[security - high] container-tools:rhel8 security update, udica-0.2.6-21.module+el8+1957+25af5e46

エラータID: AXSA:2026-261:01

リリース日: 
2026/03/05 Thursday - 21:41
題名: 
[security - high] container-tools:rhel8 security update, udica-0.2.6-21.module+el8+1957+25af5e46
影響のあるチャネル: 
Asianux Server 8 for x86_64
Severity: 
High
Description: 

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.

Security Fix(es):

* golang: html/template: errors returned from MarshalJSON methods may break template escaping (CVE-2024-24785)
* crypto/x509: golang: Denial of Service due to excessive resource consumption via crafted certificate (CVE-2025-61729)
* github.com/sirupsen/logrus: github.com/sirupsen/logrus: Denial-of-Service due to large single-line payload (CVE-2025-65637)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2024-24785
If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates.
CVE-2025-61729
Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.
CVE-2025-65637
A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters. Due to limitations in the internal bufio.Scanner, the read fails with "token too long" and the writer pipe is closed, leaving Writer() unusable and causing application unavailability (DoS). This affects versions < 1.8.3, 1.9.0, and 1.9.2. The issue is fixed in 1.8.3, 1.9.1, and 1.9.3+, where the input is chunked and the writer continues to function even if an error is logged.

Modularity name: "container-tools"
Stream name: "rhel8"

解決策: 

Update packages.

CVE: 
CVE-2024-24785
If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates.
CVE-2025-61729
Within HostnameError.Error(), when constructing an error string, there is no limit to the number of hosts that will be printed out. Furthermore, the error string is constructed by repeated string concatenation, leading to quadratic runtime. Therefore, a certificate provided by a malicious actor can result in excessive resource consumption.
CVE-2025-65637
A denial-of-service vulnerability exists in github.com/sirupsen/logrus when using Entry.Writer() to log a single-line payload larger than 64KB without newline characters. Due to limitations in the internal bufio.Scanner, the read fails with "token too long" and the writer pipe is closed, leaving Writer() unusable and causing application unavailability (DoS). This affects versions < 1.8.3, 1.9.0, and 1.9.2. The issue is fixed in 1.8.3, 1.9.1, and 1.9.3+, where the input is chunked and the writer continues to function even if an error is logged.
追加情報: 

N/A

ダウンロード: 

