ELSA-2021-2370

ULN >
Oracle Linux Errata repository >
ELSA-2021-2370

ELSA-2021-2370 - container-tools:3.0 security update

Type:	SECURITY
Impact:	IMPORTANT
Release Date:	2021-06-14

Description

buildah
[1.19.7-1.0.1]
- Handling redirect from the docker registry [Orabug: 29874238] (Nikita Gerasimov)

[1.19.7-1]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.19
(https://github.com/containers/buildah/commit/a2854ed)
- Resolves: #1935376

cockpit-podman
[29-2]
- fix gating test failure for cockpit-podman
- Related: #1914884

[29-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/29
- Related: #1883490

conmon
[2:2.0.26-1]
- update to https://github.com/containers/conmon/releases/tag/v2.0.26
- Related: #1883490

containernetworking-plugins
[0.9.1-1]
- update to https://github.com/containernetworking/plugins/releases/tag/v0.9.1
- Related: #1883490

container-selinux
[2:2.158.0-1]
- update to https://github.com/containers/container-selinux/releases/tag/v2.158.0
- Related: #1883490

criu
[3.15-1]
- update to https://github.com/checkpoint-restore/criu/releases/tag/v3.15
- Related: #1883490

crun
[0.18-2]
- allow to build without glibc-static (thanks to Giuseppe Scrivano)
- Related: #1883490

fuse-overlayfs
[1.4.0-2]
- disable openat2 syscall again - still unsupported in current RHEL8 kernel
- Related: #1883490

[1.4.0-1]
- update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.4.0
- Related: #1883490

oci-seccomp-bpf-hook
[1.2.0-1]
- revert back to 1.2.0 - build issues
- Related: #1883490

[1.2.1-1]
- update to
https://github.com/containers/oci-seccomp-bpf-hook/releases/tag/v1.2.1
- require crun >= 0.17
- Related: #1883490

podman
[3.0.1-6.0.1]
- Handling redirect from the docker registry [Orabug: 29874238] (Nikita Gerasimov)

[3.0.1-6]
- update to the latest content of https://github.com/containers/podman/tree/v3.0.1-rhel
(https://github.com/containers/podman/commit/ad1aaba)
- Resolves: #1921128
- Resolves: #1936927
- Resolves: #1938234

runc
[1.0.0-71.rc92]
- fix CVE-2021-30465
- Related: #1955655

[1.0.0-70.rc92]
- add missing Provides: oci-runtime = 1
- Related: #1883490

[1.0.0-69.rc92]
- still use ExcludeArch as go_arches macro is broken for 8.4
- Related: #1883490

[1.0.0-68.rc92]
- update to https://github.com/opencontainers/runc/releases/tag/v1.0.0-rc92
- propagate proper CFLAGS to CGO_CFLAGS to assure code hardening and optimization
- Related: #1821193

skopeo
[1.2.2-7.0.1]
- Ignore rhel-shortnames.conf [JIRA: OLDIS-3902]
- Temporarily update shortnames.conf for oraclelinux to point to docker [JIRA: OLDIS-3902]
- Handling redirect from the docker registry [Orabug: 29874238] (Nikita Gerasimov)
- Add oracle registry into the conf file [Orabug: 29845934 31306708]

[1:1.2.2-7]
- use runc as default OCI runtime in RHEL8
- Resolves: #1940854

slirp4netns
[1.1.8-1]
- update to
https://github.com/rootless-containers/slirp4netns/releases/tag/v1.1.8
- Related: #1883490

udica
[0.2.4-1]
- update to https://github.com/containers/udica/releases/tag/v0.2.4
- Related: #1883490

