[Apollo] Advisories Statistics light light Login

RLSA-2024:8038

Security Mirrored from RHSA-2024:8038
Issued at: 2024-10-25
Updated at: 2024-10-25

Synopsis

Important: container-tools:rhel8 security update



Description

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.

Security Fix(es):

* golang: net/http: golang: mime/multipart: golang: net/textproto: memory exhaustion in Request.ParseMultipartForm (CVE-2023-45290)

* go/parser: golang: Calling any of the Parse functions containing deeply nested literals can cause a panic/stack exhaustion (CVE-2024-34155)

* encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)

* go/build/constraint: golang: Calling Parse on a "// +build" build tag line with deeply nested expressions can cause a panic due to stack exhaustion (CVE-2024-34158)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 8 aarch64 Rocky Linux 8 x86_64

Fixes

2268017 2310527 2310528 2310529

CVEs

CVE-2023-45290 CVE-2024-34155 CVE-2024-34156 CVE-2024-34158

Affected packages

Rocky Linux 8 aarch64 - AppStream

aardvark-dns-2:1.10.1-2.module+el8.10.0+1874+ce489889.aarch64.rpm aardvark-dns-2:1.10.1-2.module+el8.10.0+1874+ce489889.src.rpm buildah-2:1.33.8-4.module+el8.10.0+1843+6892ab28.aarch64.rpm buildah-2:1.33.8-4.module+el8.10.0+1843+6892ab28.src.rpm buildah-debuginfo-2:1.33.8-4.module+el8.10.0+1843+6892ab28.aarch64.rpm buildah-debugsource-2:1.33.8-4.module+el8.10.0+1843+6892ab28.aarch64.rpm buildah-tests-2:1.33.8-4.module+el8.10.0+1843+6892ab28.aarch64.rpm buildah-tests-debuginfo-2:1.33.8-4.module+el8.10.0+1843+6892ab28.aarch64.rpm cockpit-podman-0:84.1-1.module+el8.10.0+1815+5fe7415e.noarch.rpm cockpit-podman-0:84.1-1.module+el8.10.0+1815+5fe7415e.src.rpm conmon-3:2.1.10-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm conmon-3:2.1.10-1.module+el8.10.0+1815+5fe7415e.src.rpm conmon-debuginfo-3:2.1.10-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm conmon-debugsource-3:2.1.10-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm containernetworking-plugins-1:1.4.0-5.module+el8.10.0+1843+6892ab28.aarch64.rpm containernetworking-plugins-1:1.4.0-5.module+el8.10.0+1843+6892ab28.src.rpm containernetworking-plugins-debuginfo-1:1.4.0-5.module+el8.10.0+1843+6892ab28.aarch64.rpm containernetworking-plugins-debugsource-1:1.4.0-5.module+el8.10.0+1843+6892ab28.aarch64.rpm containers-common-2:1-82.module+el8.10.0+1843+6892ab28.aarch64.rpm containers-common-2:1-82.module+el8.10.0+1843+6892ab28.src.rpm container-selinux-2:2.229.0-2.module+el8.10.0+1815+5fe7415e.noarch.rpm container-selinux-2:2.229.0-2.module+el8.10.0+1815+5fe7415e.src.rpm crit-0:3.18-5.module+el8.10.0+1815+5fe7415e.aarch64.rpm criu-0:3.18-5.module+el8.10.0+1815+5fe7415e.aarch64.rpm criu-0:3.18-5.module+el8.10.0+1815+5fe7415e.src.rpm criu-debuginfo-0:3.18-5.module+el8.10.0+1815+5fe7415e.aarch64.rpm criu-debugsource-0:3.18-5.module+el8.10.0+1815+5fe7415e.aarch64.rpm criu-devel-0:3.18-5.module+el8.10.0+1815+5fe7415e.aarch64.rpm criu-libs-0:3.18-5.module+el8.10.0+1815+5fe7415e.aarch64.rpm criu-libs-debuginfo-0:3.18-5.module+el8.10.0+1815+5fe7415e.aarch64.rpm crun-0:1.14.3-2.module+el8.10.0+1815+5fe7415e.aarch64.rpm crun-0:1.14.3-2.module+el8.10.0+1815+5fe7415e.src.rpm crun-debuginfo-0:1.14.3-2.module+el8.10.0+1815+5fe7415e.aarch64.rpm crun-debugsource-0:1.14.3-2.module+el8.10.0+1815+5fe7415e.aarch64.rpm fuse-overlayfs-0:1.13-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm fuse-overlayfs-0:1.13-1.module+el8.10.0+1815+5fe7415e.src.rpm