2022-27664
https://access.redhat.com/security/cve/CVE-2022-28131
https://access.redhat.com/security/cve/CVE-2022-30629
https://access.redhat.com/security/cve/CVE-2022-30630
https://access.redhat.com/security/cve/CVE-2022-30631
https://access.redhat.com/security/cve/CVE-2022-30632
https://access.redhat.com/security/cve/CVE-2022-30633
https://access.redhat.com/security/cve/CVE-2022-30635
https://access.redhat.com/security/cve/CVE-2022-32148
https://access.redhat.com/security/cve/CVE-2022-32189
https://access.redhat.com/security/cve/CVE-2022-41717
https://access.redhat.com/security/cve/CVE-2023-0778
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.8_release_notes/index

8. Contact:

The Red Hat security contact is . More contact
details at https://access.redhat.com/security/team/contact/

Copyright 2023 Red Hat, Inc.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIVAwUBZGNvGtzjgjWX9erEAQgTGg//RfqOIi7xewOVhU4KNb1HFgujVGzwv4ir
uHyWsxD1SpYomgmck1K7Y6D1oDbkz49Fkm2oiglRUys/dhkhjwB1PQ39HyTxWVzR
vEPEo6/ehQAqIp2APzJrNMMwJjMJ/q8kyQv+bSuPfOvnaCHLRdlMPL9QHBdCKz0S
KUR6rb47YaF5gTM8Hr/WnRsCSFuEDdaCCuhkmLb0BccGdSV4gOC4hCsoE0VMSq11
N596yl8TsoHgIZrnwwlxtzmGDOjN8k5twEfUz5PvPx0EwNDU6Pbwlm4NbvTafHVI
9py7OR9BTuj2IBEr52zMcFpCkbNgna+93GBnquOc+dxkA70Aq1wPMWiG7Lfrp40G
QLHyVJFCPX8ub01JONmS22snnkYhWqNnfST/DWB+VIukg8xLyh6DPmQ+vmW4F+Ay
hykwLaoSKYz9kRepiwh/K6EgkWpX+Uxz+Mrirq3ZnMTCdnNuGxRhi48UbywnIptu
HRy5Gv9SvzPH08a9gIloj98hFmR+xuASOkZD2q6pp/kNG9M68bLJWyhcwyEL07ZJ
r2HXtWSzN8zFHlpPiRoyFlgefOHbJUhZVOQgpcoWwiEx5ZxuZBplSIUiLY/Mc9te
LZvOcw0/WzljMfmi79TJxV8E1ZrtyAHHK27iiBvE529J4gIT8pa1wcEp3awmZvOI
dxW4sMlBAps=0p1S
-----END PGP SIGNATURE-----
--
RHSA-announce mailing list
RHSA-announce@redhat.com
https://listman.redhat.com/mailman/listinfo/rhsa-announce

RedHat: RHSA-2023-2758:01 Moderate: container-tools:rhel8 security, bug fix,

An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8

Summary

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.
Security Fix(es):
* golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)
* golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)
* golang: net/http: handle server errors after sending GOAWAY (CVE-2022-27664)
* golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)
* golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)
* golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)
* golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)
* golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)
* golang: encoding/gob: stack exhaustion in Decoder.Decode (CVE-2022-30635)
* golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)
* golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests (CVE-2022-41717)
* podman: symlink exchange attack in podman export volume (CVE-2023-0778)
* golang: crypto/tls: session tickets lack random ticket_age_add (CVE-2022-30629)
* golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service (CVE-2022-32189)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.8 Release Notes linked from the References section.

Summary

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:
https://access.redhat.com/articles/11258

References

https://access.redhat.com/security/cve/CVE-2022-1705 https://access.redhat.com/security/cve/CVE-2022-1962 https://access.redhat.com/security/cve/CVE-2022-27664 https://access.redhat.com/security/cve/CVE-2022-28131 https://access.redhat.com/security/cve/CVE-2022-30629 https://access.redhat.com/security/cve/CVE-2022-30630 https://access.redhat.com/security/cve/CVE-2022-30631 https://access.redhat.com/security/cve/CVE-2022-30632 https://access.redhat.com/security/cve/CVE-2022-30633 https://access.redhat.com/security/cve/CVE-2022-30635 https://access.redhat.com/security/cve/CVE-2022-32148 https://access.redhat.com/security/cve/CVE-2022-32189 https://access.redhat.com/security/cve/CVE-2022-41717 https://access.redhat.com/security/cve/CVE-2023-0778 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.8_release_notes/index

