ELBA-2023-5431 Oracle Linux 8 container-tools:ol8 bug fix and enhancement update
Oracle Linux Bug Fix Advisory ELBA-2023-5431
http://linux.oracle.com/errata/ELBA-2023-5431.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
aardvark-dns-1.5.0-2.module+el8.8.0+21045+adcb6a64.x86_64.rpm
buildah-1.29.1-2.0.1.module+el8.8.0+21156+2d42afee.x86_64.rpm
buildah-tests-1.29.1-2.0.1.module+el8.8.0+21156+2d42afee.x86_64.rpm
cockpit-podman-63.1-1.module+el8.8.0+21045+adcb6a64.noarch.rpm
conmon-2.1.6-1.module+el8.8.0+21045+adcb6a64.x86_64.rpm
containernetworking-plugins-1.2.0-1.module+el8.8.0+21045+adcb6a64.x86_64.rpm
containers-common-1-64.0.1.module+el8.8.0+21056+d98a0860.x86_64.rpm
container-selinux-2.205.0-2.module+el8.8.0+21045+adcb6a64.noarch.rpm
crit-3.15-3.0.1.module+el8.8.0+21125+a7f95b8d.x86_64.rpm
criu-3.15-3.0.1.module+el8.8.0+21125+a7f95b8d.x86_64.rpm
criu-devel-3.15-3.0.1.module+el8.8.0+21125+a7f95b8d.x86_64.rpm
criu-libs-3.15-3.0.1.module+el8.8.0+21125+a7f95b8d.x86_64.rpm
crun-1.8.4-2.module+el8.8.0+21056+d98a0860.x86_64.rpm
fuse-overlayfs-1.11-1.module+el8.8.0+21056+d98a0860.x86_64.rpm
libslirp-4.4.0-1.module+el8.8.0+21045+adcb6a64.x86_64.rpm
libslirp-devel-4.4.0-1.module+el8.8.0+21045+adcb6a64.x86_64.rpm
netavark-1.5.1-2.module+el8.8.0+21125+a7f95b8d.x86_64.rpm
oci-seccomp-bpf-hook-1.2.8-1.module+el8.8.0+21045+adcb6a64.x86_64.rpm
podman-4.4.1-16.module+el8.8.0+21191+109ddc60.x86_64.rpm
podman-catatonit-4.4.1-16.module+el8.8.0+21191+109ddc60.x86_64.rpm
podman-docker-4.4.1-16.module+el8.8.0+21191+109ddc60.noarch.rpm
podman-gvproxy-4.4.1-16.module+el8.8.0+21191+109ddc60.x86_64.rpm
podman-plugins-4.4.1-16.module+el8.8.0+21191+109ddc60.x86_64.rpm
podman-remote-4.4.1-16.module+el8.8.0+21191+109ddc60.x86_64.rpm
podman-tests-4.4.1-16.module+el8.8.0+21191+109ddc60.x86_64.rpm
python3-criu-3.15-3.0.1.module+el8.8.0+21125+a7f95b8d.x86_64.rpm
python3-podman-4.4.1-1.module+el8.8.0+21045+adcb6a64.noarch.rpm
runc-1.1.4-1.0.1.module+el8.8.0+21119+51f68ed8.x86_64.rpm
skopeo-1.11.2-0.2.module+el8.8.0+21045+adcb6a64.x86_64.rpm
skopeo-tests-1.11.2-0.2.module+el8.8.0+21045+adcb6a64.x86_64.rpm
slirp4netns-1.2.0-2.module+el8.8.0+21045+adcb6a64.x86_64.rpm
udica-0.2.6-20.module+el8.8.0+21045+adcb6a64.noarch.rpm
aarch64:
aardvark-dns-1.5.0-2.module+el8.8.0+21045+adcb6a64.aarch64.rpm
buildah-1.29.1-2.0.1.module+el8.8.0+21156+2d42afee.aarch64.rpm
buildah-tests-1.29.1-2.0.1.module+el8.8.0+21156+2d42afee.aarch64.rpm
cockpit-podman-63.1-1.module+el8.8.0+21045+adcb6a64.noarch.rpm
conmon-2.1.6-1.module+el8.8.0+21045+adcb6a64.aarch64.rpm
containernetworking-plugins-1.2.0-1.module+el8.8.0+21045+adcb6a64.aarch64.rpm
containers-common-1-64.0.1.module+el8.8.0+21056+d98a0860.aarch64.rpm
container-selinux-2.205.0-2.module+el8.8.0+21045+adcb6a64.noarch.rpm
crit-3.15-3.0.1.module+el8.8.0+21125+a7f95b8d.aarch64.rpm
criu-3.15-3.0.1.module+el8.8.0+21125+a7f95b8d.aarch64.rpm
criu-devel-3.15-3.0.1.module+el8.8.0+21125+a7f95b8d.aarch64.rpm
criu-libs-3.15-3.0.1.module+el8.8.0+21125+a7f95b8d.aarch64.rpm
crun-1.8.4-2.module+el8.8.0+21056+d98a0860.aarch64.rpm
fuse-overlayfs-1.11-1.module+el8.8.0+21056+d98a0860.aarch64.rpm
libslirp-4.4.0-1.module+el8.8.0+21045+adcb6a64.aarch64.rpm
