AlmaLinux 2325 Published by

A container-tools:3.0 security update has been released for AlmaLinux 8.



ALSA-2022:7529 Moderate: container-tools:3.0 security update


Type:
security

Severity:
moderate

Release date:
2022-11-14

Description
Security Fix(es):
* golang: net/http: improper sanitization of Transfer-Encoding header (CVE-2022-1705)
* cri-o: memory exhaustion on the node when access to the kube api (CVE-2022-1708)
* golang: go/parser: stack exhaustion in all Parse* functions (CVE-2022-1962)
* prometheus/client_golang: Denial of service using InstrumentHandlerCounter (CVE-2022-21698)
* golang: encoding/xml: stack exhaustion in Decoder.Skip (CVE-2022-28131)
* golang: io/fs: stack exhaustion in Glob (CVE-2022-30630)
* golang: compress/gzip: stack exhaustion in Reader.Read (CVE-2022-30631)
* golang: path/filepath: stack exhaustion in Glob (CVE-2022-30632)
* golang: encoding/xml: stack exhaustion in Unmarshal (CVE-2022-30633)
* golang: net/http/httputil: NewSingleHostReverseProxy - omit X-Forwarded-For not working (CVE-2022-32148)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:
RHSA-2022:7529
CVE-2022-1705
CVE-2022-1708
CVE-2022-1962
CVE-2022-21698
CVE-2022-28131
CVE-2022-30630
CVE-2022-30631
CVE-2022-30632
CVE-2022-30633
CVE-2022-32148
ALSA-2022:7529

