container-tools:rhel8 security, bug fix, and enhancement update

エラータID: AXSA:2022-3571:01

リリース日: 
2022/07/20 Wednesday - 06:56
題名: 
container-tools:rhel8 security, bug fix, and enhancement update
影響のあるチャネル: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

以下項目について対処しました。

[Security Fix]
- container-tools には、攻撃者によってパブリックレジストリに
公開された悪意のあるコンテナイメージを用いてユーザーが
"podman top" コマンドを実行した場合、攻撃者がファイルシステムへ
アクセスできるようになり、情報漏洩やサービス拒否攻撃が可能となる
脆弱性があります。(CVE-2022-1227)

- container-tools には、非標準の HTTP メソッドでリクエストを
処理する際に、HTTP サーバーがサービス拒否になる脆弱性があります。
(CVE-2022-21698)

- container-tools には、不正にコンテナが起動でき、ファイル
ケーパビリティ持つプログラムにアクセスできる攻撃者が、
execve 実行時、それらのケーパビリティを permitted セットに
引き上げることが可能な脆弱性があります。(CVE-2022-27649)

- container-tools には、不正にコンテナが起動でき、ファイル
ケーパビリティを持つプログラムにアクセスできる攻撃者が、
execve 実行時、それらのケーパビリティを permitted セットに
引き上げることが可能な脆弱性があります。(CVE-2022-27650)

- container-tools には、不正にコンテナが起動でき、ファイル
ケーパビリティを持つプログラムにアクセスできる攻撃者が、
execve 実行時、それらのケーパビリティを permitted セットに
引き上げることができ、システムの機密性、完全性に影響を
与えうる脆弱性があります。(CVE-2022-27651)

Modularity name: container-tools
Stream name: rhel8

解決策: 

パッケージをアップデートしてください。

追加情報: 

N/A

ダウンロード: 

