-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: container-tools:rhel8 security, bug fix, and enhancement update Advisory ID: RHSA-2022:7457-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:7457 Issue date: 2022-11-08 CVE Names: CVE-2021-36221 CVE-2021-41190 CVE-2022-1708 CVE-2022-2990 CVE-2022-27191 CVE-2022-29162 ==================================================================== 1. Summary: An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): * golang: net/http/httputil: panic due to racy read of persistConn after handler panic (CVE-2021-36221) * cri-o: memory exhaustion on the node when access to the kube api (CVE-2022-1708) * golang: crash in a golang.org/x/crypto/ssh server (CVE-2022-27191) * opencontainers: OCI manifest and index parsing confusion (CVE-2021-41190) * buildah: possible information disclosure and modification (CVE-2022-2990) * runc: incorrect handling of inheritable capabilities (CVE-2022-29162) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.7 Release Notes linked from the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 1820551 - Automatically starting a container on boot is not possible through cockpit WebUI 1941727 - Module meta data is wrong 1945929 - Every podman run invocation generates two "Couldn't stat device /dev/char/10:200: No such file or directory" lines in the journal 1974423 - No equivalent buildah bud argument to docker build --ssh 1995656 - CVE-2021-36221 golang: net/http/httputil: panic due to racy read of persistConn after handler panic 1996050 - [RFE] podman to create a rootless container that attempts to publish ports from a host with static IPv6 address. 2005866 - Udica was rebased prematurely 2009264 - Cannot get logs with --follow 2009346 - Podman name resolution not working as expected 2024938 - CVE-2021-41190 opencontainers: OCI manifest and index parsing confusion 2027662 - Udica crashes when processing inspect file without capabilities 2028408 - Podman healthcheck fails if the command contains unicode characters. 2030195 - Add restart-sec option to systemd generate 2039045 - /etc/containers/registries.conf missing registry.redhat.io terms-based registry definition 2052697 - Inconsistency in how the podman service behaves depending on whether it is providing API via UNIX or TCP socket. 2053990 - runc has unversioned dependency on libseccomp 2055313 - Creating a pod uses bad infra_image registry in podman 2059666 - There is no man page for Containerfile provided by containers-common 2062697 - [cockpit-podman] RHEL 8.7 Tier 0 Localization 2064702 - CVE-2022-27191 golang: crash in a golang.org/x/crypto/ssh server 2066145 - The results showed significant difference between with and without --no-stream option for podman stats 2068006 - CentOS Stream 8 podman: symbol lookup error: podman: undefined symbol: seccomp_notify_fd [rhel-8.7.0] 2072452 - error during chown: storage-chown-by-maps: lgetxattr usr/bin/ping: value too large for defined data type 2073958 - Podman v3.4.2 regression with hosts file breaks getHostAddress() call 