SRPMS
  1. aardvark-dns-1.10.1-2.module+el8+1957+25af5e46.src.rpm
    MD5: cb41e4bd91f587f5d6ec2e96dbaaf9e4
    SHA-256: a6ef57fd60ee58768d8817e31382221505f14ba1077169bdeda057825ca226fc
    Size: 6.14 MB
  2. buildah-1.33.14-2.module+el8+1957+25af5e46.src.rpm
    MD5: 940aac69dd55c2bf50a83b5dcf6a2614
    SHA-256: 37e10a0fbc89dafa0fd5664afe2880802c98ca0f5ebe148482ce3f93615cd7a2
    Size: 18.40 MB
  3. cockpit-podman-84.1-1.module+el8+1957+25af5e46.src.rpm
    MD5: 3ea486e3841d6aba24b2b6a7ba6c959c
    SHA-256: 1b0e3342a4dd1211fdbb65901e99e7befd043c5bbe59b7c7d9a6376b0801b22c
    Size: 1.27 MB
  4. conmon-2.1.10-1.module+el8+1957+25af5e46.src.rpm
    MD5: 59afb5e3f39c9109fb55117b3a9f15f6
    SHA-256: 887d2f8b727534f2953c1ffedf1723af87a6beeed8cfab247b681c3dabb47835
    Size: 133.59 kB
  5. containernetworking-plugins-1.4.0-7.module+el8+1957+25af5e46.src.rpm
    MD5: 73ab1aaf9699fc75e098aca27d239625
    SHA-256: 8fcfc4b9f440745282c4e9b56aa0d38cf564bf40585b16b92d5d5f3ecfe1b656
    Size: 3.62 MB
  6. containers-common-1-82.module+el8+1957+25af5e46.src.rpm
    MD5: 192f34ebed38bb711271b41683538dae
    SHA-256: 0eb25ce944b5275e8afd30923c8789ad45bfb4a66bc5a3e07febaf84d4a0328f
    Size: 145.63 kB
  7. container-selinux-2.229.0-2.module+el8+1957+25af5e46.src.rpm
    MD5: 3dff62f18298e8f8359231347c45526d
    SHA-256: e195b0fb6cf45cd80c855ebe47daeed590a335e30401e9c2d716c40915a1dd44
    Size: 65.58 kB
  8. criu-3.18-5.module+el8+1957+25af5e46.src.rpm
    MD5: 3674e3bab8c05fc93ef96ad68513c279
    SHA-256: d504e93ef7fbfebcae0c13329a8b9db1bf1c0bbd41ad8fd584ceefbb745ad044
    Size: 1.32 MB
  9. crun-1.14.3-2.module+el8+1957+25af5e46.src.rpm
    MD5: 1667f934d79647b2612f0e1ecfd00c3a
    SHA-256: 3e747b8d5644a534c0c0a6980199de07f9b2074e13bf9dcf265af41b29ee5b34
    Size: 1.68 MB
  10. fuse-overlayfs-1.13-1.module+el8+1957+25af5e46.src.rpm
    MD5: 39e99b50f610a59274cd091059533f93
    SHA-256: 24d24cae15f61a8bf5fc358a45988d944626e57be858457034472b5b32d2a5e5
    Size: 112.28 kB
  11. libslirp-4.4.0-2.module+el8+1957+25af5e46.src.rpm
    MD5: fe5f2b392c7859a37094b41dd8351384
    SHA-256: 4fba0945a9bf016a24b2cbb7670620954195ca534d2b4e79512a2a43c665e6e8
    Size: 114.98 kB
  12. netavark-1.10.3-1.module+el8+1957+25af5e46.src.rpm
    MD5: dab6aaea20936a626fd4503692f3cfbc
    SHA-256: 7ed8611544b7cc72b1c1f56f2aa1f76f9b2848e0fd9e63eb3b81a8e4c6cb052f
    Size: 15.51 MB
  13. oci-seccomp-bpf-hook-1.2.10-1.module+el8+1957+25af5e46.src.rpm
    MD5: ace1298d10076b880d0b3cab3534cff2
    SHA-256: bc461f88098614dece14c25327ab49997d5e700b52a78a63bdc7958358634f50
    Size: 1.43 MB
  14. podman-4.9.4-28.module+el8+1957+25af5e46.src.rpm
    MD5: 066be346b1e41e823a16085cbb8617be
    SHA-256: 0fdaf5a33283435522c3011545467189b35eedf914fe7321f23bc23ba044d671
    Size: 32.72 MB
  15. python-podman-4.9.0-3.module+el8+1957+25af5e46.src.rpm
    MD5: 0ee47f81245af4664932b5618294e2f9
    SHA-256: 4be7b9e54a0b7f0a6ce02c5774433d346924770dbc881fb38496e4a17534b97c
    Size: 188.74 kB
  16. runc-1.2.9-3.module+el8+1957+25af5e46.src.rpm
    MD5: c7ca601eb8bf52bf32733e45198dc8b5
    SHA-256: bd4061e1b6c632afdedf0763c46d4e59dde85c28ad5de2d71bad609433297f1a
    Size: 2.63 MB
  17. skopeo-1.14.5-6.module+el8+1957+25af5e46.src.rpm
    MD5: 7015f6acf4cd0a85674fb6286efdfa21
    SHA-256: 9a030d0c7e0de70bc04339b18613a042f4846e890467f556c35b9e787d9e3a58
    Size: 10.00 MB
  18. slirp4netns-1.2.3-1.module+el8+1957+25af5e46.src.rpm
    MD5: 662deca012e5abbaf20be89315a1152b
    SHA-256: 6cba6994eeab20fd0cd50422f1446c3d9e9594ef9e35926a41340cd8fac09701
    Size: 76.05 kB
  19. toolbox-0.0.99.5.1-1.module+el8+1957+25af5e46.src.rpm
    MD5: 902a38383d238b64ac390e14000ceb86
    SHA-256: c2abac27f4ca764dd548143b34348a842bdb1dc3d9620c198b6057f14f485705
    Size: 1.10 MB
  20. udica-0.2.6-21.module+el8+1957+25af5e46.src.rpm
    MD5: 3c72e961b0f27fd5716179a243275016
    SHA-256: ab0fa7ace06185b866c2caf95703ccb66dacc120e1a5dffcf0f9767a8de76b91
    Size: 134.32 kB