Related CVEs

CVE-2021-30465

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	buildah-1.19.7-1.0.1.module+el8.4.0+20196+91e9c2ae.src.rpm	2258830c5ef712d32e1b42055c9ece40d66f5ce0ca229a13e5826e0cab5d1ed3	-	ol8_aarch64_appstream
	cockpit-podman-29-2.module+el8.4.0+20196+91e9c2ae.src.rpm	fdf1df2c8009f03bc86841a23755c57300505bab0730a01a36c6efbd90ce33c8	-	ol8_aarch64_appstream
	conmon-2.0.26-1.module+el8.4.0+20196+91e9c2ae.src.rpm	b8ff270909899783fa853a86df452825104b3eaeff610490916a4015d31f894e	-	ol8_aarch64_appstream
	container-selinux-2.158.0-1.module+el8.4.0+20196+91e9c2ae.src.rpm	9c71abf4313e509fa8843308dc2733ef45043bbbad47fec53bcd7c895e46fc4a	-	ol8_aarch64_appstream
	containernetworking-plugins-0.9.1-1.module+el8.4.0+20196+91e9c2ae.src.rpm	42ae1d5c32f5d28d59f2fe129571b84399c732b831a0bcdcf4146c0bf63b9ccd	-	ol8_aarch64_appstream
	criu-3.15-1.module+el8.4.0+20196+91e9c2ae.src.rpm	2b7070606968a3175aa33d6b8995b3590b202aa4f6c4166a45c49352dd952308	-	ol8_aarch64_appstream
	crun-0.18-2.module+el8.4.0+20196+91e9c2ae.src.rpm	9de07edf84dd866e763e24e81b30b84e699cee14d505cc5547a39c82ec823830	-	ol8_aarch64_appstream
	fuse-overlayfs-1.4.0-2.module+el8.4.0+20196+91e9c2ae.src.rpm	b74e7dc3a5d5ed8b322204016159808bff6ea64940e8b53a3b80385b8cd4a450	-	ol8_aarch64_appstream
	libslirp-4.3.1-1.module+el8.4.0+20196+91e9c2ae.src.rpm	a760fb3a8f0999d6bb3bb2ed0b787e0cd1bbedfc8e842a48b63345abad4fcecc	-	ol8_aarch64_appstream
	oci-seccomp-bpf-hook-1.2.0-1.module+el8.4.0+20196+91e9c2ae.src.rpm	86cfbcc155436e1d9f00f968d3c1a3026d9188af04f82ba819176b80dd149f51	-	ol8_aarch64_appstream
	podman-3.0.1-6.0.1.module+el8.4.0+20196+91e9c2ae.src.rpm	22189943b8a21d57791c5f09fd054527c667b9655ae0a88822a5be2e3b852be2	-	ol8_aarch64_appstream
	runc-1.0.0-71.rc92.module+el8.4.0+20196+91e9c2ae.src.rpm	60a1d8a663da98801d929e15ecbdc9a581b44db7568933405c637f090f17cfcc	-	ol8_aarch64_appstream
	skopeo-1.2.2-7.0.1.module+el8.4.0+20196+91e9c2ae.src.rpm	cc643383f873e5c38483b4e11570bac75b38f51daf324563577938ced9279aca	-	ol8_aarch64_appstream
	slirp4netns-1.1.8-1.module+el8.4.0+20196+91e9c2ae.src.rpm	634662a911092072eccaa0d781cebdf86301d3d4a629313735698bffa01d46f6	-	ol8_aarch64_appstream
	udica-0.2.4-1.module+el8.4.0+20196+91e9c2ae.src.rpm	9d2e899abb8078a78ce4329d53264f82214a28883d26c5c015561c0a967f27f1	-	ol8_aarch64_appstream
	buildah-1.19.7-1.0.1.module+el8.4.0+20196+91e9c2ae.aarch64.rpm	93321a45cb54f8dcde5308d8f0223892ab3cb82b84c04663804d4bdc88482f2e	-	ol8_aarch64_appstream
	buildah-tests-1.19.7-1.0.1.module+el8.4.0+20196+91e9c2ae.aarch64.rpm	ee3be4a0f10961172e592ecbacdb8b5cde6e8ee404ee8e0ecb30205e8bb3f0e0	-	ol8_aarch64_appstream
	cockpit-podman-29-2.module+el8.4.0+20196+91e9c2ae.noarch.rpm	3986e649a9d8a3e67eba98566d99dc6dbbae06d8ef4776675443436965c20a6b	-	ol8_aarch64_appstream
	conmon-2.0.26-1.module+el8.4.0+20196+91e9c2ae.aarch64.rpm	131bd6e3291146a41f1d2b17298b058545d6d556c05580228d2bbf38ecc3102c	-	ol8_aarch64_appstream
	container-selinux-2.158.0-1.module+el8.4.0+20196+91e9c2ae.noarch.rpm	29eaa44691d4f68abeb2901ce8b2aefd5d99e8d83b36494c91a5222362960853	-	ol8_aarch64_appstream
