Image builder components bug fix, enhancement and security update
エラータID: AXSA:2024-8104:01
リリース日:
2024/06/03 Monday - 17:06
題名:
Image builder components bug fix, enhancement and security update
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- osbuild-composer には、パッケージリポジトリの GPG 検証が
無効になり、ビルドフェーズが中間者攻撃にさらされる問題が
あるため、ローカルの攻撃者により、ビルドされるイメージに
対して不正なコードの組み込みを可能とする脆弱性が存在します。
(CVE-2024-2307)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2024-2307
A flaw was found in osbuild-composer. A condition can be triggered that disables GPG verification for package repositories, which can expose the build phase to a Man-in-the-Middle attack, allowing untrusted code to be installed into an image being built.
A flaw was found in osbuild-composer. A condition can be triggered that disables GPG verification for package repositories, which can expose the build phase to a Man-in-the-Middle attack, allowing untrusted code to be installed into an image being built.
追加情報:
N/A
ダウンロード:
SRPMS
- osbuild-composer-101-1.el9.ML.1.src.rpm
MD5: 5c255234b0fe981ff7855c3f90b41aa6
SHA-256: 8903b8b56b52f30c80a2cc424f50b508768ef067fb3c0c3743a4c352bf24bf84
Size: 130.09 MB - osbuild-110-1.el9.ML.1.src.rpm
MD5: cc840e4d34d55e871d4bb6b9116ed34a
SHA-256: bd7cc8d94de04f824d7bf7ef5bc890f98ac8a1e37543d18865a905770963738e
Size: 7.93 MB
Asianux Server 9 for x86_64
- osbuild-110-1.el9.ML.1.noarch.rpm
MD5: 535fbf7066849b0b33b528bd1099a2a6
SHA-256: 1859281425c4754d282f7ff3407eddf48600b605d657f5226b3020508257abf4
Size: 142.13 kB - osbuild-composer-101-1.el9.ML.1.x86_64.rpm
MD5: 146666bbf0dd182e7918c0250adec24d
SHA-256: 7b3eced7068e6701900b13e512ebe277cedf504e33fb94c2463b7b0342094c78
Size: 21.28 kB - osbuild-composer-core-101-1.el9.ML.1.x86_64.rpm
MD5: fe60cc99f78874ee5e556e48d6ba1992
SHA-256: 89f3189c5cc7aadf8d98f26315a97cfbc4116838412a6bb7733e598c4f6102cd
Size: 10.31 MB - osbuild-composer-worker-101-1.el9.ML.1.x86_64.rpm
MD5: f7e9c37e9c806bfec2238696d36ef8fa
SHA-256: a1d3587c3cf3c5037159ccb36dcc169088ba78746779312f32c65b0e13eb6380
Size: 17.01 MB - osbuild-depsolve-dnf-110-1.el9.ML.1.noarch.rpm
MD5: 7afa2b6e496d647a658a824452b3d704
SHA-256: c2e1bdcdfd3bb83d388e57761cb77ed27ba3c8495133c4f583c8b9e37d4e3c3e
Size: 16.13 kB - osbuild-luks2-110-1.el9.ML.1.noarch.rpm
MD5: 7e7de2ce0d20348c0064aa29aaabce9f
SHA-256: 1a9e7c794cb7c14dbf9c64482c32f3dee7da01fa4f7dfe3a7397f3227631ad93
Size: 15.77 kB - osbuild-lvm2-110-1.el9.ML.1.noarch.rpm
MD5: fa1c1079d9681fdc74e67463ce7bb1fa
SHA-256: 3bc15ea99019168f9e7691de75e2d1934331adb04b36484d3b3b700ebda630eb
Size: 15.38 kB - osbuild-ostree-110-1.el9.ML.1.noarch.rpm
MD5: 6ef39820905ced62ebedb68cc4861d29
SHA-256: d97b3500f9dcb1f7dca94f13dad20b9ce81a4ac30216f4963dc9f4a3d3398e7e
Size: 30.72 kB - osbuild-selinux-110-1.el9.ML.1.noarch.rpm
MD5: c1c25b8f4fe5d837fadb545fee29b78a
SHA-256: f75438e2516bcc2dc396b46113ca1ddf746db3c4c88fd41eac7ffc0922977cda
Size: 28.87 kB - python3-osbuild-110-1.el9.ML.1.noarch.rpm
MD5: 75ce595d8222307749ad88a17030cd91
SHA-256: 00aac77cebd71bc1948ae92369b358f85db52e7d648eb40f8ee4f6c5e44c51b2
Size: 199.93 kB