2078925 - podman command crash with segment fault in rootless user mode 2079759 - skopeo segfaults after rebuild with golang-1.18 2079761 - podman fails to build with golang-1.18 2081836 - networking is broken when building containers due to missing container networking package dependencies 2083570 - symlinks doesn't work on volumes under podman when SELINUX is enabled 2083997 - catatonit not found when starting pod (podman 4.0 under RHEL 8.6) 2085361 - CVE-2022-1708 cri-o: memory exhaustion on the node when access to the kube api 2086398 - CVE-2022-29162 runc: incorrect handling of inheritable capabilities 2086757 - Error: plugin type="bridge" failed (add): failed to find plugin "bridge" in path 2090609 - ERRO[0009] Error forwarding signal 18 to container using rootless user with timeout+sleep in the podman run command 2090920 - Podman load keeps stale files in TMPDIR 2093079 - Podman does not detect volume from the volume plugin, unlike docker 2094610 - Healthcheck does not get executed if --interval not specified in Dockerfile 2094875 - podman not being able to mount devices during podman build 2095097 - [RFE] Podman copying the entries of /etc/hosts in the container 2096264 - podman images --format incompatibility with docker 2097865 - Removing podman-2:4.0.2-6.module+el8.6.0+14877+f643d2d6.x86_64 does not remove podman socket if sudo systemctl enable podman.socket has been run prior to yum remove podman 2100740 - podman can not force remove paused container 2102140 - ADD Dockerfile reference is not validating HTTP status code [rhel8] 2102361 - Mostly-confined containers which create their own user and mount namespaces can't mount overlay filesystems 2102381 - podman image failed with ERRO[0000] Unmounting /home/maor/.local/share/containers/storage/overlay/XX/merged: invalid argument 2113941 - podman did not set selinux labels to symbolic links 2117699 - podman 4.2 version bump 2117928 - Error: runc: exec failed: unable to start container process: open /dev/pts/0: operation not permitted: OCI permission denied 2118231 - mount through procfd: operation not permitted: OCI permission denied 2119072 - podman gating test issues in RHEL8.7 2120651 - Add beta keys to default-policy.json 2121453 - CVE-2022-2990 buildah: possible information disclosure and modification 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): Source: aardvark-dns-1.1.0-4.module+el8.7.0+16772+33343656.src.rpm buildah-1.27.0-2.module+el8.7.0+16772+33343656.src.rpm cockpit-podman-53-1.module+el8.7.0+16772+33343656.src.rpm conmon-2.1.4-1.module+el8.7.0+16772+33343656.src.rpm container-selinux-2.189.0-1.module+el8.7.0+16772+33343656.src.rpm containernetworking-plugins-1.1.1-3.module+el8.7.0+16772+33343656.src.rpm containers-common-1-40.module+el8.7.0+16772+33343656.src.rpm criu-3.15-3.module+el8.7.0+16772+33343656.src.rpm crun-1.5-1.module+el8.7.0+16772+33343656.src.rpm fuse-overlayfs-1.9-1.module+el8.7.0+16772+33343656.src.rpm libslirp-4.4.0-1.module+el8.7.0+16772+33343656.src.rpm netavark-1.1.0-6.module+el8.7.0+16772+33343656.src.rpm