	containernetworking-plugins-0.9.1-1.module+el8.4.0+20196+91e9c2ae.aarch64.rpm	a703e3b60d997bd610d74fea4e08b1730ce352b16ca299003aac674167ee94fe	-	ol8_aarch64_appstream
	containers-common-1.2.2-7.0.1.module+el8.4.0+20196+91e9c2ae.aarch64.rpm	5d99843a71b9dc63b61d184b09e354568224957bd6a88d5ae190e2a0973bb45a	-	ol8_aarch64_appstream
	crit-3.15-1.module+el8.4.0+20196+91e9c2ae.aarch64.rpm	d3dff5325f07b4fa624c07128a7a37f0981b818e3119facd414043bfb25b5471	-	ol8_aarch64_appstream
	criu-3.15-1.module+el8.4.0+20196+91e9c2ae.aarch64.rpm	3857994f6d6d084fc0d1a2b651fd89f2b4be02167341d824c21c95e7890018bc	-	ol8_aarch64_appstream
	crun-0.18-2.module+el8.4.0+20196+91e9c2ae.aarch64.rpm	7cd0f2cffa54bc814ff66d043f255faa75ed9d1b5dc3e1f6b9a676d2ecbb2dd8	-	ol8_aarch64_appstream
	fuse-overlayfs-1.4.0-2.module+el8.4.0+20196+91e9c2ae.aarch64.rpm	06a8196db0a84d61ce888bdfe51254492485c6435facf06be54ce2048dca0145	-	ol8_aarch64_appstream
	libslirp-4.3.1-1.module+el8.4.0+20196+91e9c2ae.aarch64.rpm	79b0b23907bcc35a5ed71f979686781960d96c479749811ff7ad48bbfc67460a	-	ol8_aarch64_appstream
	libslirp-devel-4.3.1-1.module+el8.4.0+20196+91e9c2ae.aarch64.rpm	753073f42dbf5a0e9ae9494198b6c0b562fe2001417fb03669d82e6819c56465	-	ol8_aarch64_appstream
	oci-seccomp-bpf-hook-1.2.0-1.module+el8.4.0+20196+91e9c2ae.aarch64.rpm	57ea47581262d3aec31fb8ff98ca466c20e4a584e9755dc81072926a4488c991	-	ol8_aarch64_appstream
	podman-3.0.1-6.0.1.module+el8.4.0+20196+91e9c2ae.aarch64.rpm	6ae2befa4e63120bd189183aeb01e0c301c427ebfcdf44e57f628bc7b2642c64	-	ol8_aarch64_appstream
	podman-catatonit-3.0.1-6.0.1.module+el8.4.0+20196+91e9c2ae.aarch64.rpm	117662a84044a3cba0d9d0e91fc914faf888f3827e2fca98545e5b6d546c8994	-	ol8_aarch64_appstream
	podman-docker-3.0.1-6.0.1.module+el8.4.0+20196+91e9c2ae.noarch.rpm	bae70ae1b910797d6b37ac63914dd99167fc6d0bb6c453334c637e77cd7e1c2c	-	ol8_aarch64_appstream
	podman-plugins-3.0.1-6.0.1.module+el8.4.0+20196+91e9c2ae.aarch64.rpm	aba724458a891d583967d9c3f8b3bea0cec6269ea8ccaea5f972006c94d06c08	-	ol8_aarch64_appstream
	podman-remote-3.0.1-6.0.1.module+el8.4.0+20196+91e9c2ae.aarch64.rpm	dc09300f67e44a34ee0c63d27653c56e7c5ede7ddd56faa37ba02a8c04e5dfd4	-	ol8_aarch64_appstream
	podman-tests-3.0.1-6.0.1.module+el8.4.0+20196+91e9c2ae.aarch64.rpm	961c85a8baa14999d70f44e1497f0357c29b2ef0b41d15df03986c3ec9d825fc	-	ol8_aarch64_appstream
	python3-criu-3.15-1.module+el8.4.0+20196+91e9c2ae.aarch64.rpm	51a5b173b3ef9c871998a11509e9455ecdef7e183e9f85fae5648571e270ef13	-	ol8_aarch64_appstream
	runc-1.0.0-71.rc92.module+el8.4.0+20196+91e9c2ae.aarch64.rpm	7f92daca1070c78cdd10416c1ea33af18e1f5ca49e0080afb601af0b4a1c3050	-	ol8_aarch64_appstream
	skopeo-1.2.2-7.0.1.module+el8.4.0+20196+91e9c2ae.aarch64.rpm	a349e9eff4befa2ba129d43ebc0836451ff244de0565f4619b5aa2da9ab5a7a8	-	ol8_aarch64_appstream
	skopeo-tests-1.2.2-7.0.1.module+el8.4.0+20196+91e9c2ae.aarch64.rpm	0f61543975d6da89a43e4858e42d0475639226d814fff5a45dd273530d7470da	-	ol8_aarch64_appstream
	slirp4netns-1.1.8-1.module+el8.4.0+20196+91e9c2ae.aarch64.rpm	13c72492ea99bdfa37dff99e4edbc48e32ab437ae372ec113b5050017eb4771d	-	ol8_aarch64_appstream
	udica-0.2.4-1.module+el8.4.0+20196+91e9c2ae.noarch.rpm	29415332efd7f880d0fed813f3c5890141b7f24003fcb226b69fdea350426c21	-	ol8_aarch64_appstream