SRPMS
  1. buildah-1.24.2-4.module+el8+1442+7dde0cd6.src.rpm
    MD5: 889199112afe4ca7053232ff3ac7971a
    SHA-256: 5a973007f65234d3daba84554a6f371287aabbc748fa205c60442456bf87934b
    Size: 13.30 MB
  2. cockpit-podman-43-1.module+el8+1442+7dde0cd6.src.rpm
    MD5: d28864ced983195748d8d6021a25eaa5
    SHA-256: 6f5459b129c15c42db08e18d9c7ae1ee7fe54d5f8c39b5da9711e505f94b7f1a
    Size: 728.17 kB
  3. conmon-2.1.0-1.module+el8+1442+7dde0cd6.src.rpm
    MD5: d669fc31b2389420af248b5d547bbd58
    SHA-256: f722fe365644b3c53ea84cde073fb9c50d7e8bd6bbf4b84d248626fd8643a347
    Size: 168.63 kB
  4. containernetworking-plugins-1.0.1-2.module+el8+1442+7dde0cd6.src.rpm
    MD5: f942dc31f5426431ebd282c0970a8d4e
    SHA-256: fa6d40f7d12a3fb1fec615bd3802d857c3972fcc435511e1f7454c1a85fe8534
    Size: 2.84 MB
  5. containers-common-1-27.module+el8+1442+7dde0cd6.src.rpm
    MD5: 2c8f547fb4090779d51448d17ef4f96b
    SHA-256: 73b11e2c3886c446e16ee1c5f062495f0fc35e417dcdec604770c7c0b52f6267
    Size: 35.42 MB
  6. container-selinux-2.179.1-1.module+el8+1442+7dde0cd6.src.rpm
    MD5: 771b3c6b1389bd754c29f6353e2c6e39
    SHA-256: 73d81fa2ed2e061c0fde369820497c71cc558c35af7f48c8f6476bd442150f68
    Size: 55.28 kB
  7. criu-3.15-3.module+el8+1442+7dde0cd6.src.rpm
    MD5: de37027dc7ec12aed452bfddf1fab4fa
    SHA-256: 18f2648bbf6bbb63f2795e122982365aa54e575fcdb12c9a5ca44d66cbbf6d62
    Size: 914.17 kB
  8. crun-1.4.4-1.module+el8+1442+7dde0cd6.src.rpm
    MD5: 6d046f66fb86197c6e9092b424f905a8
    SHA-256: 42d54c93ee829264787907d4d915a9bb75a926148ff9f98398f6ca4d30e1e6f9
    Size: 1.88 MB
  9. fuse-overlayfs-1.8.2-1.module+el8+1442+7dde0cd6.src.rpm
    MD5: 05149a0ffe7ff172e7dee21b4c65ad60
    SHA-256: c9bdda67caf52c6504d38ce50e810a0f1c971f49f8c6b6bf7bed2d937db83219
    Size: 115.17 kB
  10. libslirp-4.4.0-1.module+el8+1442+7dde0cd6.src.rpm
    MD5: 5940145841e9fce939e3a8c25c54d913
    SHA-256: 014300b1d2c6f36905715ed27e0c5b61c9cf16b22741202ec28f42e23cff1ed0
    Size: 114.78 kB
  11. oci-seccomp-bpf-hook-1.2.3-3.module+el8+1442+7dde0cd6.src.rpm
    MD5: 0fe28122dcd0b544c0abe867b969c2e7
    SHA-256: 40552e5644c9b4d9c77fc3441b8f602b1830a1d00a6a3a253a01ac0ffe365a77
    Size: 1.08 MB
  12. podman-4.0.2-6.module+el8+1442+7dde0cd6.src.rpm
    MD5: 36a041f9d992d56b5116168fdd495ed8
    SHA-256: 046de21a8e78b8e61a8b196b176a3b8737ec27aadbcec097a6bf64a25244ca37
    Size: 16.37 MB
  13. python-podman-4.0.0-1.module+el8+1442+7dde0cd6.src.rpm
    MD5: 5000265e8df567b2c849cdd842abe123
    SHA-256: 373aab5187b524e1bfebecdccdf5c24098ad8bee48c7bda05d204c08e114b64e
    Size: 79.35 kB
  14. runc-1.0.3-2.module+el8+1442+7dde0cd6.src.rpm
    MD5: 43bb9f5eccbb30efef8b33af47cbd48b
    SHA-256: 4044b7aeb2d73ce968d5bf3ea9cabde1f4cf81314b761ba53eff4b7e5a73b0fe
    Size: 2.26 MB
  15. skopeo-1.6.1-2.module+el8+1442+7dde0cd6.src.rpm
    MD5: b3732878a1511d691189ceda2ff49d19
    SHA-256: 058f9aa28cfd4df8e7d5705f5d4eaf3e326cf145759a9dcc791c089bbcc75837
    Size: 6.19 MB
  16. slirp4netns-1.1.8-2.module+el8+1442+7dde0cd6.src.rpm
    MD5: fee31f000070bcefbb74bb582bc775d5
    SHA-256: 06b7ff8aaa740b5199ed5f5a15405889cae4cf28b7964192fa013b3e26d6b8c9
    Size: 69.39 kB
  17. toolbox-0.0.99.3-0.4.module+el8+1442+7dde0cd6.src.rpm
    MD5: 08e0e21e8f014497fea0a3a2a0146610
    SHA-256: 0695b496573b310288f2984df2c0c2f6cc8400274a3223f5ea06781909f5159d
    Size: 5.88 MB
  18. udica-0.2.6-2.module+el8+1442+7dde0cd6.src.rpm
    MD5: 1a1d7d515f1967c3981efe3657c80fb5
    SHA-256: c7e70d8f1ee0d15616226f6f49eee339d3f9bd64075d95a34cb3b14be3093ced
    Size: 131.77 kB

