container-tools:2.0 security update

エラータID: AXSA:2021-1557:01

リリース日: 
2021/03/06 Saturday - 04:28
題名: 
container-tools:2.0 security update
影響のあるチャネル: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

以下項目について対処しました。

[Security Fix]
- container-toolsには、特権付きコンテナの中で非rootユーザー向けの
ファイルのパーミッションが正しくチェックされないため、少ない特権を持つ
ユーザーがコンテナの中の他のファイルへのアクセスのために悪用することが
可能な脆弱性があります。(CVE-2021-20188)

解決策: 

パッケージをアップデートしてください。

CVE: 
CVE-2021-20188
A flaw was found in podman before 1.7.0. File permissions for non-root users running in a privileged container are not correctly checked. This flaw can be abused by a low-privileged user inside the container to access any other file in the container, even if owned by the root user inside the container. It does not allow to directly escape the container, though being a privileged container means that a lot of security features are disabled when running the container. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. buildah-1.11.6-8.module+el8+1219+5d34baa8.src.rpm
    MD5: afc9a68898f1928df3b873591c47746b
    SHA-256: c4d64296cad16471351b0ec9440928821097d3be8c1b714f435ad57794e5cfa1
    Size: 9.85 MB
  2. cockpit-podman-11-1.module+el8+1219+5d34baa8.src.rpm
    MD5: d2242e55a66a08c5b10a45cecec0f6ce
    SHA-256: 56a05de11f0f1eb602008f4eabacdab40b0e17d5f807d1e197464ae749bb39cb
    Size: 1.36 MB
  3. conmon-2.0.15-1.module+el8+1219+5d34baa8.src.rpm
    MD5: 31ccb4c1b910cd37b322154a0a7c4804
    SHA-256: 4b25cfcc98b369808b72f99981b0111dd9a4e42891c9ee231766e40d8a39ce42
    Size: 68.78 kB
  4. containernetworking-plugins-0.8.3-4.module+el8+1219+5d34baa8.src.rpm
    MD5: 32f97084a7329dc2bbb7a4f73d2e38d6
    SHA-256: 27bb4e2abd9c741aede6a59bd48c4df6e9c24a72b92bed596b7d7a3a347b3a2f
    Size: 1.86 MB
  5. container-selinux-2.130.0-1.module+el8+1219+5d34baa8.src.rpm
    MD5: 54c6efb291c7e2f46b09782785ae6d5d
    SHA-256: 85cb0a9f5643c5489bb8df62314f198df6d7c3cddd967ec2314328313ca3b462
    Size: 44.06 kB
  6. criu-3.12-9.module+el8+1219+5d34baa8.src.rpm
    MD5: 626c7376ae099674bd7921f319fae051
    SHA-256: 7bf46da6d9af17dc47bbb274465622910ece7765e5644d82b4525595ffb0f647
    Size: 831.10 kB
  7. fuse-overlayfs-0.7.8-1.module+el8+1219+5d34baa8.src.rpm
    MD5: 6a92b1cda6590e33a019be059c9f179b
    SHA-256: e979acf03f196230aebb40af942eeb0f52c71592f932b14aa366abf82539da2e
    Size: 103.67 kB
  8. podman-1.6.4-26.module+el8+1219+5d34baa8.src.rpm
    MD5: 136b8620b106d6b0550bd95385835708
    SHA-256: 3a6849ba72f7ffbc83fc0aacab1d9f5e14dab4ec16db3a7c3c265513f764bbc4
    Size: 7.67 MB
  9. python-podman-api-1.2.0-0.2.gitd0a45fe.module+el8+1219+5d34baa8.src.rpm
    MD5: a6ab47dc18373a5a98f7b9e1d4b868c0
    SHA-256: 4d7b410aece162f6e2feee757fbb8bcc54135bf175c0464debe861ef22c5ae89
    Size: 39.40 kB
  10. runc-1.0.0-64.rc10.module+el8+1219+5d34baa8.src.rpm
    MD5: 6a8a4f4c946a083e03b2ea68bf4acad9
    SHA-256: a350e3801cdc9197085ac0857bfd709940a3c81ac7fb5a0d391d35a86ed3cb85
    Size: 1.80 MB
  11. skopeo-0.1.41-4.module+el8+1219+5d34baa8.src.rpm
    MD5: 268d4d59421459f6e72e3a7c486c55d7
    SHA-256: b1b96abf6a4d7a7e1c790ec2496913c170653916b5dc7e524a0532159d690751
    Size: 4.42 MB
  12. slirp4netns-0.4.2-3.git21fdece.module+el8+1219+5d34baa8.src.rpm
    MD5: 46433f22d476d59ea97fc46583ec8085
    SHA-256: 22514350aaf71d34ec4ee84bb044e7d7c99b4a3add5e1eede9b4adda13458e4d
    Size: 178.57 kB
  13. toolbox-0.0.7-1.module+el8+1219+5d34baa8.src.rpm
    MD5: f97026b83366d6df73f3f3f0abc08ea2
    SHA-256: 85d59a9d4958465baa68ee533a3e7cf5925e55c0448287525b43553b3487c206
    Size: 18.80 kB
  14. udica-0.2.1-2.module+el8+1219+5d34baa8.src.rpm
    MD5: a504272740faac7db9797fc01c782338
    SHA-256: 73dd3e3a9f30989829409f4f1a900abc0977352be476f729c5bd890057392037
    Size: 128.16 kB

