container-tools:3.0 security and bug fix update
エラータID: AXSA:2022-3596:01
リリース日:
2022/07/22 Friday - 08:01
題名:
container-tools:3.0 security and bug fix update
影響のあるチャネル:
Asianux Server 8 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- container-tools には、不正にコンテナが起動でき、ファイル
ケーパビリティを持つプログラムにアクセスできる攻撃者が、
execve 実行時、それらのケーパビリティを permitted セットに
引き上げることが可能な脆弱性があります。(CVE-2022-27650)
Modularity name: container-tools
Stream name: 3.0
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2022-27650
A flaw was found in crun where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby (Docker Engine) where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs.
A flaw was found in crun where containers were incorrectly started with non-empty default permissions. A vulnerability was found in Moby (Docker Engine) where containers were started incorrectly with non-empty inheritable Linux process capabilities. This flaw allows an attacker with access to programs with inheritable file capabilities to elevate those capabilities to the permitted set when execve(2) runs.
追加情報:
N/A
ダウンロード:
SRPMS
- buildah-1.19.9-3.module+el8+1443+d9745d3e.src.rpm
MD5: bb2e1137ca9ad78e6e46a28d0f3f6562
SHA-256: 5edd50d7d9027af44edcf90f176e7c8a8b5e0a2c32f05f0aa89f7019df759d2b
Size: 10.07 MB - cockpit-podman-29-2.module+el8+1443+d9745d3e.src.rpm
MD5: e78c3edf48ca5953b7b25ad02499d7f7
SHA-256: f7a6ef936acda425cf27d064be250fda9d5db774d30486c7d3f07958ed5c0570
Size: 1.34 MB - conmon-2.0.26-1.module+el8+1443+d9745d3e.src.rpm
MD5: e43b9f576dddc50f4a759f9e09a6aeed
SHA-256: 4af36233ac2b14098f7a7f48a153c90a99f8e6b44f327d387dd7d40ce754bc5d
Size: 113.22 kB - containernetworking-plugins-0.9.1-1.module+el8+1443+d9745d3e.src.rpm
MD5: 2d3e01583a86c372d7633cf2ac564fc4
SHA-256: e3762fa406d133c96082f08807bb702d4f5e1042374f07e0a33fe12a3ab6f353
Size: 2.44 MB - container-selinux-2.178.0-2.module+el8+1443+d9745d3e.src.rpm
MD5: 874ea14488d51fa2db47fbccecb3f592
SHA-256: 959b535120ec5f6708c453f21a2d0724c8cd4ed59c3010ce9d5c121f04622145
Size: 51.85 kB - criu-3.15-1.module+el8+1443+d9745d3e.src.rpm
MD5: 9b647dddfd3364f5aff3550af0dddbad
SHA-256: 7430fb6ef2acf5716c8cc0bcac30908deb4dc63c9ce6ef666d3e7f54bf84398d
Size: 1.15 MB - crun-0.18-3.module+el8+1443+d9745d3e.src.rpm
MD5: 375f5feee4d3bf5e4cd33d4f21252735
SHA-256: e034ecc2f0917f78b679fe4fba16bf28ee16f0ae900282003578c9abad535d4d
Size: 1.34 MB - fuse-overlayfs-1.4.0-2.module+el8+1443+d9745d3e.src.rpm
MD5: 66a8c2e4b97e2b1b7e669a60a2ad9515
SHA-256: d772a0abd3d907b1fa6ce8ddbe5a186633501ae168cb9acc0e6b15ba147d5e75
Size: 112.58 kB - libslirp-4.3.1-1.module+el8+1443+d9745d3e.src.rpm
MD5: 26f5e867665be11305de12316df39e6d
SHA-256: a535992460dd32e37954bbdfe659bec8df30fd23b35b7cb0eff8c71c1b418c74
Size: 105.81 kB - oci-seccomp-bpf-hook-1.2.0-3.module+el8+1443+d9745d3e.src.rpm
MD5: e6b8c2a5bcc8663ad8aed9a338d45ad7
SHA-256: 25719ae37886cd9d41a093c59276a5a7935be5449c809309aa5b3e07103e8606
Size: 930.15 kB - podman-3.0.1-8.module+el8+1443+d9745d3e.src.rpm