libslirp-devel-4.4.0-1.module+el8.8.0+21045+adcb6a64.aarch64.rpm
netavark-1.5.1-2.module+el8.8.0+21125+a7f95b8d.aarch64.rpm
oci-seccomp-bpf-hook-1.2.8-1.module+el8.8.0+21045+adcb6a64.aarch64.rpm
podman-4.4.1-16.module+el8.8.0+21191+109ddc60.aarch64.rpm
podman-catatonit-4.4.1-16.module+el8.8.0+21191+109ddc60.aarch64.rpm
podman-docker-4.4.1-16.module+el8.8.0+21191+109ddc60.noarch.rpm
podman-gvproxy-4.4.1-16.module+el8.8.0+21191+109ddc60.aarch64.rpm
podman-plugins-4.4.1-16.module+el8.8.0+21191+109ddc60.aarch64.rpm
podman-remote-4.4.1-16.module+el8.8.0+21191+109ddc60.aarch64.rpm
podman-tests-4.4.1-16.module+el8.8.0+21191+109ddc60.aarch64.rpm
python3-criu-3.15-3.0.1.module+el8.8.0+21125+a7f95b8d.aarch64.rpm
python3-podman-4.4.1-1.module+el8.8.0+21045+adcb6a64.noarch.rpm
runc-1.1.4-1.0.1.module+el8.8.0+21119+51f68ed8.aarch64.rpm
skopeo-1.11.2-0.2.module+el8.8.0+21045+adcb6a64.aarch64.rpm
skopeo-tests-1.11.2-0.2.module+el8.8.0+21045+adcb6a64.aarch64.rpm
slirp4netns-1.2.0-2.module+el8.8.0+21045+adcb6a64.aarch64.rpm
udica-0.2.6-20.module+el8.8.0+21045+adcb6a64.noarch.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//aardvark-dns-1.5.0-2.module+el8.8.0+21045+adcb6a64.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//buildah-1.29.1-2.0.1.module+el8.8.0+21156+2d42afee.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//cockpit-podman-63.1-1.module+el8.8.0+21045+adcb6a64.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//conmon-2.1.6-1.module+el8.8.0+21045+adcb6a64.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//containernetworking-plugins-1.2.0-1.module+el8.8.0+21045+adcb6a64.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//containers-common-1-64.0.1.module+el8.8.0+21056+d98a0860.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//container-selinux-2.205.0-2.module+el8.8.0+21045+adcb6a64.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//criu-3.15-3.0.1.module+el8.8.0+21125+a7f95b8d.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//crun-1.8.4-2.module+el8.8.0+21056+d98a0860.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//fuse-overlayfs-1.11-1.module+el8.8.0+21056+d98a0860.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//libslirp-4.4.0-1.module+el8.8.0+21045+adcb6a64.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//netavark-1.5.1-2.module+el8.8.0+21125+a7f95b8d.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//oci-seccomp-bpf-hook-1.2.8-1.module+el8.8.0+21045+adcb6a64.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//podman-4.4.1-16.module+el8.8.0+21191+109ddc60.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//python-podman-4.4.1-1.module+el8.8.0+21045+adcb6a64.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//runc-1.1.4-1.0.1.module+el8.8.0+21119+51f68ed8.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//skopeo-1.11.2-0.2.module+el8.8.0+21045+adcb6a64.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//slirp4netns-1.2.0-2.module+el8.8.0+21045+adcb6a64.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//udica-0.2.6-20.module+el8.8.0+21045+adcb6a64.src.rpm
Description of changes:
aardvark-dns
[2:1.5.0-2]
- always stay offline during build
- Related: #2123641