Asianux Server 8 for x86_64
  1. buildah-1.11.6-8.module+el8+1219+5d34baa8.x86_64.rpm
    MD5: c60c9a69448ab1f864aee190099766a2
    SHA-256: 5db0f616a47f24f5651a07f625ec6e2f04330b1d7a1408c8a2cfff4613d46d71
    Size: 8.40 MB
  2. buildah-debugsource-1.11.6-8.module+el8+1219+5d34baa8.x86_64.rpm
    MD5: 04ebe0bd00ea893268ffdb8388f6f467
    SHA-256: ab2ee70b53c35842e52d57e7473405cdff0ca559ff8f60701545729ce9d69cdd
    Size: 2.38 MB
  3. buildah-tests-1.11.6-8.module+el8+1219+5d34baa8.x86_64.rpm
    MD5: b1d9af829937c13fdc2b034fb79ef184
    SHA-256: 79ae8e5030ba9b40b1b5a46f10e859e343f3a6ef6fa8a28e0d95b841bbe40bb2
    Size: 9.85 MB
  4. cockpit-podman-11-1.module+el8+1219+5d34baa8.noarch.rpm
    MD5: 77126e9b0d6bedd6369f3bdf07b9473c
    SHA-256: 4c5471b312152289b956441fdda13e03a037db267ad6287085247d3c6773d0c6
    Size: 1.02 MB
  5. conmon-2.0.15-1.module+el8+1219+5d34baa8.x86_64.rpm
    MD5: d640286909a47e2055a6b3ebe29f8e4b
    SHA-256: 26b4656ef2139334e7b13afbddb36b5d0b3f100f06f742dbe1e4a5593fe1f289
    Size: 37.33 kB
  6. containernetworking-plugins-0.8.3-4.module+el8+1219+5d34baa8.x86_64.rpm
    MD5: fb0d309b2aa58ee768dac568aea361af
    SHA-256: d00655cd009ee55006a09cf2fc6c7bcb104f96ccc3711c8e4e1c9b121d2ec8b8
    Size: 20.31 MB
  7. containernetworking-plugins-debugsource-0.8.3-4.module+el8+1219+5d34baa8.x86_64.rpm
    MD5: c8ae12b9312d15559e189fe0fbdf8183
    SHA-256: 6c564c19c8c28dd0f9336096379b4ecfea861524e75fe473746e8289b1a893be
    Size: 301.26 kB
  8. container-selinux-2.130.0-1.module+el8+1219+5d34baa8.noarch.rpm
    MD5: a6dd1c92bb0a7c57456a42ff6e5df083
    SHA-256: 999b9a6d1a958b3281128f507d4a66cbaff664ee6c534912f2bc331e173b91cc
    Size: 46.00 kB
  9. crit-3.12-9.module+el8+1219+5d34baa8.x86_64.rpm
    MD5: f3ccf9f06a84d4d493d3a2cbf0384353
    SHA-256: 4544beb56370b841d2038d917a4632153e0b033f64710b29cd777e460bde383b
    Size: 18.00 kB
  10. criu-3.12-9.module+el8+1219+5d34baa8.x86_64.rpm
    MD5: 5c2ba7d525fc4051490de58ca2d80054
    SHA-256: d3d8317fcd1cc5166eb0cd62577741e4fe4e7d52d95db6a83dc5517b1ae84353
    Size: 480.95 kB