Package List

Red Hat Enterprise Linux AppStream (v. 8):
Source: aardvark-dns-1.5.0-2.module+el8.8.0+18060+3f21f2cc.src.rpm buildah-1.29.1-1.module+el8.8.0+18195+471da4bb.src.rpm cockpit-podman-63.1-1.module+el8.8.0+18286+cd236dce.src.rpm conmon-2.1.6-1.module+el8.8.0+18098+9b44df5f.src.rpm container-selinux-2.205.0-2.module+el8.8.0+18438+15d3aa65.src.rpm containernetworking-plugins-1.2.0-1.module+el8.8.0+18060+3f21f2cc.src.rpm containers-common-1-63.module+el8.8.0+18438+15d3aa65.src.rpm criu-3.15-3.module+el8.8.0+18060+3f21f2cc.src.rpm crun-1.8.1-2.module+el8.8.0+18418+f0e540fe.src.rpm fuse-overlayfs-1.10-1.module+el8.8.0+18060+3f21f2cc.src.rpm libslirp-4.4.0-1.module+el8.8.0+18060+3f21f2cc.src.rpm netavark-1.5.0-4.module+el8.8.0+18060+3f21f2cc.src.rpm oci-seccomp-bpf-hook-1.2.8-1.module+el8.8.0+18060+3f21f2cc.src.rpm podman-4.4.1-8.module+el8.8.0+18438+15d3aa65.src.rpm python-podman-4.4.1-1.module+el8.8.0+18275+3a56cc62.src.rpm runc-1.1.4-1.module+el8.8.0+18060+3f21f2cc.src.rpm skopeo-1.11.2-0.2.module+el8.8.0+18251+ad5b274c.src.rpm slirp4netns-1.2.0-2.module+el8.8.0+18060+3f21f2cc.src.rpm toolbox-0.0.99.3-7.module+el8.8.0+18119+e3deee03.src.rpm udica-0.2.6-20.module+el8.8.0+18060+3f21f2cc.src.rpm
aarch64: aardvark-dns-1.5.0-2.module+el8.8.0+18060+3f21f2cc.aarch64.rpm buildah-1.29.1-1.module+el8.8.0+18195+471da4bb.aarch64.rpm buildah-debuginfo-1.29.1-1.module+el8.8.0+18195+471da4bb.aarch64.rpm buildah-debugsource-1.29.1-1.module+el8.8.0+18195+471da4bb.aarch64.rpm buildah-tests-1.29.1-1.module+el8.8.0+18195+471da4bb.aarch64.rpm buildah-tests-debuginfo-1.29.1-1.module+el8.8.0+18195+471da4bb.aarch64.rpm conmon-2.1.6-1.module+el8.8.0+18098+9b44df5f.aarch64.rpm conmon-debuginfo-2.1.6-1.module+el8.8.0+18098+9b44df5f.aarch64.rpm conmon-debugsource-2.1.6-1.module+el8.8.0+18098+9b44df5f.aarch64.rpm containernetworking-plugins-1.2.0-1.module+el8.8.0+18060+3f21f2cc.aarch64.rpm containernetworking-plugins-debuginfo-1.2.0-1.module+el8.8.0+18060+3f21f2cc.aarch64.rpm containernetworking-plugins-debugsource-1.2.0-1.module+el8.8.0+18060+3f21f2cc.aarch64.rpm containers-common-1-63.module+el8.8.0+18438+15d3aa65.aarch64.rpm crit-3.15-3.module+el8.8.0+18060+3f21f2cc.aarch64.rpm criu-3.15-3.module+el8.8.0+18060+3f21f2cc.aarch64.rpm criu-debuginfo-3.15-3.module+el8.8.0+18060+3f21f2cc.aarch64.rpm criu-debugsource-3.15-3.module+el8.8.0+18060+3f21f2cc.aarch64.rpm criu-devel-3.15-3.module+el8.8.0+18060+3f21f2cc.aarch64.rpm criu-libs-3.15-3.module+el8.8.0+18060+3f21f2cc.aarch64.rpm criu-libs-debuginfo-3.15-3.module+el8.8.0+18060+3f21f2cc.aarch64.rpm crun-1.8.1-2.module+el8.8.0+18418+f0e540fe.aarch64.rpm crun-debuginfo-1.8.1-2.module+el8.8.0+18418+f0e540fe.aarch64.rpm crun-debugsource-1.8.1-2.module+el8.8.0+18418+f0e540fe.aarch64.rpm fuse-overlayfs-1.10-1.module+el8.8.0+18060+3f21f2cc.aarch64.rpm fuse-overlayfs-debuginfo-1.10-1.module+el8.8.0+18060+3f21f2cc.aarch64.rpm fuse-overlayfs-debugsource-1.10-1.module+el8.8.0+18060+3f21f2cc.aarch64.rpm libslirp-4.4.0-1.module+el8.8.0+18060+3f21f2cc.aarch64.rpm libslirp-debuginfo-4.4.0-1.module+el8.8.0+18060+3f21f2cc.aarch64.rpm libslirp-debugsource-4.4.0-1.module+el8.8.0+18060+3f21f2cc.aarch64.rpm libslirp-devel-4.4.0-1.module+el8.8.0+18060+3f21f2cc.aarch64.rpm netavark-1.5.0-4.module+el8.8.0+18060+3f21f2cc.aarch64.rpm oci-seccomp-bpf-hook-1.2.8-1.module+el8.8.0+18060+3f21f2cc.aarch64.rpm oci-seccomp-bpf-hook-debuginfo-1.2.8-1.module+el8.8.0+18060+3f21f2cc.aarch64.rpm oci-seccomp-bpf-hook-debugsource-1.2.8-1.module+el8.8.0+18060+3f21f2cc.aarch64.rpm podman-4.4.1-8.module+el8.8.0+18438+15d3aa65.aarch64.rpm