oci-seccomp-bpf-hook-1.2.6-1.module+el8.7.0+16772+33343656.src.rpm podman-4.2.0-1.module+el8.7.0+16772+33343656.src.rpm python-podman-4.2.0-1.module+el8.7.0+16772+33343656.src.rpm runc-1.1.4-1.module+el8.7.0+16772+33343656.src.rpm skopeo-1.9.2-1.module+el8.7.0+16772+33343656.src.rpm slirp4netns-1.2.0-2.module+el8.7.0+16772+33343656.src.rpm toolbox-0.0.99.3-0.6.module+el8.7.0+16772+33343656.src.rpm udica-0.2.6-3.module+el8.7.0+16772+33343656.src.rpm aarch64: aardvark-dns-1.1.0-4.module+el8.7.0+16772+33343656.aarch64.rpm buildah-1.27.0-2.module+el8.7.0+16772+33343656.aarch64.rpm buildah-debuginfo-1.27.0-2.module+el8.7.0+16772+33343656.aarch64.rpm buildah-debugsource-1.27.0-2.module+el8.7.0+16772+33343656.aarch64.rpm buildah-tests-1.27.0-2.module+el8.7.0+16772+33343656.aarch64.rpm buildah-tests-debuginfo-1.27.0-2.module+el8.7.0+16772+33343656.aarch64.rpm conmon-2.1.4-1.module+el8.7.0+16772+33343656.aarch64.rpm conmon-debuginfo-2.1.4-1.module+el8.7.0+16772+33343656.aarch64.rpm conmon-debugsource-2.1.4-1.module+el8.7.0+16772+33343656.aarch64.rpm containernetworking-plugins-1.1.1-3.module+el8.7.0+16772+33343656.aarch64.rpm containernetworking-plugins-debuginfo-1.1.1-3.module+el8.7.0+16772+33343656.aarch64.rpm containernetworking-plugins-debugsource-1.1.1-3.module+el8.7.0+16772+33343656.aarch64.rpm containers-common-1-40.module+el8.7.0+16772+33343656.aarch64.rpm crit-3.15-3.module+el8.7.0+16772+33343656.aarch64.rpm criu-3.15-3.module+el8.7.0+16772+33343656.aarch64.rpm criu-debuginfo-3.15-3.module+el8.7.0+16772+33343656.aarch64.rpm criu-debugsource-3.15-3.module+el8.7.0+16772+33343656.aarch64.rpm criu-devel-3.15-3.module+el8.7.0+16772+33343656.aarch64.rpm criu-libs-3.15-3.module+el8.7.0+16772+33343656.aarch64.rpm criu-libs-debuginfo-3.15-3.module+el8.7.0+16772+33343656.aarch64.rpm crun-1.5-1.module+el8.7.0+16772+33343656.aarch64.rpm crun-debuginfo-1.5-1.module+el8.7.0+16772+33343656.aarch64.rpm crun-debugsource-1.5-1.module+el8.7.0+16772+33343656.aarch64.rpm fuse-overlayfs-1.9-1.module+el8.7.0+16772+33343656.aarch64.rpm fuse-overlayfs-debuginfo-1.9-1.module+el8.7.0+16772+33343656.aarch64.rpm fuse-overlayfs-debugsource-1.9-1.module+el8.7.0+16772+33343656.aarch64.rpm libslirp-4.4.0-1.module+el8.7.0+16772+33343656.aarch64.rpm libslirp-debuginfo-4.4.0-1.module+el8.7.0+16772+33343656.aarch64.rpm libslirp-debugsource-4.4.0-1.module+el8.7.0+16772+33343656.aarch64.rpm libslirp-devel-4.4.0-1.module+el8.7.0+16772+33343656.aarch64.rpm netavark-1.1.0-6.module+el8.7.0+16772+33343656.aarch64.rpm oci-seccomp-bpf-hook-1.2.6-1.module+el8.7.0+16772+33343656.aarch64.rpm oci-seccomp-bpf-hook-debuginfo-1.2.6-1.module+el8.7.0+16772+33343656.aarch64.rpm oci-seccomp-bpf-hook-debugsource-1.2.6-1.module+el8.7.0+16772+33343656.aarch64.rpm podman-4.2.0-1.module+el8.7.0+16772+33343656.aarch64.rpm podman-catatonit-4.2.0-1.module+el8.7.0+16772+33343656.aarch64.rpm podman-catatonit-debuginfo-4.2.0-1.module+el8.7.0+16772+33343656.aarch64.rpm podman-debuginfo-4.2.0-1.module+el8.7.0+16772+33343656.aarch64.rpm