[Apollo] Advisories Statistics light light Login

RLSA-2024:5258

Security Mirrored from RHSA-2024:5258
Issued at: 2024-08-21
Updated at: 2024-08-21

Synopsis

Important: container-tools:rhel8 security update



Description

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.

Security Fix(es):

* golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads (CVE-2024-1394)

* golang: net/http: memory exhaustion in Request.ParseMultipartForm (CVE-2023-45290)

* golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm (CVE-2024-24783)

* golang: net/mail: comments in display names are incorrectly handled (CVE-2024-24784)

* containers/image: digest type does not guarantee valid type (CVE-2024-3727)

* golang: archive/zip: Incorrect handling of certain ZIP files (CVE-2024-24789)

* go-retryablehttp: url might write sensitive information to log file (CVE-2024-6104)

* gorilla/schema: Potential memory exhaustion attack due to sparse slice deserialization (CVE-2024-37298)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 8 aarch64 Rocky Linux 8 x86_64

Fixes

2262921 2268017 2268019 2268021 2274767 2292668 2294000 2295010

CVEs

CVE-2023-45290 CVE-2024-1394 CVE-2024-24783 CVE-2024-24784 CVE-2024-24789 CVE-2024-3727 CVE-2024-37298 CVE-2024-6104

Affected packages

Rocky Linux 8 aarch64 - AppStream

aardvark-dns-2:1.10.0-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm aardvark-dns-2:1.10.0-1.module+el8.10.0+1815+5fe7415e.src.rpm buildah-2:1.33.8-4.module+el8.10.0+1843+6892ab28.aarch64.rpm buildah-2:1.33.8-4.module+el8.10.0+1843+6892ab28.src.rpm buildah-debuginfo-2:1.33.8-4.module+el8.10.0+1843+6892ab28.aarch64.rpm buildah-debugsource-2:1.33.8-4.module+el8.10.0+1843+6892ab28.aarch64.rpm buildah-tests-2:1.33.8-4.module+el8.10.0+1843+6892ab28.aarch64.rpm buildah-tests-debuginfo-2:1.33.8-4.module+el8.10.0+1843+6892ab28.aarch64.rpm cockpit-podman-0:84.1-1.module+el8.10.0+1815+5fe7415e.noarch.rpm cockpit-podman-0:84.1-1.module+el8.10.0+1815+5fe7415e.src.rpm conmon-3:2.1.10-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm conmon-3:2.1.10-1.module+el8.10.0+1815+5fe7415e.src.rpm conmon-debuginfo-3:2.1.10-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm conmon-debugsource-3:2.1.10-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm containernetworking-plugins-1:1.4.0-5.module+el8.10.0+1843+6892ab28.aarch64.rpm containernetworking-plugins-1:1.4.0-5.module+el8.10.0+1843+6892ab28.src.rpm containernetworking-plugins-debuginfo-1:1.4.0-5.module+el8.10.0+1843+6892ab28.aarch64.rpm containernetworking-plugins-debugsource-1:1.4.0-5.module+el8.10.0+1843+6892ab28.aarch64.rpm containers-common-2:1-82.module+el8.10.0+1843+6892ab28.aarch64.rpm containers-common-2:1-82.module+el8.10.0+1843+6892ab28.src.rpm container-selinux-2:2.229.0-2.module+el8.10.0+1815+5fe7415e.noarch.rpm container-selinux-2:2.229.0-2.module+el8.10.0+1815+5fe7415e.src.rpm crit-0:3.18-5.module+el8.10.0+1815+5fe7415e.aarch64.rpm criu-0:3.18-5.module+el8.10.0+1815+5fe7415e.aarch64.rpm criu-0:3.18-5.module+el8.10.0+1815+5fe7415e.src.rpm criu-debuginfo-0:3.18-5.module+el8.10.0+1815+5fe7415e.aarch64.rpm criu-debugsource-0:3.18-5.module+el8.10.0+1815+5fe7415e.aarch64.rpm criu-devel-0:3.18-5.module+el8.10.0+1815+5fe7415e.aarch64.rpm criu-libs-0:3.18-5.module+el8.10.0+1815+5fe7415e.aarch64.rpm criu-libs-debuginfo-0:3.18-5.module+el8.10.0+1815+5fe7415e.aarch64.rpm crun-0:1.14.3-2.module+el8.10.0+1815+5fe7415e.aarch64.rpm crun-0:1.14.3-2.module+el8.10.0+1815+5fe7415e.src.rpm crun-debuginfo-0:1.14.3-2.module+el8.10.0+1815+5fe7415e.aarch64.rpm crun-debugsource-0:1.14.3-2.module+el8.10.0+1815+5fe7415e.aarch64.rpm