podman-catatonit-4.4.1-8.module+el8.8.0+18438+15d3aa65.aarch64.rpm podman-catatonit-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.aarch64.rpm podman-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.aarch64.rpm podman-debugsource-4.4.1-8.module+el8.8.0+18438+15d3aa65.aarch64.rpm podman-gvproxy-4.4.1-8.module+el8.8.0+18438+15d3aa65.aarch64.rpm podman-gvproxy-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.aarch64.rpm podman-plugins-4.4.1-8.module+el8.8.0+18438+15d3aa65.aarch64.rpm podman-plugins-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.aarch64.rpm podman-remote-4.4.1-8.module+el8.8.0+18438+15d3aa65.aarch64.rpm podman-remote-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.aarch64.rpm podman-tests-4.4.1-8.module+el8.8.0+18438+15d3aa65.aarch64.rpm python3-criu-3.15-3.module+el8.8.0+18060+3f21f2cc.aarch64.rpm runc-1.1.4-1.module+el8.8.0+18060+3f21f2cc.aarch64.rpm runc-debuginfo-1.1.4-1.module+el8.8.0+18060+3f21f2cc.aarch64.rpm runc-debugsource-1.1.4-1.module+el8.8.0+18060+3f21f2cc.aarch64.rpm skopeo-1.11.2-0.2.module+el8.8.0+18251+ad5b274c.aarch64.rpm skopeo-tests-1.11.2-0.2.module+el8.8.0+18251+ad5b274c.aarch64.rpm slirp4netns-1.2.0-2.module+el8.8.0+18060+3f21f2cc.aarch64.rpm slirp4netns-debuginfo-1.2.0-2.module+el8.8.0+18060+3f21f2cc.aarch64.rpm slirp4netns-debugsource-1.2.0-2.module+el8.8.0+18060+3f21f2cc.aarch64.rpm toolbox-0.0.99.3-7.module+el8.8.0+18119+e3deee03.aarch64.rpm toolbox-debuginfo-0.0.99.3-7.module+el8.8.0+18119+e3deee03.aarch64.rpm toolbox-debugsource-0.0.99.3-7.module+el8.8.0+18119+e3deee03.aarch64.rpm toolbox-tests-0.0.99.3-7.module+el8.8.0+18119+e3deee03.aarch64.rpm
noarch: cockpit-podman-63.1-1.module+el8.8.0+18286+cd236dce.noarch.rpm container-selinux-2.205.0-2.module+el8.8.0+18438+15d3aa65.noarch.rpm podman-docker-4.4.1-8.module+el8.8.0+18438+15d3aa65.noarch.rpm python3-podman-4.4.1-1.module+el8.8.0+18275+3a56cc62.noarch.rpm udica-0.2.6-20.module+el8.8.0+18060+3f21f2cc.noarch.rpm
ppc64le: aardvark-dns-1.5.0-2.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm buildah-1.29.1-1.module+el8.8.0+18195+471da4bb.ppc64le.rpm buildah-debuginfo-1.29.1-1.module+el8.8.0+18195+471da4bb.ppc64le.rpm buildah-debugsource-1.29.1-1.module+el8.8.0+18195+471da4bb.ppc64le.rpm buildah-tests-1.29.1-1.module+el8.8.0+18195+471da4bb.ppc64le.rpm buildah-tests-debuginfo-1.29.1-1.module+el8.8.0+18195+471da4bb.ppc64le.rpm conmon-2.1.6-1.module+el8.8.0+18098+9b44df5f.ppc64le.rpm conmon-debuginfo-2.1.6-1.module+el8.8.0+18098+9b44df5f.ppc64le.rpm conmon-debugsource-2.1.6-1.module+el8.8.0+18098+9b44df5f.ppc64le.rpm containernetworking-plugins-1.2.0-1.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm containernetworking-plugins-debuginfo-1.2.0-1.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm containernetworking-plugins-debugsource-1.2.0-1.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm containers-common-1-63.module+el8.8.0+18438+15d3aa65.ppc64le.rpm crit-3.15-3.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm criu-3.15-3.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm criu-debuginfo-3.15-3.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm criu-debugsource-3.15-3.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm criu-devel-3.15-3.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm criu-libs-3.15-3.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm criu-libs-debuginfo-3.15-3.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm crun-1.8.1-2.module+el8.8.0+18418+f0e540fe.ppc64le.rpm crun-debuginfo-1.8.1-2.module+el8.8.0+18418+f0e540fe.ppc64le.rpm crun-debugsource-1.8.1-2.module+el8.8.0+18418+f0e540fe.ppc64le.rpm fuse-overlayfs-1.10-1.