Oracle Linux 8 (x86_64)	buildah-1.19.7-1.0.1.module+el8.4.0+20196+91e9c2ae.src.rpm	2258830c5ef712d32e1b42055c9ece40d66f5ce0ca229a13e5826e0cab5d1ed3	-	ol8_x86_64_appstream
	cockpit-podman-29-2.module+el8.4.0+20196+91e9c2ae.src.rpm	fdf1df2c8009f03bc86841a23755c57300505bab0730a01a36c6efbd90ce33c8	-	ol8_x86_64_appstream
	conmon-2.0.26-1.module+el8.4.0+20196+91e9c2ae.src.rpm	b8ff270909899783fa853a86df452825104b3eaeff610490916a4015d31f894e	-	ol8_x86_64_appstream
	container-selinux-2.158.0-1.module+el8.4.0+20196+91e9c2ae.src.rpm	9c71abf4313e509fa8843308dc2733ef45043bbbad47fec53bcd7c895e46fc4a	-	ol8_x86_64_appstream
	containernetworking-plugins-0.9.1-1.module+el8.4.0+20196+91e9c2ae.src.rpm	42ae1d5c32f5d28d59f2fe129571b84399c732b831a0bcdcf4146c0bf63b9ccd	-	ol8_x86_64_appstream
	criu-3.15-1.module+el8.4.0+20196+91e9c2ae.src.rpm	2b7070606968a3175aa33d6b8995b3590b202aa4f6c4166a45c49352dd952308	-	ol8_x86_64_appstream
	crun-0.18-2.module+el8.4.0+20196+91e9c2ae.src.rpm	9de07edf84dd866e763e24e81b30b84e699cee14d505cc5547a39c82ec823830	-	ol8_x86_64_appstream
	fuse-overlayfs-1.4.0-2.module+el8.4.0+20196+91e9c2ae.src.rpm	b74e7dc3a5d5ed8b322204016159808bff6ea64940e8b53a3b80385b8cd4a450	-	ol8_x86_64_appstream
	libslirp-4.3.1-1.module+el8.4.0+20196+91e9c2ae.src.rpm	a760fb3a8f0999d6bb3bb2ed0b787e0cd1bbedfc8e842a48b63345abad4fcecc	-	ol8_x86_64_appstream
	oci-seccomp-bpf-hook-1.2.0-1.module+el8.4.0+20196+91e9c2ae.src.rpm	86cfbcc155436e1d9f00f968d3c1a3026d9188af04f82ba819176b80dd149f51	-	ol8_x86_64_appstream
	podman-3.0.1-6.0.1.module+el8.4.0+20196+91e9c2ae.src.rpm	22189943b8a21d57791c5f09fd054527c667b9655ae0a88822a5be2e3b852be2	-	ol8_x86_64_appstream
	runc-1.0.0-71.rc92.module+el8.4.0+20196+91e9c2ae.src.rpm	60a1d8a663da98801d929e15ecbdc9a581b44db7568933405c637f090f17cfcc	-	ol8_x86_64_appstream
	skopeo-1.2.2-7.0.1.module+el8.4.0+20196+91e9c2ae.src.rpm	cc643383f873e5c38483b4e11570bac75b38f51daf324563577938ced9279aca	-	ol8_x86_64_appstream
	slirp4netns-1.1.8-1.module+el8.4.0+20196+91e9c2ae.src.rpm	634662a911092072eccaa0d781cebdf86301d3d4a629313735698bffa01d46f6	-	ol8_x86_64_appstream