Asianux Server 8 for x86_64
  1. aardvark-dns-1.10.1-2.module+el8+1957+25af5e46.x86_64.rpm
    MD5: 4cd3c742bc19599a48e48e7eb1461aad
    SHA-256: ad1f05659111d5d4f9fd5b233a1f08936e3620886a91a28bf895e149b14bbf12
    Size: 0.97 MB
  2. buildah-1.33.14-2.module+el8+1957+25af5e46.x86_64.rpm
    MD5: 89f4e2a81570303fb679901b34817160
    SHA-256: 035590ab7ebe35902d8aac737af125d09737203d211dcd3c01139dfe118c84a6
    Size: 10.30 MB
  3. buildah-debugsource-1.33.14-2.module+el8+1957+25af5e46.x86_64.rpm
    MD5: bf35434dca4741423f1f2ea736145b5c
    SHA-256: 0be50cf9fe0ec02b5b8ec07a1f6ee62fb7b8f90b8f1132a88d42b6422e1245fa
    Size: 6.20 MB
  4. buildah-tests-1.33.14-2.module+el8+1957+25af5e46.x86_64.rpm
    MD5: 58133c7ccae8ba821bccd422fd76d514
    SHA-256: e5f38570534daf5271ee182199624146b1b47e82d39cc70b96fc13e9fa3c263e
    Size: 32.79 MB
  5. cockpit-podman-84.1-1.module+el8+1957+25af5e46.noarch.rpm
    MD5: 4f99356f6d57d22a269e49436ba9a159
    SHA-256: c5e90347e24ce763a651db970022f6c297c44718f355425059d38c1f3b57b229
    Size: 682.92 kB
  6. conmon-2.1.10-1.module+el8+1957+25af5e46.x86_64.rpm
    MD5: dc8e90afb9117e706a8470f0ba7d5e2f
    SHA-256: 8ff5dfe7d69218d76d0d4f7451f5eaa9afac9af99c1fc8f419523c35c2e92f42
    Size: 56.83 kB
  7. conmon-debugsource-2.1.10-1.module+el8+1957+25af5e46.x86_64.rpm
    MD5: 21029c40148256cec56f6b621b96b3e0
    SHA-256: 9f80730c095ac923e2344962decf4d7d6d0803649a50ee518b39bdf0922cce3a
    Size: 50.46 kB
  8. containernetworking-plugins-1.4.0-7.module+el8+1957+25af5e46.x86_64.rpm
    MD5: 35ccc7cd0e445b42fffb90900cf3bae4
    SHA-256: 8954f126ea32f93f9e879adb68e39ab6ead46cdd03c1c3c2498fa11fb3b19bd5
    Size: 25.19 MB
  9. containernetworking-plugins-debugsource-1.4.0-7.module+el8+1957+25af5e46.x86_64.rpm
    MD5: 24ed4acf4529e8ba0c9730e070504610
    SHA-256: 0614a28d32905acfb1aaa08514ca230b3fa9b93c6d90388ab66be97d89162cc6
    Size: 430.15 kB
  10. containers-common-1-82.module+el8+1957+25af5e46.x86_64.rpm
    MD5: 7e4c00bb2baa379a1c72004bc677c616
    SHA-256: 031dccc7f4e4404e498558442014332ed1af93ddc83dceeeeeb442210b73e6d6
    Size: 142.04 kB
  11. container-selinux-2.229.0-2.module+el8+1957+25af5e46.noarch.rpm
    MD5: 4cc5910de9065e5f61578c87cc050387
    SHA-256: 0e11240659ae518d8d365ae250cb906c0a0133f4ad41b0083adaabd253557661
    Size: 69.43 kB
  12. crit-3.18-5.module+el8+1957+25af5e46.x86_64.rpm