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm fuse-overlayfs-debuginfo-1.10-1.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm fuse-overlayfs-debugsource-1.10-1.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm libslirp-4.4.0-1.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm libslirp-debuginfo-4.4.0-1.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm libslirp-debugsource-4.4.0-1.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm libslirp-devel-4.4.0-1.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm netavark-1.5.0-4.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm oci-seccomp-bpf-hook-1.2.8-1.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm oci-seccomp-bpf-hook-debuginfo-1.2.8-1.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm oci-seccomp-bpf-hook-debugsource-1.2.8-1.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm podman-4.4.1-8.module+el8.8.0+18438+15d3aa65.ppc64le.rpm podman-catatonit-4.4.1-8.module+el8.8.0+18438+15d3aa65.ppc64le.rpm podman-catatonit-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.ppc64le.rpm podman-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.ppc64le.rpm podman-debugsource-4.4.1-8.module+el8.8.0+18438+15d3aa65.ppc64le.rpm podman-gvproxy-4.4.1-8.module+el8.8.0+18438+15d3aa65.ppc64le.rpm podman-gvproxy-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.ppc64le.rpm podman-plugins-4.4.1-8.module+el8.8.0+18438+15d3aa65.ppc64le.rpm podman-plugins-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.ppc64le.rpm podman-remote-4.4.1-8.module+el8.8.0+18438+15d3aa65.ppc64le.rpm podman-remote-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.ppc64le.rpm podman-tests-4.4.1-8.module+el8.8.0+18438+15d3aa65.ppc64le.rpm python3-criu-3.15-3.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm runc-1.1.4-1.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm runc-debuginfo-1.1.4-1.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm runc-debugsource-1.1.4-1.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm skopeo-1.11.2-0.2.module+el8.8.0+18251+ad5b274c.ppc64le.rpm skopeo-tests-1.11.2-0.2.module+el8.8.0+18251+ad5b274c.ppc64le.rpm slirp4netns-1.2.0-2.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm slirp4netns-debuginfo-1.2.0-2.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm slirp4netns-debugsource-1.2.0-2.module+el8.8.0+18060+3f21f2cc.ppc64le.rpm toolbox-0.0.99.3-7.module+el8.8.0+18119+e3deee03.ppc64le.rpm toolbox-debuginfo-0.0.99.3-7.module+el8.8.0+18119+e3deee03.ppc64le.rpm toolbox-debugsource-0.0.99.3-7.module+el8.8.0+18119+e3deee03.ppc64le.rpm toolbox-tests-0.0.99.3-7.module+el8.8.0+18119+e3deee03.ppc64le.rpm
s390x: aardvark-dns-1.5.0-2.module+el8.8.0+18060+3f21f2cc.s390x.rpm buildah-1.29.1-1.module+el8.8.0+18195+471da4bb.s390x.rpm buildah-debuginfo-1.29.1-1.module+el8.8.0+18195+471da4bb.s390x.rpm buildah-debugsource-1.29.1-1.module+el8.8.0+18195+471da4bb.s390x.rpm buildah-tests-1.29.1-1.module+el8.8.0+18195+471da4bb.s390x.rpm buildah-tests-debuginfo-1.29.1-1.module+el8.8.0+18195+471da4bb.s390x.rpm conmon-2.1.6-1.module+el8.8.0+18098+9b44df5f.s390x.rpm conmon-debuginfo-2.1.6-1.module+el8.8.0+18098+9b44df5f.s390x.rpm conmon-debugsource-2.1.6-1.module+el8.8.0+18098+9b44df5f.s390x.rpm containernetworking-plugins-1.2.0-1.module+el8.8.0+18060+3f21f2cc.s390x.rpm containernetworking-plugins-debuginfo-1.2.0-1.module+el8.8.0+18060+3f21f2cc.s390x.rpm containernetworking-plugins-debugsource-1.2.0-1.module+el8.8.0+18060+3f21f2cc.s390x.rpm containers-common-1-63.module+el8.8.0+18438+15d3aa65.s390x.rpm