[El-errata] ELSA-2024-0121 Moderate: Oracle Linux 8 container-tools:4.0 security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Mon Jan 15 20:41:50 UTC 2024


Oracle Linux Security Advisory ELSA-2024-0121

http://linux.oracle.com/errata/ELSA-2024-0121.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
aardvark-dns-1.0.1-38.0.1.module+el8.9.0+90119+2f9ef15c.x86_64.rpm
buildah-1.24.6-7.module+el8.9.0+90119+2f9ef15c.x86_64.rpm
buildah-tests-1.24.6-7.module+el8.9.0+90119+2f9ef15c.x86_64.rpm
cockpit-podman-46-1.module+el8.9.0+90119+2f9ef15c.noarch.rpm
conmon-2.1.4-2.module+el8.9.0+90119+2f9ef15c.x86_64.rpm
containernetworking-plugins-1.1.1-6.module+el8.9.0+90119+2f9ef15c.x86_64.rpm
containers-common-1-38.0.1.module+el8.9.0+90119+2f9ef15c.x86_64.rpm
container-selinux-2.205.0-3.module+el8.9.0+90119+2f9ef15c.noarch.rpm
crit-3.15-3.module+el8.9.0+90119+2f9ef15c.x86_64.rpm
criu-3.15-3.module+el8.9.0+90119+2f9ef15c.x86_64.rpm
criu-devel-3.15-3.module+el8.9.0+90119+2f9ef15c.x86_64.rpm
criu-libs-3.15-3.module+el8.9.0+90119+2f9ef15c.x86_64.rpm
crun-1.8.7-1.module+el8.9.0+90119+2f9ef15c.x86_64.rpm
fuse-overlayfs-1.9-2.module+el8.9.0+90119+2f9ef15c.x86_64.rpm
libslirp-4.4.0-1.module+el8.9.0+90119+2f9ef15c.x86_64.rpm
libslirp-devel-4.4.0-1.module+el8.9.0+90119+2f9ef15c.x86_64.rpm
netavark-1.0.1-38.0.1.module+el8.9.0+90119+2f9ef15c.x86_64.rpm
oci-seccomp-bpf-hook-1.2.5-2.module+el8.9.0+90119+2f9ef15c.x86_64.rpm
podman-4.0.2-25.module+el8.9.0+90119+2f9ef15c.x86_64.rpm
podman-catatonit-4.0.2-25.module+el8.9.0+90119+2f9ef15c.x86_64.rpm
podman-docker-4.0.2-25.module+el8.9.0+90119+2f9ef15c.noarch.rpm
podman-gvproxy-4.0.2-25.module+el8.9.0+90119+2f9ef15c.x86_64.rpm
podman-plugins-4.0.2-25.module+el8.9.0+90119+2f9ef15c.x86_64.rpm
podman-remote-4.0.2-25.module+el8.9.0+90119+2f9ef15c.x86_64.rpm
podman-tests-4.0.2-25.module+el8.9.0+90119+2f9ef15c.x86_64.rpm
python3-criu-3.15-3.module+el8.9.0+90119+2f9ef15c.x86_64.rpm
python3-podman-4.0.0-2.module+el8.9.0+90119+2f9ef15c.noarch.rpm
runc-1.1.5-2.module+el8.9.0+90119+2f9ef15c.x86_64.rpm
skopeo-1.6.2-9.module+el8.9.0+90119+2f9ef15c.x86_64.rpm
skopeo-tests-1.6.2-9.module+el8.9.0+90119+2f9ef15c.x86_64.rpm
slirp4netns-1.1.8-3.module+el8.9.0+90119+2f9ef15c.x86_64.rpm
udica-0.2.6-4.module+el8.9.0+90119+2f9ef15c.noarch.rpm

aarch64:
aardvark-dns-1.0.1-38.0.1.module+el8.9.0+90119+2f9ef15c.aarch64.rpm
buildah-1.24.6-7.module+el8.9.0+90119+2f9ef15c.aarch64.rpm
buildah-tests-1.24.6-7.module+el8.9.0+90119+2f9ef15c.aarch64.rpm
cockpit-podman-46-1.module+el8.9.0+90119+2f9ef15c.noarch.rpm
conmon-2.1.4-2.module+el8.9.0+90119+2f9ef15c.aarch64.rpm
containernetworking-plugins-1.1.1-6.module+el8.9.0+90119+2f9ef15c.aarch64.rpm
containers-common-1-38.0.1.module+el8.9.0+90119+2f9ef15c.aarch64.rpm
container-selinux-2.205.0-3.module+el8.9.0+90119+2f9ef15c.noarch.rpm
crit-3.15-3.module+el8.9.0+90119+2f9ef15c.aarch64.rpm
criu-3.15-3.module+el8.9.0+90119+2f9ef15c.aarch64.rpm
criu-devel-3.15-3.module+el8.9.0+90119+2f9ef15c.aarch64.rpm
criu-libs-3.15-3.module+el8.9.0+90119+2f9ef15c.aarch64.rpm
crun-1.8.7-1.module+el8.9.0+90119+2f9ef15c.aarch64.rpm
fuse-overlayfs-1.9-2.module+el8.9.0+90119+2f9ef15c.aarch64.rpm
libslirp-4.4.0-1.module+el8.9.0+90119+2f9ef15c.aarch64.rpm
libslirp-devel-4.4.0-1.module+el8.9.0+90119+2f9ef15c.aarch64.rpm
netavark-1.0.1-38.0.1.module+el8.9.0+90119+2f9ef15c.aarch64.rpm
oci-seccomp-bpf-hook-1.2.5-2.module+el8.9.0+90119+2f9ef15c.aarch64.rpm
podman-4.0.2-25.module+el8.9.0+90119+2f9ef15c.aarch64.rpm
podman-catatonit-4.0.2-25.module+el8.9.0+90119+2f9ef15c.aarch64.rpm
podman-docker-4.0.2-25.module+el8.9.0+90119+2f9ef15c.noarch.rpm
podman-gvproxy-4.0.2-25.module+el8.9.0+90119+2f9ef15c.aarch64.rpm
podman-plugins-4.0.2-25.module+el8.9.0+90119+2f9ef15c.aarch64.rpm
podman-remote-4.0.2-25.module+el8.9.0+90119+2f9ef15c.aarch64.rpm
podman-tests-4.0.2-25.module+el8.9.0+90119+2f9ef15c.aarch64.rpm
python3-criu-3.15-3.module+el8.9.0+90119+2f9ef15c.aarch64.rpm
python3-podman-4.0.0-2.module+el8.9.0+90119+2f9ef15c.noarch.rpm
runc-1.1.5-2.module+el8.9.0+90119+2f9ef15c.aarch64.rpm
skopeo-1.6.2-9.module+el8.9.0+90119+2f9ef15c.aarch64.rpm
skopeo-tests-1.6.2-9.module+el8.9.0+90119+2f9ef15c.aarch64.rpm
slirp4netns-1.1.8-3.module+el8.9.0+90119+2f9ef15c.aarch64.rpm
udica-0.2.6-4.module+el8.9.0+90119+2f9ef15c.noarch.rpm


SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//buildah-1.24.6-7.module+el8.9.0+90119+2f9ef15c.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//cockpit-podman-46-1.module+el8.9.0+90119+2f9ef15c.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//conmon-2.1.4-2.module+el8.9.0+90119+2f9ef15c.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//containernetworking-plugins-1.1.1-6.module+el8.9.0+90119+2f9ef15c.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//containers-common-1-38.0.1.module+el8.9.0+90119+2f9ef15c.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//container-selinux-2.205.0-3.module+el8.9.0+90119+2f9ef15c.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//criu-3.15-3.module+el8.9.0+90119+2f9ef15c.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//crun-1.8.7-1.module+el8.9.0+90119+2f9ef15c.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//fuse-overlayfs-1.9-2.module+el8.9.0+90119+2f9ef15c.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//libslirp-4.4.0-1.module+el8.9.0+90119+2f9ef15c.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//oci-seccomp-bpf-hook-1.2.5-2.module+el8.9.0+90119+2f9ef15c.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//podman-4.0.2-25.module+el8.9.0+90119+2f9ef15c.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//python-podman-4.0.0-2.module+el8.9.0+90119+2f9ef15c.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//runc-1.1.5-2.module+el8.9.0+90119+2f9ef15c.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//skopeo-1.6.2-9.module+el8.9.0+90119+2f9ef15c.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//slirp4netns-1.1.8-3.module+el8.9.0+90119+2f9ef15c.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//udica-0.2.6-4.module+el8.9.0+90119+2f9ef15c.src.rpm

Related CVEs:

CVE-2022-2879
CVE-2022-2880
CVE-2022-27664
CVE-2022-41715
CVE-2023-29409
CVE-2023-39318
CVE-2023-39319
CVE-2023-39321
CVE-2023-39322




Description of changes:

buildah
[1:1.24.6-7]
- rebuild for CVE-2023-29406
- Related: #2176055

cockpit-podman
[46-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/46
- Related: #2061390

conmon
[2:2.1.4-2]
- update to https://github.com/containers/conmon/releases/tag/v2.1.4
- Related: #2176055

containernetworking-plugins
[1:1.1.1-6]
- Rebuild with golang 1.20.6 or higher
- Related: Jira:RHEL-4507
- Related: Jira:RHEL-7442

containers-common
[1-38.0.1]
- Updated removed references [Orabug: 33473101] (Alex Burmashev)
- Adjust registries.conf (Nikita Gerasimov)
- remove references to RedHat registry (Nikita Gerasimov)

container-selinux
[2:2.205.0-3]
- fix build for stable module
- Related: #2176055

criu
[3.15-3]
- add Requires: criu-libs = %{version}-%{release} in criu-devel
- add gating tests
- Related: #1934415

crun
fuse-overlayfs
[1.9-2]
- update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.9
- Related: #2176055

libslirp
oci-seccomp-bpf-hook
[1.2.5-2]
- fix compatibility with the new bcc
- Related: #2176055

podman
[2:4.0.2-25]
- rebuild with golang 1.20.6+ for CVE-2023-39321 CVE-2023-29409
- Related: Jira:RHEL-4508
- Related: Jira:RHEL-7443

python-podman
[4.0.0-2]
- bump to v4.0.0
- Related: #2176055

runc
[1:1.1.5-2]
- rebuild for following CVEs: CVE-2022-41724
- Resolves: #2179971

skopeo
[2:1.6.2-9]
- rebuild because of CVE-2023-29406
- Resolves: #2236831

slirp4netns
[1.1.8-3]
- fix gating - don't use insecure functions - thanks to Marc-André Lureau
- Related: #2176055

udica
[0.2.6-4]
- sync with stream-container-tools-4.0-rhel-8.8.0
- Related: #2176055




More information about the El-errata mailing list