MD5: 484b80174884eca5950154df7caf45e1
SHA-256: 4ad9e27a6a2723576098096fd5a09ef61a59bb76edc1562c987cf749ed641306
Size: 11.97 MB - runc-1.0.0-73.rc95.module+el8+1443+d9745d3e.src.rpm
MD5: 41ae6086fcfe7ed100f2fa6ffddbc548
SHA-256: 2b86afd49e56bdc925c4cf31a706b1f40c721d689a217ea4b318d71f3f0226e3
Size: 2.18 MB - skopeo-1.2.4-1.module+el8+1443+d9745d3e.src.rpm
MD5: 386d46636d5edc25a5a82b6a3a630df3
SHA-256: 2e0664844ae4dba1e8a01c3468189cbd7905954411ad0f898f3c7a32eae1c747
Size: 5.32 MB - slirp4netns-1.1.8-1.module+el8+1443+d9745d3e.src.rpm
MD5: 84b2c0b74ddb13bea93c3b397e229827
SHA-256: aed4ded7ea49afb7b703a77491c7745ff741a674f97d0f425e90196ae4f278c9
Size: 67.45 kB - toolbox-0.0.99.3-1.module+el8+1443+d9745d3e.src.rpm
MD5: eca685dd51f39bd6eb5fba4f72e9af6e
SHA-256: 7be74d57745fa5ce05778d2b4c234a7e247eaa19a495c80e499863d66b75ab31
Size: 5.88 MB - udica-0.2.4-1.module+el8+1443+d9745d3e.src.rpm
MD5: 9a61becbba6ea4a67cc6745fa3bc4976
SHA-256: 4fe6dcca3141e52cb93f81186808804cc412ffd4f1d39a255e1d493855b885a0
Size: 133.54 kB
Asianux Server 8 for x86_64
- buildah-tests-1.19.9-3.module+el8+1443+d9745d3e.x86_64.rpm
MD5: 68bcbce0b99b0a20b2386f826c475a56
SHA-256: 283f8112f925c09ef7bcbea106af6b61a4432982a3c3bf594ff8a6c56f03ca70
Size: 8.17 MB - buildah-1.19.9-3.module+el8+1443+d9745d3e.x86_64.rpm
MD5: 7c403164e162986d8f051b8a1067a7a8
SHA-256: ea27efc8d64609b8966b0cd437f4587bcf4139d90f7e3a33d652e838c01c81a4
Size: 6.75 MB - buildah-debugsource-1.19.9-3.module+el8+1443+d9745d3e.x86_64.rpm
MD5: 6e43802a0d45b0abcb8859c48dd61685
SHA-256: 6322c97e1fd160d7c7d58d21649a35a72d5dd7ef2929300393ec747ca4edf2b7
Size: 2.52 MB - cockpit-podman-29-2.module+el8+1443+d9745d3e.noarch.rpm
MD5: 0ea85f4b41d4e4390e3e9cabbe60b79f
SHA-256: 44fc348d59564fe73d1cc34b7a09546f38a7f89b98e5863b406dd3ea097ce4ba
Size: 1.07 MB - conmon-2.0.26-1.module+el8+1443+d9745d3e.x86_64.rpm
MD5: e67379d0594984c3f14613abe7a0cd64
SHA-256: e6070112598187f5fbd6f211e8d541890a7f344614964e18c2a53b18dfd7517e
Size: 49.72 kB - conmon-debugsource-2.0.26-1.module+el8+1443+d9745d3e.x86_64.rpm
MD5: ccc64ae8f8df6891a80676a63d35c22e
SHA-256: ca9d337751e266936d4405f192748727bf47d293a2ddcb284ff858a7451548ce
Size: 41.42 kB - containernetworking-plugins-debugsource-0.9.1-1.module+el8+1443+d9745d3e.x86_64.rpm
MD5: 515cab7b90dd3e0be16bf7c1cf3957ec
SHA-256: 3e199b613fc42d46503a378d32cd6f82126310907197ae987221132aad7ea04e
Size: 343.02 kB - containernetworking-plugins-0.9.1-1.module+el8+1443+d9745d3e.x86_64.rpm
MD5: a9429cba2333ea7d5437a46805308014
SHA-256: e90a1bbfab29355d769cf9a59cc9603aac8a06e434d261c78ad355aabac078fb
Size: 18.88 MB - container-selinux-2.178.0-2.module+el8+1443+d9745d3e.noarch.rpm
MD5: 3c646ec5c6bd5ca5a4bd54c8bdc55d93
SHA-256: 7230d202e0053b2ffc46d2ab0e0d742bd1d0ca33c58c0cdece5a00135b16b273
Size: 51.67 kB - criu-debugsource-3.15-1.module+el8+1443+d9745d3e.x86_64.rpm
MD5: 57b6a000e295d2cc005d43fdc15a8a1a
