container-tools:rhel8 security, bug fix, and enhancement update

エラータID: AXSA:2021-2220:01

リリース日: 
2021/07/17 Saturday - 23:42
題名: 
container-tools:rhel8 security, bug fix, and enhancement update
影響のあるチャネル: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

以下項目について対処しました。

[Security Fix]
- Go には nil ポインタデリファレンスの問題があり、リモートの攻撃者が SSH サーバーに
対してサービス拒否を引き起こす脆弱性があります。(CVE-2020-29652)

- Podman で実行されるルートレスコンテナーは、ソース IP アドレスが 127.0.0.1 である
トラフィックを、リモートホストからのも含め、すべて受信する問題があり、デフォルト
で localhost (127.0.0.1) からの通信を信頼し認証を要求しないコンテナー化されたアプリ
ケーションに影響する脆弱性があります。(CVE-2021-20199)

Modularity name: container-tools
Stream name: rhel8

解決策: 

パッケージをアップデートしてください。

CVE: 
CVE-2020-29652
A nil pointer dereference in the golang.org/x/crypto/ssh component through v0.0.0-20201203163018-be400aefbc4c for Go allows remote attackers to cause a denial of service against SSH servers.
CVE-2021-20199
Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 (including from remote hosts). This impacts containerized applications that trust localhost (127.0.01) connections by default and do not require authentication. This issue affects Podman 1.8.0 onwards.
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. buildah-1.19.7-1.module+el8+1261+01be30aa.src.rpm
    MD5: 6e5e259c4c7bcc3b23335194ee521ed3
    SHA-256: 4fb8f396099ae7b8de84cb8e03b8aac46643f19c8e4c02be4cb51c02169314bb
    Size: 10.10 MB
  2. cockpit-podman-29-2.module+el8+1261+01be30aa.src.rpm
    MD5: c50e6879ce06255cdb01790c88bfa3b6
    SHA-256: 3630ad2b0e2cc6493a9fc880e430cc58f38aafec1165d64c896fa646fbc6e652
    Size: 1.34 MB
  3. conmon-2.0.26-1.module+el8+1261+01be30aa.src.rpm
    MD5: 9e4880f029e5891f65e7dc7556c323bb
    SHA-256: 30eec52edf695b93bd9f7d908a47a6af04e600c39991a0dd6ae4fd8ffcadb8d6
    Size: 113.25 kB
  4. containernetworking-plugins-0.9.1-1.module+el8+1261+01be30aa.src.rpm
    MD5: f168943c27439f2b0fce8281bb9230cd
    SHA-256: f8e8e215a5eb42ba3ce783351a75ad7c67c26e4cebd619cd5addf8947b3bf443
    Size: 2.44 MB
  5. container-selinux-2.158.0-1.module+el8+1261+01be30aa.src.rpm
    MD5: 7b192ce255e71deffd3921f920c450fe
    SHA-256: ac7a331ec2b8c37f00fd4c60a1f955696d991d404ef3df06d78a2caf2bf6aa68