Asianux Server 8 for x86_64
  1. buildah-tests-1.24.2-4.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: 4adcdd6035deb4fbbbac4bdf17ad49b8
    SHA-256: cf5f31389cdaca75e7369f6a9e2b6bfbd3164076c070197fabd6c907252ff517
    Size: 18.08 MB
  2. buildah-1.24.2-4.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: 6890ff08a23ca0cb91d5e65a0e02bf72
    SHA-256: af6300a3613c67cefc7b10694b050a9e195c4723281c5cb3cce55f279b296ea3
    Size: 8.05 MB
  3. buildah-debugsource-1.24.2-4.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: f9381cc82c0028e5915250c992b420bd
    SHA-256: b3765754ddab9653f0adffdd73d56c3f498091bcc48354d284fbf3d339605bcd
    Size: 3.33 MB
  4. cockpit-podman-43-1.module+el8+1442+7dde0cd6.noarch.rpm
    MD5: df9adbf7ec0c17f3f79ba303fd91db99
    SHA-256: 5f3771dc03dff36b879e40e97587361f37cab18dea35be71c3fab0588f9ca959
    Size: 492.33 kB
  5. conmon-debugsource-2.1.0-1.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: 187682bfeb7810256da1e275bba43d20
    SHA-256: 54de26386ba8de8abda06429768f9ebf805beca89ea3198950e3efc29840a3e1
    Size: 46.62 kB
  6. conmon-2.1.0-1.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: 11d05dc9b0746ec87e47e0722c088e84
    SHA-256: b217b3785fecc01294d3d2282b7832dc961a59acaf313dcccc5efb38bb4aa928
    Size: 53.94 kB
  7. containernetworking-plugins-debugsource-1.0.1-2.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: 7f46daa96e236303ec177b1ad687f08e
    SHA-256: e0a5609b4bf118b85ceb34be80d8ae89180dbccfcf2cbfee34e0d217e36c4010
    Size: 367.07 kB
  8. containernetworking-plugins-1.0.1-2.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: 4c5007321d54ff63fc5d6b071e8e5a28
    SHA-256: c9bdb7c56796e420978e3c8c6dc0d28d1e032984098e688ff2fffe0f44bdc638
    Size: 18.34 MB
  9. aardvark-dns-1.0.1-27.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: fbb8501890e9f253f33e819ca5384853
    SHA-256: 28e2fba0e937a51fd0ff832318d27c6ee9c115a257080eec6df7c1d3a3634a75
    Size: 0.99 MB
  10. containers-common-1-27.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: fa514330c7f661d0d62fad55de8b9c7f
    SHA-256: aa00c9273aaccb8dd87577c5d161b08fd2eb62feced1ef9f9a273c08f58125b2
    Size: 93.49 kB
  11. netavark-1.0.1-27.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: 74ff79c4e35f221df2b675dab470f498
    SHA-256: ff55f43fbe4130f653ab85b00ba08e204d1c564b51e6c1b39ad0d17993cedc53
    Size: 1.98 MB
  12. container-selinux-2.179.1-1.module+el8+1442+7dde0cd6.noarch.rpm
    MD5: f7a35a9780f96c32f4283969f5a46e8b
    SHA-256: 0dbbd715847e1ec091316e9bcd64ab075b5098a56e92369ccb9ba8364089466e
    Size: 57.51 kB
  13. criu-3.15-3.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: 5770ed4b97a18dcc833b03cdfa4ebc74
    SHA-256: f1fcaf212a61a60c03e730fd1a94c76618cd225da571eff428293539bf084a65
    Size: 516.57 kB
  14. criu-devel-3.15-3.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: 45de6d5940724c35a703e7b9228aade5
    SHA-256: efe6bf8347f010bf9194a7436dc7b6984e69c3b63bb3d82400f7b4abd7333f1c
    Size: 23.81 kB
  15. python3-criu-3.15-3.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: e545dc4857fa276e61866cc0a2c64a3e
    SHA-256: bd537a6bf3303059a9d1dd7cc2c71bfb6db685ed50ce3ff0a4dbab320e9d876d
    Size: 168.78 kB
  16. criu-libs-3.15-3.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: 9577de26b8cf7697b724fa14a831b3e5
