ALSA-2021:0531

[ALSA-2021:0531] Moderate: container-tools:rhel8 security, bug fix, and enhancement update

Type:

security

Severity:

moderate

Release date:

2021-02-16

Description:

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.

Security Fix(es):

* podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API (CVE-2020-14370)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	criu-3.15-1.module_el8.6.0+2876+9ed4eae2.aarch64.rpm	183bda468943a18b6ad10f132ac7b8ad92c5ba67382f18c333c8c9aa867498a4
aarch64	python3-criu-3.15-1.module_el8.6.0+2876+9ed4eae2.aarch64.rpm	2c7f1ee8ae4215d079cff1e2b603282a859335d29bd594ea9af2b34898b61f0b
aarch64	crit-3.15-1.module_el8.6.0+2876+9ed4eae2.aarch64.rpm	9736844ada2bb607243e5c208ad7849c2a30f63c7a355b98d3ec2b58fd0553a7
aarch64	libslirp-devel-4.3.1-1.module_el8.6.0+2876+9ed4eae2.aarch64.rpm	bf78102e9bec56771abff788e3e9faa89d9851415bd9113306a377b5e4217b09
aarch64	libslirp-4.3.1-1.module_el8.6.0+2876+9ed4eae2.aarch64.rpm	f719eed0bd389be60c4c101043a6341134725a1dcea82f94b45108a00a3826b0
aarch64	slirp4netns-1.1.8-1.module_el8.6.0+2876+9ed4eae2.aarch64.rpm	f9f089fce7f81a740a5e0f4b0bd3d6bdf571a5957dde324c949f356db249314e
noarch	udica-0.2.4-1.module_el8.6.0+2876+9ed4eae2.noarch.rpm	5127ec25a6d4632da80e860fe822430306d9edd11da0e2720e8993208343d5b0
noarch	python-podman-api-1.2.0-0.2.gitd0a45fe.module_el8.5.0+2635+e4386a39.noarch.rpm	6014c5c3fb0e8b251cf8fe13d9dc538fe94d16ae2bfbf82206773d07378a433e
noarch	python-podman-api-1.2.0-0.2.gitd0a45fe.module_el8.5.0+108+00865455.noarch.rpm	bb7cecd971e77ee0ad43f29b3351871450f3fb08b180f0fae99cc0bf904cc0b5
ppc64le	libslirp-4.3.1-1.module_el8.6.0+2876+9ed4eae2.ppc64le.rpm	7e321e8815bb1d11f925c77d7b0804a162490902f67d405602ad4f5220597a61
ppc64le	python3-criu-3.15-1.module_el8.6.0+2876+9ed4eae2.ppc64le.rpm	900eb64a1ea3f8d7517d19f3f2f017f137e04d3c3da5aaeb4b48f4b3edafb363
ppc64le	slirp4netns-1.1.8-1.module_el8.6.0+2876+9ed4eae2.ppc64le.rpm	94aacc55967ad7e354ce1c8f81cbaf8109b2efe6d84a02ab4f1f86a507a058d2
ppc64le	libslirp-devel-4.3.1-1.module_el8.6.0+2876+9ed4eae2.ppc64le.rpm	9becdb022aca7853e26027a20244f2bedf325eb9f06ce3943d0221d2ceca4f77
ppc64le	crit-3.15-1.module_el8.6.0+2876+9ed4eae2.ppc64le.rpm	aad15709cc1072405bbb1e2e6ae948b251b9cc13875e66424429a83566effdb0
ppc64le	criu-3.15-1.module_el8.6.0+2876+9ed4eae2.ppc64le.rpm	be3bb39d472b615ddf851ffd90b90bac650096c32663aed0cb291c2a941f1506
x86_64	criu-3.15-1.module_el8.6.0+2876+9ed4eae2.x86_64.rpm	1ec8368433e7d6bbd4ec3ed6caa3182fd0ee197898f10436b5b47838bbbba77c
x86_64	libslirp-devel-4.3.1-1.module_el8.6.0+2876+9ed4eae2.x86_64.rpm	27c0497463caea3a884f35c234bebfa9913644f0836bdebdb5ddf36a8c8705d8
x86_64	crit-3.15-1.module_el8.6.0+2876+9ed4eae2.x86_64.rpm	3aaf5f27dcda843a3ec58617a3dae9c84280708e037614ac1c944f68b73a29fa
x86_64	python3-criu-3.15-1.module_el8.6.0+2876+9ed4eae2.x86_64.rpm	8d73f6e4d23b62c73efa11f8e61b1e5e9d99518aff894c426d644b2e0ffdee18
x86_64	libslirp-4.3.1-1.module_el8.6.0+2876+9ed4eae2.x86_64.rpm	9e1495b5d6fb661fcea9e2d6b6a0e2098aa2341924c6d0f0790a7dd9ffded4f0
x86_64	slirp4netns-1.1.8-1.module_el8.6.0+2876+9ed4eae2.x86_64.rpm	ae330e32cefa5765da6bb66e2805eb85c5042ea98056d9222309322d5f336160

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.