crit-3.15-3.module+el8.8.0+18060+3f21f2cc.s390x.rpm criu-3.15-3.module+el8.8.0+18060+3f21f2cc.s390x.rpm criu-debuginfo-3.15-3.module+el8.8.0+18060+3f21f2cc.s390x.rpm criu-debugsource-3.15-3.module+el8.8.0+18060+3f21f2cc.s390x.rpm criu-devel-3.15-3.module+el8.8.0+18060+3f21f2cc.s390x.rpm criu-libs-3.15-3.module+el8.8.0+18060+3f21f2cc.s390x.rpm criu-libs-debuginfo-3.15-3.module+el8.8.0+18060+3f21f2cc.s390x.rpm crun-1.8.1-2.module+el8.8.0+18418+f0e540fe.s390x.rpm crun-debuginfo-1.8.1-2.module+el8.8.0+18418+f0e540fe.s390x.rpm crun-debugsource-1.8.1-2.module+el8.8.0+18418+f0e540fe.s390x.rpm fuse-overlayfs-1.10-1.module+el8.8.0+18060+3f21f2cc.s390x.rpm fuse-overlayfs-debuginfo-1.10-1.module+el8.8.0+18060+3f21f2cc.s390x.rpm fuse-overlayfs-debugsource-1.10-1.module+el8.8.0+18060+3f21f2cc.s390x.rpm libslirp-4.4.0-1.module+el8.8.0+18060+3f21f2cc.s390x.rpm libslirp-debuginfo-4.4.0-1.module+el8.8.0+18060+3f21f2cc.s390x.rpm libslirp-debugsource-4.4.0-1.module+el8.8.0+18060+3f21f2cc.s390x.rpm libslirp-devel-4.4.0-1.module+el8.8.0+18060+3f21f2cc.s390x.rpm netavark-1.5.0-4.module+el8.8.0+18060+3f21f2cc.s390x.rpm oci-seccomp-bpf-hook-1.2.8-1.module+el8.8.0+18060+3f21f2cc.s390x.rpm oci-seccomp-bpf-hook-debuginfo-1.2.8-1.module+el8.8.0+18060+3f21f2cc.s390x.rpm oci-seccomp-bpf-hook-debugsource-1.2.8-1.module+el8.8.0+18060+3f21f2cc.s390x.rpm podman-4.4.1-8.module+el8.8.0+18438+15d3aa65.s390x.rpm podman-catatonit-4.4.1-8.module+el8.8.0+18438+15d3aa65.s390x.rpm podman-catatonit-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.s390x.rpm podman-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.s390x.rpm podman-debugsource-4.4.1-8.module+el8.8.0+18438+15d3aa65.s390x.rpm podman-gvproxy-4.4.1-8.module+el8.8.0+18438+15d3aa65.s390x.rpm podman-gvproxy-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.s390x.rpm podman-plugins-4.4.1-8.module+el8.8.0+18438+15d3aa65.s390x.rpm podman-plugins-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.s390x.rpm podman-remote-4.4.1-8.module+el8.8.0+18438+15d3aa65.s390x.rpm podman-remote-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.s390x.rpm podman-tests-4.4.1-8.module+el8.8.0+18438+15d3aa65.s390x.rpm python3-criu-3.15-3.module+el8.8.0+18060+3f21f2cc.s390x.rpm runc-1.1.4-1.module+el8.8.0+18060+3f21f2cc.s390x.rpm runc-debuginfo-1.1.4-1.module+el8.8.0+18060+3f21f2cc.s390x.rpm runc-debugsource-1.1.4-1.module+el8.8.0+18060+3f21f2cc.s390x.rpm skopeo-1.11.2-0.2.module+el8.8.0+18251+ad5b274c.s390x.rpm skopeo-tests-1.11.2-0.2.module+el8.8.0+18251+ad5b274c.s390x.rpm slirp4netns-1.2.0-2.module+el8.8.0+18060+3f21f2cc.s390x.rpm slirp4netns-debuginfo-1.2.0-2.module+el8.8.0+18060+3f21f2cc.s390x.rpm slirp4netns-debugsource-1.2.0-2.module+el8.8.0+18060+3f21f2cc.s390x.rpm toolbox-0.0.99.3-7.module+el8.8.0+18119+e3deee03.s390x.rpm toolbox-debuginfo-0.0.99.3-7.module+el8.8.0+18119+e3deee03.s390x.rpm toolbox-debugsource-0.0.99.3-7.module+el8.8.0+18119+e3deee03.s390x.rpm toolbox-tests-0.0.99.3-7.module+el8.8.0+18119+e3deee03.s390x.rpm
x86_64: aardvark-dns-1.5.0-2.module+el8.8.0+18060+3f21f2cc.x86_64.rpm buildah-1.29.1-1.module+el8.8.0+18195+471da4bb.x86_64.rpm buildah-debuginfo-1.29.1-1.module+el8.8.0+18195+471da4bb.x86_64.rpm buildah-debugsource-1.29.1-1.module+el8.8.0+18195+471da4bb.x86_64.rpm buildah-tests-1.29.1-1.module+el8.8.0+18195+471da4bb.x86_64.rpm buildah-tests-debuginfo-1.29.1-1.module+el8.8.0+18195+471da4bb.x86_64.rpm conmon-2.1.6-1.module+el8.8.0+18098+9b44df5f.x86_64.rpm conmon-debuginfo-2.1.6-1.module+el8.8.0+18098+9b44df5f.x86_64.rpm conmon-debugsource-2.1.6-1.module+el8.8.0+18098+9b44df5f.x86_64.rpm