	udica-0.2.4-1.module+el8.4.0+20196+91e9c2ae.src.rpm	9d2e899abb8078a78ce4329d53264f82214a28883d26c5c015561c0a967f27f1	-	ol8_x86_64_appstream
	buildah-1.19.7-1.0.1.module+el8.4.0+20196+91e9c2ae.x86_64.rpm	3b9fbbfda41f6b71619bc13b1660ba486fe55abd8b23e27ae7b4fe732d1f827b	-	ol8_x86_64_appstream
	buildah-tests-1.19.7-1.0.1.module+el8.4.0+20196+91e9c2ae.x86_64.rpm	eb0b6554f574fcdd5b96deddae7b50b05c928ebd1749585dc109d735f6ecb57b	-	ol8_x86_64_appstream
	cockpit-podman-29-2.module+el8.4.0+20196+91e9c2ae.noarch.rpm	3986e649a9d8a3e67eba98566d99dc6dbbae06d8ef4776675443436965c20a6b	-	ol8_x86_64_appstream
	conmon-2.0.26-1.module+el8.4.0+20196+91e9c2ae.x86_64.rpm	0255bbdace1690a258d2e0ebb31bb3a23b43b52ddbd9c2ab60521c4c00bb39ba	-	ol8_x86_64_appstream
	container-selinux-2.158.0-1.module+el8.4.0+20196+91e9c2ae.noarch.rpm	29eaa44691d4f68abeb2901ce8b2aefd5d99e8d83b36494c91a5222362960853	-	ol8_x86_64_appstream
	containernetworking-plugins-0.9.1-1.module+el8.4.0+20196+91e9c2ae.x86_64.rpm	0713899e500729ac69f68a3bf1f1f5dc2cb0a39b3677013b6e2acfe1903d1f36	-	ol8_x86_64_appstream
	containers-common-1.2.2-7.0.1.module+el8.4.0+20196+91e9c2ae.x86_64.rpm	f2c2fb46743114c1519c9d4966367f5f57f7a46f569dc811cb9adc4254cf9a54	-	ol8_x86_64_appstream
	crit-3.15-1.module+el8.4.0+20196+91e9c2ae.x86_64.rpm	834876cffa210f3adcdeed889355f2f8cceb8ff6f6068dc2de51d76ff18cc59d	-	ol8_x86_64_appstream
	criu-3.15-1.module+el8.4.0+20196+91e9c2ae.x86_64.rpm	b794a9907f8765be3f2eb6c374676ea2b6048bab20969c7fd7ffa46d9629b698	-	ol8_x86_64_appstream
	crun-0.18-2.module+el8.4.0+20196+91e9c2ae.x86_64.rpm	24e006d052ee236f461a255630a55693b11b597067c24453e0f6a4b07951d2d3	-	ol8_x86_64_appstream
	fuse-overlayfs-1.4.0-2.module+el8.4.0+20196+91e9c2ae.x86_64.rpm	4adbbe36f92f42037f41490dc27791c9f69eae7c9dff7a6dbd4c4083df11f766	-	ol8_x86_64_appstream
	libslirp-4.3.1-1.module+el8.4.0+20196+91e9c2ae.x86_64.rpm	4678bd5bb3e68c698d2b3507e98715c66b489640a2985ef569f180788a7649ec	-	ol8_x86_64_appstream
	libslirp-devel-4.3.1-1.module+el8.4.0+20196+91e9c2ae.x86_64.rpm	0dede74467f9629ba021e25026cfe67614d26daa4799de447dfcefd808a97ce1	-	ol8_x86_64_appstream