[2:1.5.0-1]
- update to https://github.com/containers/aardvark-dns/releases/tag/v1.5.0
- Related: #2123641
[2:1.4.0-1]
- update to https://github.com/containers/aardvark-dns/releases/tag/v1.4.0
- Related: #2123641
[2:1.3.0-1]
- update to https://github.com/containers/aardvark-dns/releases/tag/v1.3.0
- Related: #2123641
[2:1.2.0-1]
- update to https://github.com/containers/aardvark-dns/releases/tag/v1.2.0
- Related: #2116481
buildah
[1:1.29.1-2.0.1]
- Rebuild with newer glibc [Orabug: 35720304]
[1:1.29.1-2]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.29
( https://github.com/containers/buildah/commit/f07d2c9)
- Resolves: #2166195
cockpit-podman
[63.1-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/63.1
- Related: #2123641
[63-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/63
- Related: #2123641
[62-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/62
- Related: #2123641
[61-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/61
- Related: #2123641
[60-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/60
- Related: #2123641
[59-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/59
- Related: #2123641
[58-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/58
- Related: #2123641
[57-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/57
- Related: #2123641
[56-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/56
- Related: #2123641
[55-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/55
- Related: #2123641
[54-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/54
- Related: #2123641
conmon
[3:2.1.6-1]
- update to https://github.com/containers/conmon/releases/tag/v2.1.6
- Related: #2123641
[3:2.1.5-1]
- update to https://github.com/containers/conmon/releases/tag/v2.1.5
- Related: #2123641
containernetworking-plugins
[1:1.2.0-1]
- update to https://github.com/containernetworking/plugins/releases/tag/v1.2.0
- Related: #2123641
[1:1.1.1-3]
- BuildRequires: /usr/bin/go-md2man
- Related: #2061390
containers-common
[2:1-64.0.1]
- Updated removed references [Orabug: 33473101] (Alex Burmashev)
- Adjust registries.conf (Nikita Gerasimov)
- remove references to RedHat registry (Nikita Gerasimov)
[2:1-64]
- be sure SYS_CHROOT is in containers.conf + update vendored components
- Resolves: #2183667
container-selinux
[2:2.205.0-2]
- remove watch statements breaking the build on RHEL8.8
- Related: #2179466
[2:2.205.0-1]
- update to https://github.com/containers/container-selinux/releases/tag/v2.205.0
- remove user_namespace class, thanks to Lokesh Mandvekar
- Resolves: #2179466
[2:2.199.0-2]
- revert back to https://github.com/containers/container-selinux/releases/tag/v2.199.0
(2.200.0 fails to build as it relies on the new selinux-policy which is not there yet)
- Related: #2123641
[2:2.200.0-1]
- update to https://github.com/containers/container-selinux/releases/tag/v2.200.0
- Related: #2123641
criu
[3.15-3.0.1]
- Increase XSAFE area to support newer CPUs(Sapphire Rapids)
crun
[1.8.4-2]
- Apply additional criu fix
- Resolves: #2184221
[1.8.4-1]
- update to https://github.com/containers/crun/releases/tag/1.8.4
- Resolves: #2184221
[1.8.1-3]
- fix could not find symbol criu_set_lsm_mount_context in libcriu.so