containernetworking-plugins-1.2.0-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm containernetworking-plugins-debuginfo-1.2.0-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm containernetworking-plugins-debugsource-1.2.0-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm containers-common-1-63.module+el8.8.0+18438+15d3aa65.x86_64.rpm crit-3.15-3.module+el8.8.0+18060+3f21f2cc.x86_64.rpm criu-3.15-3.module+el8.8.0+18060+3f21f2cc.x86_64.rpm criu-debuginfo-3.15-3.module+el8.8.0+18060+3f21f2cc.x86_64.rpm criu-debugsource-3.15-3.module+el8.8.0+18060+3f21f2cc.x86_64.rpm criu-devel-3.15-3.module+el8.8.0+18060+3f21f2cc.x86_64.rpm criu-libs-3.15-3.module+el8.8.0+18060+3f21f2cc.x86_64.rpm criu-libs-debuginfo-3.15-3.module+el8.8.0+18060+3f21f2cc.x86_64.rpm crun-1.8.1-2.module+el8.8.0+18418+f0e540fe.x86_64.rpm crun-debuginfo-1.8.1-2.module+el8.8.0+18418+f0e540fe.x86_64.rpm crun-debugsource-1.8.1-2.module+el8.8.0+18418+f0e540fe.x86_64.rpm fuse-overlayfs-1.10-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm fuse-overlayfs-debuginfo-1.10-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm fuse-overlayfs-debugsource-1.10-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm libslirp-4.4.0-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm libslirp-debuginfo-4.4.0-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm libslirp-debugsource-4.4.0-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm libslirp-devel-4.4.0-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm netavark-1.5.0-4.module+el8.8.0+18060+3f21f2cc.x86_64.rpm oci-seccomp-bpf-hook-1.2.8-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm oci-seccomp-bpf-hook-debuginfo-1.2.8-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm oci-seccomp-bpf-hook-debugsource-1.2.8-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm podman-4.4.1-8.module+el8.8.0+18438+15d3aa65.x86_64.rpm podman-catatonit-4.4.1-8.module+el8.8.0+18438+15d3aa65.x86_64.rpm podman-catatonit-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.x86_64.rpm podman-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.x86_64.rpm podman-debugsource-4.4.1-8.module+el8.8.0+18438+15d3aa65.x86_64.rpm podman-gvproxy-4.4.1-8.module+el8.8.0+18438+15d3aa65.x86_64.rpm podman-gvproxy-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.x86_64.rpm podman-plugins-4.4.1-8.module+el8.8.0+18438+15d3aa65.x86_64.rpm podman-plugins-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.x86_64.rpm podman-remote-4.4.1-8.module+el8.8.0+18438+15d3aa65.x86_64.rpm podman-remote-debuginfo-4.4.1-8.module+el8.8.0+18438+15d3aa65.x86_64.rpm podman-tests-4.4.1-8.module+el8.8.0+18438+15d3aa65.x86_64.rpm python3-criu-3.15-3.module+el8.8.0+18060+3f21f2cc.x86_64.rpm runc-1.1.4-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm runc-debuginfo-1.1.4-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm runc-debugsource-1.1.4-1.module+el8.8.0+18060+3f21f2cc.x86_64.rpm skopeo-1.11.2-0.2.module+el8.8.0+18251+ad5b274c.x86_64.rpm skopeo-tests-1.11.2-0.2.module+el8.8.0+18251+ad5b274c.x86_64.rpm slirp4netns-1.2.0-2.module+el8.8.0+18060+3f21f2cc.x86_64.rpm slirp4netns-debuginfo-1.2.0-2.module+el8.8.0+18060+3f21f2cc.x86_64.rpm slirp4netns-debugsource-1.2.0-2.module+el8.8.0+18060+3f21f2cc.x86_64.rpm toolbox-0.0.99.3-7.module+el8.8.0+18119+e3deee03.x86_64.rpm toolbox-debuginfo-0.0.99.3-7.module+el8.8.0+18119+e3deee03.x86_64.rpm toolbox-debugsource-0.0.99.3-7.module+el8.8.0+18119+e3deee03.x86_64.rpm toolbox-tests-0.0.99.3-7.module+el8.8.0+18119+e3deee03.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