  11. criu-debugsource-3.12-9.module+el8+1219+5d34baa8.x86_64.rpm
    MD5: 5c3bb0e4d5b378a802a4d397e740f5c5
    SHA-256: ba09548a78e40b48c9c2caa04f6bd05186f75290c88ba850936cdb562a2c54d1
    Size: 622.90 kB
  12. python3-criu-3.12-9.module+el8+1219+5d34baa8.x86_64.rpm
    MD5: 0c75bebec65e160e2c9a4af48f5249ab
    SHA-256: 352006e6e81c5a61da15ef12d61c2074c13462e8591fe44c1ce4ecce17cc2ef0
    Size: 155.80 kB
  13. fuse-overlayfs-0.7.8-1.module+el8+1219+5d34baa8.x86_64.rpm
    MD5: b88853d7a89104c0cb3517cc151bfb7d
    SHA-256: 0131e44b3022efbc630cd8f7d0ab48ae6724b6af1ebff96b3ef3208d134124e9
    Size: 58.80 kB
  14. fuse-overlayfs-debugsource-0.7.8-1.module+el8+1219+5d34baa8.x86_64.rpm
    MD5: 6809b7332be5658121818c4dbacd274f
    SHA-256: 9c33f3a46be850d45c63201da92a22183c83c2a18f746c1cc050bc9ffa22e822
    Size: 47.81 kB
  15. podman-1.6.4-26.module+el8+1219+5d34baa8.x86_64.rpm
    MD5: af122c8e5d5275aceb3b985bfa066d26
    SHA-256: c8e1bf6103010ccc1db1e14c76b1f723ea6c8861e4c621bc6c8fb4031c05201b
    Size: 11.78 MB
  16. podman-debugsource-1.6.4-26.module+el8+1219+5d34baa8.x86_64.rpm
    MD5: dee7eb26928826edfa7617d1a6000618
    SHA-256: 9084c7dff998444ff0007473e1abfc8e44f312b849d7a0301bc7d491f53f03fd
    Size: 3.31 MB
  17. podman-docker-1.6.4-26.module+el8+1219+5d34baa8.noarch.rpm
    MD5: 0f4ea4db851e5aab83bfc1ec671e00f9
    SHA-256: 23a62c1b0d8a1211a70b930f37d9ecca889e3eb6fd3bdb31054bc21473cd79a7
    Size: 36.52 kB
  18. podman-remote-1.6.4-26.module+el8+1219+5d34baa8.x86_64.rpm
    MD5: 5a8623d08435469325756126413e6aa5
    SHA-256: 2f4abb95117048dacaf27e1a85889cd4a46f114b25ce01fba25357512108a95c
    Size: 10.89 MB
  19. podman-tests-1.6.4-26.module+el8+1219+5d34baa8.x86_64.rpm
    MD5: a246d0c2f4d888c7fca687a64c9e79bc
    SHA-256: 678f46f7adbbb75066892369d634cf557174a6ea131c6897f4b9574dd4f0a7c7
    Size: 47.63 kB
  20. python-podman-api-1.2.0-0.2.gitd0a45fe.module+el8+1219+5d34baa8.noarch.rpm
    MD5: 30ea45a45c5dbd0067c946d5164958ec
    SHA-256: 2e9f37c5bf75de3b91c2543faf449c3052d54576bf1840efd4c7c0e77596dde1
    Size: 42.00 kB
