ELSA-2023-6474
- ULN >
- Oracle Linux Errata repository >
- ELSA-2023-6474
ELSA-2023-6474 - podman security, bug fix, and enhancement update
| Type: | SECURITY |
| Severity: | MODERATE |
| Release Date: | 2023-11-11 |
Description
[2:4.6.1-5.0.1]
- Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117404]
[2:4.6.1-5]
- update to the latest content of https://github.com/containers/podman/tree/v4.6.1-rhel
(https://github.com/containers/podman/commit/ea33dce)
- Related: #2176063
[2:4.6.1-4]
- amend podmansh provides
- Related: #2176063
[2:4.6.1-3]
- update to the latest content of https://github.com/containers/podman/tree/v4.6.1-rhel
(https://github.com/containers/podman/commit/8bb0204)
- Related: #2176063
[2:4.6.1-2]
- update to the latest content of https://github.com/containers/podman/tree/v4.6.1-rhel
(https://github.com/containers/podman/commit/1b2fadd)
- Resolves: #2232127
[2:4.6.1-1]
- update to latest content of https://github.com/containers/podman/releases/tag/4.6.1
- Related: #2176063
[2:4.6.0-3]
- build podman 4.6.0 off main branch for early testing of zstd compression
- Related: #2176063
[2:4.6.0-2]
- update license token to be SPDX compatible
- Related: #2176063
[2:4.6.0-1]
- update to latest content of https://github.com/containers/podman/releases/tag/4.6.0
(https://github.com/containers/podman/commit/38e6fab9664c6e59b66e73523b307a56130316ae)
[2:4.6.0-0.3]
- rebuild with the new bats
- Related: #2176063
[2:4.6.0-0.2]
- update to 4.6.0-rc2
- Related: #2176063
[2:4.6.0-0.1]
- update to 4.6.0-rc1
- Related: #2176063
[2:4.5.1-5]
- rebuild for following CVEs:
CVE-2023-25173 CVE-2022-41724 CVE-2022-41725 CVE-2023-24537 CVE-2023-24538 CVE-2023-24534 CVE-2023-24536 CVE-2022-41723 CVE-2023-24539 CVE-2023-24540 CVE-2023-29400
- Resolves: #2175071
- Resolves: #2179950
- Resolves: #2187318
- Resolves: #2187366
- Resolves: #2203681
- Resolves: #2207512
[2:4.5.1-4]
- update to https://github.com/containers/gvisor-tap-vsock/releases/tag/v0.6.1
- Related: #2176063
[2:4.5.1-3]
- rebuild for following CVEs:
CVE-2023-25173 CVE-2022-41724 CVE-2022-41725 CVE-2023-24537 CVE-2023-24538 CVE-2023-24534 CVE-2023-24536 CVE-2022-41723 CVE-2023-24539 CVE-2023-24540 CVE-2023-29400
- Resolves: #2175074
- Resolves: #2179966
- Resolves: #2187322
- Resolves: #2187383
- Resolves: #2203702
- Resolves: #2207522
[2:4.5.1-2]
- rebuild
- Resolves: #2177611
[2:4.5.1-1]
- update to https://github.com/containers/podman/releases/tag/v4.5.1
- Related: #2176063
[2:4.5.0-1]
- update to 4.5.0
- Related: #2176063
[2:4.4.1-10]
- build and add missing docker man pages
- Resolves: #2187187
[2:4.4.1-9]
- update to the latest content of https://github.com/containers/podman/tree/v4.4.1-rhel
(https://github.com/containers/podman/commit/fd0ea3b)
- Resolves: #2173089
[2:4.4.1-8]
- update to the latest content of https://github.com/containers/podman/tree/v4.4.1-rhel
(https://github.com/containers/podman/commit/05037d3)
- Resolves: #2178263
[2:4.4.1-7]
- update to the latest content of https://github.com/containers/podman/tree/v4.4.1-rhel
(https://github.com/containers/podman/commit/67f7e1e)
- Related: #2176063
[2:4.4.1-6]
- update to the latest content of https://github.com/containers/podman/tree/v4.4.1-rhel
(https://github.com/containers/podman/commit/4461c9c)