    MD5: 95fec706e2a0cbb5aa267aab3f38a152
    SHA-256: 20d096824253a0dde024cc11902b4b247148272a81b6c974f7e7e4463f16bb47
    Size: 22.12 kB
  13. criu-3.18-5.module+el8+1957+25af5e46.x86_64.rpm
    MD5: d3f2d926cdbcbabcbc7c83ecd56b707b
    SHA-256: e91b076d83bbe7652b28512d732e20ccd7549e2750a021ca7da9d43350ffb7ca
    Size: 563.11 kB
  14. criu-debugsource-3.18-5.module+el8+1957+25af5e46.x86_64.rpm
    MD5: 7bd293983ebb289551518aef35008e73
    SHA-256: f38f02fa7ee91e8023003ea59cb63d25c1085af414acc1e908b9b2d5f9fd472c
    Size: 729.84 kB
  15. criu-devel-3.18-5.module+el8+1957+25af5e46.x86_64.rpm
    MD5: af608b61b872fe88be3a15e23077d543
    SHA-256: 48ac0ce705cb3c745b2a6fcb4842b89ec6e160890417172327a2de52e1927e22
    Size: 28.23 kB
  16. criu-libs-3.18-5.module+el8+1957+25af5e46.x86_64.rpm
    MD5: 096fbc5e5fe7db4696180487cc9bd037
    SHA-256: e1b2a9634d0d8bdb7a566e9ffe340bc36bef32613ec2c83d3ce6d35f440a120e
    Size: 38.08 kB
  17. crun-1.14.3-2.module+el8+1957+25af5e46.x86_64.rpm
    MD5: d0c05b56b82e6852f9ca49f49c48f4a5
    SHA-256: b7797240c6badd7f6e3fb61fb21100e9ababbd5797cc29bf73c482325ae3b295
    Size: 256.51 kB
  18. crun-debugsource-1.14.3-2.module+el8+1957+25af5e46.x86_64.rpm
    MD5: 918dbb8b09cd634881286f556bbefb07
    SHA-256: cc567130aeabb467fbea947503f75c1f6960c9322be3704314668113378b98e7
    Size: 204.14 kB
  19. fuse-overlayfs-1.13-1.module+el8+1957+25af5e46.x86_64.rpm
    MD5: ae476ba97b51923ee71f9bd79f4405da
    SHA-256: 17d2d136a08220eb1e43d0e7c7da78f811d507a90d0b72629de1f252b35669b1
    Size: 68.72 kB
  20. fuse-overlayfs-debugsource-1.13-1.module+el8+1957+25af5e46.x86_64.rpm
    MD5: e33113e40d0e1caf749b2ab743846b2f
    SHA-256: 7309a9f9bdf297a1fcbe451c6cd0f196d2ea074f13bf2f2de9c0d815a519fd39
    Size: 55.61 kB
  21. libslirp-4.4.0-2.module+el8+1957+25af5e46.x86_64.rpm
    MD5: 3fbe0c8ce2de6dfa4194e8277136a0da
    SHA-256: 3abb87fe682db23ae25fe2fc9de2c8a851f9907226abb41321ef7cbce998eb3b
    Size: 69.26 kB
  22. libslirp-debugsource-4.4.0-2.module+el8+1957+25af5e46.x86_64.rpm
    MD5: 983f97e5dd611be690ec781703552694
    SHA-256: 22b3b27747b6ce4e5fa7de23d3f19f175b66f8c6793ad4c50d625f4aea2f7e63
    Size: 114.55 kB
  23. libslirp-devel-4.4.0-2.module+el8+1957+25af5e46.x86_64.rpm
    MD5: 2df43f2747f2fc6b61b739313721ce31
    SHA-256: 81d5942148a55c71464f874ba8d313b3283f40baf2bb9db5acf2a7ab7aab8918