    Size: 48.01 kB
  6. criu-3.15-1.module+el8+1261+01be30aa.src.rpm
    MD5: 79b53fa4b5399836ff3fb3c62b05912d
    SHA-256: 02c30d6ac3d1c2722339da896c1cf97e5c54b437d481a772803cf0476073e989
    Size: 1.15 MB
  7. crun-0.18-1.module+el8+1261+01be30aa.src.rpm
    MD5: 09766b4caecafbbf472bdccbe9364901
    SHA-256: d0c67d2e542222af914add8a62b50426ecf4ae9f50d243c95116a520d7e1b741
    Size: 1.34 MB
  8. fuse-overlayfs-1.4.0-2.module+el8+1261+01be30aa.src.rpm
    MD5: 001f7b5dc5fe7aa36d10af1f431b2a92
    SHA-256: 798ad426cddcb41ce607d96a6d34968445407ce1e90090fa18201851efd09ced
    Size: 112.61 kB
  9. libslirp-4.3.1-1.module+el8+1261+01be30aa.src.rpm
    MD5: 3fd4f0473fdfe15b066c0f6c5ee25c29
    SHA-256: b76242d700a77f24715ac83a82a3a653705e7ae0d601aea751004ee8b1a283d0
    Size: 105.84 kB
  10. oci-seccomp-bpf-hook-1.2.0-2.module+el8+1261+01be30aa.src.rpm
    MD5: 29530195ac8723e60d6c94095f9f60a0
    SHA-256: 363233271535c06b1f22f1161bb71b8ed450e4503afa5120077e1882e6e71782
    Size: 929.38 kB
  11. podman-3.0.1-6.module+el8+1261+01be30aa.src.rpm
    MD5: dc69c57da2eaac3d4dd24c88388b0f24
    SHA-256: 84a1a70e4eb882454a1bc628b9598da5f1b68c9a671a6a2fa4789e0c91dbcb52
    Size: 11.95 MB
  12. runc-1.0.0-70.rc92.module+el8+1261+01be30aa.src.rpm
    MD5: c3911cd6543ba9729bc19dd596153c90
    SHA-256: ba89c42c7ee2faae705a1c5c50f88aef6233257aed255c05f2de49fa1135f4e6
    Size: 1.95 MB
  13. skopeo-1.2.2-8.module+el8+1261+01be30aa.src.rpm
    MD5: 60e005417a16bd4c697544ec59527e3c
    SHA-256: 023a5841f12ac87fc24b459554ee40fd21f55b1dcca999f1eed2b3386d7c5851
    Size: 4.58 MB
  14. slirp4netns-1.1.8-1.module+el8+1261+01be30aa.src.rpm
    MD5: 4a5bac839543359f405a28ef43b260a1
    SHA-256: 74486d19ac33817725bb049d10d30538f2e42912dc50348684e441c5d5179ce9
    Size: 67.48 kB
  15. toolbox-0.0.8-1.module+el8+1261+01be30aa.src.rpm
    MD5: 9ff0302adc63961e172c2e7d1440e1e1
    SHA-256: 178ab3d08acfa0920c9197f4d763a5d424bfa203e3614dfa660ef07ce1c18034
    Size: 19.12 kB
  16. udica-0.2.4-1.module+el8+1261+01be30aa.src.rpm
    MD5: 5c7b9da770f9540f0901f2313c98c03f
    SHA-256: 428addc5075671ce2d5687e8d5eaa8178bf8d525b256be24b426f2163095b236
    Size: 133.56 kB