- Related: #2176063
[2:4.4.1-5]
- update to the latest content of https://github.com/containers/podman/tree/v4.4.1-rhel
(https://github.com/containers/podman/commit/bf400bd)
- Related: #2176063
[2:4.4.1-4]
- update to the latest content of https://github.com/containers/podman/tree/v4.4.1-rhel
(https://github.com/containers/podman/commit/ffc2614)
- Resolves: #2179450
[2:4.4.1-3]
- update to the latest content of https://github.com/containers/podman/tree/v4.4.1-rhel
(https://github.com/containers/podman/commit/e1703bb)
- Related: #2124478
[2:4.4.1-2]
- update to the latest content of https://github.com/containers/podman/tree/v4.4.1-rhel
(https://github.com/containers/podman/commit/0b38633)
- Related: #2124478
[2:4.4.1-1]
- update to the latest content of https://github.com/containers/podman/tree/v4.4.1-rhel
(https://github.com/containers/podman/commit/d4e285a)
- Related: #2124478
[2:4.4.1-0.1]
- update to the latest content of https://github.com/containers/podman/tree/v4.4
(https://github.com/containers/podman/commit/f5670f0)
- Related: #2124478
[2:4.4.0-1]
- update to podman-4.4 release
- Related: #2124478
[2:4.4.0-0.10]
- update to the latest content of https://github.com/containers/podman/tree/main
(https://github.com/containers/podman/commit/68bbdc2)
- Related: #2124478
[2:4.4.0-0.9]
- update to the latest content of https://github.com/containers/podman/tree/main
(https://github.com/containers/podman/commit/323b515)
- Related: #2124478
[2:4.4.0-0.8]
- update to the latest content of https://github.com/containers/podman/tree/main
(https://github.com/containers/podman/commit/c35e74f)
- Related: #2124478
[2:4.4.0-0.7]
- update to the latest content of https://github.com/containers/podman/tree/main
(https://github.com/containers/podman/commit/ce504bb)
- Related: #2124478
[2:4.4.0-0.6]
- add quadlet to tests
- Related: #2124478
[2:4.4.0-0.5]
- obsolete podman-catatonit in order to not to file conflict with catatonit
- Related: #2124478
[2:4.4.0-0.4]
- build v4.4.0-rc2
- Related: #2124478
[2:4.4.0-0.3]
- remove podman-machine-cni, it is now part of podman 4.0 or newer
- Related: #2124478
[2:4.4.0-0.2]
- update to the latest content of https://github.com/containers/podman/tree/main
(https://github.com/containers/podman/commit/07ba51d)
- update gvisor-tap-vsock to 0.5.0
- Related: #2124478
[2:4.4.0-0.1]
- podman-4.4.0-rc1
- update to the latest content of https://github.com/containers/podman/tree/main
(https://github.com/containers/podman/commit/f1af5b3)
- Related: #2124478
[2:4.3.1-4]
- podman shouldn't provide and file conflict with catatonit in CRB
- Resolves: #2151322
[2:4.3.1-3]
- fix 'podman manifest add' is not concurrent safe
- Resolves: #2105173
[2:4.3.1-2]
- properly obsolete catatonit
- Resolves: #2123319
[2:4.3.1-1]
- update to https://github.com/containers/podman/releases/tag/v4.3.1
- Related: #2124478
[2:4.3.0-2]
- rebuild to fix CVE-2022-30629
- Related: #2102994
[2:4.3.0-1]
- update to https://github.com/containers/podman/releases/tag/v4.3.0
- Related: #2124478
[2:4.2.0-3]
- fix dependency in test subpackage
- Related: #2061316
[2:4.2.0-2]
- readd catatonit
- Related: #2061316
[2:4.2.0-1]
- update to latest content of https://github.com/containers/podman/releases/tag/4.2.0