    Size: 11.41 kB
  24. netavark-1.10.3-1.module+el8+1957+25af5e46.x86_64.rpm
    MD5: f516ef62afa5c40be479b45b3fffd2c3
    SHA-256: 9622609cc7a471e6889a0024fc91a16b0ecfb8b524fa8fe227815f88883c3265
    Size: 4.08 MB
  25. oci-seccomp-bpf-hook-1.2.10-1.module+el8+1957+25af5e46.x86_64.rpm
    MD5: 067518ba01c46eb2e2348ce54fd1dc20
    SHA-256: 3d14f35ad2d2b88877e0308780bba3a2c3489e475f50e4421a443fd3237af6a2
    Size: 1.28 MB
  26. oci-seccomp-bpf-hook-debugsource-1.2.10-1.module+el8+1957+25af5e46.x86_64.rpm
    MD5: 4062adfc297f89ae0979eb651aafef27
    SHA-256: a21218a5c11ff0ba2b0ff470b568d25d33c6975e550f9b7d136e8b9556e18669
    Size: 247.94 kB
  27. podman-4.9.4-28.module+el8+1957+25af5e46.x86_64.rpm
    MD5: 7cff5b51ca8b6980a94003b9b40c16f0
    SHA-256: 9e1fd78cc9221d944534988007f279e535c59a0439fddfe5122208db4c054af9
    Size: 16.90 MB
  28. podman-catatonit-4.9.4-28.module+el8+1957+25af5e46.x86_64.rpm
    MD5: 16163f4d394f93cdba1cafda323b24de
    SHA-256: 73a85b866ceb5c0906e402687a8ce77330e997259ce815be8b884f016c4eda00
    Size: 380.09 kB
  29. podman-debugsource-4.9.4-28.module+el8+1957+25af5e46.x86_64.rpm
    MD5: 36077fc1cef8be7c8f7bcd19903aadc7
    SHA-256: 48e14504040abed5753fdf204db7fc0d2d58930d1d35f58d62aee0ad007c8564
    Size: 9.29 MB
  30. podman-docker-4.9.4-28.module+el8+1957+25af5e46.noarch.rpm
    MD5: cfdd962a590584f876d572d16170869d
    SHA-256: b167183d244450a1f6a3855a774b6f0751c5e728dc8bb663f7bcfe7bac5c8cdf
    Size: 117.69 kB
  31. podman-gvproxy-4.9.4-28.module+el8+1957+25af5e46.x86_64.rpm
    MD5: 0c8d16d554d26431e195783738c8898e
    SHA-256: 0b37a57569a170acb47b6ddac869794d0cc859c7af68039fa154d5a473e74778
    Size: 4.27 MB
  32. podman-plugins-4.9.4-28.module+el8+1957+25af5e46.x86_64.rpm
    MD5: 74e602c52978d7f40cf4723b334b55bf
    SHA-256: 321bb7ba7a46adca0d89a5bb3ab32f22f8b0cafaaa64fdc4f46a02620892c53f
    Size: 1.52 MB
  33. podman-remote-4.9.4-28.module+el8+1957+25af5e46.x86_64.rpm
    MD5: 93231ad08538984c8a0a52085492de80
    SHA-256: 8a181b29feb2030b4540b7b6aedc292b4090f857e48ca5ef968907316f506d34
    Size: 10.92 MB
  34. podman-tests-4.9.4-28.module+el8+1957+25af5e46.x86_64.rpm
    MD5: 8d8302d0accfbe44d25d878fcb100e42
    SHA-256: 11cc41977f20ed5a991a5dc0d068568af4a41bc383397bb5d2ec998075c663c4
    Size: 269.94 kB
  35. python3-criu-3.18-5.module+el8+1957+25af5e46.x86_64.rpm