fuse-overlayfs-debuginfo-0:1.13-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm fuse-overlayfs-debugsource-0:1.13-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm libslirp-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.aarch64.rpm libslirp-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.src.rpm libslirp-debuginfo-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.aarch64.rpm libslirp-debugsource-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.aarch64.rpm libslirp-devel-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.aarch64.rpm netavark-2:1.10.3-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm netavark-2:1.10.3-1.module+el8.10.0+1815+5fe7415e.src.rpm oci-seccomp-bpf-hook-0:1.2.10-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm oci-seccomp-bpf-hook-0:1.2.10-1.module+el8.10.0+1815+5fe7415e.src.rpm oci-seccomp-bpf-hook-debuginfo-0:1.2.10-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm oci-seccomp-bpf-hook-debugsource-0:1.2.10-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm podman-4:4.9.4-13.module+el8.10.0+1871+e6fa1069.aarch64.rpm podman-4:4.9.4-13.module+el8.10.0+1871+e6fa1069.src.rpm podman-catatonit-4:4.9.4-13.module+el8.10.0+1871+e6fa1069.aarch64.rpm podman-catatonit-debuginfo-4:4.9.4-13.module+el8.10.0+1871+e6fa1069.aarch64.rpm podman-debuginfo-4:4.9.4-13.module+el8.10.0+1871+e6fa1069.aarch64.rpm podman-debugsource-4:4.9.4-13.module+el8.10.0+1871+e6fa1069.aarch64.rpm podman-docker-4:4.9.4-13.module+el8.10.0+1871+e6fa1069.noarch.rpm podman-gvproxy-4:4.9.4-13.module+el8.10.0+1871+e6fa1069.aarch64.rpm podman-gvproxy-debuginfo-4:4.9.4-13.module+el8.10.0+1871+e6fa1069.aarch64.rpm podman-plugins-4:4.9.4-13.module+el8.10.0+1871+e6fa1069.aarch64.rpm podman-plugins-debuginfo-4:4.9.4-13.module+el8.10.0+1871+e6fa1069.aarch64.rpm podman-remote-4:4.9.4-13.module+el8.10.0+1871+e6fa1069.aarch64.rpm podman-remote-debuginfo-4:4.9.4-13.module+el8.10.0+1871+e6fa1069.aarch64.rpm podman-tests-4:4.9.4-13.module+el8.10.0+1871+e6fa1069.aarch64.rpm python3-criu-0:3.18-5.module+el8.10.0+1815+5fe7415e.aarch64.rpm python3-podman-0:4.9.0-2.module+el8.10.0+1843+6892ab28.noarch.rpm python-podman-0:4.9.0-2.module+el8.10.0+1843+6892ab28.src.rpm runc-1:1.1.12-5.module+el8.10.0+1874+ce489889.aarch64.rpm runc-1:1.1.12-5.module+el8.10.0+1874+ce489889.src.rpm runc-debuginfo-1:1.1.12-5.module+el8.10.0+1874+ce489889.aarch64.rpm runc-debugsource-1:1.1.12-5.module+el8.10.0+1874+ce489889.aarch64.rpm skopeo-2:1.14.5-3.module+el8.10.0+1843+6892ab28.aarch64.rpm skopeo-2:1.14.5-3.module+el8.10.0+1843+6892ab28.src.rpm skopeo-tests-2:1.14.5-3.module+el8.10.0+1843+6892ab28.aarch64.rpm slirp4netns-0:1.2.3-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm slirp4netns-0:1.2.3-1.module+el8.10.0+1815+5fe7415e.src.rpm slirp4netns-debuginfo-0:1.2.3-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm slirp4netns-debugsource-0:1.2.3-1.module+el8.10.0+1815+5fe7415e.aarch64.rpm toolbox-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.aarch64.rpm toolbox-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.src.rpm toolbox-debuginfo-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.aarch64.rpm toolbox-debugsource-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.aarch64.rpm toolbox-tests-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.aarch64.rpm udica-0:0.2.6-21.module+el8.10.0+1815+5fe7415e.noarch.rpm udica-0:0.2.6-21.module+el8.10.0+1815+5fe7415e.src.rpm