podman-debugsource-4.2.0-1.module+el8.7.0+16772+33343656.aarch64.rpm podman-gvproxy-4.2.0-1.module+el8.7.0+16772+33343656.aarch64.rpm podman-gvproxy-debuginfo-4.2.0-1.module+el8.7.0+16772+33343656.aarch64.rpm podman-plugins-4.2.0-1.module+el8.7.0+16772+33343656.aarch64.rpm podman-plugins-debuginfo-4.2.0-1.module+el8.7.0+16772+33343656.aarch64.rpm podman-remote-4.2.0-1.module+el8.7.0+16772+33343656.aarch64.rpm podman-remote-debuginfo-4.2.0-1.module+el8.7.0+16772+33343656.aarch64.rpm podman-tests-4.2.0-1.module+el8.7.0+16772+33343656.aarch64.rpm python3-criu-3.15-3.module+el8.7.0+16772+33343656.aarch64.rpm runc-1.1.4-1.module+el8.7.0+16772+33343656.aarch64.rpm runc-debuginfo-1.1.4-1.module+el8.7.0+16772+33343656.aarch64.rpm runc-debugsource-1.1.4-1.module+el8.7.0+16772+33343656.aarch64.rpm skopeo-1.9.2-1.module+el8.7.0+16772+33343656.aarch64.rpm skopeo-debuginfo-1.9.2-1.module+el8.7.0+16772+33343656.aarch64.rpm skopeo-debugsource-1.9.2-1.module+el8.7.0+16772+33343656.aarch64.rpm skopeo-tests-1.9.2-1.module+el8.7.0+16772+33343656.aarch64.rpm slirp4netns-1.2.0-2.module+el8.7.0+16772+33343656.aarch64.rpm slirp4netns-debuginfo-1.2.0-2.module+el8.7.0+16772+33343656.aarch64.rpm slirp4netns-debugsource-1.2.0-2.module+el8.7.0+16772+33343656.aarch64.rpm toolbox-0.0.99.3-0.6.module+el8.7.0+16772+33343656.aarch64.rpm toolbox-debuginfo-0.0.99.3-0.6.module+el8.7.0+16772+33343656.aarch64.rpm toolbox-debugsource-0.0.99.3-0.6.module+el8.7.0+16772+33343656.aarch64.rpm toolbox-tests-0.0.99.3-0.6.module+el8.7.0+16772+33343656.aarch64.rpm noarch: cockpit-podman-53-1.module+el8.7.0+16772+33343656.noarch.rpm container-selinux-2.189.0-1.module+el8.7.0+16772+33343656.noarch.rpm podman-docker-4.2.0-1.module+el8.7.0+16772+33343656.noarch.rpm python3-podman-4.2.0-1.module+el8.7.0+16772+33343656.noarch.rpm udica-0.2.6-3.module+el8.7.0+16772+33343656.noarch.rpm ppc64le: aardvark-dns-1.1.0-4.module+el8.7.0+16772+33343656.ppc64le.rpm buildah-1.27.0-2.module+el8.7.0+16772+33343656.ppc64le.rpm buildah-debuginfo-1.27.0-2.module+el8.7.0+16772+33343656.ppc64le.rpm buildah-debugsource-1.27.0-2.module+el8.7.0+16772+33343656.ppc64le.rpm buildah-tests-1.27.0-2.module+el8.7.0+16772+33343656.ppc64le.rpm buildah-tests-debuginfo-1.27.0-2.module+el8.7.0+16772+33343656.ppc64le.rpm conmon-2.1.4-1.module+el8.7.0+16772+33343656.ppc64le.rpm conmon-debuginfo-2.1.4-1.module+el8.7.0+16772+33343656.ppc64le.rpm conmon-debugsource-2.1.4-1.module+el8.7.0+16772+33343656.ppc64le.rpm containernetworking-plugins-1.1.1-3.module+el8.7.0+16772+33343656.ppc64le.rpm containernetworking-plugins-debuginfo-1.1.1-3.module+el8.7.0+16772+33343656.ppc64le.rpm containernetworking-plugins-debugsource-1.1.1-3.module+el8.7.0+16772+33343656.ppc64le.rpm containers-common-1-40.module+el8.7.0+16772+33343656.ppc64le.rpm crit-3.15-3.module+el8.7.0+16772+33343656.ppc64le.rpm criu-3.15-3.module+el8.7.0+16772+33343656.ppc64le.rpm criu-debuginfo-3.15-3.module+el8.7.0+16772+33343656.ppc64le.rpm criu-debugsource-3.15-3.module+el8.7.0+16772+33343656.ppc64le.rpm criu-devel-3.15-3.module+el8.7.0+16772+33343656.ppc64le.rpm