El-errata: ELSA-2021-2371 Important: Oracle Linux 8 container-tools:ol8 security update
Oracle Linux Security Advisory ELSA-2021-2371
http://linux.oracle.com/errata/ELSA-2021-2371.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
buildah-1.19.7-2.0.1.module+el8.4.0+20195+0a4a4953.x86_64.rpm
buildah-tests-1.19.7-2.0.1.module+el8.4.0+20195+0a4a4953.x86_64.rpm
cockpit-podman-29-2.module+el8.4.0+20195+0a4a4953.noarch.rpm
conmon-2.0.26-3.module+el8.4.0+20195+0a4a4953.x86_64.rpm
containernetworking-plugins-0.9.1-1.module+el8.4.0+20195+0a4a4953.x86_64.rpm
containers-common-1.2.2-10.0.1.module+el8.4.0+20195+0a4a4953.x86_64.rpm
container-selinux-2.162.0-1.module+el8.4.0+20195+0a4a4953.noarch.rpm
crit-3.15-1.module+el8.4.0+20195+0a4a4953.x86_64.rpm
criu-3.15-1.module+el8.4.0+20195+0a4a4953.x86_64.rpm
crun-0.18-2.module+el8.4.0+20195+0a4a4953.x86_64.rpm
fuse-overlayfs-1.4.0-3.module+el8.4.0+20195+0a4a4953.x86_64.rpm
libslirp-4.3.1-1.module+el8.4.0+20195+0a4a4953.x86_64.rpm
libslirp-devel-4.3.1-1.module+el8.4.0+20195+0a4a4953.x86_64.rpm
oci-seccomp-bpf-hook-1.2.0-2.module+el8.4.0+20195+0a4a4953.x86_64.rpm
podman-3.0.1-7.0.1.module+el8.4.0+20195+0a4a4953.x86_64.rpm
podman-catatonit-3.0.1-7.0.1.module+el8.4.0+20195+0a4a4953.x86_64.rpm
podman-docker-3.0.1-7.0.1.module+el8.4.0+20195+0a4a4953.noarch.rpm
podman-plugins-3.0.1-7.0.1.module+el8.4.0+20195+0a4a4953.x86_64.rpm
podman-remote-3.0.1-7.0.1.module+el8.4.0+20195+0a4a4953.x86_64.rpm
podman-tests-3.0.1-7.0.1.module+el8.4.0+20195+0a4a4953.x86_64.rpm
python3-criu-3.15-1.module+el8.4.0+20195+0a4a4953.x86_64.rpm
runc-1.0.0-73.rc93.module+el8.4.0+20195+0a4a4953.x86_64.rpm
skopeo-1.2.2-10.0.1.module+el8.4.0+20195+0a4a4953.x86_64.rpm
skopeo-tests-1.2.2-10.0.1.module+el8.4.0+20195+0a4a4953.x86_64.rpm
slirp4netns-1.1.8-1.module+el8.4.0+20195+0a4a4953.x86_64.rpm
udica-0.2.4-1.module+el8.4.0+20195+0a4a4953.noarch.rpm
aarch64:
buildah-1.19.7-2.0.1.module+el8.4.0+20195+0a4a4953.aarch64.rpm
buildah-tests-1.19.7-2.0.1.module+el8.4.0+20195+0a4a4953.aarch64.rpm
cockpit-podman-29-2.module+el8.4.0+20195+0a4a4953.noarch.rpm
conmon-2.0.26-3.module+el8.4.0+20195+0a4a4953.aarch64.rpm
containernetworking-plugins-0.9.1-1.module+el8.4.0+20195+0a4a4953.aarch64.rpm
containers-common-1.2.2-10.0.1.module+el8.4.0+20195+0a4a4953.aarch64.rpm
container-selinux-2.162.0-1.module+el8.4.0+20195+0a4a4953.noarch.rpm
crit-3.15-1.module+el8.4.0+20195+0a4a4953.aarch64.rpm
criu-3.15-1.module+el8.4.0+20195+0a4a4953.aarch64.rpm
crun-0.18-2.module+el8.4.0+20195+0a4a4953.aarch64.rpm
fuse-overlayfs-1.4.0-3.module+el8.4.0+20195+0a4a4953.aarch64.rpm
libslirp-4.3.1-1.module+el8.4.0+20195+0a4a4953.aarch64.rpm
libslirp-devel-4.3.1-1.module+el8.4.0+20195+0a4a4953.aarch64.rpm
oci-seccomp-bpf-hook-1.2.0-2.module+el8.4.0+20195+0a4a4953.aarch64.rpm
podman-3.0.1-7.0.1.module+el8.4.0+20195+0a4a4953.aarch64.rpm
podman-catatonit-3.0.1-7.0.1.module+el8.4.0+20195+0a4a4953.aarch64.rpm
podman-docker-3.0.1-7.0.1.module+el8.4.0+20195+0a4a4953.noarch.rpm
podman-plugins-3.0.1-7.0.1.module+el8.4.0+20195+0a4a4953.aarch64.rpm
podman-remote-3.0.1-7.0.1.module+el8.4.0+20195+0a4a4953.aarch64.rpm
podman-tests-3.0.1-7.0.1.module+el8.4.0+20195+0a4a4953.aarch64.rpm
python3-criu-3.15-1.module+el8.4.0+20195+0a4a4953.aarch64.rpm
runc-1.0.0-73.rc93.module+el8.4.0+20195+0a4a4953.aarch64.rpm
skopeo-1.2.2-10.0.1.module+el8.4.0+20195+0a4a4953.aarch64.rpm
skopeo-tests-1.2.2-10.0.1.module+el8.4.0+20195+0a4a4953.aarch64.rpm