SHA-256: 48378a68f894ab4324e3f4d6a6e6bc5ab5fd3bd5839415f887d5bc714ed103ce
Size: 663.65 kB - criu-3.15-1.module+el8+1443+d9745d3e.x86_64.rpm
MD5: 7a90c2e77df6b57e2da4c9cf800531de
SHA-256: a3cec4ee644c48ca648cdc312e6fbfd8b6b9f32395e20bf8d27fa18795320e5d
Size: 510.08 kB - crit-3.15-1.module+el8+1443+d9745d3e.x86_64.rpm
MD5: 94487cf883d26ac2a247b1ea9cd9bd8a
SHA-256: 8e80cec8e8889f94f0448a0d329fbfe9346af3119ce0ddc0fb0241c6d552cd94
Size: 18.35 kB - python3-criu-3.15-1.module+el8+1443+d9745d3e.x86_64.rpm
MD5: eb6ab88cc8dd1741d4256cc8c51078cf
SHA-256: ef124ca62228daae73f635aff79a2db9d1a2aa402e593ee7a0e1f31daa6e0729
Size: 168.58 kB - crun-0.18-3.module+el8+1443+d9745d3e.x86_64.rpm
MD5: 2bf0c40527b775695487584d659dfc15
SHA-256: 09ab2669046659ff79704a9f699e013059ceeb7bfc337d6eb71dfed908649b9f
Size: 183.68 kB - crun-debugsource-0.18-3.module+el8+1443+d9745d3e.x86_64.rpm
MD5: 238513d73ff1bdc9ce2517341a2b7b43
SHA-256: e1f565108eb064d479410a7dd8875ea774e5b54c003b9366b6a2cd54682cf674
Size: 134.27 kB - fuse-overlayfs-1.4.0-2.module+el8+1443+d9745d3e.x86_64.rpm
MD5: 0bb93d8ef11a9c809516a3a53d5dee7b
SHA-256: 13ceb891a8cb33c98fd51521302ee131cd9672a5e8dd178a48e4c98426c3519c
Size: 70.71 kB - fuse-overlayfs-debugsource-1.4.0-2.module+el8+1443+d9745d3e.x86_64.rpm
MD5: 7eed14740fe3e832a1f9903ca2619c01
SHA-256: 4bf7b184c120df560c0dfd587af196a38aa8dce8009cb7f4fed0b0c60219aca3
Size: 52.34 kB - libslirp-4.3.1-1.module+el8+1443+d9745d3e.x86_64.rpm
MD5: 8d35924d4e921fd853332bbc6150528e
SHA-256: 869dee42aff29d643307d0b9192a55c42332451c5ad8d9be87bdda95ac82319b
Size: 67.86 kB - libslirp-devel-4.3.1-1.module+el8+1443+d9745d3e.x86_64.rpm
MD5: 98a676dcc39b70b2c68de276e1fa2956
SHA-256: 569fb691dd06f5f9b4c829332857afaf7b3bca5a98b6612184631d2eb4a4fc49
Size: 11.14 kB - libslirp-debugsource-4.3.1-1.module+el8+1443+d9745d3e.x86_64.rpm
MD5: 3f6b0df3d59ae108e4851d31040d16cb
SHA-256: 17a2fdaa7e34f54b625376f735aee0619a8895a97987cb498b83f35a423f6b29
Size: 112.94 kB - oci-seccomp-bpf-hook-debugsource-1.2.0-3.module+el8+1443+d9745d3e.x86_64.rpm
MD5: 3fea36772b0182966413b9dbe610ea15
SHA-256: 010d9d4cb90685df4fb3905ba55c9e9140b8b71bd1fb8851721432878a881e8f
Size: 143.76 kB - oci-seccomp-bpf-hook-1.2.0-3.module+el8+1443+d9745d3e.x86_64.rpm
MD5: 5b8e9069e4610346e1cdae7b81355e82
SHA-256: aef7dffc2cf7f6cd56908e1d7f2a128bc7324a93d3c459a69fd66dc69a51852b
Size: 1.03 MB - podman-docker-3.0.1-8.module+el8+1443+d9745d3e.noarch.rpm
MD5: 78ac4abcc6a4b07d30783e7ae82a50cc
SHA-256: 076f63d1223d0325e658911c7d15ed1a7e9f36e133328e987b5cb2330073a88f
Size: 54.49 kB - podman-plugins-3.0.1-8.module+el8+1443+d9745d3e.x86_64.rpm
MD5: 4600cfd609ecb0e4a5271cccdb6ce6d4
SHA-256: 0868cd840d14732de0302b8e833f86e15a39d85d7d22be5482f4ae5e2672ca43
Size: 1.17 MB - podman-remote-3.0.1-8.module+el8+1443+d9745d3e.x86_64.rpm
MD5: 151528d9bacc00caa2a0e137fd323dba
SHA-256: 43f794e392e8f470c94b28f85247fb242b30a28ca56a4d575ae71ec74dd5e501
Size: 8.33 MB - podman-catatonit-3.0.1-8.module+el8+1443+d9745d3e.x86_64.rpm
