drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Prüfung von Umgebungsvariablen in containers-common
| Name: |
Mangelnde Prüfung von Umgebungsvariablen in containers-common |
|
| ID: |
FEDORA-2021-0c53d8738d |
|
| Distribution: |
Fedora |
|
| Plattformen: |
Fedora 33 |
|
| Datum: |
Sa, 24. Juli 2021, 08:34 |
|
| Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3602 |
|
| Applikationen: |
containers-common |
|
Originalnachricht |
-------------------------------------------------------------------------------
-
Fedora Update Notification
FEDORA-2021-0c53d8738d
2021-07-24 01:06:47.806754
-------------------------------------------------------------------------------
-
Name : containers-common
Product : Fedora 33
Version : 1
Release : 20.fc33
URL : None
Summary : Common configuration and documentation for containers
Description :
This package contains common configuration files and documentation for
container
tools ecosystem, such as Podman, Buildah and Skopeo.
It is required because the most of configuration files and docs come from
projects
which are vendored into Podman, Buildah, Skopeo, etc. but they are not packaged
separately.
-------------------------------------------------------------------------------
-
Update Information:
Security fix for CVE-2021-3602 bump podman to v3.2.3 include podman-machine-
cni in podman-plugins subpackage bump crun to 0.20.1 ---- Fix `secrets`
definition in /usr/share/containers/containers.conf
-------------------------------------------------------------------------------
-
ChangeLog:
* Fri Jul 16 2021 Lokesh Mandvekar <lsm5@fedoraproject.org> - 4:1-20
- rebuild to add it to podman CVE errata
* Thu Jul 15 2021 Dan Walsh <dwalsh@fedoraproject.org> - 4:1-19
- Update containers.conf to the correct version
* Wed Jun 23 2021 Lokesh Mandvekar <lsm5@fedoraproject.org> - 4:1-18
- Resolves: #1958474 - allow futex_time64 in seccomp.json
* Wed Jun 9 2021 Lokesh Mandvekar <lsm5@fedoraproject.org> - 4:1-17
- use configs from latest upstream tags
-------------------------------------------------------------------------------
-
References:
[ 1 ] Bug #1969264 - CVE-2021-3602 buildah: Host environment variables leaked
in build container when using chroot isolation
https://bugzilla.redhat.com/show_bug.cgi?id=1969264
-------------------------------------------------------------------------------
-
This update can be installed with the "dnf" update program. Use
su -c 'dnf upgrade --advisory FEDORA-2021-0c53d8738d' at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
|
|
|
|