Updates packages:
udica-0.2.4-1.module_el8.6.0+2876+9ed4eae2.noarch.rpm
container-selinux-2.189.0-1.module_el8.6.0+3336+00d107d5.noarch.rpm
cockpit-podman-29-2.module_el8.6.0+2876+9ed4eae2.noarch.rpm
buildah-1.19.9-6.module_el8.7.0+3297+1eb250cf.aarch64.rpm
podman-3.0.1-13.module_el8.7.0+3297+1eb250cf.aarch64.rpm
podman-catatonit-3.0.1-13.module_el8.7.0+3297+1eb250cf.aarch64.rpm
toolbox-tests-0.0.99.3-1.module_el8.6.0+2876+9ed4eae2.aarch64.rpm
criu-3.15-1.module_el8.6.0+2876+9ed4eae2.aarch64.rpm
crun-0.18-3.module_el8.6.0+2876+9ed4eae2.aarch64.rpm
python3-criu-3.15-1.module_el8.6.0+2876+9ed4eae2.aarch64.rpm
podman-tests-3.0.1-13.module_el8.7.0+3297+1eb250cf.aarch64.rpm
fuse-overlayfs-1.4.0-2.module_el8.6.0+2876+9ed4eae2.aarch64.rpm
containernetworking-plugins-0.9.1-1.module_el8.6.0+2876+9ed4eae2.aarch64.rpm
podman-docker-3.0.1-13.module_el8.7.0+3297+1eb250cf.noarch.rpm
buildah-tests-1.19.9-6.module_el8.7.0+3297+1eb250cf.aarch64.rpm
toolbox-0.0.99.3-1.module_el8.6.0+2876+9ed4eae2.aarch64.rpm
skopeo-tests-1.2.4-2.module_el8.7.0+3297+1eb250cf.aarch64.rpm
oci-seccomp-bpf-hook-1.2.0-3.module_el8.6.0+2876+9ed4eae2.aarch64.rpm
runc-1.0.0-73.rc95.module_el8.6.0+2876+9ed4eae2.aarch64.rpm
crit-3.15-1.module_el8.6.0+2876+9ed4eae2.aarch64.rpm
podman-remote-3.0.1-13.module_el8.7.0+3297+1eb250cf.aarch64.rpm
libslirp-devel-4.3.1-1.module_el8.6.0+2876+9ed4eae2.aarch64.rpm
containers-common-1.2.4-2.module_el8.7.0+3297+1eb250cf.aarch64.rpm
conmon-2.0.26-3.module_el8.7.0+3297+1eb250cf.aarch64.rpm
skopeo-1.2.4-2.module_el8.7.0+3297+1eb250cf.aarch64.rpm
podman-plugins-3.0.1-13.module_el8.7.0+3297+1eb250cf.aarch64.rpm
libslirp-4.3.1-1.module_el8.6.0+2876+9ed4eae2.aarch64.rpm
slirp4netns-1.1.8-1.module_el8.6.0+2876+9ed4eae2.aarch64.rpm
podman-remote-3.0.1-13.module_el8.7.0+3297+1eb250cf.x86_64.rpm
podman-plugins-3.0.1-13.module_el8.7.0+3297+1eb250cf.x86_64.rpm
criu-3.15-1.module_el8.6.0+2876+9ed4eae2.x86_64.rpm
skopeo-tests-1.2.4-2.module_el8.7.0+3297+1eb250cf.x86_64.rpm
podman-catatonit-3.0.1-13.module_el8.7.0+3297+1eb250cf.x86_64.rpm
libslirp-devel-4.3.1-1.module_el8.6.0+2876+9ed4eae2.x86_64.rpm
containernetworking-plugins-0.9.1-1.module_el8.6.0+2876+9ed4eae2.x86_64.rpm
toolbox-0.0.99.3-1.module_el8.6.0+2876+9ed4eae2.x86_64.rpm
fuse-overlayfs-1.4.0-2.module_el8.6.0+2876+9ed4eae2.x86_64.rpm
buildah-1.19.9-6.module_el8.7.0+3297+1eb250cf.x86_64.rpm
containers-common-1.2.4-2.module_el8.7.0+3297+1eb250cf.x86_64.rpm
crit-3.15-1.module_el8.6.0+2876+9ed4eae2.x86_64.rpm
skopeo-1.2.4-2.module_el8.7.0+3297+1eb250cf.x86_64.rpm
buildah-tests-1.19.9-6.module_el8.7.0+3297+1eb250cf.x86_64.rpm
crun-0.18-3.module_el8.6.0+2876+9ed4eae2.x86_64.rpm
conmon-2.0.26-3.module_el8.7.0+3297+1eb250cf.x86_64.rpm
runc-1.0.0-73.rc95.module_el8.6.0+2876+9ed4eae2.x86_64.rpm
python3-criu-3.15-1.module_el8.6.0+2876+9ed4eae2.x86_64.rpm
libslirp-4.3.1-1.module_el8.6.0+2876+9ed4eae2.x86_64.rpm
podman-tests-3.0.1-13.module_el8.7.0+3297+1eb250cf.x86_64.rpm
toolbox-tests-0.0.99.3-1.module_el8.6.0+2876+9ed4eae2.x86_64.rpm
podman-3.0.1-13.module_el8.7.0+3297+1eb250cf.x86_64.rpm
slirp4netns-1.1.8-1.module_el8.6.0+2876+9ed4eae2.x86_64.rpm
