podman-4.2.0-7.el9
エラータID: AXSA:2023-5062:01
リリース日:
2023/02/10 Friday - 11:40
題名:
podman-4.2.0-7.el9
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
Low
Description:
以下項目について対処しました。
[Security Fix]
- container-tools には、Podman コンテナエンジンの補助グループの処理
が不適切な問題があるため、影響を受けるコンテナに直接アクセス可能で、
そのコンテナ内でバイナリコードを実行可能な攻撃者により、機密情報
漏洩やデータの改変を可能とする脆弱性が存在します。(CVE-2022-2989)
- Buildah コンテナエンジンには、補助グループの処理に不具合がある
ため、影響を受けるコンテナに直接アクセス可能で、そのコンテナ内で
バイナリコードを実行可能なローカルの攻撃者により、機密情報漏洩や
データの改変を可能とする脆弱性が存在します。(CVE-2022-2990)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2022-2989
An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
CVE-2022-2990
An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
An incorrect handling of the supplementary groups in the Buildah container engine might lead to the sensitive information disclosure or possible data modification if an attacker has direct access to the affected container where supplementary groups are used to set access permissions and is able to execute a binary code in that container.
追加情報:
N/A
ダウンロード:
SRPMS
- podman-4.2.0-7.el9.src.rpm
MD5: acfd420e789810781273db6657c1f2e3
SHA-256: 413671242ffd0d8fa4de2b36bbe58e990d73da73e9eb07e6e5f4afee9b2d46ae
Size: 17.99 MB
Asianux Server 9 for x86_64
- podman-4.2.0-7.el9.x86_64.rpm
MD5: 9afb67e052ab6044e62eb49b49fc1cae
SHA-256: e82c9db64f425c9774b4f295d21032d3069caa6f82e85276bf16ac94a94837fc
Size: 12.06 MB - podman-catatonit-4.2.0-7.el9.x86_64.rpm
MD5: 4961fc6aa39e5971d10a07f3f71af40e
SHA-256: b0cbc120419b90fa3ddf31c499c341e3dd981f09fe7006dbdb0dab77110d2f55
Size: 351.37 kB - podman-docker-4.2.0-7.el9.noarch.rpm
MD5: 7d7ebcc34c0b916af959b90378c690a6
SHA-256: 082ff503355da7958d028d4a527d8c42c8aabb475cc4d0f36dcc432cd982d8a4
Size: 40.91 kB - podman-gvproxy-4.2.0-7.el9.x86_64.rpm
MD5: 8bb07014bcec39f3629939d14d16095e
SHA-256: cf9cac8167cae66930ee1077e13a56a41f99bb6432501e3ad7d7e6a69e32ed64
Size: 3.33 MB - podman-plugins-4.2.0-7.el9.x86_64.rpm
MD5: e0c4b74e54bcd72ee922047473c1c2f1
SHA-256: c51ea64e49a21c6c42e2e8e0f8a91cec7848acb1ace20a163d3776342378b79b
Size: 2.52 MB - podman-remote-4.2.0-7.el9.x86_64.rpm
MD5: 62c2e85e933d7549d2b7751f50406f2f
SHA-256: 022915789a0e84fc0289836dde4d201a8a8e9fb5cff20b4de549be6c449d4460
Size: 8.10 MB - podman-tests-4.2.0-7.el9.x86_64.rpm
MD5: 9b28503a41ba77f2f962a93c81f86751
SHA-256: 70f94a7b7981c229c92e1290cf7ab3fd295099c05786bd127fc31e1da910662c
Size: 151.77 kB
English