criu-libs-3.15-3.module+el8.7.0+16772+33343656.ppc64le.rpm criu-libs-debuginfo-3.15-3.module+el8.7.0+16772+33343656.ppc64le.rpm crun-1.5-1.module+el8.7.0+16772+33343656.ppc64le.rpm crun-debuginfo-1.5-1.module+el8.7.0+16772+33343656.ppc64le.rpm crun-debugsource-1.5-1.module+el8.7.0+16772+33343656.ppc64le.rpm fuse-overlayfs-1.9-1.module+el8.7.0+16772+33343656.ppc64le.rpm fuse-overlayfs-debuginfo-1.9-1.module+el8.7.0+16772+33343656.ppc64le.rpm fuse-overlayfs-debugsource-1.9-1.module+el8.7.0+16772+33343656.ppc64le.rpm libslirp-4.4.0-1.module+el8.7.0+16772+33343656.ppc64le.rpm libslirp-debuginfo-4.4.0-1.module+el8.7.0+16772+33343656.ppc64le.rpm libslirp-debugsource-4.4.0-1.module+el8.7.0+16772+33343656.ppc64le.rpm libslirp-devel-4.4.0-1.module+el8.7.0+16772+33343656.ppc64le.rpm netavark-1.1.0-6.module+el8.7.0+16772+33343656.ppc64le.rpm oci-seccomp-bpf-hook-1.2.6-1.module+el8.7.0+16772+33343656.ppc64le.rpm oci-seccomp-bpf-hook-debuginfo-1.2.6-1.module+el8.7.0+16772+33343656.ppc64le.rpm oci-seccomp-bpf-hook-debugsource-1.2.6-1.module+el8.7.0+16772+33343656.ppc64le.rpm podman-4.2.0-1.module+el8.7.0+16772+33343656.ppc64le.rpm podman-catatonit-4.2.0-1.module+el8.7.0+16772+33343656.ppc64le.rpm podman-catatonit-debuginfo-4.2.0-1.module+el8.7.0+16772+33343656.ppc64le.rpm podman-debuginfo-4.2.0-1.module+el8.7.0+16772+33343656.ppc64le.rpm podman-debugsource-4.2.0-1.module+el8.7.0+16772+33343656.ppc64le.rpm podman-gvproxy-4.2.0-1.module+el8.7.0+16772+33343656.ppc64le.rpm podman-gvproxy-debuginfo-4.2.0-1.module+el8.7.0+16772+33343656.ppc64le.rpm podman-plugins-4.2.0-1.module+el8.7.0+16772+33343656.ppc64le.rpm podman-plugins-debuginfo-4.2.0-1.module+el8.7.0+16772+33343656.ppc64le.rpm podman-remote-4.2.0-1.module+el8.7.0+16772+33343656.ppc64le.rpm podman-remote-debuginfo-4.2.0-1.module+el8.7.0+16772+33343656.ppc64le.rpm podman-tests-4.2.0-1.module+el8.7.0+16772+33343656.ppc64le.rpm python3-criu-3.15-3.module+el8.7.0+16772+33343656.ppc64le.rpm runc-1.1.4-1.module+el8.7.0+16772+33343656.ppc64le.rpm runc-debuginfo-1.1.4-1.module+el8.7.0+16772+33343656.ppc64le.rpm runc-debugsource-1.1.4-1.module+el8.7.0+16772+33343656.ppc64le.rpm skopeo-1.9.2-1.module+el8.7.0+16772+33343656.ppc64le.rpm skopeo-debuginfo-1.9.2-1.module+el8.7.0+16772+33343656.ppc64le.rpm skopeo-debugsource-1.9.2-1.module+el8.7.0+16772+33343656.ppc64le.rpm skopeo-tests-1.9.2-1.module+el8.7.0+16772+33343656.ppc64le.rpm slirp4netns-1.2.0-2.module+el8.7.0+16772+33343656.ppc64le.rpm slirp4netns-debuginfo-1.2.0-2.module+el8.7.0+16772+33343656.ppc64le.rpm slirp4netns-debugsource-1.2.0-2.module+el8.7.0+16772+33343656.ppc64le.rpm toolbox-0.0.99.3-0.6.module+el8.7.0+16772+33343656.ppc64le.rpm toolbox-debuginfo-0.0.99.3-0.6.module+el8.7.0+16772+33343656.ppc64le.rpm toolbox-debugsource-0.0.99.3-0.6.module+el8.7.0+16772+33343656.ppc64le.rpm toolbox-tests-0.0.99.3-0.6.module+el8.7.0+16772+33343656.ppc64le.rpm s390x: aardvark-dns-1.1.0-4.module+el8.7.0+16772+33343656.s390x.rpm buildah-1.27.0-2.module+el8.7.0+16772+33343656.s390x.rpm buildah-debuginfo-1.27.0-2.module+el8.7.0+16772+33343656.s390x.rpm