    SHA-256: 0a893417141822a97e27c1e8b87edba328e52ecffd2b950e88c68769c30fcb59
    Size: 36.66 kB
  17. criu-debugsource-3.15-3.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: 63611f5c50eb72937ed0bf7a60fb9229
    SHA-256: 09cba237a04bfdcd453738c2431b7c36ec3fe3363e202bff86ce1ebe65b4cb02
    Size: 675.33 kB
  18. crit-3.15-3.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: 499521045b361ba1c6af0ad98315fcfe
    SHA-256: c685b4218e527520dd3074f4a8a8a7a7d4879f758d1095f8ea9883293bc34753
    Size: 18.60 kB
  19. crun-1.4.4-1.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: 3ec206e78ae186675ab68e137c25f412
    SHA-256: 449dbf323e758089e7b4ff394ca60fb28058c4049e83f9f1ca492b81277138fb
    Size: 207.71 kB
  20. crun-debugsource-1.4.4-1.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: 10caf575cc59da45e689ba91ea8882fe
    SHA-256: c7ef966737f7e3f0623accaedd17baa92b0b9ed30a0fd6749610c82a977bb0d0
    Size: 156.29 kB
  21. fuse-overlayfs-debugsource-1.8.2-1.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: 570fb9f532aa2afc93201d13497d5d35
    SHA-256: b553f60123d98f4b9c1fbeb6a4f7746547462e82e55401c0772085b70b7dd219
    Size: 53.81 kB
  22. fuse-overlayfs-1.8.2-1.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: 6366e90cd77985834db13aa3a3c577c9
    SHA-256: 0db117a4ce843d697b17f9e1716cafe22e60cf016541c03a15bbe9c4480f167a
    Size: 71.95 kB
  23. libslirp-4.4.0-1.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: 255fe8145b44999d4b6907b67d962897
    SHA-256: c43eaf37cf916b0e757a4b00a9650f592a05969d58e0aa03fdc7bc98dee4785f
    Size: 69.13 kB
  24. libslirp-debugsource-4.4.0-1.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: bb0bac0c184aec1019f3996743c4f248
    SHA-256: 7c6ccdba53145cd9e3cd4ffbd71bd4e41032322bf68da300c71212f3961317a8
    Size: 114.43 kB
  25. libslirp-devel-4.4.0-1.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: d520e5562fee673e1723fced357d3843
    SHA-256: c0b73bc76ee708da3a738e550f309bfa40f5077bc853e74646b31596970fc69e
    Size: 11.29 kB
  26. oci-seccomp-bpf-hook-debugsource-1.2.3-3.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: f9eabbb6159583f7d10b75c821b68cdf
    SHA-256: 7bd683cd0be305a5962334fe163e6708651e568031af2d80255904d3b0fa4f97
    Size: 158.05 kB
  27. oci-seccomp-bpf-hook-1.2.3-3.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: 856a37c0c9d2ccabeed94c2b68a3478b
    SHA-256: db7b0298bb68ab1908eba7d86394d38d90fdf50cc1b1e00a8a8e4f49a0b88580
    Size: 1.03 MB
  28. podman-gvproxy-4.0.2-6.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: f5dd1368b65465cecbd3163b3b1ba031
    SHA-256: 564bc9ec6cfa1ff4fecf3e1eb93ec273d840340c8d41c5b027dd407a1d8ed168
    Size: 3.31 MB
  29. podman-plugins-4.0.2-6.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: 731e3190ce1df65516dd2d52917e850c
    SHA-256: 7ad3b703462217916c489bf9c2aab8e70976081b12634187029b232663d3ad92
    Size: 3.11 MB
  30. podman-catatonit-4.0.2-6.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: 5d168dc2ffe390232d1f1aa8de31b34e
    SHA-256: 101739dd47b2fc202e90ba70a5544fca6d9a647fb8bb2f89e96f33f13959871f
    Size: 352.81 kB
  31. podman-remote-4.0.2-6.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: 7728fbb00cd06c4215ed8a95a1e51335
    SHA-256: c2ce09defb717de3383266431a1bb1da7a447744009e3be7d1810c8dc20fd3c4
    Size: 8.16 MB