Severity

Advisory ID: RHSA-2023:2758-01

Product: Red Hat Enterprise Linux

Advisory URL: https://access.redhat.com/errata/RHSA-2023:2758

Issued Date: : 2023-05-16

CVE Names: CVE-2022-1705 CVE-2022-1962 CVE-2022-27664 CVE-2022-28131 CVE-2022-30629 CVE-2022-30630 CVE-2022-30631 CVE-2022-30632 CVE-2022-30633 CVE-2022-30635 CVE-2022-32148 CVE-2022-32189 CVE-2022-41717 CVE-2023-0778

Topic

An update for the container-tools:rhel8 module is now available for Red HatEnterprise Linux 8.Red Hat Product Security has rated this update as having a security impactof Moderate. A Common Vulnerability Scoring System (CVSS) base score, whichgives a detailed severity rating, is available for each vulnerability fromthe CVE link(s) in the References section.

Topic

Relevant Releases Architectures

Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64

Bugs Fixed

2033280 - [container-tools:rhel8/toolbox] toolbox list contains duplicate entries for images with multiple names

2047290 - Update container-tools:rhel8/toolbox to 0.0.99.3

2059658 - join template in podman inspect errors when new line is selected as a separator

2080458 - Podman volume plugin timeout should be configurable

2089790 - Backport podman's PR 14319 in RHEL's podman 4.0 banch

2090166 - Error in man podman run manual

2092793 - CVE-2022-30629 golang: crypto/tls: session tickets lack random ticket_age_add