fuse-overlayfs-0:1.13-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm fuse-overlayfs-0:1.13-1.module+el8.10.0+1815+5fe7415e.src.rpm fuse-overlayfs-debuginfo-0:1.13-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm fuse-overlayfs-debugsource-0:1.13-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm libslirp-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.aarch64.rpm libslirp-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.src.rpm libslirp-debuginfo-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.aarch64.rpm libslirp-debugsource-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.aarch64.rpm libslirp-devel-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.aarch64.rpm netavark-2:1.10.3-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm netavark-2:1.10.3-1.module+el8.10.0+1815+5fe7415e.src.rpm oci-seccomp-bpf-hook-0:1.2.10-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm oci-seccomp-bpf-hook-0:1.2.10-1.module+el8.10.0+1815+5fe7415e.src.rpm oci-seccomp-bpf-hook-debuginfo-0:1.2.10-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm oci-seccomp-bpf-hook-debugsource-0:1.2.10-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm podman-4:4.9.4-12.module+el8.10.0+1843+6892ab28.aarch64.rpm podman-4:4.9.4-12.module+el8.10.0+1843+6892ab28.src.rpm podman-catatonit-4:4.9.4-12.module+el8.10.0+1843+6892ab28.aarch64.rpm podman-catatonit-debuginfo-4:4.9.4-12.module+el8.10.0+1843+6892ab28.aarch64.rpm podman-debuginfo-4:4.9.4-12.module+el8.10.0+1843+6892ab28.aarch64.rpm podman-debugsource-4:4.9.4-12.module+el8.10.0+1843+6892ab28.aarch64.rpm podman-docker-4:4.9.4-12.module+el8.10.0+1843+6892ab28.noarch.rpm podman-gvproxy-4:4.9.4-12.module+el8.10.0+1843+6892ab28.aarch64.rpm podman-gvproxy-debuginfo-4:4.9.4-12.module+el8.10.0+1843+6892ab28.aarch64.rpm podman-plugins-4:4.9.4-12.module+el8.10.0+1843+6892ab28.aarch64.rpm podman-plugins-debuginfo-4:4.9.4-12.module+el8.10.0+1843+6892ab28.aarch64.rpm podman-remote-4:4.9.4-12.module+el8.10.0+1843+6892ab28.aarch64.rpm podman-remote-debuginfo-4:4.9.4-12.module+el8.10.0+1843+6892ab28.aarch64.rpm podman-tests-4:4.9.4-12.module+el8.10.0+1843+6892ab28.aarch64.rpm python3-criu-0:3.18-5.module+el8.10.0+1815+5fe7415e.aarch64.rpm python3-podman-0:4.9.0-2.module+el8.10.0+1843+6892ab28.noarch.rpm python-podman-0:4.9.0-2.module+el8.10.0+1843+6892ab28.src.rpm runc-1:1.1.12-4.module+el8.10.0+1843+6892ab28.aarch64.rpm runc-1:1.1.12-4.module+el8.10.0+1843+6892ab28.src.rpm runc-debuginfo-1:1.1.12-4.module+el8.10.0+1843+6892ab28.aarch64.rpm runc-debugsource-1:1.1.12-4.module+el8.10.0+1843+6892ab28.aarch64.rpm skopeo-2:1.14.5-3.module+el8.10.0+1843+6892ab28.aarch64.rpm skopeo-2:1.14.5-3.module+el8.10.0+1843+6892ab28.src.rpm skopeo-tests-2:1.14.5-3.module+el8.10.0+1843+6892ab28.aarch64.rpm slirp4netns-0:1.2.3-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm slirp4netns-0:1.2.3-1.module+el8.10.0+1815+5fe7415e.src.rpm slirp4netns-debuginfo-0:1.2.3-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm slirp4netns-debugsource-0:1.2.3-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm toolbox-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.aarch64.rpm toolbox-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.src.rpm toolbox-debuginfo-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.aarch64.rpm toolbox-debugsource-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.aarch64.rpm toolbox-tests-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.aarch64.rpm udica-0:0.2.6-21.module+el8.10.0+1815+5fe7415e.noarch.rpm udica-0:0.2.6-21.module+el8.10.0+1815+5fe7415e.src.rpm