  32. podman-4.0.2-6.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: fba3a2efcd19ea66c909d725ee4fdda3
    SHA-256: 90d12119a3795bf4f57b9a898f04adacf2c2aacc96b886f10b741a8b9c1cf4df
    Size: 13.26 MB
  33. podman-docker-4.0.2-6.module+el8+1442+7dde0cd6.noarch.rpm
    MD5: 79f01409204dd35808f8ab07e4b63edc
    SHA-256: c1745b1cbc3a054d096409b9a91fc2598de783e21220f8640190d6392231e93a
    Size: 66.51 kB
  34. podman-tests-4.0.2-6.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: de09ccb20ccddaacc72e4649ab397ab8
    SHA-256: a025fea57a6882d633a8a6124f36ce80d16c72fd3e626f7cfc23faa014d76803
    Size: 173.93 kB
  35. podman-debugsource-4.0.2-6.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: 7ec70a0269a37509a5f86b18886bd56e
    SHA-256: 5af57659b11e940a4b60b471215913617af37f50d61bd4c17ca78771f19e36c6
    Size: 5.90 MB
  36. python3-podman-4.0.0-1.module+el8+1442+7dde0cd6.noarch.rpm
    MD5: a26dbab49bd652abb9aca7f84b6fcad8
    SHA-256: 439ae4eb00ca98495e4f03ecd4340ff6ecd3d1054d748d4269466593186be2d0
    Size: 148.03 kB
  37. runc-1.0.3-2.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: 051e43d9c80a54f0f01edb2d0562c29d
    SHA-256: add60b40cdaadb2af370c6fdbfae3060a52ff51f3ce5155ea4b3ba7e1c901b3b
    Size: 2.98 MB
  38. runc-debugsource-1.0.3-2.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: a2b7d7778d1520bd64334c6536957c91
    SHA-256: b0dc97e7b47fa1752be11fe3b99543f35108a03a7a657080fecc6f8494fff54d
    Size: 916.51 kB
  39. skopeo-debugsource-1.6.1-2.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: b85afc87dad6865c23e9a05eea1a4b4a
    SHA-256: fd811fecf22211cdc1a4ea6fe441e2aac4a49835ec530eb7be82432584fd251d
    Size: 2.52 MB
  40. skopeo-tests-1.6.1-2.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: 5736f01b9b3d89b43586cac06a6a290d
    SHA-256: 3ef253a83e00d21300db97d82c7956abf57d3e3cf003b898c69e3cf005d2303c
    Size: 778.24 kB
  41. skopeo-1.6.1-2.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: f111cde6802275394ce7ab6c22d90367
    SHA-256: 5c1536f6e8c35a8fbda6a79347bb9f9f01205c2aed10abd9d5a8136bfe423a44
    Size: 6.65 MB
  42. slirp4netns-debugsource-1.1.8-2.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: 344ef3f8720bd367e80c92b48d349e23
    SHA-256: 947c91e19fe119105f7a8992c7c9ab1838fafdf5833908502ed50030dfaf6d4d
    Size: 38.75 kB
  43. slirp4netns-1.1.8-2.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: 4417ee6bef8db842571ba762307ef979
    SHA-256: 9327f190fffd6862adabe5d9a64d452166157111c10a1260fcea329c4bed29cc
    Size: 50.17 kB
  44. toolbox-debugsource-0.0.99.3-0.4.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: 7d7a221fbce2c7be6fc46b9379966a45
    SHA-256: ffdf667963dbb69c0de0009f7c6a3e236428ac6c410b0629cb420a446b971f62
    Size: 449.73 kB
  45. toolbox-tests-0.0.99.3-0.4.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: 49131138cc912d07a3bd5ba3c1f278dc
    SHA-256: 9fe81d251d2d1c7bf02a311f074327f30a29c67c453a609dfaccd580a0ca5bee
    Size: 30.17 kB
  46. toolbox-0.0.99.3-0.4.module+el8+1442+7dde0cd6.x86_64.rpm
    MD5: 9b03834349dbb8e9723e8208e07c5de1
    SHA-256: dbacb7e702a06f3733c7f07e2f78d93eb99a997d87ce68f2546a059e293ba9c0
    Size: 2.19 MB
  47. udica-0.2.6-2.module+el8+1442+7dde0cd6.noarch.rpm
    MD5: c4a661075baf5ef526340bd4b2fb98dc
    SHA-256: 8efc95cb8c2c4f49da4019dc84fb65f06695e5a76572039c0e7695ed66978060
    Size: 47.24 kB