container-tools:rhel8 security, bug fix, and enhancement update
エラータID: AXSA:2021-1533:01
リリース日:
2021/02/28 Sunday - 03:11
題名:
container-tools:rhel8 security, bug fix, and enhancement update
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- container-tools の containers/podman には、情報漏えいの問題があり、
非推奨な Varlink API や Docker-compatible REST API を使用し、
短い期間に複数のコンテナを生成する場合、はじめに生成する
コンテナの環境変数が2つめのコンテナにリークしてしまう問題があり、
この2つめのコンテナを制御可能な攻撃者が、環境変数に格納されている
機密情報にアクセスすることの可能な脆弱性があります。(CVE-2020-14370)
解決策:
パッケージをアップデートしてください
CVE:
CVE-2020-14370
An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.
An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.
追加情報:
N/A
ダウンロード:
SRPMS
- buildah-1.16.7-4.module+el8+1206+2ac2ed39.src.rpm
MD5: 5f07015b338e484a3befc91b9baf02af
SHA-256: 50714a38c95981d364e12f8d90457f13573961f62e88907b9dfbbef899f04304
Size: 9.84 MB - cockpit-podman-27.1-3.module+el8+1206+2ac2ed39.src.rpm
MD5: fc9b8bfb6c92b62623d829d729666eeb
SHA-256: 282a340f18d4fcc2ba7b8a160cbd40518d7c20ffb8fd2723aebc88b36ba98444
Size: 1.33 MB - conmon-2.0.22-3.module+el8+1206+2ac2ed39.src.rpm
MD5: 81338ac4e446b998e75d45ff2e968a65
SHA-256: b408070f895482eab3c099c93e9d8a34a6724bb97a65adea81a98f7f4a2cfbb8
Size: 111.55 kB - containernetworking-plugins-0.9.0-1.module+el8+1206+2ac2ed39.src.rpm
MD5: 52b227ab2549586fe86819a9b1f5ec64
SHA-256: 5d70fcc51ea07e0137f8133a438710333b449fde1fb071e61bb162a8c9d6e2b0
Size: 2.46 MB - container-selinux-2.155.0-1.module+el8+1206+2ac2ed39.src.rpm
MD5: c3549411f9f5681b1790b2ddfc435e6c
SHA-256: 7aeca3a9ecc82c3d37a741b6fcf7a079cd38371873babc62b4b2183e1884106b
Size: 47.63 kB - criu-3.15-1.module+el8+1206+2ac2ed39.src.rpm
MD5: 7ca8ae114c4d08558c38145c0d894908
SHA-256: 085dca8e2b7088ba4c6e4d6a2887750968c08b3484ec4c8cc4ba3b2e465df302
Size: 1.15 MB - crun-0.16-2.module+el8+1206+2ac2ed39.src.rpm
MD5: f1def0d03eaad7fd8da3b90087117c77
SHA-256: 5709c25bcd7d203d9a52ed5b9a149b8e1409d039736a4a38db1b3ea1b936ae43
Size: 1.31 MB - fuse-overlayfs-1.3.0-2.module+el8+1206+2ac2ed39.src.rpm
MD5: b4c011bdba76d9fb564362e52a8058f5
SHA-256: acf2ffaccfece6362a9062b522b3757594207ae2f365bd2534b3329532995865
Size: 111.72 kB - libslirp-4.3.1-1.module+el8+1206+2ac2ed39.src.rpm
MD5: 333d7660bca1a00f8ddf406a8057f7fe
SHA-256: 28fdc953e072b727800412936d0aa50ab38ca7e0857a46f60aa90697deb8d826
Size: 105.83 kB - oci-seccomp-bpf-hook-1.2.0-1.module+el8+1206+2ac2ed39.src.rpm
MD5: f0feb7e339ea0e6dda08f58e078f1967
SHA-256: 5e835ba7158265add3e523feae5b7eafb1bb3077da810316cf645abe9ebe2ed6
Size: 928.39 kB - podman-2.2.1-7.module+el8+1206+2ac2ed39.src.rpm
MD5: f5e348da90620b545f2cfe6a93c60d3f
SHA-256: 0448fd6a2e2c4068de39dbe9852f8a23fbda8588af2845b82948fad06a6c3206
Size: 11.36 MB - python-podman-api-1.2.0-0.2.gitd0a45fe.module+el8+1206+2ac2ed39.src.rpm
MD5: 359e4bd185444f55193a1bf5d5992bb5
SHA-256: f9017a9ef3123fceb02f85717157bc9e3ca43d4b15f8889772fe2ef0810c87f0
Size: 39.40 kB - runc-1.0.0-70.rc92.module+el8+1206+2ac2ed39.src.rpm
MD5: 62bcea0a842ad012e077236f8f8a8087
