[ALSA-2022:8126] Moderate: ignition security, bug fix, and enhancement update
Type:
security
Severity:
moderate
Release date:
2022-11-18
Description:
Ignition is a utility used to manipulate systems during the initramfs. This includes partitioning disks, formatting partitions, writing files (regular files, systemd units, etc.), and configuring users. On first boot, Ignition reads its configuration from a source of truth (remote URL, network metadata service, hypervisor bridge, etc.) and applies the configuration. The following packages have been upgraded to a later upstream version: ignition (2.14.0). (BZ#2090647) Security Fix(es): * ignition: configs are accessible from unprivileged containers in VMs running on VMware products (CVE-2022-1706) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 ignition-2.14.0-1.el9.aarch64.rpm e9625f5d50376a62c5955151beb24ce191f4caba368e73ae898944a4dd7bdf08
ppc64le ignition-2.14.0-1.el9.ppc64le.rpm 988e6ceb284ede89305f74dd3aff1e1c9cb439adcc79c941e4cd3e50cf3949f1
s390x ignition-2.14.0-1.el9.s390x.rpm 7a66ee1796c74b36dc6db1842cabc66e34222441f8bc54a4e6a8f78047d91a07
x86_64 ignition-2.14.0-1.el9.x86_64.rpm 6e20f4a1374a8e2129789d350c5fedc5155e972de05362c6fb1ecbd6a298a092
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.