podman-4.4.1-3.el9

エラータID: AXSA:2023-5638:04

Release date: 
Tuesday, May 30, 2023 - 04:38
Subject: 
podman-4.4.1-3.el9
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
Moderate
Description: 

The podman tool manages pods, container images, and containers. It is part of
the libpod library, which is for applications that use container pods. Container
pods is a concept in Kubernetes.

Security Fix(es):

* golang: net/http: excessive memory growth in a Go server accepting HTTP/2
requests (CVE-2022-41717)
* golang: crypto/tls: session tickets lack random ticket_age_add
(CVE-2022-30629)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.

CVE-2022-30629
Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption.
CVE-2022-41717
An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.

Solution: 

Update packages.

CVEs: 
CVE-2022-30629
Non-random values for ticket_age_add in session tickets in crypto/tls before Go 1.17.11 and Go 1.18.3 allow an attacker that can observe TLS handshakes to correlate successive connections by comparing ticket ages during session resumption.
CVE-2022-41717
An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate approximately 64 MiB per open connection.
Additional Info: 

N/A

Download: 

SRPMS
  1. podman-4.4.1-3.el9.src.rpm
    MD5: 1b2b35f0a0b10d4239cb450ab37c51ec
    SHA-256: 4e71c9d4931b795ce01d3f544579a5476cec2a37f071521471732c8e66c2dfb7
    Size: 19.57 MB

Asianux Server 9 for x86_64
  1. podman-4.4.1-3.el9.x86_64.rpm
    MD5: 366f49c1cdbd2d94373696e3213245ab
    SHA-256: ca6e3f4da58a9e4cfdafe133767657b97ede314ba01b055f95a2d4cfb1932143
    Size: 14.27 MB
  2. podman-docker-4.4.1-3.el9.noarch.rpm
    MD5: 7f390a198429144e340748725055777f
    SHA-256: 10fd5ee2e46efaf9c041b123a947095fd4b879f0e5bc244e8349f1798a2edc9f
    Size: 38.11 kB
  3. podman-gvproxy-4.4.1-3.el9.x86_64.rpm
    MD5: 7288e622b7ddf01560e87c157ac8ce4e
    SHA-256: fc922844c0a613d16fb9dc4b7620ce8535a6e664d71854aaf47baa37ac5cee1c
    Size: 3.66 MB
  4. podman-plugins-4.4.1-3.el9.x86_64.rpm
    MD5: c2172330f40ff33197a03f4b068e8499
    SHA-256: b0001924baf0d3c2da42c255f08a16b3720c1fa867162ee7c549654b6733092e
    Size: 1.19 MB
  5. podman-remote-4.4.1-3.el9.x86_64.rpm
    MD5: 39f4379d48878829699e498853845245
    SHA-256: 2fd0cfd35b54e97f069e1107b690e1ec7ac8bebbaccc9d39c605e4aac64e5756
    Size: 9.37 MB
  6. podman-tests-4.4.1-3.el9.x86_64.rpm
    MD5: 7f1cad66bd29fa1f0ed3eb66cebb9d50
    SHA-256: 9aa18a4a816988d1f2b37b40fd382b51ce09578186caf1b6328f081b6b97be49
    Size: 172.40 kB