[ALSA-2022:7954] Moderate: podman security and bug fix update
Type:
security
Severity:
moderate
Release date:
2022-11-18
Description:
The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes. Security Fix(es): * golang.org/x/text: Panic in language.ParseAcceptLanguage while parsing -u- extension (CVE-2020-28851) * golang.org/x/text: Panic in language.ParseAcceptLanguage while processing bcp47 tag (CVE-2020-28852) * podman: podman machine spawns gvproxy with port bound to all IPs (CVE-2021-4024) * podman: Remote traffic to rootless containers is seen as orginating from localhost (CVE-2021-20199) * containers/storage: DoS via malicious image (CVE-2021-20291) * golang: net/http/httputil: ReverseProxy forwards connection headers if first one is empty (CVE-2021-33197) * golang: crypto/tls: certificate of wrong type is causing TLS client to panic (CVE-2021-34558) * golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 podman-gvproxy-4.2.0-3.el9.aarch64.rpm 0dac83085bbf79f1599f9a1439bd56b18e3c270411dfe2d70ede1633c7abb34d
aarch64 podman-plugins-4.2.0-3.el9.aarch64.rpm 77aacb5d6fe186554d3ed341c1b353e7659d6e987e6b5a5d8536e8e3b1e46b71
aarch64 podman-tests-4.2.0-3.el9.aarch64.rpm a44ea533b56a30a71848f722d17fdb0705bb3d854d20fe7794ab300ca6eb7dae
aarch64 podman-4.2.0-3.el9.aarch64.rpm ae74f593492854e2a875c978162203fbd33f36fd5026fa1cbf24e8a05c8fa102
aarch64 podman-remote-4.2.0-3.el9.aarch64.rpm ff4750c89273f1a4e5a4a28a17a95141636bba90cdc16cf1765d6a3c94687a1e
noarch podman-docker-4.2.0-3.el9.noarch.rpm 73f67ab96051535408d365b625b0fe93169751c1b97cae0c9604aa9d9e299591
ppc64le podman-plugins-4.2.0-3.el9.ppc64le.rpm 01f34980dc6427543a2b19d80e779d136d20efd31a00db59f1dbb6ceb3cef38e
ppc64le podman-tests-4.2.0-3.el9.ppc64le.rpm 0e99174c1ae5c8953150dd424c9a111b38e3c0da900d2dc898f637e110e54f55
ppc64le podman-4.2.0-3.el9.ppc64le.rpm 24a4699d73b964f88e4fdfb9533e28d860788f05c16ac78fdedc6db690634215
ppc64le podman-gvproxy-4.2.0-3.el9.ppc64le.rpm 4ef8d100d04b66da2783190aedfbeba229fe6a3c4d50d7b481886ececce896e4
ppc64le podman-remote-4.2.0-3.el9.ppc64le.rpm a600fc858fa737d93c7a4e76255be7c0cd02407493bbfbacd680774c66b66183
s390x podman-4.2.0-3.el9.s390x.rpm 0d7fac306f08937559dc2858e052832bc79c723a6ca68d3f98b14a1ff87d2f11
s390x podman-remote-4.2.0-3.el9.s390x.rpm 4c9f4b49244a0b9908409cc68a0b9033629744c7d3c874cc3b3f3ef50bb83aff
s390x podman-plugins-4.2.0-3.el9.s390x.rpm 4f1dc8c53da46de2b84bcd98457e6deed15b4b430763b46cc5c23ce1aed7ac60
s390x podman-gvproxy-4.2.0-3.el9.s390x.rpm ce1086d0ed376330348f6a57412174cdf66e3ca775af05d4529ac129d9dd92c4
s390x podman-tests-4.2.0-3.el9.s390x.rpm db036ec746500fdcdb8bd7e048dda17d0a12ece13be5d070ec8285b77d5facae
x86_64 podman-remote-4.2.0-3.el9.x86_64.rpm 062c9ccb86a61a19a5329ef77f1bfefebb000598f8184cce79319b5e6a3f083d
x86_64 podman-tests-4.2.0-3.el9.x86_64.rpm 2187a3966825943f680f28e7b8754e5bee7086481b3fa1acde23c019f6af33f1
x86_64 podman-gvproxy-4.2.0-3.el9.x86_64.rpm 3e196031aa15f43dfa10b6fa4098bd490e310be11ffb1fdf19e0691c1a07f183
x86_64 podman-4.2.0-3.el9.x86_64.rpm 63e81a35373420f3e4b9a9d5fe53b1b13242a44304745f8c259b3e531f88b99b
x86_64 podman-plugins-4.2.0-3.el9.x86_64.rpm e3f2d1262484d5e51f8994a71f95c7b6e7d58e3ec912626e8fa19502bedad631
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.