MD5: c6ccb491dce7404fc976d4b4520a1352
SHA-256: 49b6359809dd022757b6887a85cfd969493748be2ec39f26f2926af2153c63e4
Size: 320.08 kB - podman-tests-3.0.1-8.module+el8+1443+d9745d3e.x86_64.rpm
MD5: d66334b077417579e49b7b0a0f3bfa43
SHA-256: 01898792540cc82fe1e1badf9d62aed36c1abe66706cdeca4be0611706a9ef63
Size: 105.21 kB - podman-3.0.1-8.module+el8+1443+d9745d3e.x86_64.rpm
MD5: b311e5bc66b1d5bcf386ee27bde271f7
SHA-256: 3cf701a1d982441a8de7101bb6cedda2e6b41efbd25cb4733cf38c74b0f7b8da
Size: 10.92 MB - podman-debugsource-3.0.1-8.module+el8+1443+d9745d3e.x86_64.rpm
MD5: 2778449088bd225bf9e8d53f3406e75d
SHA-256: d556b2d5ff9f40301a95da72b588982cb69e6589bb7959e98e5ce200bb19ed2d
Size: 4.34 MB - runc-debugsource-1.0.0-73.rc95.module+el8+1443+d9745d3e.x86_64.rpm
MD5: b505eb572cd94faa4d6563fa7809868e
SHA-256: fe48b2f22b53a86da086b518ec284d63333f46ba2ba60e7aae89034d9f205635
Size: 864.05 kB - runc-1.0.0-73.rc95.module+el8+1443+d9745d3e.x86_64.rpm
MD5: 30cfad6308f69f449785abf0182da1a8
SHA-256: 2f53698738621419e22f220b69f5a9876bd54e7823f60ab64032ec5b3e049dd6
Size: 2.89 MB - containers-common-1.2.4-1.module+el8+1443+d9745d3e.x86_64.rpm
MD5: c550a51699372b6ad0be3f9e8437a5c9
SHA-256: 8fa1dbefdd41e43278b15645422d3e0db29d8633e98993d6d4d873625d914728
Size: 89.66 kB - skopeo-tests-1.2.4-1.module+el8+1443+d9745d3e.x86_64.rpm
MD5: 36e44f41196b51c1314971909f6feb01
SHA-256: 69dc28998d87f808eb6f95048e2f7b61437a659eeb082303dea4f296d90809f1
Size: 38.25 kB - skopeo-1.2.4-1.module+el8+1443+d9745d3e.x86_64.rpm
MD5: 82d0a476372e0ff7d66df85d04b3d803
SHA-256: 7e6900760747153152d49ea73a99e10c59d8652d318af5d3daf9ce11cb188451
Size: 6.38 MB - skopeo-debugsource-1.2.4-1.module+el8+1443+d9745d3e.x86_64.rpm
MD5: 0becf4f5f3fa7c5a23736acef5d9beaf
SHA-256: b021c10ea0ac9eec960a4c3b50511c24c419ba83810bcd7a6ea3c545fe4d1378
Size: 2.38 MB - slirp4netns-1.1.8-1.module+el8+1443+d9745d3e.x86_64.rpm
MD5: 4ff2208c449d8ec2c3ba864a2eb10de1
SHA-256: 4ad91a4e0b08dc46ed29692c50eabf216cd78183c0ccae8a35b1cc97e7c86e0c
Size: 50.00 kB - slirp4netns-debugsource-1.1.8-1.module+el8+1443+d9745d3e.x86_64.rpm
MD5: b9cc58792fabc67b91bee895000901b6
SHA-256: ef26ca85ea61e1c261e13cd908d2d1d9a2faeb0a11d180d2d2a49e68adbee123
Size: 38.60 kB - toolbox-tests-0.0.99.3-1.module+el8+1443+d9745d3e.x86_64.rpm
MD5: ba4aef37c9b47d34e93cbf3cdb8a4754
SHA-256: bfc454bc49a16e1c7eea6ccc696a13317c0ca09b85175762c5a8b7a03a4660db
Size: 28.86 kB - toolbox-debugsource-0.0.99.3-1.module+el8+1443+d9745d3e.x86_64.rpm
MD5: 13c51890508553922066d80eb8068671
SHA-256: 6ba7124cf11a58e03d9b54732d9e77cc80f609bb7e81fde5a2887f4fa5b570df
Size: 448.29 kB - toolbox-0.0.99.3-1.module+el8+1443+d9745d3e.x86_64.rpm
MD5: bda0d82ccfafa523523a063c8f3416cf
SHA-256: a2eb8b109da762fb1b5e9ecbef683f95c4cf22bdaf9a1e9527d6c19c7addedf0
Size: 2.19 MB - udica-0.2.4-1.module+el8+1443+d9745d3e.noarch.rpm
MD5: 34c29e22765abb7a8a7afd17317baf87
SHA-256: 2ef8c8b06dea9a864252ebd6a260551ac637d6b6aa2b3458fd311b081bd032f6
Size: 49.30 kB