(https://github.com/containers/podman/commit/7fe5a419cfd2880df2028ad3d7fd9378a88a04f4)
- Related: #2061316
[2:4.2.0-0.3rc3]
- require catatonit for gating tests
- Related: #2061316
[2:4.2.0-0.2rc3]
- update to 4.2.0-rc3
- Related: #2061316
[2:4.2.0-0.1rc2]
- update to 4.2.0-rc2
- Related: #2061316
[2:4.1.1-6]
- convert catatonit dependency to soft dep as catatonit is
no longer in Appstream but in CRB
- Related: #2061316
[2:4.1.1-5]
- rebuild for combined gating with catatonit
- Related: #2097694
[2:4.1.1-4]
- catatonit is now a standalone package
- Related: #2097694
[2:4.1.1-3]
- update to the latest content of https://github.com/containers/podman/tree/v4.1.1-rhel
(https://github.com/containers/podman/commit/fa692a6)
- Related: #2097694
[2:4.1.1-2]
- be sure podman services/sockets are stopped upon package removal
- Related: #2061316
[2:4.1.1-1]
- update to https://github.com/containers/podman/releases/tag/v4.1.1
- Related: #2061316
[2:4.1.0-4]
- don't require runc and Recommends: crun
- Related: #2061316
[2:4.1.0-3]
- Re-enable LTO and debuginfo
- Related: #2061316
[2:4.1.0-2]
- update gvisor-tap-vsock to 0.2.0 to fix compilation with golang 1.18
- Related: #2061316
[2:4.1.0-1]
- update to https://github.com/containers/podman/releases/tag/v4.1.0
- Related: #2061316
[2:4.0.3-2]
- require netavark and move CNI to soft dependencies
- Related: #2061316
[2:4.0.3-1]
- update to https://github.com/containers/podman/releases/tag/v4.0.3
- Related: #2061316
[2:4.0.2-3]
- bump minimal libseccomp version requirement
- Related: #2061316
[2:4.0.2-2]
- rebuilt with golang >= 1.17.5 (CVE-2021-44716, CVE-2021-44717)
- Related: #2061316
[2:4.0.2-1]
- update to https://github.com/containers/podman/releases/tag/v4.0.2
- Related: #2059681
[2:4.0.1-1]
- update to https://github.com/containers/podman/releases/tag/v4.0.1
- Related: #2000051
[2:4.0.0-6]
- set catatonit cflags after configure step, don't explicitly set ldflags
- Related: #2054115
[2:4.0.0-5]
- revert previous change and run set_build_flags before the build process
- Related: #2054115
[2:4.0.0-4]
- add -D_FORTIFY_SOURCE=2 for podman-catatonit
- Related: #2054115
[2:4.0.0-3]
- depend on containers-common >= 2:1-28
- Related: #2000051
[2:4.0.0-2]
- use correct commit 49f8da72 for podman, previous commit said 4.0.1-dev
- Related: #2000051
[2:4.0.0-1]
- update to podman-4.0.0 release
- Related: #2000051
[2:4.0.0-0.32]
- update to the latest content of https://github.com/containers/podman/tree/v4.0
(https://github.com/containers/podman/commit/a34f279)
- Related: #2000051
[2:4.0.0-0.31]
- update to the latest content of https://github.com/containers/podman/tree/v4.0
(https://github.com/containers/podman/commit/ab3e566)
- Related: #2000051
[2:4.0.0-0.30]
- fix linker flags to assure -D_FORTIFY_SOURCE=2 is present at the command line
- Related: #2000051
[2:4.0.0-0.29]
- update to the latest content of https://github.com/containers/podman/tree/v4.0
(https://github.com/containers/podman/commit/b0a445e)
- Related: #2000051
[2:4.0.0-0.28]
- update to the latest content of https://github.com/containers/podman/tree/v4.0
(https://github.com/containers/podman/commit/c4a9aa7)
- Related: #2000051
[2:4.0.0-0.27]
- update to the latest content of https://github.com/containers/podman/tree/v4.0
