Stay Secure with the Latest Linux Advisories

security advisoryFedoraDoS

Fedora 34: 2021-83b3740389 Moderate: Container-Selinux DoS Issue

crun and runc now both `Provides: oci-runtime`. ---- Security fix for CVE-2021-20291 Autobuilt v1.20.1. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2021-83b3740389 2021-04-24 20:00:51.081124 --------------------------------------------------------------------------------Name : container-selinux Product : Fedora 34 Version : 2.160.0 Release : 2.fc34 URL : https://github.com/containers/container-selinux Summary : SELinux policies for container runtimes Description : SELinux policy modules for use with container runtimes. --------------------------------------------------------------------------------Update Information: crun and runc now both `Provides: oci-runtime`. ---- Security fix for CVE-2021-20291 Autobuilt v1.20.1 --------------------------------------------------------------------------------ChangeLog: * Wed Apr 21 2021 Lokesh Mandvekar - 2:2.160.0-2 - rebuild for podman, buildah gating tests --------------------------------------------------------------------------------References: [ 1 ] Bug #1939485 - CVE-2021-20291 containers/storage: DoS via malicious image https://bugzilla.redhat.com/show_bug.cgi?id=1939485 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-83b3740389' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . Fedora 34's security advisory details vulnerabilities from CVE-2021-20291, advising on updates to prevent unauthorized privilege escalation in containers. SELinux Policies, Container Security, Runtime Vulnerabilities. . Severity: Important. LinuxSecurity.com Team

Apr 24, 2021 •Important Fedora