SHA-256: 40652a311bd7891eae698096dec4b5a24b446001d7b39ce97c7dc8185d2bd40d
Size: 1.95 MB - skopeo-1.2.0-9.module+el8+1206+2ac2ed39.src.rpm
MD5: fc8e67465fb204576258e4adbbbbde59
SHA-256: dc0265b88c9836c006d9571f2f7f2e009f1eb9efeb3613f820166c6f5f357e00
Size: 4.41 MB - slirp4netns-1.1.8-1.module+el8+1206+2ac2ed39.src.rpm
MD5: 7229319cdf1957ea08c9ad69936a88ba
SHA-256: 84ada5bb62aedc948779dc5e84c62cb4dbdc615b45d704ef64929c3fd3e57c42
Size: 67.48 kB - toolbox-0.0.8-1.module+el8+1206+2ac2ed39.src.rpm
MD5: 714204547885cc644154603424d8d1a3
SHA-256: ecb15e6424a8c438f68ce5b874bb678cc5a31a72bd658bfde9c1145c047f079d
Size: 19.12 kB - udica-0.2.4-1.module+el8+1206+2ac2ed39.src.rpm
MD5: 0ab4d8a5d0ac1a1517e30327087c08c4
SHA-256: 51f0c9677633b3e4a84ce102162ec17b12c12d6caf16a888fb7345af11c09338
Size: 133.58 kB
Asianux Server 8 for x86_64
- buildah-1.16.7-4.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: 12be74d2f8c535183ca0cf0145977bcc
SHA-256: 60a32a6acf4444a91ad5176a0d42b15cc215456fbfdcaaf69016656dae666868
Size: 8.22 MB - buildah-debugsource-1.16.7-4.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: 70466f64f20c821964626f76de2020cc
SHA-256: e2ba29dc1e79502a53c776565f66669fa7b37158505c28bc5aa47682e48ef205
Size: 2.42 MB - buildah-tests-1.16.7-4.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: ddec8ccd07a408fc8511b9fd2797e1fb
SHA-256: 00a1e488b89ca55605bf9f845464b8c2b8ff18318178dfb57aa26fd0f23df34f
Size: 9.57 MB - cockpit-podman-27.1-3.module+el8+1206+2ac2ed39.noarch.rpm
MD5: 84b5a875b7f8033cd9497d31f5a4c03a
SHA-256: 95f3ae091e872dd6f38c2d893c3b408771c1bbe9e8546c28a1728066b1d1541c
Size: 1.05 MB - conmon-2.0.22-3.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: 57cb1d7aa77cd07b3ce8ba2bc5d4cff0
SHA-256: 19592b506b62dc3f93dd00e0a13a9b0a628da22db5489f3e48a77b2fdb4f305c
Size: 49.06 kB - conmon-debugsource-2.0.22-3.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: 4dd7a71b626068e2efd444dcbd5aa652
SHA-256: 4726591094255d7f1e91c8e05d1088f0c134e7a43bb5bc71e0affaf748861b62
Size: 39.71 kB - containernetworking-plugins-0.9.0-1.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: 6d23881fb4dc969ef684acb5bb2cc57b
SHA-256: 0bdd05db750d7467969b96dda95ce975c8dba58c155eb97045edbfe582a9901d
Size: 22.55 MB - containernetworking-plugins-debugsource-0.9.0-1.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: 645d57ed352eadbd0245de728cc1955a
SHA-256: 2525efc768cda00c74c2ac5e1aea0bf9b9beaf1319d23aa4832eb488e8452292
Size: 341.98 kB - container-selinux-2.155.0-1.module+el8+1206+2ac2ed39.noarch.rpm
MD5: 6463ff57703fd1852f1b652edf07ab20
SHA-256: 439553cc22c2de5fcfaf75c3ad356188367ba826e5a5fee1f03ff54365fc9f59
Size: 49.55 kB - crit-3.15-1.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: 6fd15c53a5088e568fbdae3b9405c209
SHA-256: fa6af01982fabb1ba7ebe803c8b5977e7f7fce4c20b1c305f54bf7af41b0416d
Size: 18.36 kB - criu-3.15-1.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: 8dee5bc3fcbfc0256cd09b2a7a3f2301