Rocky Linux 8 x86_64 - AppStream

aardvark-dns-2:1.10.1-2.module+el8.10.0+1874+ce489889.src.rpm aardvark-dns-2:1.10.1-2.module+el8.10.0+1874+ce489889.x86_64.rpm buildah-2:1.33.8-4.module+el8.10.0+1843+6892ab28.src.rpm buildah-2:1.33.8-4.module+el8.10.0+1843+6892ab28.x86_64.rpm buildah-debuginfo-2:1.33.8-4.module+el8.10.0+1843+6892ab28.x86_64.rpm buildah-debugsource-2:1.33.8-4.module+el8.10.0+1843+6892ab28.x86_64.rpm buildah-tests-2:1.33.8-4.module+el8.10.0+1843+6892ab28.x86_64.rpm buildah-tests-debuginfo-2:1.33.8-4.module+el8.10.0+1843+6892ab28.x86_64.rpm cockpit-podman-0:84.1-1.module+el8.10.0+1815+5fe7415e.noarch.rpm cockpit-podman-0:84.1-1.module+el8.10.0+1815+5fe7415e.src.rpm conmon-3:2.1.10-1.module+el8.10.0+1815+5fe7415e.src.rpm conmon-3:2.1.10-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm conmon-debuginfo-3:2.1.10-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm conmon-debugsource-3:2.1.10-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm containernetworking-plugins-1:1.4.0-5.module+el8.10.0+1843+6892ab28.src.rpm containernetworking-plugins-1:1.4.0-5.module+el8.10.0+1843+6892ab28.x86_64.rpm containernetworking-plugins-debuginfo-1:1.4.0-5.module+el8.10.0+1843+6892ab28.x86_64.rpm containernetworking-plugins-debugsource-1:1.4.0-5.module+el8.10.0+1843+6892ab28.x86_64.rpm containers-common-2:1-82.module+el8.10.0+1843+6892ab28.src.rpm containers-common-2:1-82.module+el8.10.0+1843+6892ab28.x86_64.rpm container-selinux-2:2.229.0-2.module+el8.10.0+1815+5fe7415e.noarch.rpm container-selinux-2:2.229.0-2.module+el8.10.0+1815+5fe7415e.src.rpm crit-0:3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm criu-0:3.18-5.module+el8.10.0+1815+5fe7415e.src.rpm criu-0:3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm criu-debuginfo-0:3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm criu-debugsource-0:3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm criu-devel-0:3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm criu-libs-0:3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm criu-libs-debuginfo-0:3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm crun-0:1.14.3-2.module+el8.10.0+1815+5fe7415e.src.rpm crun-0:1.14.3-2.module+el8.10.0+1815+5fe7415e.x86_64.rpm crun-debuginfo-0:1.14.3-2.module+el8.10.0+1815+5fe7415e.x86_64.rpm crun-debugsource-0:1.14.3-2.module+el8.10.0+1815+5fe7415e.x86_64.rpm fuse-overlayfs-0:1.13-1.module+el8.10.0+1815+5fe7415e.src.rpm fuse-overlayfs-0:1.13-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm fuse-overlayfs-debuginfo-0:1.13-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm fuse-overlayfs-debugsource-0:1.13-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm libslirp-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.src.rpm libslirp-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.x86_64.rpm libslirp-debuginfo-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.x86_64.rpm libslirp-debugsource-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.x86_64.rpm