ALSA-2021:1796
See a problem?- Source
- https://errata.almalinux.org/8/ALSA-2021-1796.html
- Import Source
- https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2021:1796.json
- JSON Data
- https://api.osv.dev/v1/vulns/ALSA-2021:1796
- Related
- Published
- 2021-05-18T06:06:39Z
- Modified
- 2021-05-18T06:06:07Z
- Summary
- Moderate: container-tools:rhel8 security, bug fix, and enhancement update
- Details
-
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.
Security Fix(es):
golang: crypto/ssh: crafted authentication request can lead to nil pointer dereference (CVE-2020-29652)
podman: Remote traffic to rootless containers is seen as orginating from localhost (CVE-2021-20199)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
- References
Affected packages
AlmaLinux:8 / cockpit-podman
Package
- Name
- cockpit-podman
AlmaLinux:8 / conmon
Package
- Name
- conmon
AlmaLinux:8 / containernetworking-plugins
Package
- Name
- containernetworking-plugins
AlmaLinux:8 / crit
Package
- Name
- crit
AlmaLinux:8 / criu
Package
- Name
- criu
AlmaLinux:8 / fuse-overlayfs
Package
- Name
- fuse-overlayfs
AlmaLinux:8 / libslirp
Package
- Name
- libslirp
AlmaLinux:8 / libslirp-devel
Package
- Name
- libslirp-devel
AlmaLinux:8 / python3-criu
Package
- Name
- python3-criu
AlmaLinux:8 / slirp4netns
Package
- Name
- slirp4netns