SHA-256: ae251c00efb963eb15fcafb6f1e008ce3a6901b62f5275a4f3d9b3cfc43fa4fb
Size: 510.06 kB - criu-debugsource-3.15-1.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: 0619c027f04d5671cdb246126da9b9fe
SHA-256: b3b399d921d0a230d60202b106c94f180616634b3553aa29dadab237bda03171
Size: 663.62 kB - python3-criu-3.15-1.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: f6223153472422de6098e0805fea2b01
SHA-256: 5662a42c472f490c0d1acb54b5eaa5c7da029433e00db739e7e3b9b48761fba0
Size: 168.63 kB - crun-0.16-2.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: 816376fac2d4060767cd75ac4d4f8980
SHA-256: 0725d4cb026a53d5e100041f4bfb9af14637d3516980cbb47d039ba360d11b90
Size: 179.51 kB - crun-debugsource-0.16-2.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: 692166a1db96e486f9306b47ab5a0d7d
SHA-256: f517d83845a69bd56a81171f8dcbdb4c58f117d8c2559c1f01a931aa623946fb
Size: 129.61 kB - fuse-overlayfs-1.3.0-2.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: 1421fa20388cd105957a5a62d0783269
SHA-256: 8427fa94a5a07020c63d896901d748499a9a89689b4b83bfe7b45aa85dca00e7
Size: 70.46 kB - fuse-overlayfs-debugsource-1.3.0-2.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: 1e172db4f68e8c50b0666c62f110a586
SHA-256: e723005bc7dabf3671ad9b91cb0ce838bb5beee5549cc049e4f241a5d9bdb81a
Size: 52.17 kB - libslirp-4.3.1-1.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: 60136ec7861d1d41d6fec9a774eed790
SHA-256: 6660518a146e7e44f0ffe513f3be4161f8d842baa24e8381e36bd6a280358196
Size: 67.81 kB - libslirp-debugsource-4.3.1-1.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: 72d5518110584705821359ae4ca66096
SHA-256: 52304b0c3a9397f0673edac58ef9ab4633132c1a5b88adfaee09eeac7c3a75a4
Size: 112.96 kB - libslirp-devel-4.3.1-1.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: 34ca6a76154fc4b19c281d9f8d8e3860
SHA-256: 0aeff1e21dfd97e2e02e0c041a8e24fba5c4c57b91d1c43b86ddda49f9e32cb4
Size: 11.16 kB - oci-seccomp-bpf-hook-1.2.0-1.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: 56e3b2c08867ceb244990389d1ced8c0
SHA-256: a1f079e775264be6fae8f57b8d906c93c8748bdc69dc6205e44b768cc38d3e1c
Size: 1.19 MB - oci-seccomp-bpf-hook-debugsource-1.2.0-1.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: 98fec07c65e96c0322bf6739533efbbd
SHA-256: fb7543eaf257c11271a68a782ce771644025bab2bf55240724be3c992138a93d
Size: 142.98 kB - podman-2.2.1-7.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: 15930e024ca7662d85f63f89c5db9a9d
SHA-256: a9f23fd6ac5bf058091f48d2967bbd937be9d9016b86c6f8408614b41a352686
Size: 13.62 MB - podman-catatonit-2.2.1-7.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: 5bf1cd2906d477a37e69e876a7877ab6
SHA-256: b29989f1754f1b91a91067131fd45ba228a6fa2de9427672becdcbf94f4614a0
Size: 309.18 kB - podman-debugsource-2.2.1-7.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: 77c272243ff1f1058e98980ee82431ee
SHA-256: 1ea65cf4f91f825e6c61691be986bf3a8ca39c09b5f80452763e9922e9d79440