oci-seccomp-bpf-hook-1.2.0-3.module_el8.6.0+2876+9ed4eae2.x86_64.rpm
podman-3.0.1-13.module_el8.7.0+3297+1eb250cf.s390x.rpm
toolbox-tests-0.0.99.3-1.module_el8.6.0+3136+bfcd65b6.s390x.rpm
skopeo-1.2.4-2.module_el8.7.0+3297+1eb250cf.s390x.rpm
podman-plugins-3.0.1-13.module_el8.7.0+3297+1eb250cf.s390x.rpm
libslirp-4.3.1-1.module_el8.6.0+3136+bfcd65b6.s390x.rpm
crun-0.18-3.module_el8.6.0+3136+bfcd65b6.s390x.rpm
podman-catatonit-3.0.1-13.module_el8.7.0+3297+1eb250cf.s390x.rpm
buildah-tests-1.19.9-6.module_el8.7.0+3297+1eb250cf.s390x.rpm
runc-1.0.0-73.rc95.module_el8.6.0+3136+bfcd65b6.s390x.rpm
toolbox-0.0.99.3-1.module_el8.6.0+3136+bfcd65b6.s390x.rpm
skopeo-tests-1.2.4-2.module_el8.7.0+3297+1eb250cf.s390x.rpm
containernetworking-plugins-0.9.1-1.module_el8.6.0+3136+bfcd65b6.s390x.rpm
python3-criu-3.15-1.module_el8.6.0+3136+bfcd65b6.s390x.rpm
oci-seccomp-bpf-hook-1.2.0-3.module_el8.6.0+3136+bfcd65b6.s390x.rpm
conmon-2.0.26-3.module_el8.7.0+3297+1eb250cf.s390x.rpm
libslirp-devel-4.3.1-1.module_el8.6.0+3136+bfcd65b6.s390x.rpm
containers-common-1.2.4-2.module_el8.7.0+3297+1eb250cf.s390x.rpm
fuse-overlayfs-1.4.0-2.module_el8.6.0+3136+bfcd65b6.s390x.rpm
crit-3.15-1.module_el8.6.0+3136+bfcd65b6.s390x.rpm
slirp4netns-1.1.8-1.module_el8.6.0+3136+bfcd65b6.s390x.rpm
podman-tests-3.0.1-13.module_el8.7.0+3297+1eb250cf.s390x.rpm
criu-3.15-1.module_el8.6.0+3136+bfcd65b6.s390x.rpm
buildah-1.19.9-6.module_el8.7.0+3297+1eb250cf.s390x.rpm
podman-remote-3.0.1-13.module_el8.7.0+3297+1eb250cf.s390x.rpm
conmon-2.0.26-3.module_el8.7.0+3297+1eb250cf.ppc64le.rpm
containernetworking-plugins-0.9.1-1.module_el8.6.0+2876+9ed4eae2.ppc64le.rpm
containers-common-1.2.4-2.module_el8.7.0+3297+1eb250cf.ppc64le.rpm
podman-remote-3.0.1-13.module_el8.7.0+3297+1eb250cf.ppc64le.rpm
runc-1.0.0-73.rc95.module_el8.6.0+2876+9ed4eae2.ppc64le.rpm
podman-plugins-3.0.1-13.module_el8.7.0+3297+1eb250cf.ppc64le.rpm
libslirp-4.3.1-1.module_el8.6.0+2876+9ed4eae2.ppc64le.rpm
podman-tests-3.0.1-13.module_el8.7.0+3297+1eb250cf.ppc64le.rpm
toolbox-tests-0.0.99.3-1.module_el8.6.0+2876+9ed4eae2.ppc64le.rpm
python3-criu-3.15-1.module_el8.6.0+2876+9ed4eae2.ppc64le.rpm
slirp4netns-1.1.8-1.module_el8.6.0+2876+9ed4eae2.ppc64le.rpm
skopeo-1.2.4-2.module_el8.7.0+3297+1eb250cf.ppc64le.rpm
libslirp-devel-4.3.1-1.module_el8.6.0+2876+9ed4eae2.ppc64le.rpm
oci-seccomp-bpf-hook-1.2.0-3.module_el8.6.0+2876+9ed4eae2.ppc64le.rpm
podman-catatonit-3.0.1-13.module_el8.7.0+3297+1eb250cf.ppc64le.rpm
buildah-1.19.9-6.module_el8.7.0+3297+1eb250cf.ppc64le.rpm
podman-3.0.1-13.module_el8.7.0+3297+1eb250cf.ppc64le.rpm
crit-3.15-1.module_el8.6.0+2876+9ed4eae2.ppc64le.rpm
fuse-overlayfs-1.4.0-2.module_el8.6.0+2876+9ed4eae2.ppc64le.rpm
criu-3.15-1.module_el8.6.0+2876+9ed4eae2.ppc64le.rpm
skopeo-tests-1.2.4-2.module_el8.7.0+3297+1eb250cf.ppc64le.rpm
buildah-tests-1.19.9-6.module_el8.7.0+3297+1eb250cf.ppc64le.rpm
toolbox-0.0.99.3-1.module_el8.6.0+2876+9ed4eae2.ppc64le.rpm
crun-0.18-3.module_el8.6.0+2876+9ed4eae2.ppc64le.rpm

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2022:7529 Moderate: container-tools:3.0 security update