libslirp-devel-0:4.4.0-2.module+el8.10.0+1815+5fe7415e.x86_64.rpm netavark-2:1.10.3-1.module+el8.10.0+1815+5fe7415e.src.rpm netavark-2:1.10.3-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm oci-seccomp-bpf-hook-0:1.2.10-1.module+el8.10.0+1815+5fe7415e.src.rpm oci-seccomp-bpf-hook-0:1.2.10-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm podman-remote-4:4.9.4-13.module+el8.10.0+1871+e6fa1069.x86_64.rpm oci-seccomp-bpf-hook-debuginfo-0:1.2.10-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm oci-seccomp-bpf-hook-debugsource-0:1.2.10-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm podman-4:4.9.4-13.module+el8.10.0+1871+e6fa1069.src.rpm podman-4:4.9.4-13.module+el8.10.0+1871+e6fa1069.x86_64.rpm podman-catatonit-4:4.9.4-13.module+el8.10.0+1871+e6fa1069.x86_64.rpm podman-catatonit-debuginfo-4:4.9.4-13.module+el8.10.0+1871+e6fa1069.x86_64.rpm podman-debuginfo-4:4.9.4-13.module+el8.10.0+1871+e6fa1069.x86_64.rpm podman-debugsource-4:4.9.4-13.module+el8.10.0+1871+e6fa1069.x86_64.rpm podman-docker-4:4.9.4-13.module+el8.10.0+1871+e6fa1069.noarch.rpm podman-gvproxy-4:4.9.4-13.module+el8.10.0+1871+e6fa1069.x86_64.rpm podman-gvproxy-debuginfo-4:4.9.4-13.module+el8.10.0+1871+e6fa1069.x86_64.rpm podman-plugins-4:4.9.4-13.module+el8.10.0+1871+e6fa1069.x86_64.rpm podman-plugins-debuginfo-4:4.9.4-13.module+el8.10.0+1871+e6fa1069.x86_64.rpm podman-remote-debuginfo-4:4.9.4-13.module+el8.10.0+1871+e6fa1069.x86_64.rpm podman-tests-4:4.9.4-13.module+el8.10.0+1871+e6fa1069.x86_64.rpm python3-criu-0:3.18-5.module+el8.10.0+1815+5fe7415e.x86_64.rpm python3-podman-0:4.9.0-2.module+el8.10.0+1843+6892ab28.noarch.rpm python-podman-0:4.9.0-2.module+el8.10.0+1843+6892ab28.src.rpm runc-1:1.1.12-5.module+el8.10.0+1874+ce489889.src.rpm runc-1:1.1.12-5.module+el8.10.0+1874+ce489889.x86_64.rpm runc-debuginfo-1:1.1.12-5.module+el8.10.0+1874+ce489889.x86_64.rpm runc-debugsource-1:1.1.12-5.module+el8.10.0+1874+ce489889.x86_64.rpm skopeo-2:1.14.5-3.module+el8.10.0+1843+6892ab28.src.rpm skopeo-2:1.14.5-3.module+el8.10.0+1843+6892ab28.x86_64.rpm skopeo-tests-2:1.14.5-3.module+el8.10.0+1843+6892ab28.x86_64.rpm slirp4netns-0:1.2.3-1.module+el8.10.0+1815+5fe7415e.src.rpm slirp4netns-0:1.2.3-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm slirp4netns-debuginfo-0:1.2.3-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm slirp4netns-debugsource-0:1.2.3-1.module+el8.10.0+1815+5fe7415e.x86_64.rpm toolbox-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.src.rpm toolbox-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.x86_64.rpm toolbox-debuginfo-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.x86_64.rpm toolbox-debugsource-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.x86_64.rpm toolbox-tests-0:0.0.99.5-2.module+el8.10.0+1815+5fe7415e.rocky.0.2.rocky.0.2.x86_64.rpm udica-0:0.2.6-21.module+el8.10.0+1815+5fe7415e.noarch.rpm udica-0:0.2.6-21.module+el8.10.0+1815+5fe7415e.src.rpm