  21. runc-1.0.0-64.rc10.module+el8+1219+5d34baa8.x86_64.rpm
    MD5: 5770586faffb49ebcce48ecb472d276c
    SHA-256: 5d886d1422acd24e4b93a1e64c049e061f9fbf599d13c8d978218d46f46d62e2
    Size: 2.66 MB
  22. runc-debugsource-1.0.0-64.rc10.module+el8+1219+5d34baa8.x86_64.rpm
    MD5: 2586c225189846181307e30deb284537
    SHA-256: 4b0d131aeb4e9d1b0b5cfc0677a0bb53216552e6e3f9f9e04357089185d0c6aa
    Size: 479.35 kB
  23. containers-common-0.1.41-4.module+el8+1219+5d34baa8.x86_64.rpm
    MD5: 07c08bd259d5b4d889e43973014d603c
    SHA-256: 68c1c57be6cd8710bb860bd4fecfd7d1396a28e661b7cd1dcf720f1b203afaf8
    Size: 49.30 kB
  24. skopeo-0.1.41-4.module+el8+1219+5d34baa8.x86_64.rpm
    MD5: 93dcf8c1ec6c789150b959f5f7e40980
    SHA-256: 876ce06a129a037d0958321ef79fd8bd477f253c3fb2cb9504d2413ce55ae524
    Size: 6.47 MB
  25. skopeo-debugsource-0.1.41-4.module+el8+1219+5d34baa8.x86_64.rpm
    MD5: d3e9df3a9b2897b6a615b69926adcd19
    SHA-256: 96a079d710bc35a4c23fc56efd0055226ae3688b17df92c222be455a82ccf329
    Size: 1.75 MB
  26. skopeo-tests-0.1.41-4.module+el8+1219+5d34baa8.x86_64.rpm
    MD5: b3113622aef5dd70db5e0c66f8c641cf
    SHA-256: 3278938bc69bfd01536f1898e59dd3da87f742739bd56cc209094c01ba0030e5
    Size: 32.18 kB
  27. slirp4netns-0.4.2-3.git21fdece.module+el8+1219+5d34baa8.x86_64.rpm
    MD5: a3479286a159e9d04720100414abbffd
    SHA-256: a788f5b968fab95b8cdbfe5956599ba7edd425ea6c35b586e6eb329bec844526
    Size: 87.06 kB
  28. slirp4netns-debugsource-0.4.2-3.git21fdece.module+el8+1219+5d34baa8.x86_64.rpm
    MD5: a4c022742cfa7c01ff2e7c3db740f78d
    SHA-256: b7c7cd661e17bef04934bcf1006b143feb6143388a291a19530956834af04f8a
    Size: 128.32 kB
  29. toolbox-0.0.7-1.module+el8+1219+5d34baa8.noarch.rpm
    MD5: 842a55fb7ba6ef4b7cbfa03302fad23e
    SHA-256: 4dcdb6149891f527891d3ef71e00714a46495e335fe297814725e82cc518722e
    Size: 14.37 kB
  30. udica-0.2.1-2.module+el8+1219+5d34baa8.noarch.rpm
    MD5: 7c29d6296338716862aaad2d74ebfbf7
    SHA-256: c7f6fc58f478de242b9de35509fa2a8ba6283375bc98e801de9adc9074586365
    Size: 47.10 kB