Asianux Server 8 for x86_64
  1. buildah-1.19.7-1.module+el8+1261+01be30aa.x86_64.rpm
    MD5: 2524bfb68db22223e42954f2c2eae736
    SHA-256: f749a612ced10035d86c057047aa720e494fe4c5bf373ac181809dd7ba18c222
    Size: 7.42 MB
  2. buildah-debugsource-1.19.7-1.module+el8+1261+01be30aa.x86_64.rpm
    MD5: a40f168e938a7937ac3a797ef2f396a4
    SHA-256: 80c520a74f9929b4c455df946088dfdaa44762df484e091e8c5cc839ac550e35
    Size: 2.52 MB
  3. buildah-tests-1.19.7-1.module+el8+1261+01be30aa.x86_64.rpm
    MD5: 2ec772404046697a3ddcaf5e42db8926
    SHA-256: da2b19bce78de30d6ad7902e12d9c9f59b05bac42e746931b7f102a9badb02b5
    Size: 8.79 MB
  4. cockpit-podman-29-2.module+el8+1261+01be30aa.noarch.rpm
    MD5: 241e9c43e323d7d4de93082e1f3ceac3
    SHA-256: df1fa2142aa24a14515dc97ae85d9066291e13245854302db93ea7754c125ad8
    Size: 1.07 MB
  5. conmon-2.0.26-1.module+el8+1261+01be30aa.x86_64.rpm
    MD5: 200248ad65f7f464869397aaa9affb63
    SHA-256: b4d13f6b223c7c78d2afdf7019e4b1452f142c117980c7e0dc57ab9c16c56b52
    Size: 49.76 kB
  6. conmon-debugsource-2.0.26-1.module+el8+1261+01be30aa.x86_64.rpm
    MD5: 729b190ea89f026e1c3cc7cd75d0aa69
    SHA-256: 00a182d0de42abf2fa0571cf37e176e8c9d5a6b098e779c8823a0a00ce292670
    Size: 41.43 kB
  7. containernetworking-plugins-0.9.1-1.module+el8+1261+01be30aa.x86_64.rpm
    MD5: 067157f9aa346701baf6b6616fc6eef6
    SHA-256: c1a407060a2ddf2e41193f16c4c8477513c3fe69c4980b8bd9fe91cc6b349f69
    Size: 20.23 MB
  8. containernetworking-plugins-debugsource-0.9.1-1.module+el8+1261+01be30aa.x86_64.rpm
    MD5: bcc3faf247ae2779ec9cb41150b35d0f
    SHA-256: e8149e37adef0f74f0015aaa8754165c70ee2c2ed94fa32ccb0732874f30d81b
    Size: 343.04 kB
  9. container-selinux-2.158.0-1.module+el8+1261+01be30aa.noarch.rpm
    MD5: bb60690cf31888ca511841715c4717c5
    SHA-256: 348d2b56cff539370ac1595ff60884feb590ce644f1fd2886b0f10da817bc291
    Size: 49.90 kB
  10. crit-3.15-1.module+el8+1261+01be30aa.x86_64.rpm
    MD5: 38b2870e8139499489b88a81434be5d3
    SHA-256: 45052ae44f891a824860ec807e079fb85d30b525e04793f6ace70f88009919f3
    Size: 18.36 kB
  11. criu-3.15-1.module+el8+1261+01be30aa.x86_64.rpm
    MD5: 0fffe46fd3f44bc6a755ab408afb07c9
    SHA-256: 97fd4aaf02293f4918ae590afed1c1c5758ceca43cde06c120cc049827ce3e10
    Size: 510.08 kB
  12. criu-debugsource-3.15-1.module+el8+1261+01be30aa.x86_64.rpm
    MD5: 87dd32e16e0e2d1f0aa9ce79b736c5cb
    SHA-256: 6a413dfcd30ec0e88fa8a8997639a26e2f80fc2f7ad06632a173235b2ed98c82
    Size: 663.65 kB
  13. python3-criu-3.15-1.module+el8+1261+01be30aa.x86_64.rpm
    MD5: 4146ebf676f877d6eaa5a3b4d30ff6c3
    SHA-256: 955af12a0d155851b77179eb087af170b0c84b41656948bfaf8d78d7a50e8481
