Rocky Linux: RLSA-2024:3968 container-tools Security Advisories Updates
Summary
An update is available for libslirp, module.buildah, module.crun, buildah, fuse-overlayfs, udica, module.oci-seccomp-bpf-hook, module.netavark, module.runc, conmon, module.containers-common, python-podman, module.libslirp, module.aardvark-dns, module.fuse-overlayfs, runc, criu, aardvark-dns, module.toolbox, module.container-selinux, container-selinux, containers-common, module.conmon, containernetworking-plugins, crun, module.podman, module.skopeo, podman, module.containernetworking-plugins, slirp4netns, oci-seccomp-bpf-hook, module.slirp4netns, module.python-podman, cockpit-podman, netavark, module.cockpit-podman, skopeo, module.udica, module.criu, toolbox. This update affects Rocky Linux 8. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): * podman: jose-go: improper handling of highly compressed data (CVE-2024-28180) * buildah: jose-go: improper handling of highly compressed data (CVE-2024-28180) * podman: jose-go: resource exhaustion (CVE-2024-28176) * buildah: jose-go: resource exhaustion (CVE-2024-28176) * skopeo: jose-go: resource exhaustion (CVE-2024-28176) Additional Changes: For detailed information on changes in this release, see the Rocky Linux 8 Release Notes linked from the References section.
RPMs
aardvark-dns-2:1.10.0-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm
aardvark-dns-2:1.10.0-1.module+el8.10.0+1815+5fe7415e.src.rpm
aardvark-dns-2:1.10.0-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm
buildah-2:1.33.7-2.module+el8.10.0+1829+9bb2696f.aarch64.rpm
buildah-2:1.33.7-2.module+el8.10.0+1829+9bb2696f.src.rpm
buildah-2:1.33.7-2.module+el8.10.0+1829+9bb2696f.x86_64.rpm
buildah-debuginfo-2:1.33.7-2.module+el8.10.0+1829+9bb2696f.aarch64.rpm
buildah-debuginfo-2:1.33.7-2.module+el8.10.0+1829+9bb2696f.x86_64.rpm
buildah-debugsource-2:1.33.7-2.module+el8.10.0+1829+9bb2696f.aarch64.rpm
buildah-debugsource-2:1.33.7-2.module+el8.10.0+1829+9bb2696f.x86_64.rpm
buildah-tests-2:1.33.7-2.module+el8.10.0+1829+9bb2696f.aarch64.rpm
buildah-tests-2:1.33.7-2.module+el8.10.0+1829+9bb2696f.x86_64.rpm
buildah-tests-debuginfo-2:1.33.7-2.module+el8.10.0+1829+9bb2696f.aarch64.rpm
buildah-tests-debuginfo-2:1.33.7-2.module+el8.10.0+1829+9bb2696f.x86_64.rpm
cockpit-podman-0:84.1-1.module+el8.10.0+1815+5fe7415e.noarch.rpm
cockpit-podman-0:84.1-1.module+el8.10.0+1815+5fe7415e.src.rpm
conmon-3:2.1.10-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm
conmon-3:2.1.10-1.module+el8.10.0+1815+5fe7415e.src.rpm
conmon-3:2.1.10-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm
conmon-debuginfo-3:2.1.10-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm
conmon-debuginfo-3:2.1.10-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm
conmon-debugsource-3:2.1.10-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm
conmon-debugsource-3:2.1.10-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm
containernetworking-plugins-1:1.4.0-2.module+el8.10.0+1815+5fe7415e.aarch64.rpm
containernetworking-plugins-1:1.4.0-2.module+el8.10.0+1815+5fe7415e.src.rpm
containernetworking-plugins-1:1.4.0-2.module+el8.10.0+1815+5fe7415e.x86_64.rpm
containernetworking-plugins-debuginfo-1:1.4.0-2.module+el8.10.0+1815+5fe7415e.aarch64.rpm
containernetworking-plugins-debuginfo-1:1.4.0-2.module+el8.10.0+1815+5fe7415e.x86_64.rpm
containernetworking-plugins-debugsource-1:1.4.0-2.module+el8.10.0+1815+5fe7415e.aarch64.rpm
containernetworking-plugins-debugsource-1:1.4.0-2.module+el8.10.0+1815+5fe7415e.x86_64.rpm
containers-common-2:1-81.module+el8.10.0+1815+5fe7415e.aarch64.rpm
containers-common-2:1-81.module+el8.10.0+1815+5fe7415e.src.rpm
containers-common-2:1-81.module+el8.10.0+1815+5fe7415e.x86_64.rpm
container-selinux-2:2.229.0-2.module+el8.10.0+1815+5fe7415e.noarch.rpm
container-selinux-2:2.229.0-2.module+el8.10.0+1815+5fe7415e.src.rpm
crit-0:3.18-5.module+el8.10.0+1815+5fe7415e.aarch64.rpm
crit-0:3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm
criu-0:3.18-5.module+el8.10.0+1815+5fe7415e.aarch64.rpm
criu-0:3.18-5.module+el8.10.0+1815+5fe7415e.src.rpm
criu-0:3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm
criu-debuginfo-0:3.18-5.module+el8.10.0+1815+5fe7415e.aarch64.rpm
criu-debuginfo-0:3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm
criu-debugsource-0:3.18-5.module+el8.10.0+1815+5fe7415e.aarch64.rpm
criu-debugsource-0:3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm
criu-devel-0:3.18-5.module+el8.10.0+1815+5fe7415e.aarch64.rpm
criu-devel-0:3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm
criu-libs-0:3.18-5.module+el8.10.0+1815+5fe7415e.aarch64.rpm
criu-libs-0:3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm
criu-libs-debuginfo-0:3.18-5.module+el8.10.0+1815+5fe7415e.aarch64.rpm
criu-libs-debuginfo-0:3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm
crun-0:1.14.3-2.module+el8.10.0+1815+5fe7415e.aarch64.rpm
crun-0:1.14.3-2.module+el8.10.0+1815+5fe7415e.src.rpm
crun-0:1.14.3-2.module+el8.10.0+1815+5fe7415e.x86_64.rpm
crun-debuginfo-0:1.14.3-2.module+el8.10.0+1815+5fe7415e.aarch64.rpm
crun-debuginfo-0:1.14.3-2.module+el8.10.0+1815+5fe7415e.x86_64.rpm
crun-debugsource-0:1.14.3-2.module+el8.10.0+1815+5fe7415e.aarch64.rpm
crun-debugsource-0:1.14.3-2.module+el8.10.0+1815+5fe7415e.x86_64.rpm
fuse-overlayfs-0:1.13-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm
fuse-overlayfs-0:1.13-1.module+el8.10.0+1815+5fe7415e.src.rpm
fuse-overlayfs-0:1.13-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm
fuse-overlayfs-debuginfo-0:1.13-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm
fuse-overlayfs-debuginfo-0:1.13-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm
fuse-overlayfs-debugsource-0:1.13-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm
fuse-overlayfs-debugsource-0:1.13-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm
libslirp-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.aarch64.rpm
libslirp-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.src.rpm
libslirp-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.x86_64.rpm
libslirp-debuginfo-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.aarch64.rpm
libslirp-debuginfo-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.x86_64.rpm
libslirp-debugsource-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.aarch64.rpm
libslirp-debugsource-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.x86_64.rpm
libslirp-devel-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.aarch64.rpm
libslirp-devel-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.x86_64.rpm
netavark-2:1.10.3-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm
netavark-2:1.10.3-1.module+el8.10.0+1815+5fe7415e.src.rpm
netavark-2:1.10.3-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm
oci-seccomp-bpf-hook-0:1.2.10-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm
oci-seccomp-bpf-hook-0:1.2.10-1.module+el8.10.0+1815+5fe7415e.src.rpm
oci-seccomp-bpf-hook-0:1.2.10-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm
oci-seccomp-bpf-hook-debuginfo-0:1.2.10-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm
oci-seccomp-bpf-hook-debuginfo-0:1.2.10-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm
oci-seccomp-bpf-hook-debugsource-0:1.2.10-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm
oci-seccomp-bpf-hook-debugsource-0:1.2.10-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm
podman-4:4.9.4-3.module+el8.10.0+1829+9bb2696f.aarch64.rpm
podman-4:4.9.4-3.module+el8.10.0+1829+9bb2696f.src.rpm
podman-4:4.9.4-3.module+el8.10.0+1829+9bb2696f.x86_64.rpm
podman-catatonit-4:4.9.4-3.module+el8.10.0+1829+9bb2696f.aarch64.rpm
podman-catatonit-4:4.9.4-3.module+el8.10.0+1829+9bb2696f.x86_64.rpm
podman-catatonit-debuginfo-4:4.9.4-3.module+el8.10.0+1829+9bb2696f.aarch64.rpm
podman-catatonit-debuginfo-4:4.9.4-3.module+el8.10.0+1829+9bb2696f.x86_64.rpm
podman-debuginfo-4:4.9.4-3.module+el8.10.0+1829+9bb2696f.aarch64.rpm