Rocky Linux 8 x86_64 - AppStream

aardvark-dns-2:1.10.0-1.module+el8.10.0+1815+5fe7415e.src.rpm aardvark-dns-2:1.10.0-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm buildah-2:1.33.8-4.module+el8.10.0+1843+6892ab28.src.rpm buildah-2:1.33.8-4.module+el8.10.0+1843+6892ab28.x86_64.rpm buildah-debuginfo-2:1.33.8-4.module+el8.10.0+1843+6892ab28.x86_64.rpm buildah-debugsource-2:1.33.8-4.module+el8.10.0+1843+6892ab28.x86_64.rpm buildah-tests-2:1.33.8-4.module+el8.10.0+1843+6892ab28.x86_64.rpm buildah-tests-debuginfo-2:1.33.8-4.module+el8.10.0+1843+6892ab28.x86_64.rpm cockpit-podman-0:84.1-1.module+el8.10.0+1815+5fe7415e.noarch.rpm cockpit-podman-0:84.1-1.module+el8.10.0+1815+5fe7415e.src.rpm conmon-3:2.1.10-1.module+el8.10.0+1815+5fe7415e.src.rpm conmon-3:2.1.10-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm conmon-debuginfo-3:2.1.10-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm conmon-debugsource-3:2.1.10-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm containernetworking-plugins-1:1.4.0-5.module+el8.10.0+1843+6892ab28.src.rpm containernetworking-plugins-1:1.4.0-5.module+el8.10.0+1843+6892ab28.x86_64.rpm containernetworking-plugins-debuginfo-1:1.4.0-5.module+el8.10.0+1843+6892ab28.x86_64.rpm containernetworking-plugins-debugsource-1:1.4.0-5.module+el8.10.0+1843+6892ab28.x86_64.rpm containers-common-2:1-82.module+el8.10.0+1843+6892ab28.src.rpm containers-common-2:1-82.module+el8.10.0+1843+6892ab28.x86_64.rpm container-selinux-2:2.229.0-2.module+el8.10.0+1815+5fe7415e.noarch.rpm container-selinux-2:2.229.0-2.module+el8.10.0+1815+5fe7415e.src.rpm crit-0:3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm criu-0:3.18-5.module+el8.10.0+1815+5fe7415e.src.rpm criu-0:3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm criu-debuginfo-0:3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm criu-debugsource-0:3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm criu-devel-0:3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm criu-libs-0:3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm criu-libs-debuginfo-0:3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm crun-0:1.14.3-2.module+el8.10.0+1815+5fe7415e.src.rpm crun-0:1.14.3-2.module+el8.10.0+1815+5fe7415e.x86_64.rpm crun-debuginfo-0:1.14.3-2.module+el8.10.0+1815+5fe7415e.x86_64.rpm crun-debugsource-0:1.14.3-2.module+el8.10.0+1815+5fe7415e.x86_64.rpm fuse-overlayfs-0:1.13-1.module+el8.10.0+1815+5fe7415e.src.rpm fuse-overlayfs-0:1.13-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm fuse-overlayfs-debuginfo-0:1.13-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm fuse-overlayfs-debugsource-0:1.13-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm libslirp-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.src.rpm libslirp-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.x86_64.rpm libslirp-debuginfo-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.x86_64.rpm libslirp-debugsource-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.x86_64.rpm