- Resolves: #2184221
fuse-overlayfs
[1.11-1]
- update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.11
- Resolves: #2185132
libslirp
netavark
[2:1.5.1-2]
- Update to 1.5.1 version
- --dns-add get error logs when there is no container attached to the network (2210117)
- netavark: support new 'bclim' parameter for macvlan without CAP_NET_ADMIN on the container
oci-seccomp-bpf-hook
[1.2.8-1]
- update to https://github.com/containers/oci-seccomp-bpf-hook/releases/tag/v1.2.8
- Related: #2123641
[1.2.7-1]
- update to https://github.com/containers/oci-seccomp-bpf-hook/releases/tag/v1.2.7
- Related: #2123641
[1.2.6-1]
- update to https://github.com/containers/oci-seccomp-bpf-hook/releases/tag/v1.2.6
- Related: #2061390
podman
[3:4.4.1-16]
- update to the latest content of https://github.com/containers/podman/tree/v4.4.1-rhel
( https://github.com/containers/podman/commit/b9594a7)
python-podman
[4.4.1-1]
- update to https://github.com/containers/podman-py/releases/tag/v4.4.1
- Related: #2123641
[4.4.0-1]
- update to python-podman-4.4.0
- Related: #2123641
[4.3.0-2]
- upload new source tarball
- Related: #2123641
[4.3.0-1]
- update to https://github.com/containers/podman-py/releases/tag/v4.3.0
- Related: #2123641
[4.2.0-1]
- update to https://github.com/containers/podman-py/releases/tag/v4.2.0
- Related: #2061390
runc
[1:1.1.4-1.0.1]
- rootless: fix /sys/fs/cgroup mounts to prevent CVE-2023-25809
- rootfs: prohibit symlinks that conflicts with readonlyPaths
and/or maskedPaths to prevent CVE-2023-27561
- Prohibit /proc and /sys to be symlinks to prevent CVE-2023-28642
- JIRA: OLDIS-25589
skopeo
[2:1.11.2-0.2]
- fix build
- Related: #2123641
[2:1.11.2-0.1]
- update to the latest content of https://github.com/containers/skopeo/tree/release-1.11
( https://github.com/containers/skopeo/commit/3f98753)
- Related: #2123641
[2:1.11.1-1]
- update to https://github.com/containers/skopeo/releases/tag/v1.11.1
- Related: #2123641
[2:1.11.0-1]
- update to https://github.com/containers/skopeo/releases/tag/v1.11.0
( https://github.com/containers/skopeo/commit/968670116c56023d37e9e98b48346478599c6801)
- Related: #2123641
[2:1.11.0-0.3]
- update to the latest content of https://github.com/containers/skopeo/tree/main
( https://github.com/containers/skopeo/commit/fe15a36)
- Related: #2123641
[2:1.11.0-0.2]
- update to the latest content of https://github.com/containers/skopeo/tree/main
( https://github.com/containers/skopeo/commit/8e09e64)
- Related: #2123641
[2:1.11.0-0.1]
- update to the latest content of https://github.com/containers/skopeo/tree/main
( https://github.com/containers/skopeo/commit/2817510)
- Related: #2123641
[2:1.10.0-1]
- update to https://github.com/containers/skopeo/releases/tag/v1.10.0
- Related: #2123641
slirp4netns
[1.2.0-2]
- BuildRequires: /usr/bin/go-md2man
- Related: #2061390
[1.2.0-1]
- update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.2.0
- Related: #2061390
udica
[0.2.6-20]
- bump release to preserve update path
- Related: #2139052
[0.2.6-4]
- Bump release to match latest release available in rhel-8.6.1
- Resolves: #2139052
A container-tools:ol8 bug fix and enhancement update has been released for Oracle Linux 8.