    MD5: f24dd392edb3a695ac8c71426d7e17c2
    SHA-256: de8aa924163bc215cf8f52b31b08f1d5f5f28236c470f77502da1629ffe8a68c
    Size: 177.28 kB
  36. python3-podman-4.9.0-3.module+el8+1957+25af5e46.noarch.rpm
    MD5: 587139eb48dde9e2403993db95472fe5
    SHA-256: 371dd907920743ec3943ae9ce44c6086e20f04a2c9d075b73ddeb2ac56c750a8
    Size: 155.53 kB
  37. runc-1.2.9-3.module+el8+1957+25af5e46.x86_64.rpm
    MD5: c3aa9fa8b5a5821fdae4d6850cac2672
    SHA-256: 15ab2ff6cdbcf8de4613c84a60aa5e791753343aef104f1b5dc96d132ae46d3b
    Size: 3.85 MB
  38. runc-debugsource-1.2.9-3.module+el8+1957+25af5e46.x86_64.rpm
    MD5: 16292225feff0f3379b3582cdc3a3523
    SHA-256: 7b4e817bdc3ad2edb675b9d19b807a0e9811a5afba7f0e9b37bc309be892b6c8
    Size: 1.03 MB
  39. skopeo-1.14.5-6.module+el8+1957+25af5e46.x86_64.rpm
    MD5: 2924fe27ecdba1485c21fc90fd5f5078
    SHA-256: d9a25fe6c80afbc24330f5d2952e3b72a2824f991ad747aee871ca610db16afc
    Size: 9.40 MB
  40. skopeo-tests-1.14.5-6.module+el8+1957+25af5e46.x86_64.rpm
    MD5: ceaa8e0dd2d99db5545df180bbe12b7f
    SHA-256: e0268200b438189837c7399c88cd821d8c65e5b954adefb30d353cf61d7b0dce
    Size: 785.70 kB
  41. slirp4netns-1.2.3-1.module+el8+1957+25af5e46.x86_64.rpm
    MD5: 33027fd3065743e93de3a9ec36e6adc5
    SHA-256: 83b2771e0060d8b6220b6eaa4c88d46bf2ea5593f04732b36b26d0668797afd7
    Size: 54.92 kB
  42. slirp4netns-debugsource-1.2.3-1.module+el8+1957+25af5e46.x86_64.rpm
    MD5: ff32061eaa7384b3559b6fd2370e4ac7
    SHA-256: 6b6e4c785938ef039fee3bb493941c0c6836c3663c6342a1185212551477604c
    Size: 43.73 kB
  43. toolbox-0.0.99.5.1-1.module+el8+1957+25af5e46.x86_64.rpm
    MD5: 0385c520d87996108aadb67dd13510e2
    SHA-256: 1507003b02cc8a9bce285ce6641df65137999bf29953854c0a17460dbc9c9558
    Size: 3.01 MB
  44. toolbox-debugsource-0.0.99.5.1-1.module+el8+1957+25af5e46.x86_64.rpm
    MD5: 753113e215884f2c36c46745f767b060
    SHA-256: d538f81618856e6d41fd801abdfb3fd1e624b23f1c1387d05493b14e8e01a50f
    Size: 572.66 kB
  45. toolbox-tests-0.0.99.5.1-1.module+el8+1957+25af5e46.x86_64.rpm
    MD5: e8b14ac11f526bd5d792bdd02e497f7f
    SHA-256: 9c0b54782dac85c35341e8a3a90ab8bf70eb6a091a62d0a5dad74971255b9a7e
    Size: 43.96 kB
  46. udica-0.2.6-21.module+el8+1957+25af5e46.noarch.rpm
    MD5: 19e07e492eacc1e806ac8d710c9e58c0
    SHA-256: bc75db8d60702aaab775a2d25a3dd63b2f3364013400ab0b43d7ae3b3aff8766
    Size: 48.26 kB