libslirp-devel-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.x86_64.rpm netavark-2:1.10.3-1.module+el8.10.0+1815+5fe7415e.src.rpm netavark-2:1.10.3-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm oci-seccomp-bpf-hook-0:1.2.10-1.module+el8.10.0+1815+5fe7415e.src.rpm oci-seccomp-bpf-hook-0:1.2.10-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm oci-seccomp-bpf-hook-debuginfo-0:1.2.10-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm oci-seccomp-bpf-hook-debugsource-0:1.2.10-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm podman-4:4.9.4-12.module+el8.10.0+1843+6892ab28.src.rpm podman-4:4.9.4-12.module+el8.10.0+1843+6892ab28.x86_64.rpm podman-catatonit-4:4.9.4-12.module+el8.10.0+1843+6892ab28.x86_64.rpm podman-catatonit-debuginfo-4:4.9.4-12.module+el8.10.0+1843+6892ab28.x86_64.rpm podman-debuginfo-4:4.9.4-12.module+el8.10.0+1843+6892ab28.x86_64.rpm podman-debugsource-4:4.9.4-12.module+el8.10.0+1843+6892ab28.x86_64.rpm podman-docker-4:4.9.4-12.module+el8.10.0+1843+6892ab28.noarch.rpm podman-gvproxy-4:4.9.4-12.module+el8.10.0+1843+6892ab28.x86_64.rpm podman-gvproxy-debuginfo-4:4.9.4-12.module+el8.10.0+1843+6892ab28.x86_64.rpm podman-plugins-4:4.9.4-12.module+el8.10.0+1843+6892ab28.x86_64.rpm podman-plugins-debuginfo-4:4.9.4-12.module+el8.10.0+1843+6892ab28.x86_64.rpm podman-remote-4:4.9.4-12.module+el8.10.0+1843+6892ab28.x86_64.rpm podman-remote-debuginfo-4:4.9.4-12.module+el8.10.0+1843+6892ab28.x86_64.rpm podman-tests-4:4.9.4-12.module+el8.10.0+1843+6892ab28.x86_64.rpm python3-criu-0:3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm python3-podman-0:4.9.0-2.module+el8.10.0+1843+6892ab28.noarch.rpm python-podman-0:4.9.0-2.module+el8.10.0+1843+6892ab28.src.rpm runc-1:1.1.12-4.module+el8.10.0+1843+6892ab28.src.rpm runc-1:1.1.12-4.module+el8.10.0+1843+6892ab28.x86_64.rpm runc-debuginfo-1:1.1.12-4.module+el8.10.0+1843+6892ab28.x86_64.rpm runc-debugsource-1:1.1.12-4.module+el8.10.0+1843+6892ab28.x86_64.rpm skopeo-2:1.14.5-3.module+el8.10.0+1843+6892ab28.src.rpm skopeo-2:1.14.5-3.module+el8.10.0+1843+6892ab28.x86_64.rpm skopeo-tests-2:1.14.5-3.module+el8.10.0+1843+6892ab28.x86_64.rpm slirp4netns-0:1.2.3-1.module+el8.10.0+1815+5fe7415e.src.rpm slirp4netns-0:1.2.3-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm slirp4netns-debuginfo-0:1.2.3-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm slirp4netns-debugsource-0:1.2.3-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm toolbox-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.src.rpm toolbox-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.x86_64.rpm toolbox-debuginfo-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.x86_64.rpm toolbox-debugsource-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.x86_64.rpm toolbox-tests-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.x86_64.rpm udica-0:0.2.6-21.module+el8.10.0+1815+5fe7415e.noarch.rpm udica-0:0.2.6-21.module+el8.10.0+1815+5fe7415e.src.rpm