slirp4netns-1.1.8-1.module+el8.4.0+20195+0a4a4953.aarch64.rpm
udica-0.2.4-1.module+el8.4.0+20195+0a4a4953.noarch.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/buildah-1.19.7-2.0.1.module+el8.4.0+20195+0a4a4953.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/cockpit-podman-29-2.module+el8.4.0+20195+0a4a4953.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/conmon-2.0.26-3.module+el8.4.0+20195+0a4a4953.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/containernetworking-plugins-0.9.1-1.module+el8.4.0+20195+0a4a4953.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/container-selinux-2.162.0-1.module+el8.4.0+20195+0a4a4953.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/criu-3.15-1.module+el8.4.0+20195+0a4a4953.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/crun-0.18-2.module+el8.4.0+20195+0a4a4953.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/fuse-overlayfs-1.4.0-3.module+el8.4.0+20195+0a4a4953.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/libslirp-4.3.1-1.module+el8.4.0+20195+0a4a4953.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/oci-seccomp-bpf-hook-1.2.0-2.module+el8.4.0+20195+0a4a4953.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/podman-3.0.1-7.0.1.module+el8.4.0+20195+0a4a4953.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/runc-1.0.0-73.rc93.module+el8.4.0+20195+0a4a4953.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/skopeo-1.2.2-10.0.1.module+el8.4.0+20195+0a4a4953.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/slirp4netns-1.1.8-1.module+el8.4.0+20195+0a4a4953.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/udica-0.2.4-1.module+el8.4.0+20195+0a4a4953.src.rpm
Related CVEs:
CVE-2021-30465
Description of changes:
buildah
[1.19.7-2.0.1]
- Fixes troubles with oracle registry login [Orabug: 29937283]
[1.19.7-2]
- revert changes to the state of 3.0-8.4.0
- Related: #1954702
conmon
[2:2.0.26-3]
- fix 'Permission on /dev/null are changing from 666 to 777 after running podman as root [rhel-8.4.0.z]'
- Resolves: #1961682
[2:2.0.26-2]
- revert back to the state of 3.0-8.4.0
- Related: #1954702
container-selinux
[2:2.162.0-1]
- update to https://github.com/containers/container-selinux/releases/tag/v2.162.0
- Related: #1954702
[2:2.161.1-2]
- do not use lockdown class yet - it is not available in RHEL
- Related: #1954702
[2:2.161.1-1]
- update to https://github.com/containers/container-selinux/releases/tag/v2.161.1
- Related: #1954702
[2:2.160.2-1]
- update to
https://github.com/containers/container-selinux/releases/tag/v2.160.2
- Related: #1954702
crun
[0.18-2]
- revert back to the state of 3.0-8.4.0
- Related: #1954702
fuse-overlayfs
[1.4.0-3]
- revert back to the state of 3.0-8.4.0
- Related: #1954702
podman
[3.0.1-7.0.1]
- Handling redirect from the docker registry [Orabug: 29874238] (Nikita Gerasimov)
[3.0.1-7]
- revert back to the state of 3.0-8.4.0
- Related: #1954702
runc
[1.0.0-73.rc93]
- fix 'podman run --pid=host command causes OCI permission error'
- Related: #1954702
[1.0.0-72.rc93]
- fix CVE-2021-30465
- Related: #1954702
[1.0.0-71.rc93]
- upload rc93 tarball
- Related: #1954702
skopeo
[1:1.2.2-10.0.1]
- Handling redirect from the docker registry [Orabug: 29874238] (Nikita Gerasimov)
- Add oracle registry into the conf file [Orabug: 29845934 31306708]
[1:1.2.2-10]
- re-enable release-1.2 branch
- Related: #1954702
A container-tools:ol8 security update has been released for Oracle Linux 8.