    Size: 168.55 kB
  14. crun-0.18-1.module+el8+1261+01be30aa.x86_64.rpm
    MD5: 7af97ee7908f0676d9292b8bf1031128
    SHA-256: 517a732d3903bd2f85f3f5cf90f611379bf6c3f4ef3e0a6c4c81ad50b2e2f8ec
    Size: 183.74 kB
  15. crun-debugsource-0.18-1.module+el8+1261+01be30aa.x86_64.rpm
    MD5: 3f0ad7a56f0b2698de772b9ba39bb4a4
    SHA-256: 100742829d586401e6b5f824b3b1a166b157fba0e1bdb8aa0a781a3f380a2840
    Size: 134.32 kB
  16. fuse-overlayfs-1.4.0-2.module+el8+1261+01be30aa.x86_64.rpm
    MD5: 1b2d3392a4c0b440e542585fcce9ee2b
    SHA-256: af09b8e2d73eae7263863c4d03ff8a074b59df8bc26197c5a3b23608c085a400
    Size: 70.73 kB
  17. fuse-overlayfs-debugsource-1.4.0-2.module+el8+1261+01be30aa.x86_64.rpm
    MD5: e7e5c991a95e6a085b41f6811a81419d
    SHA-256: b446393562bd094e1160c9bc40b8729aadabb9afe4cfdbe9592f28e7b50af8c8
    Size: 52.35 kB
  18. libslirp-4.3.1-1.module+el8+1261+01be30aa.x86_64.rpm
    MD5: d75f9c7b9a0e46f1ce9299a8644cdda6
    SHA-256: 5e6d5cfa79ad2e11100d9356f1a888b6a171f0f9f1185047b8f33065d71257f0
    Size: 67.85 kB
  19. libslirp-debugsource-4.3.1-1.module+el8+1261+01be30aa.x86_64.rpm
    MD5: e04db18cf727be22f9dba847a71373e4
    SHA-256: 74c7776d187d47814810f6f35dff4b825ebe85efe02cbef7b9665dd40689632e
    Size: 112.95 kB
  20. libslirp-devel-4.3.1-1.module+el8+1261+01be30aa.x86_64.rpm
    MD5: 8489944f51c21b95e482019a7e758daf
    SHA-256: 281427d98e943e170c3b12e76085cf2e4e476bc07e3b2d067eb67c7a9e827a0c
    Size: 11.16 kB
  21. oci-seccomp-bpf-hook-1.2.0-2.module+el8+1261+01be30aa.x86_64.rpm
    MD5: 3a7d2c8407b264932bbbb3cba0044e6c
    SHA-256: 4305a0aa5074e0984d3914b7150fbd8b6e9060081895f75739096c10ff60d0fb
    Size: 1.11 MB
  22. oci-seccomp-bpf-hook-debugsource-1.2.0-2.module+el8+1261+01be30aa.x86_64.rpm
    MD5: 3bcb548e47a674207e1a94223e280063
    SHA-256: ed76ef58f431a3a023133e6681a5eb7797879997b306da00b1766591fcd1a3bc
    Size: 143.57 kB
  23. podman-3.0.1-6.module+el8+1261+01be30aa.x86_64.rpm
    MD5: 929e19f9e9fc6fbb481c259ad5280bb7
    SHA-256: f7333ad5aec21968f3da7d213d8411abd25dc30e8715ae239a53ca7c19c6451f
    Size: 11.85 MB
  24. podman-catatonit-3.0.1-6.module+el8+1261+01be30aa.x86_64.rpm
    MD5: 104cc338590b2281e70e9aedc6e37a82
    SHA-256: 16521071be91e368046339f602d049afc8fff46868bc161a56afc1c00cfff971
    Size: 319.21 kB
  25. podman-debugsource-3.0.1-6.module+el8+1261+01be30aa.x86_64.rpm
    MD5: c1c1b3c14e6d096ad73ee1419ce4a018
    SHA-256: 2637e528c5a25b037d0a59e860bc99ccc93fa227af14c0afa3506459d9dae1d1
    Size: 4.34 MB
  26. podman-docker-3.0.1-6.module+el8+1261+01be30aa.noarch.rpm
    MD5: 8fcc30c0346d9f0de93cd6f2f3820d35
    SHA-256: e23e2183f2fb0ad132763bdf1025ad5ba19c2a63542fe3f6b258c30e5a5aebdb