(https://github.com/containers/podman/commit/5b2d96f)
- Related: #2000051
[2:4.0.0-0.26]
- set CGO_CFLAGS explicitly
- Related: #2000051
[2:4.0.0-0.25]
- bump to 0.25 to have highest NVR
- Related: #2000051
[2:4.0.0-0.4]
- rebuilt
- Related: #2000051
[2:4.0.0-0.3]
- update to the latest content of https://github.com/containers/podman/tree/v4.0
(https://github.com/containers/podman/commit/2dca7b2)
- Related: #2000051
[2:4.0.0-0.2]
- update to the latest content of https://github.com/containers/podman/tree/v4.0
(https://github.com/containers/podman/commit/4ad9e00)
- Related: #2000051
[2:4.0.0-0.1]
- update to the latest content of https://github.com/containers/podman/tree/v4.0
(https://github.com/containers/podman/commit/337f706)
- Related: #2000051
[2:3.4.5-0.8]
- update to the latest content of https://github.com/containers/podman/tree/v3.4
(https://github.com/containers/podman/commit/a54320a)
- Related: #2000051
[2:3.4.5-0.7]
- add rootless_role (Ed Santiago)
- Related: #2000051
[2:3.4.5-0.6]
- add git-daemon to test subpackage
(https://github.com/containers/podman/issues/12851)
- Related: #2000051
[2:3.4.5-0.5]
- update to the latest content of https://github.com/containers/podman/tree/v3.4
(https://github.com/containers/podman/commit/63134a1)
- Related: #2000051
[2:3.4.5-0.4]
- update to the latest content of https://github.com/containers/podman/tree/v3.4
(https://github.com/containers/podman/commit/3f57b6e)
- Related: #2000051
[2:3.4.5-0.3]
- update to the latest content of https://github.com/containers/podman/tree/v3.4
(https://github.com/containers/podman/commit/17788ed)
- Related: #2000051
[2:3.4.5-0.2]
- incorporate gating test fixes from Ed Santiago:
- remove buildah and skopeo (unused)
- bump BATS from v1.1 to v1.5
- rename 'nonroot' to 'rootless'
- Related: #2000051
[2:3.4.5-0.1]
- update to the latest content of https://github.com/containers/podman/tree/v3.4
(https://github.com/containers/podman/commit/b8fde5c)
- Related: #2000051
[2:3.4.4-0.1]
- update to the latest content of https://github.com/containers/podman/tree/v3.4
(https://github.com/containers/podman/commit/49f589d)
- Related: #2000051
[2:3.4.3-0.11]
- remove downstream patch already applied upstream
- Related: #2000051
[2:3.4.3-0.10]
- update to the latest content of https://github.com/containers/podman/tree/v3.4
(https://github.com/containers/podman/commit/fe44757)
- Related: #2000051
[2:3.4.3-0.9]
- update to the latest content of https://github.com/containers/podman/tree/v3.4
(https://github.com/containers/podman/commit/815f36a)
- Related: #2000051
[2:3.4.3-0.8]
- update to the latest content of https://github.com/containers/podman/tree/v3.4
(https://github.com/containers/podman/commit/31bc358)
- Related: #2000051
[2:3.4.3-0.7]
- bump Epoch to not to pull in older versions built off upstream main branch
- Related: #2000051
[1:3.4.3-0.6]
- update to the latest content of https://github.com/containers/podman/tree/v3.4
(https://github.com/containers/podman/commit/e3a7a74)
- add libsubid_tag.sh into BUILDTAGS
- Related: #2000051
[1:3.4.3-0.5]
- do not put patch URL as the backported patch will get overwritten when
'spectool -g -f' is executed
- Related: #2000051
[1:3.4.3-0.4]
