Oracle Linux 6277 Published by

A container-tools:1.0 security and bug fix update has been released for Oracle Linux 8.



El-errata: ELSA-2020-1926 Important: Oracle Linux 8 container-tools:1.0 security and bug fix update


Oracle Linux Security Advisory ELSA-2020-1926

  http://linux.oracle.com/errata/ELSA-2020-1926.html

The following updated rpms for Oracle Linux 8 have been uploaded to the
Unbreakable Linux Network:

x86_64:
buildah-1.5-4.0.1.gite94b4f9.module+el8.2.0+7621+b33f33e5.x86_64.rpm
containernetworking-plugins-0.7.4-3.git9ebe139.module+el8.2.0+7621+b33f33e5.x86_64.rpm
containers-common-0.1.32-4.0.2.git1715c90.module+el8.2.0+7621+b33f33e5.x86_64.rpm
container-selinux-2.124.0-1.gitf958d0c.module+el8.2.0+7621+b33f33e5.noarch.rpm
crit-3.12-9.module+el8.2.0+7621+b33f33e5.x86_64.rpm
criu-3.12-9.module+el8.2.0+7621+b33f33e5.x86_64.rpm
fuse-overlayfs-0.3-5.module+el8.2.0+7621+b33f33e5.x86_64.rpm
oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.2.0+7621+b33f33e5.x86_64.rpm
oci-umount-2.3.4-2.git87f9237.module+el8.2.0+7621+b33f33e5.x86_64.rpm
podman-1.0.0-4.git921f98f.module+el8.2.0+7621+b33f33e5.x86_64.rpm
podman-docker-1.0.0-4.git921f98f.module+el8.2.0+7621+b33f33e5.noarch.rpm
python3-criu-3.12-9.module+el8.2.0+7621+b33f33e5.x86_64.rpm
runc-1.0.0-56.rc5.dev.git2abd837.module+el8.2.0+7621+b33f33e5.x86_64.rpm
skopeo-0.1.32-4.0.2.git1715c90.module+el8.2.0+7621+b33f33e5.x86_64.rpm
slirp4netns-0.1-5.dev.gitc4e1bc5.module+el8.2.0+7621+b33f33e5.x86_64.rpm

aarch64:
buildah-1.5-4.0.1.gite94b4f9.module+el8.2.0+7621+b33f33e5.aarch64.rpm
containernetworking-plugins-0.7.4-3.git9ebe139.module+el8.2.0+7621+b33f33e5.aarch64.rpm
containers-common-0.1.32-4.0.2.git1715c90.module+el8.2.0+7621+b33f33e5.aarch64.rpm
container-selinux-2.124.0-1.gitf958d0c.module+el8.2.0+7621+b33f33e5.noarch.rpm
crit-3.12-9.module+el8.2.0+7621+b33f33e5.aarch64.rpm
criu-3.12-9.module+el8.2.0+7621+b33f33e5.aarch64.rpm
fuse-overlayfs-0.3-5.module+el8.2.0+7621+b33f33e5.aarch64.rpm
oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.2.0+7621+b33f33e5.aarch64.rpm
oci-umount-2.3.4-2.git87f9237.module+el8.2.0+7621+b33f33e5.aarch64.rpm
podman-1.0.0-4.git921f98f.module+el8.2.0+7621+b33f33e5.aarch64.rpm
podman-docker-1.0.0-4.git921f98f.module+el8.2.0+7621+b33f33e5.noarch.rpm
python3-criu-3.12-9.module+el8.2.0+7621+b33f33e5.aarch64.rpm
runc-1.0.0-56.rc5.dev.git2abd837.module+el8.2.0+7621+b33f33e5.aarch64.rpm
skopeo-0.1.32-4.0.2.git1715c90.module+el8.2.0+7621+b33f33e5.aarch64.rpm
slirp4netns-0.1-5.dev.gitc4e1bc5.module+el8.2.0+7621+b33f33e5.aarch64.rpm

SRPMS:
  http://oss.oracle.com/ol8/SRPMS-updates/buildah-1.5-4.0.1.gite94b4f9.module+el8.2.0+7621+b33f33e5.src.rpm
  http://oss.oracle.com/ol8/SRPMS-updates/containernetworking-plugins-0.7.4-3.git9ebe139.module+el8.2.0+7621+b33f33e5.src.rpm
  http://oss.oracle.com/ol8/SRPMS-updates/container-selinux-2.124.0-1.gitf958d0c.module+el8.2.0+7621+b33f33e5.src.rpm
  http://oss.oracle.com/ol8/SRPMS-updates/criu-3.12-9.module+el8.2.0+7621+b33f33e5.src.rpm
  http://oss.oracle.com/ol8/SRPMS-updates/fuse-overlayfs-0.3-5.module+el8.2.0+7621+b33f33e5.src.rpm
  http://oss.oracle.com/ol8/SRPMS-updates/oci-systemd-hook-0.1.15-2.git2d0b8a3.module+el8.2.0+7621+b33f33e5.src.rpm
  http://oss.oracle.com/ol8/SRPMS-updates/oci-umount-2.3.4-2.git87f9237.module+el8.2.0+7621+b33f33e5.src.rpm
  http://oss.oracle.com/ol8/SRPMS-updates/podman-1.0.0-4.git921f98f.module+el8.2.0+7621+b33f33e5.src.rpm
  http://oss.oracle.com/ol8/SRPMS-updates/runc-1.0.0-56.rc5.dev.git2abd837.module+el8.2.0+7621+b33f33e5.src.rpm
  http://oss.oracle.com/ol8/SRPMS-updates/skopeo-0.1.32-4.0.2.git1715c90.module+el8.2.0+7621+b33f33e5.src.rpm
  http://oss.oracle.com/ol8/SRPMS-updates/slirp4netns-0.1-5.dev.gitc4e1bc5.module+el8.2.0+7621+b33f33e5.src.rpm


Description of changes:

buildah
[1.5-4.0.1.gite94b4f9]
- Fixes troubles with oracle registry login [Orabug: 29937283]

[1.5-4.gite94b4f9]
- fix 'CVE-2020-10696 buildah: crafted input tar file may lead to local
file overwriting during image build process'
- Resolves: #1819431

container-selinux
[2:2.124.0-1.gitf958d0c]
- update to 2.124.0
- Resolves: #1816541

[2:2.94-2.git1e99f1d]
- rebuild because of CVE-2019-9512 and CVE-2019-9514
- Resolves: #1766316, #1766215

slirp4netns
[0.1-5.dev.gitc4e1bc5]
- backport fix for CVE-2020-7039
- Resolves: #1791578

[0.1-4.dev.gitc4e1bc5]
- actually add CVE-2019-14378 patch to dist-git
- Related: RHELPLAN-25139