    Size: 54.72 kB
  27. podman-plugins-3.0.1-6.module+el8+1261+01be30aa.x86_64.rpm
    MD5: 1be0cc9e5891c4df84da2a1459336d57
    SHA-256: 5c68a962d0462156f4b1d1f020b8e5d40e02f9009a28015fd5d4abb6491bd805
    Size: 1.25 MB
  28. podman-remote-3.0.1-6.module+el8+1261+01be30aa.x86_64.rpm
    MD5: 3c7640b7cd203bbad7fbf4ce6d3688fd
    SHA-256: 67aa278d9cf82f66942aed8d8dbe46b08a3047dea57065b78f11c2e040fcecb3
    Size: 9.13 MB
  29. podman-tests-3.0.1-6.module+el8+1261+01be30aa.x86_64.rpm
    MD5: 96c5fc390d60e64663ef8369cfe9163c
    SHA-256: e3424862636c15a970d88ca43390c9b84194c9d38abed82a07fb4431ec60adef
    Size: 103.68 kB
  30. runc-1.0.0-70.rc92.module+el8+1261+01be30aa.x86_64.rpm
    MD5: c79c0b95652b7d1070b6e08cb568b9a6
    SHA-256: c8308a308ae944287e159e828f9ae2950bc6a90bfe4269327c9e30736a547f3a
    Size: 3.06 MB
  31. runc-debugsource-1.0.0-70.rc92.module+el8+1261+01be30aa.x86_64.rpm
    MD5: 3e67dc1aab8ad8cff6cfa584a1a110e3
    SHA-256: fb7ec1aa34d6ec23c03a9b2c47225d5e04ee1720a1831d1332e410e31f4b7a0f
    Size: 772.29 kB
  32. containers-common-1.2.2-8.module+el8+1261+01be30aa.x86_64.rpm
    MD5: 58b8329a6cdd9a685db00685ea9df1a8
    SHA-256: a56802700242b9fffe5dbdb3ded1b90a30f805ff9253055e5181e51376fd1097
    Size: 96.61 kB
  33. skopeo-1.2.2-8.module+el8+1261+01be30aa.x86_64.rpm
    MD5: 0def2cb68b3d7389d2ce46af977e0703
    SHA-256: 7028b52c100201fa80f79c4eaf6d2d619daf3bea588c07b45b36192936cf513c
    Size: 6.31 MB
  34. skopeo-debugsource-1.2.2-8.module+el8+1261+01be30aa.x86_64.rpm
    MD5: 35a4072308a723494c42ddcf5063bc26
    SHA-256: 2d8b26009096708a690c93648d57496ae9f8263949ceaf23109d5217a27c402a
    Size: 2.01 MB
  35. skopeo-tests-1.2.2-8.module+el8+1261+01be30aa.x86_64.rpm
    MD5: 3babe60c75a2e3128921d6ea7ac7ef7d
    SHA-256: cd6567705eb37855c847e04b1b0dd59fc9104b9d1e41f82fc0c0cdeb6950ec48
    Size: 39.05 kB
  36. slirp4netns-1.1.8-1.module+el8+1261+01be30aa.x86_64.rpm
    MD5: 94ca1cbee9564ea56f75f3bcd3e2e763
    SHA-256: a2e7b3242d45dc12d2e255b4e8924a9959251f58ecb6c9dd3f558e0286858197
    Size: 50.02 kB
  37. slirp4netns-debugsource-1.1.8-1.module+el8+1261+01be30aa.x86_64.rpm
    MD5: e5b7e47597b851cde8ae6526f549c0e3
    SHA-256: ba1d878ba30e383ba679f0ca5cb1b58d79ff93eb3c6d3b3861243dc436872a91
    Size: 38.61 kB
  38. toolbox-0.0.8-1.module+el8+1261+01be30aa.noarch.rpm
    MD5: c4e10c8d6378d3bf8bedc09c7d00daf9
    SHA-256: a7f47adc1bceb0a55c316cd5fd570d420a75d8064bb6a8d27467554cc15e3a5b
    Size: 14.60 kB
  39. udica-0.2.4-1.module+el8+1261+01be30aa.noarch.rpm
    MD5: 312918c171751013aefe14f5526588df
    SHA-256: a0e8344be6213762b2635dec6a3081ebf7f95fedb07f7c55eb31c8e4124bf5aa
    Size: 49.38 kB