2097708 - [RFE]Podman support to perform custom actions on unhealthy containers2106396 - avc: denied { ioctl } for pid=510216 comm="iptables" path="/var/lib/containers/storage/overlay/7d65c03c0ff08daf6366d735723151aa1f2cf165d51be30f62bded9ed586b838/merged" dev="overlay" ino=42308193 scontext=unconfined_u:system_r:iptables_t:s0-s0:c0.c1023

2107342 - CVE-2022-30631 golang: compress/gzip: stack exhaustion in Reader.Read

2107371 - CVE-2022-30630 golang: io/fs: stack exhaustion in Glob

2107374 - CVE-2022-1705 golang: net/http: improper sanitization of Transfer-Encoding header

2107376 - CVE-2022-1962 golang: go/parser: stack exhaustion in all Parse* functions

2107383 - CVE-2022-32148 golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working

2107386 - CVE-2022-30632 golang: path/filepath: stack exhaustion in Glob

2107388 - CVE-2022-30635 golang: encoding/gob: stack exhaustion in Decoder.Decode

2107390 - CVE-2022-28131 golang: encoding/xml: stack exhaustion in Decoder.Skip

2107392 - CVE-2022-30633 golang: encoding/xml: stack exhaustion in Unmarshal

2113814 - CVE-2022-32189 golang: math/big: decoding big.Float and big.Rat types can panic if the encoded message is too short, potentially allowing a denial of service

2116481 - Two aardvark-dns instances trying to use the same port on the same interface (netavark)

2116922 - podman creates lock file in /etc/cni/net.d/cni.lock instead of /run/lock/

2120435 - (podman image trust) does not support the new trust type "sigstoreSigned "

2121841 - Multiple default gateways are created inside container if there are multiple interfaces

2123415 - Pulling images from registry.access.redhat.com fails to find RPM-GPG-KEY-redhat-beta keys

2124414 - aardvark-dns: Always return both A and AAAA records no matter what QTYPE is specified in DNS request

2124416 - aardvark-dns: Recursion Available bit is not set in response header

2124669 - CVE-2022-27664 golang: net/http: handle server errors after sending GOAWAY

2124705 - containers-common-1-44 is missing RPM-GPG-KEY-redhat-beta [RHEL 8.7]

2124952 - Podman volume plugin timeout should be configurable [RHEL 8.8.0]

2126243 - Podman container got global IPv6 address unexpectedly even when macvlan network is created for pure IPv4 network

2126697 - containers config.json gets empty after sudden power loss

2128675 - Need way to tell aardvark DNS to refer to a particular DNS, and not host's configured DNS

2131741 - [RFE] python-podman: Podman support to perform custom actions on unhealthy containers2131836 - PANIC podman API service endpoint handler panic

2135970 - Podman push image to redhat quay with sigstore was failed

2135973 - Skopeo push image to redhat quay with sigstore was failed

2136319 - Buildah push image to redhat quay with sigstore was failed

2136933 - Two aardvark-dns instances trying to use the same port on the same interface. [rhel-8.8] (aardvark-dns)

2138434 - podman: ubi8 sticky bit removed from /tmp

2139052 - The udica version in RHEL 8.7(0.2.6-3) is lower than RHEL 8.6(0.2.6-4)

2139724 - [cockpit-podman] RHEL 8.8 Tier 0 Localization

2140084 - SIGSEGV: segmentation violation on s390x

2140087 - SIGSEGV: segmentation violation on s390x

2141452 - buildah: ubi8 sticky bit removed from /tmp

2142711 - Static MAC address is not working inside the container in podman-netavark-mcvlan

2144754 - FailingStreak is not reset to 0 when the container starts again.

2152516 - "docker build" doesn't work anymore if it is targeting a podman server

2153036 - multiple dbus user processes being spawned

2155828 - podman rm leaves running container behind

2157930 - podman exec fails with Error: an exec session with ID already exists: exec session already exists

2158084 - Amend crun package dependencies [rhel-8.8]

2158469 - Update shortnames.conf

2161274 - CVE-2022-41717 golang: net/http: excessive memory growth in a Go server accepting HTTP/2 requests

2161682 - Podman v4.4RC1 can't find /etc/cni/net.d

2163759 - [container-tools:rhel8/toolbox] Support RHEL 9 Toolbx containers2165875 - podman can not start a rootless container with option --privileged and runtime runc

2168256 - CVE-2023-0778 podman: symlink exchange attack in podman export volume