drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mangelnde Prüfung von Umgebungsvariablen in containers-common
Name: |
Mangelnde Prüfung von Umgebungsvariablen in containers-common |
|
ID: |
FEDORA-2021-0c53d8738d |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 33 |
|
Datum: |
Sa, 24. Juli 2021, 08:34 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3602 |
|
Applikationen: |
containers-common |
|
Originalnachricht |
------------------------------------------------------------------------------- - Fedora Update Notification FEDORA-2021-0c53d8738d 2021-07-24 01:06:47.806754 ------------------------------------------------------------------------------- -
Name : containers-common Product : Fedora 33 Version : 1 Release : 20.fc33 URL : None Summary : Common configuration and documentation for containers Description : This package contains common configuration files and documentation for container tools ecosystem, such as Podman, Buildah and Skopeo.
It is required because the most of configuration files and docs come from projects which are vendored into Podman, Buildah, Skopeo, etc. but they are not packaged separately.
------------------------------------------------------------------------------- - Update Information:
Security fix for CVE-2021-3602 bump podman to v3.2.3 include podman-machine- cni in podman-plugins subpackage bump crun to 0.20.1 ---- Fix `secrets` definition in /usr/share/containers/containers.conf ------------------------------------------------------------------------------- - ChangeLog:
* Fri Jul 16 2021 Lokesh Mandvekar <lsm5@fedoraproject.org> - 4:1-20 - rebuild to add it to podman CVE errata * Thu Jul 15 2021 Dan Walsh <dwalsh@fedoraproject.org> - 4:1-19 - Update containers.conf to the correct version * Wed Jun 23 2021 Lokesh Mandvekar <lsm5@fedoraproject.org> - 4:1-18 - Resolves: #1958474 - allow futex_time64 in seccomp.json * Wed Jun 9 2021 Lokesh Mandvekar <lsm5@fedoraproject.org> - 4:1-17 - use configs from latest upstream tags ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #1969264 - CVE-2021-3602 buildah: Host environment variables leaked in build container when using chroot isolation https://bugzilla.redhat.com/show_bug.cgi?id=1969264 ------------------------------------------------------------------------------- -
This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2021-0c53d8738d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
|
|
|
|