	oci-seccomp-bpf-hook-1.2.0-1.module+el8.4.0+20196+91e9c2ae.x86_64.rpm	3204155ccbda804767bf1e9416c197ab9f06d26bdbab9f5a9310ac2d5d2d5a6f	-	ol8_x86_64_appstream
	podman-3.0.1-6.0.1.module+el8.4.0+20196+91e9c2ae.x86_64.rpm	53150e29488b00d5d7ea277c26cca7b431508ac902cc33916128bbf8fc25a8f8	-	ol8_x86_64_appstream
	podman-catatonit-3.0.1-6.0.1.module+el8.4.0+20196+91e9c2ae.x86_64.rpm	225b888edde4c849c5c862fa8939e29939d1772d59a9b77172c206485f42601a	-	ol8_x86_64_appstream
	podman-docker-3.0.1-6.0.1.module+el8.4.0+20196+91e9c2ae.noarch.rpm	bae70ae1b910797d6b37ac63914dd99167fc6d0bb6c453334c637e77cd7e1c2c	-	ol8_x86_64_appstream
	podman-plugins-3.0.1-6.0.1.module+el8.4.0+20196+91e9c2ae.x86_64.rpm	7449507f0e835d390bb0e4a3cc473a5926d80ddf3c7a357ae72349daa0188143	-	ol8_x86_64_appstream
	podman-remote-3.0.1-6.0.1.module+el8.4.0+20196+91e9c2ae.x86_64.rpm	1ee339f119bc52dc6bcbd30459fe3c883ab39af36e966f94c04afc8cda8a8432	-	ol8_x86_64_appstream
	podman-tests-3.0.1-6.0.1.module+el8.4.0+20196+91e9c2ae.x86_64.rpm	52f9d3221ac2765d93f969a52a3a6955c58150a6afd1898f61b697c39f8ca51f	-	ol8_x86_64_appstream
	python3-criu-3.15-1.module+el8.4.0+20196+91e9c2ae.x86_64.rpm	635524d5947a7f7463244e0e92c545a811cb0930ab10ef12712bebf106782d53	-	ol8_x86_64_appstream
	runc-1.0.0-71.rc92.module+el8.4.0+20196+91e9c2ae.x86_64.rpm	f08436c0ee49d567a4408e3807a82d80359e565a332df11de2e1691a8988d1c5	-	ol8_x86_64_appstream
	skopeo-1.2.2-7.0.1.module+el8.4.0+20196+91e9c2ae.x86_64.rpm	2264a835bba19363192b3456d654f9a8b58156f801c7f2782da5c2f5afa50452	-	ol8_x86_64_appstream
	skopeo-tests-1.2.2-7.0.1.module+el8.4.0+20196+91e9c2ae.x86_64.rpm	358ed2aa0c2ccb42d0bf0e0c84a71aae95c87a8538eaf29fefe460e8ab18988f	-	ol8_x86_64_appstream
	slirp4netns-1.1.8-1.module+el8.4.0+20196+91e9c2ae.x86_64.rpm	1214cf45ea165ddc0831b7af3c554038a6058097f973e14d4eb2fe8bb7be63de	-	ol8_x86_64_appstream
	udica-0.2.4-1.module+el8.4.0+20196+91e9c2ae.noarch.rpm	29415332efd7f880d0fed813f3c5890141b7f24003fcb226b69fdea350426c21	-	ol8_x86_64_appstream

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691