Size: 4.34 MB - podman-docker-2.2.1-7.module+el8+1206+2ac2ed39.noarch.rpm
MD5: 8aa48607db2680ead229403f70c091c1
SHA-256: 8b2ea211634ed16ee947f1b9937c6ee1cbb546213819e173e228cc0d5240d5fe
Size: 45.67 kB - podman-plugins-2.2.1-7.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: fd6658e633ecfd381ae64aac3bc49963
SHA-256: 7de705df1dba1f63d217593fed7b739db3b47d106fa756ad8bf3d3205f50581c
Size: 1.35 MB - podman-remote-2.2.1-7.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: c8460fd00d1a615da46f959570c00d2a
SHA-256: 51c94610614b9d9ddffefd479c0174ac7ab206b5da1fb84b312f1e86f66f5ece
Size: 10.09 MB - podman-tests-2.2.1-7.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: 7b8bc68fb5905b98172dbca435b13df1
SHA-256: 10d037b792b3583ff99d1dc9f7cebe3686bf2c08841f4e932fd92707f055c88c
Size: 86.61 kB - python-podman-api-1.2.0-0.2.gitd0a45fe.module+el8+1206+2ac2ed39.noarch.rpm
MD5: ad221574babc32a4d51c15d47ce32b7f
SHA-256: 179ffb29511bfab9dfdc247b9a5968e402289b8a279392c183a5241bb0c75588
Size: 42.00 kB - runc-1.0.0-70.rc92.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: f14739f28af2fd447617226bc1da829e
SHA-256: 776d71328f4dd37cbefaf296ab74ed2c5d9284c8426c88213884097bf150816a
Size: 3.68 MB - runc-debugsource-1.0.0-70.rc92.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: ac721539346b8fd5667a86743e4356c2
SHA-256: 5370900bddebc7f5926d0a661536afadb810cbaca1608dc5fc5c93f342c01560
Size: 772.28 kB - containers-common-1.2.0-9.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: 99252969b59eac42c46426128329cfdc
SHA-256: 19f2fadd9246196f6aba7b0e824bfd03fa9f27272e62a131782ea9fabc7e1738
Size: 67.72 kB - skopeo-1.2.0-9.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: aca7a0914dc8f2aa49309f947c434f7c
SHA-256: 9ad418cc8692ff2a3b932f706a202ca62698e3576812d25b36ed8884cca00b63
Size: 7.06 MB - skopeo-debugsource-1.2.0-9.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: 3259439aa5e53285847ed01b64461793
SHA-256: 8167427257f4168adfdb7cd2e1e5e1e70a8d07a7cd5d079fa9ae743ca2c0b4e9
Size: 1.95 MB - skopeo-tests-1.2.0-9.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: bb25f5840d9ef3e86e170b24794b3d0b
SHA-256: 50486e9b9f6bb7b9a106b897d56ac0e4f75476bcf5ad23027ea8849e8548e096
Size: 35.11 kB - slirp4netns-1.1.8-1.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: fd81958823dac25f5e2b03ee597eecc8
SHA-256: 3ddf5791770d5a375919d421c72ec8b9ba10b14e5e7f5a7cb064a64984bfebd8
Size: 50.03 kB - slirp4netns-debugsource-1.1.8-1.module+el8+1206+2ac2ed39.x86_64.rpm
MD5: 81c10a9514bc36cb611ba93938b380a3
SHA-256: 830e0d1eb1bb3952fba2f55899de71fb9c6e2fc3e5cff1253d38bfa7c7b2d95b
Size: 38.61 kB - toolbox-0.0.8-1.module+el8+1206+2ac2ed39.noarch.rpm
MD5: 12a9c392ad9eeafa45e072606137a383
SHA-256: 6efbbb01ee017d86dbb10bdab432817db8425cc8de728577bd7cfc6955562b97
Size: 14.60 kB - udica-0.2.4-1.module+el8+1206+2ac2ed39.noarch.rpm
MD5: 92082a219ea117f17370f4f1f6bbbbc3
SHA-256: 65159af9fdc578710b8a773df3b8ea3d3213d06db0e9ec63931529af339bf225
Size: 49.39 kB