podman-debuginfo-4:4.9.4-3.module+el8.10.0+1829+9bb2696f.x86_64.rpm
podman-debugsource-4:4.9.4-3.module+el8.10.0+1829+9bb2696f.aarch64.rpm
podman-debugsource-4:4.9.4-3.module+el8.10.0+1829+9bb2696f.x86_64.rpm
podman-docker-4:4.9.4-3.module+el8.10.0+1829+9bb2696f.noarch.rpm
podman-gvproxy-4:4.9.4-3.module+el8.10.0+1829+9bb2696f.aarch64.rpm
podman-gvproxy-4:4.9.4-3.module+el8.10.0+1829+9bb2696f.x86_64.rpm
skopeo-2:1.14.3-2.module+el8.10.0+1815+5fe7415e.src.rpm
podman-gvproxy-debuginfo-4:4.9.4-3.module+el8.10.0+1829+9bb2696f.aarch64.rpm
podman-gvproxy-debuginfo-4:4.9.4-3.module+el8.10.0+1829+9bb2696f.x86_64.rpm
podman-plugins-4:4.9.4-3.module+el8.10.0+1829+9bb2696f.aarch64.rpm
podman-plugins-4:4.9.4-3.module+el8.10.0+1829+9bb2696f.x86_64.rpm
podman-plugins-debuginfo-4:4.9.4-3.module+el8.10.0+1829+9bb2696f.aarch64.rpm
podman-plugins-debuginfo-4:4.9.4-3.module+el8.10.0+1829+9bb2696f.x86_64.rpm
podman-remote-4:4.9.4-3.module+el8.10.0+1829+9bb2696f.aarch64.rpm
podman-remote-4:4.9.4-3.module+el8.10.0+1829+9bb2696f.x86_64.rpm
podman-remote-debuginfo-4:4.9.4-3.module+el8.10.0+1829+9bb2696f.aarch64.rpm
podman-remote-debuginfo-4:4.9.4-3.module+el8.10.0+1829+9bb2696f.x86_64.rpm
podman-tests-4:4.9.4-3.module+el8.10.0+1829+9bb2696f.aarch64.rpm
podman-tests-4:4.9.4-3.module+el8.10.0+1829+9bb2696f.x86_64.rpm
python3-criu-0:3.18-5.module+el8.10.0+1815+5fe7415e.aarch64.rpm
python3-criu-0:3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm
python3-podman-0:4.9.0-1.module+el8.10.0+1815+5fe7415e.noarch.rpm
python-podman-0:4.9.0-1.module+el8.10.0+1815+5fe7415e.src.rpm
runc-1:1.1.12-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm
runc-1:1.1.12-1.module+el8.10.0+1815+5fe7415e.src.rpm
runc-1:1.1.12-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm
runc-debuginfo-1:1.1.12-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm
runc-debuginfo-1:1.1.12-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm
runc-debugsource-1:1.1.12-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm
runc-debugsource-1:1.1.12-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm
skopeo-2:1.14.3-2.module+el8.10.0+1815+5fe7415e.aarch64.rpm
skopeo-2:1.14.3-2.module+el8.10.0+1815+5fe7415e.x86_64.rpm
skopeo-tests-2:1.14.3-2.module+el8.10.0+1815+5fe7415e.aarch64.rpm
skopeo-tests-2:1.14.3-2.module+el8.10.0+1815+5fe7415e.x86_64.rpm
slirp4netns-0:1.2.3-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm
slirp4netns-0:1.2.3-1.module+el8.10.0+1815+5fe7415e.src.rpm
slirp4netns-0:1.2.3-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm
slirp4netns-debuginfo-0:1.2.3-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm
slirp4netns-debuginfo-0:1.2.3-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm
slirp4netns-debugsource-0:1.2.3-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm
slirp4netns-debugsource-0:1.2.3-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm
toolbox-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.aarch64.rpm
toolbox-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.src.rpm
toolbox-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.x86_64.rpm
toolbox-debuginfo-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.aarch64.rpm
toolbox-debuginfo-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.x86_64.rpm
toolbox-debugsource-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.aarch64.rpm
toolbox-debugsource-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.x86_64.rpm
toolbox-tests-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.aarch64.rpm
toolbox-tests-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.x86_64.rpm
udica-0:0.2.6-21.module+el8.10.0+1815+5fe7415e.noarch.rpm
udica-0:0.2.6-21.module+el8.10.0+1815+5fe7415e.src.rpm
References
No References
CVEs
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28176
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-28180
Fixes
https://bugzilla.redhat.com/show_bug.cgi?id=2268820
https://bugzilla.redhat.com/show_bug.cgi?id=2268854