- update to the latest content of https://github.com/containers/podman/tree/v3.4
(https://github.com/containers/podman/commit/7203178)
- Related: #2000051
[1:3.4.3-0.3]
- remove -t 0 from podman gating test
- Related: #2000051
[1:3.4.3-0.2]
- add BuildRequires: shadow-utils-subid-devel
- Related: #2000051
[1:3.4.3-0.1]
- update to the latest content of https://github.com/containers/podman/tree/v3.4
(https://github.com/containers/podman/commit/4808a63)
- Related: #2000051
[1:3.4.2-0.8]
- update to the latest content of https://github.com/containers/podman/tree/v3.4
(https://github.com/containers/podman/commit/fd010ad)
- Related: #2000051
[1:3.4.2-0.7]
- backport https://github.com/containers/podman/pull/12118 to 3.4
in attempt to fix gating tests
- Related: #2000051
[1:3.4.2-0.6]
- add Requires: gnupg
(https://github.com/containers/podman/pull/12270)
- Related: #2000051
[1:3.4.2-0.5]
- update to the latest content of https://github.com/containers/podman/tree/v3.4
(https://github.com/containers/podman/commit/8de9950)
- Related: #2000051
[1:3.4.2-0.4]
- update catatonit to 1.7
- Related: #2000051
[1:3.4.2-0.3]
- update to the latest content of https://github.com/containers/podman/tree/v3.4
(https://github.com/containers/podman/commit/75023e9)
- Related: #2000051
Related CVEs
| CVE-2022-41725 |
| CVE-2022-41723 |
| CVE-2023-29400 |
| CVE-2023-24534 |
| CVE-2023-24539 |
| CVE-2023-3978 |
| CVE-2023-24536 |
| CVE-2023-24537 |
| CVE-2023-24540 |
| CVE-2023-25173 |
| CVE-2022-41724 |
| CVE-2023-24538 |
| CVE-2023-29406 |
Updated Packages
| Release/Architecture | Filename | MD5sum | Superseded By Advisory | Channel Label |
| Oracle Linux 9 (aarch64) | podman-4.6.1-5.0.1.el9.src.rpm | 3e13a3a15315666dec215de2666c2a00 | - | ol9_aarch64_appstream |
| podman-4.6.1-5.0.1.el9.aarch64.rpm | 1e9975177923921ef64b3e09b416bad0 | - | ol9_aarch64_appstream | |
| podman-docker-4.6.1-5.0.1.el9.noarch.rpm | 17794b2cb80e367c7ef3e4ae4ebd7946 | - | ol9_aarch64_appstream | |
| podman-gvproxy-4.6.1-5.0.1.el9.aarch64.rpm | 000bcf1b0295737b57511532da8851f5 | - | ol9_aarch64_appstream | |
| podman-plugins-4.6.1-5.0.1.el9.aarch64.rpm | a2ad9f938745d5e0fdf1a8aeac421aea | - | ol9_aarch64_appstream | |
| podman-remote-4.6.1-5.0.1.el9.aarch64.rpm | a758fdac5e6fc4fb12bd08855bb59c36 | - | ol9_aarch64_appstream | |
| podman-tests-4.6.1-5.0.1.el9.aarch64.rpm | 8719ef567b03f7a21004c659d6c94c61 | - | ol9_aarch64_appstream | |
| Oracle Linux 9 (x86_64) | podman-4.6.1-5.0.1.el9.src.rpm | 3e13a3a15315666dec215de2666c2a00 | - | ol9_x86_64_appstream |
| podman-4.6.1-5.0.1.el9.x86_64.rpm | 93e66e7485f573476d9f2da1f11b337a | - | ol9_x86_64_appstream | |
| podman-docker-4.6.1-5.0.1.el9.noarch.rpm | 17794b2cb80e367c7ef3e4ae4ebd7946 | - | ol9_x86_64_appstream | |
| podman-gvproxy-4.6.1-5.0.1.el9.x86_64.rpm | ade58ab2e93ab6e0f6752ddb4330f770 | - | ol9_x86_64_appstream | |
| podman-plugins-4.6.1-5.0.1.el9.x86_64.rpm | 37456396e2fdf014e38fb29d741c7f17 | - | ol9_x86_64_appstream | |
| podman-remote-4.6.1-5.0.1.el9.x86_64.rpm | 2a343dac167bf4226e480be1ccb1e541 | - | ol9_x86_64_appstream | |
| podman-tests-4.6.1-5.0.1.el9.x86_64.rpm | 042b8f9c14be2eb88952896d24edc9b3 | - | ol9_x86_64_appstream | |
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team