buildah-debugsource-1.27.0-2.module+el8.7.0+16772+33343656.s390x.rpm buildah-tests-1.27.0-2.module+el8.7.0+16772+33343656.s390x.rpm buildah-tests-debuginfo-1.27.0-2.module+el8.7.0+16772+33343656.s390x.rpm conmon-2.1.4-1.module+el8.7.0+16772+33343656.s390x.rpm conmon-debuginfo-2.1.4-1.module+el8.7.0+16772+33343656.s390x.rpm conmon-debugsource-2.1.4-1.module+el8.7.0+16772+33343656.s390x.rpm containernetworking-plugins-1.1.1-3.module+el8.7.0+16772+33343656.s390x.rpm containernetworking-plugins-debuginfo-1.1.1-3.module+el8.7.0+16772+33343656.s390x.rpm containernetworking-plugins-debugsource-1.1.1-3.module+el8.7.0+16772+33343656.s390x.rpm containers-common-1-40.module+el8.7.0+16772+33343656.s390x.rpm crit-3.15-3.module+el8.7.0+16772+33343656.s390x.rpm criu-3.15-3.module+el8.7.0+16772+33343656.s390x.rpm criu-debuginfo-3.15-3.module+el8.7.0+16772+33343656.s390x.rpm criu-debugsource-3.15-3.module+el8.7.0+16772+33343656.s390x.rpm criu-devel-3.15-3.module+el8.7.0+16772+33343656.s390x.rpm criu-libs-3.15-3.module+el8.7.0+16772+33343656.s390x.rpm criu-libs-debuginfo-3.15-3.module+el8.7.0+16772+33343656.s390x.rpm crun-1.5-1.module+el8.7.0+16772+33343656.s390x.rpm crun-debuginfo-1.5-1.module+el8.7.0+16772+33343656.s390x.rpm crun-debugsource-1.5-1.module+el8.7.0+16772+33343656.s390x.rpm fuse-overlayfs-1.9-1.module+el8.7.0+16772+33343656.s390x.rpm fuse-overlayfs-debuginfo-1.9-1.module+el8.7.0+16772+33343656.s390x.rpm fuse-overlayfs-debugsource-1.9-1.module+el8.7.0+16772+33343656.s390x.rpm libslirp-4.4.0-1.module+el8.7.0+16772+33343656.s390x.rpm libslirp-debuginfo-4.4.0-1.module+el8.7.0+16772+33343656.s390x.rpm libslirp-debugsource-4.4.0-1.module+el8.7.0+16772+33343656.s390x.rpm libslirp-devel-4.4.0-1.module+el8.7.0+16772+33343656.s390x.rpm netavark-1.1.0-6.module+el8.7.0+16772+33343656.s390x.rpm oci-seccomp-bpf-hook-1.2.6-1.module+el8.7.0+16772+33343656.s390x.rpm oci-seccomp-bpf-hook-debuginfo-1.2.6-1.module+el8.7.0+16772+33343656.s390x.rpm oci-seccomp-bpf-hook-debugsource-1.2.6-1.module+el8.7.0+16772+33343656.s390x.rpm podman-4.2.0-1.module+el8.7.0+16772+33343656.s390x.rpm podman-catatonit-4.2.0-1.module+el8.7.0+16772+33343656.s390x.rpm podman-catatonit-debuginfo-4.2.0-1.module+el8.7.0+16772+33343656.s390x.rpm podman-debuginfo-4.2.0-1.module+el8.7.0+16772+33343656.s390x.rpm podman-debugsource-4.2.0-1.module+el8.7.0+16772+33343656.s390x.rpm podman-gvproxy-4.2.0-1.module+el8.7.0+16772+33343656.s390x.rpm podman-gvproxy-debuginfo-4.2.0-1.module+el8.7.0+16772+33343656.s390x.rpm podman-plugins-4.2.0-1.module+el8.7.0+16772+33343656.s390x.rpm podman-plugins-debuginfo-4.2.0-1.module+el8.7.0+16772+33343656.s390x.rpm podman-remote-4.2.0-1.module+el8.7.0+16772+33343656.s390x.rpm podman-remote-debuginfo-4.2.0-1.module+el8.7.0+16772+33343656.s390x.rpm podman-tests-4.2.0-1.module+el8.7.0+16772+33343656.s390x.rpm python3-criu-3.15-3.module+el8.7.0+16772+33343656.s390x.rpm runc-1.1.4-1.module+el8.7.0+16772+33343656.s390x.rpm runc-debuginfo-1.1.4-1.module+el8.7.0+16772+33343656.s390x.rpm