SUSE: 2020:0697-1 Moderate Update for cni Fixes in podman Released
suse
March 16, 2020
An update that solves one vulnerability and has two fixes is now available
Summary
This update for cni, cni-plugins, conmon, fuse-overlayfs, podman fixes the following issues: podman was updated to 1.8.0: - CVE-2019-18466: Fixed a bug where podman cp would improperly copy files on the host when copying a symlink in the container that included a glob operator (#3829 bsc#1155217) - The name of the cni-bridge in the default config changed from "cni0" to "podman-cni0" with podman-1.6.0. Add a %trigger to rename the bridge in the system to the new default if it exists. The trigger is only excuted when updating podman-cni-config from something older than 1.6.0. This is mainly needed for SLE where we're updating from 1.4.4 to 1.8.0 (bsc#1160460). Update podman to v1.8.0 (bsc#1160460): * Features - The podman system service command has been added, providing a preview
Topics Covered
References
#1155217 #1160460 #1164390
Cross- CVE-2019-18466
Affected Products:
SUSE Linux Enterprise Module for Public Cloud 15-SP1
SUSE Linux Enterprise Module for Containers 15-SP1
https://www.suse.com/security/cve/CVE-2019-18466.html
https://bugzilla.suse.com/1155217
https://bugzilla.suse.com/1160460
https://bugzilla.suse.com/1164390
PREVIOUS
NEXT
Announcement ID: SUSE-SU-2020:0697-1
Rating: moderate
Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!