runc-debugsource-1.1.4-1.module+el8.7.0+16772+33343656.s390x.rpm skopeo-1.9.2-1.module+el8.7.0+16772+33343656.s390x.rpm skopeo-debuginfo-1.9.2-1.module+el8.7.0+16772+33343656.s390x.rpm skopeo-debugsource-1.9.2-1.module+el8.7.0+16772+33343656.s390x.rpm skopeo-tests-1.9.2-1.module+el8.7.0+16772+33343656.s390x.rpm slirp4netns-1.2.0-2.module+el8.7.0+16772+33343656.s390x.rpm slirp4netns-debuginfo-1.2.0-2.module+el8.7.0+16772+33343656.s390x.rpm slirp4netns-debugsource-1.2.0-2.module+el8.7.0+16772+33343656.s390x.rpm toolbox-0.0.99.3-0.6.module+el8.7.0+16772+33343656.s390x.rpm toolbox-debuginfo-0.0.99.3-0.6.module+el8.7.0+16772+33343656.s390x.rpm toolbox-debugsource-0.0.99.3-0.6.module+el8.7.0+16772+33343656.s390x.rpm toolbox-tests-0.0.99.3-0.6.module+el8.7.0+16772+33343656.s390x.rpm x86_64: aardvark-dns-1.1.0-4.module+el8.7.0+16772+33343656.x86_64.rpm buildah-1.27.0-2.module+el8.7.0+16772+33343656.x86_64.rpm buildah-debuginfo-1.27.0-2.module+el8.7.0+16772+33343656.x86_64.rpm buildah-debugsource-1.27.0-2.module+el8.7.0+16772+33343656.x86_64.rpm buildah-tests-1.27.0-2.module+el8.7.0+16772+33343656.x86_64.rpm buildah-tests-debuginfo-1.27.0-2.module+el8.7.0+16772+33343656.x86_64.rpm conmon-2.1.4-1.module+el8.7.0+16772+33343656.x86_64.rpm conmon-debuginfo-2.1.4-1.module+el8.7.0+16772+33343656.x86_64.rpm conmon-debugsource-2.1.4-1.module+el8.7.0+16772+33343656.x86_64.rpm containernetworking-plugins-1.1.1-3.module+el8.7.0+16772+33343656.x86_64.rpm containernetworking-plugins-debuginfo-1.1.1-3.module+el8.7.0+16772+33343656.x86_64.rpm containernetworking-plugins-debugsource-1.1.1-3.module+el8.7.0+16772+33343656.x86_64.rpm containers-common-1-40.module+el8.7.0+16772+33343656.x86_64.rpm crit-3.15-3.module+el8.7.0+16772+33343656.x86_64.rpm criu-3.15-3.module+el8.7.0+16772+33343656.x86_64.rpm criu-debuginfo-3.15-3.module+el8.7.0+16772+33343656.x86_64.rpm criu-debugsource-3.15-3.module+el8.7.0+16772+33343656.x86_64.rpm criu-devel-3.15-3.module+el8.7.0+16772+33343656.x86_64.rpm criu-libs-3.15-3.module+el8.7.0+16772+33343656.x86_64.rpm criu-libs-debuginfo-3.15-3.module+el8.7.0+16772+33343656.x86_64.rpm crun-1.5-1.module+el8.7.0+16772+33343656.x86_64.rpm crun-debuginfo-1.5-1.module+el8.7.0+16772+33343656.x86_64.rpm crun-debugsource-1.5-1.module+el8.7.0+16772+33343656.x86_64.rpm fuse-overlayfs-1.9-1.module+el8.7.0+16772+33343656.x86_64.rpm fuse-overlayfs-debuginfo-1.9-1.module+el8.7.0+16772+33343656.x86_64.rpm fuse-overlayfs-debugsource-1.9-1.module+el8.7.0+16772+33343656.x86_64.rpm libslirp-4.4.0-1.module+el8.7.0+16772+33343656.x86_64.rpm libslirp-debuginfo-4.4.0-1.module+el8.7.0+16772+33343656.x86_64.rpm libslirp-debugsource-4.4.0-1.module+el8.7.0+16772+33343656.x86_64.rpm libslirp-devel-4.4.0-1.module+el8.7.0+16772+33343656.x86_64.rpm netavark-1.1.0-6.module+el8.7.0+16772+33343656.x86_64.rpm oci-seccomp-bpf-hook-1.2.6-1.module+el8.7.0+16772+33343656.x86_64.rpm oci-seccomp-bpf-hook-debuginfo-1.2.6-1.module+el8.7.0+16772+33343656.x86_64.rpm oci-seccomp-bpf-hook-debugsource-1.2.6-1.module+el8.7.0+16772+33343656.x86_64.rpm podman-4.2.0-1.module+el8.7.0+16772+33343656.x86_64.rpm podman-catatonit-4.2.0-1.module+el8.7.0+16772+33343656.x86_64.rpm podman-catatonit-debuginfo-4.2.0-1.module+el8.7.0+16772+33343656.x86_64.rpm podman-debuginfo-4.2.0-1.module+el8.7.0+16772+33343656.x86_64.rpm podman-debugsource-4.2.0-1.module+el8.7.0+16772+33343656.x86_64.rpm podman-gvproxy-4.2.0-1.module+el8.7.0+16772+33343656.x86_64.rpm podman-gvproxy-debuginfo-4.2.0-1.module+el8.7.0+16772+33343656.x86_64.rpm podman-plugins-4.2.0-1.module+el8.7.0+16772+33343656.x86_64.rpm podman-plugins-debuginfo-4.2.0-1.module+el8.7.0+16772+33343656.x86_64.rpm podman-remote-4.2.0-1.module+el8.7.0+16772+33343656.x86_64.rpm podman-remote-debuginfo-4.2.0-1.module+el8.7.0+16772+33343656.x86_64.rpm podman-tests-4.2.0-1.module+el8.7.0+16772+33343656.x86_64.rpm python3-criu-3.15-3.module+el8.7.0+16772+33343656.x86_64.rpm runc-1.1.4-1.module+el8.7.0+16772+33343656.x86_64.rpm runc-debuginfo-1.1.4-1.module+el8.7.0+16772+33343656.x86_64.rpm runc-debugsource-1.1.4-1.module+el8.7.0+16772+33343656.x86_64.rpm skopeo-1.9.2-1.module+el8.7.0+16772+33343656.x86_64.rpm skopeo-debuginfo-1.9.2-1.module+el8.7.0+16772+33343656.x86_64.rpm skopeo-debugsource-1.9.2-1.module+el8.7.0+16772+33343656.x86_64.rpm skopeo-tests-1.9.2-1.module+el8.7.0+16772+33343656.x86_64.rpm slirp4netns-1.2.0-2.module+el8.7.0+16772+33343656.x86_64.rpm slirp4netns-debuginfo-1.2.0-2.module+el8.7.0+16772+33343656.x86_64.rpm slirp4netns-debugsource-1.2.0-2.module+el8.7.0+16772+33343656.x86_64.rpm toolbox-0.0.99.3-0.6.module+el8.7.0+16772+33343656.x86_64.rpm toolbox-debuginfo-0.0.99.3-0.6.module+el8.7.0+16772+33343656.x86_64.rpm toolbox-debugsource-0.0.99.3-0.6.module+el8.7.0+16772+33343656.x86_64.rpm toolbox-tests-0.0.99.3-0.6.module+el8.7.0+16772+33343656.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2021-36221 https://access.redhat.com/security/cve/CVE-2021-41190 https://access.redhat.com/security/cve/CVE-2022-1708 https://access.redhat.com/security/cve/CVE-2022-2990 https://access.redhat.com/security/cve/CVE-2022-27191 https://access.redhat.com/security/cve/CVE-2022-29162 https://access.redhat.com/security/updates/classification/#moderate https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.7_release_notes/index 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY2pRzdzjgjWX9erEAQhHihAAgrFL0P9/bHWMhFtBpYGiGDrb3gjbezqu JIDXtNcA5oKpRy6uttd5Hgfqqn1f818ff9rquI0OA4OH7lZrp2vh4vv+p5bHFGGQ 1Iu0ouZdBM/cX6wSM1SHjO9BN7Auoh4RNat5FNSQ9YVdUj6Gwyz9w1ueIxMw3Bsg /b8ICWyKqQv4PrmZjJrc8Q/b6A828nxVPg57civ+I45QCiXJ7zw8GkD6NtVju7+X awq5ktcaXk0SMQ4xcbiiBqnbOk5UXuATAXiiCqUClxGQWyfehgXV2d14vf0CgtUk YVneXMPOnPZOOzmEYES8rdx5z/AOBwV+b5qT36fXyvkndrhDRc5rggJUJLbL6RHk v5yz1kQpz99Cq0zTNuv14F0qeNM+ygF7SU4xnGUbelZN5qF4tEsPH8PJmkvr4Cc7 7oAz9tZbrODx69799jwzXM7kPBcur/WN82Vq20DfG4GcLAqG472LA7FIb1tT3+9w I/AgcM8wDAHVKRiAVESFmvPzynfRntX6VPaXqkxKh1J+M7JmiplAIfE2AqRseW29 R+r6QJwEqGYnWCez7gQCvsrjqFgZC8HnYpAd/k22LdDU5Q2r17W5/uDrLPGYC70t EEvzZ3EehWVCMAf3V7Aawexdm7N6ow4hFLMcgflsOutVsmjs9kvCN84Lm6KlobpY 2ejHAfdliw8=m1Pz -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce