Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2020-14370 (GCVE-0-2020-14370)
Vulnerability from cvelistv5 – Published: 2020-09-23 00:00 – Updated: 2024-08-04 12:46
VLAI?
EPSS
Summary
An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.
Severity ?
No CVSS data available.
CWE
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T12:46:33.326Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1874268"
},
{
"name": "FEDORA-2020-76fcd0ba34",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G6BPCZX4ASKNONL3MSCK564IVXNYSKLP/"
},
{
"name": "FEDORA-2020-7b6058fec9",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y74V7HGQBNLT6XECCSNZNFZIB7G7XSAR/"
},
{
"name": "FEDORA-2020-3a4b8fca5e",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z4Y2FSGQWP4AFT5AZ6UBN6RKHVXUBRFV/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "podman",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "podman versions before 2.0.5"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables."
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-212",
"description": "CWE-212",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2022-10-07T00:00:00",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1874268"
},
{
"name": "FEDORA-2020-76fcd0ba34",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G6BPCZX4ASKNONL3MSCK564IVXNYSKLP/"
},
{
"name": "FEDORA-2020-7b6058fec9",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y74V7HGQBNLT6XECCSNZNFZIB7G7XSAR/"
},
{
"name": "FEDORA-2020-3a4b8fca5e",
"tags": [
"vendor-advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z4Y2FSGQWP4AFT5AZ6UBN6RKHVXUBRFV/"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2020-14370",
"datePublished": "2020-09-23T00:00:00",
"dateReserved": "2020-06-17T00:00:00",
"dateUpdated": "2024-08-04T12:46:33.326Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:podman_project:podman:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"2.0.5\", \"matchCriteriaId\": \"4DABB4A8-CEC4-4DDF-BE1F-DDCDAC501A1E\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openshift_container_platform:4.6:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6B62E762-2878-455A-93C9-A5DB430D7BB5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F4CFF558-3C47-480D-A2F0-BABF26042943\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"80F0FA5D-8D3B-4C0E-81E2-87998286AF33\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"36D96259-24BD-44E2-96D9-78CE1D41F956\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E460AA51-FCDA-46B9-AE97-E6676AA5E194\"}]}]}]",
"descriptions": "[{\"lang\": \"en\", \"value\": \"An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.\"}, {\"lang\": \"es\", \"value\": \"Se encontr\\u00f3 una vulnerabilidad de divulgaci\\u00f3n de informaci\\u00f3n en containers/podman en versiones anteriores a 2.0.5.\u0026#xa0;Cuando se usa la API Varlink obsoleta o la API REST compatible con Docker, si son creados varios contenedores en un per\\u00edodo corto, las variables de entorno desde el primer contenedor son filtradas hacia los contenedores posteriores.\u0026#xa0;Un atacante que tenga control sobre los contenedores posteriores podr\\u00eda usar este fallo para conseguir acceso a informaci\\u00f3n confidencial almacenada en tales variables\"}]",
"id": "CVE-2020-14370",
"lastModified": "2024-11-21T05:03:06.747",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"exploitabilityScore\": 1.6, \"impactScore\": 3.6}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:S/C:P/I:N/A:N\", \"baseScore\": 4.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"SINGLE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"NONE\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 8.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
"published": "2020-09-23T13:15:15.563",
"references": "[{\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1874268\", \"source\": \"secalert@redhat.com\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G6BPCZX4ASKNONL3MSCK564IVXNYSKLP/\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y74V7HGQBNLT6XECCSNZNFZIB7G7XSAR/\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z4Y2FSGQWP4AFT5AZ6UBN6RKHVXUBRFV/\", \"source\": \"secalert@redhat.com\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=1874268\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Issue Tracking\", \"Patch\", \"Third Party Advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G6BPCZX4ASKNONL3MSCK564IVXNYSKLP/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y74V7HGQBNLT6XECCSNZNFZIB7G7XSAR/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z4Y2FSGQWP4AFT5AZ6UBN6RKHVXUBRFV/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": "[{\"source\": \"secalert@redhat.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-212\"}]}, {\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-212\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2020-14370\",\"sourceIdentifier\":\"secalert@redhat.com\",\"published\":\"2020-09-23T13:15:15.563\",\"lastModified\":\"2024-11-21T05:03:06.747\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.\"},{\"lang\":\"es\",\"value\":\"Se encontr\u00f3 una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en containers/podman en versiones anteriores a 2.0.5.\u0026#xa0;Cuando se usa la API Varlink obsoleta o la API REST compatible con Docker, si son creados varios contenedores en un per\u00edodo corto, las variables de entorno desde el primer contenedor son filtradas hacia los contenedores posteriores.\u0026#xa0;Un atacante que tenga control sobre los contenedores posteriores podr\u00eda usar este fallo para conseguir acceso a informaci\u00f3n confidencial almacenada en tales variables\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":1.6,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:N/A:N\",\"baseScore\":4.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"secalert@redhat.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-212\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-212\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:podman_project:podman:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.0.5\",\"matchCriteriaId\":\"4DABB4A8-CEC4-4DDF-BE1F-DDCDAC501A1E\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift_container_platform:4.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6B62E762-2878-455A-93C9-A5DB430D7BB5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4CFF558-3C47-480D-A2F0-BABF26042943\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80F0FA5D-8D3B-4C0E-81E2-87998286AF33\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36D96259-24BD-44E2-96D9-78CE1D41F956\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E460AA51-FCDA-46B9-AE97-E6676AA5E194\"}]}]}],\"references\":[{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1874268\",\"source\":\"secalert@redhat.com\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G6BPCZX4ASKNONL3MSCK564IVXNYSKLP/\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y74V7HGQBNLT6XECCSNZNFZIB7G7XSAR/\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z4Y2FSGQWP4AFT5AZ6UBN6RKHVXUBRFV/\",\"source\":\"secalert@redhat.com\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1874268\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G6BPCZX4ASKNONL3MSCK564IVXNYSKLP/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y74V7HGQBNLT6XECCSNZNFZIB7G7XSAR/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z4Y2FSGQWP4AFT5AZ6UBN6RKHVXUBRFV/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
SUSE-SU-2020:3378-1
Vulnerability from csaf_suse - Published: 2020-11-19 08:30 - Updated: 2020-11-19 08:30Summary
Security update for podman
Notes
Title of the patch
Security update for podman
Description of the patch
This update for podman fixes the following issues:
Security issue fixed:
- This release resolves CVE-2020-14370, in which environment variables could be leaked between containers created using the Varlink API (bsc#1176804).
Non-security issues fixed:
- add dependency to timezone package or podman fails to build a
container (bsc#1178122)
- Install new auto-update system units
- Update to v2.1.1 (bsc#1178392):
* Changes
- The `podman info` command now includes the cgroup manager
Podman is using.
* API
- The REST API now includes a Server header in all responses.
- Fixed a bug where the Libpod and Compat Attach endpoints
could terminate early, before sending all output from the
container.
- Fixed a bug where the Compat Create endpoint for containers
did not properly handle the Interactive parameter.
- Fixed a bug where the Compat Kill endpoint for containers
could continue to run after a fatal error.
- Fixed a bug where the Limit parameter of the Compat List
endpoint for Containers did not properly handle a limit of 0
(returning nothing, instead of all containers) [#7722].
- The Libpod Stats endpoint for containers is being deprecated
and will be replaced by a similar endpoint with additional
features in a future release.
- Changes in v2.1.0
* Features
- A new command, `podman image mount`, has been added. This
allows for an image to be mounted, read-only, to inspect its
contents without creating a container from it [#1433].
- The `podman save` and `podman load` commands can now create
and load archives containing multiple images [#2669].
- Rootless Podman now supports all `podman network` commands,
and rootless containers can now be joined to networks.
- The performance of `podman build` on `ADD` and `COPY`
instructions has been greatly improved, especially when a
`.dockerignore` is present.
- The `podman run` and `podman create` commands now support a
new mode for the `--cgroups` option, `--cgroups=split`.
Podman will create two cgroups under the cgroup it was
launched in, one for the container and one for Conmon. This
mode is useful for running Podman in a systemd unit, as it
ensures that all processes are retained in systemd's cgroup
hierarchy [#6400].
- The `podman run` and `podman create` commands can now specify
options to slirp4netns by using the `--network` option as
follows: `--net slirp4netns:opt1,opt2`. This allows for,
among other things, switching the port forwarder used by
slirp4netns away from rootlessport.
- The `podman ps` command now features a new option,
`--storage`, to show containers from Buildah, CRI-O and other
applications.
- The `podman run` and `podman create` commands now feature a
`--sdnotify` option to control the behavior of systemd's
sdnotify with containers, enabling improved support for
Podman in `Type=notify` units.
- The `podman run` command now features a `--preserve-fds`
opton to pass file descriptors from the host into the
container [#6458].
- The `podman run` and `podman create` commands can now create
overlay volume mounts, by adding the `:O` option to a bind
mount (e.g. `-v /test:/test:O`). Overlay volume mounts will
mount a directory into a container from the host and allow
changes to it, but not write those changes back to the
directory on the host.
- The `podman play kube` command now supports the Socket
HostPath type [#7112].
- The `podman play kube` command now supports read-only mounts.
- The `podman play kube` command now supports setting labels on
pods from Kubernetes metadata labels.
- The `podman play kube` command now supports setting container
restart policy [#7656].
- The `podman play kube` command now properly handles
`HostAlias` entries.
- The `podman generate kube` command now adds entries to
`/etc/hosts` from `--host-add` generated YAML as `HostAlias`
entries.
- The `podman play kube` and `podman generate kube` commands
now properly support `shareProcessNamespace` to share the PID
namespace in pods.
- The `podman volume ls` command now supports the `dangling`
filter to identify volumes that are dangling (not attached to
any container).
- The `podman run` and `podman create` commands now feature a
`--umask` option to set the umask of the created container.
- The `podman create` and `podman run` commands now feature a
`--tz` option to set the timezone within the container [#5128].
- Environment variables for Podman can now be added in the
`containers.conf` configuration file.
- The `--mount` option of `podman run` and `podman create` now
supports a new mount type, `type=devpts`, to add a `devpts`
mount to the container. This is useful for containers that
want to mount `/dev/` from the host into the container, but
still create a terminal.
- The `--security-opt` flag to `podman run` and `podman create`
now supports a new option, `proc-opts`, to specify options
for the container's `/proc` filesystem.
- Podman with the `crun` OCI runtime now supports a new option
to `podman run` and `podman create`, `--cgroup-conf`, which
allows for advanced configuration of cgroups on cgroups v2
systems.
- The `podman create` and `podman run` commands now support a
`--override-variant` option, to override the architecture
variant of the image that will be pulled and ran.
- A new global option has been added to Podman,
`--runtime-flags`, which allows for setting flags to use when
the OCI runtime is called.
- The `podman manifest add` command now supports the
`--cert-dir`, `--auth-file`, `--creds`, and `--tls-verify`
options.
* Security
- This release resolves CVE-2020-14370, in which environment
variables could be leaked between containers created using
the Varlink API.
* Changes
- Podman will now retry pulling an image 3 times if a pull
fails due to network errors.
- The `podman exec` command would previously print error
messages (e.g. `exec session exited with non-zero exit code
-1`) when the command run exited with a non-0 exit code. It
no longer does this. The `podman exec` command will still
exit with the same exit code as the command run in the
container did.
- Error messages when creating a container or pod with a name
that is already in use have been improved.
- For read-only containers running systemd init, Podman creates
a tmpfs filesystem at `/run`. This was previously limited to
65k in size and mounted `noexec`, but is now unlimited size
and mounted `exec`.
- The `podman system reset` command no longer removes
configuration files for rootless Podman.
* API
- The Libpod API version has been bumped to v2.0.0 due to a
breaking change in the Image List API.
- Docker-compatible Volume Endpoints (Create, Inspect, List,
Remove, Prune) are now available!
- Added an endpoint for generating systemd unit files for
containers.
- The `last` parameter to the Libpod container list endpoint
now has an alias, `limit` [#6413].
- The Libpod image list API new returns timestamps in Unix
format, as integer, as opposed to as strings
- The Compat Inspect endpoint for containers now includes port
information in NetworkSettings.
- The Compat List endpoint for images now features limited
support for the (deprecated) `filter` query parameter [#6797].
- Fixed a bug where the Compat Create endpoint for containers
was not correctly handling bind mounts.
- Fixed a bug where the Compat Create endpoint for containers
would not return a 404 when the requested image was not
present.
- Fixed a bug where the Compat Create endpoint for containers
did not properly handle Entrypoint and Command from images.
- Fixed a bug where name history information was not properly
added in the Libpod Image List endpoint.
- Fixed a bug where the Libpod image search endpoint improperly
populated the Description field of responses.
- Added a `noTrunc` option to the Libpod image search endpoint.
- Fixed a bug where the Pod List API would return null, instead
of an empty array, when no pods were present [#7392].
- Fixed a bug where endpoints that hijacked would do perform
the hijack too early, before being ready to send and receive
data [#7195].
- Fixed a bug where Pod endpoints that can operate on multiple
containers at once (e.g. Kill, Pause, Unpause, Stop) would
not forward errors from individual containers that failed.
- The Compat List endpoint for networks now supports filtering
results [#7462].
- Fixed a bug where the Top endpoint for pods would return both
a 500 and 404 when run on a non-existent pod.
- Fixed a bug where Pull endpoints did not stream progress back
to the client.
- The Version endpoints (Libpod and Compat) now provide version
in a format compatible with Docker.
- All non-hijacking responses to API requests should not
include headers with the version of the server.
- Fixed a bug where Libpod and Compat Events endpoints did not
send response headers until the first event occurred [#7263].
- Fixed a bug where the Build endpoints (Compat and Libpod) did
not stream progress to the client.
- Fixed a bug where the Stats endpoints (Compat and Libpod) did
not properly handle clients disconnecting.
- Fixed a bug where the Ignore parameter to the Libpod Stop
endpoint was not performing properly.
- Fixed a bug where the Compat Logs endpoint for containers did
not stream its output in the correct format [#7196].
Patchnames
SUSE-2020-3378,SUSE-SLE-Module-Containers-15-SP1-2020-3378,SUSE-SLE-Module-Containers-15-SP2-2020-3378,SUSE-Storage-7-2020-3378
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for podman",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for podman fixes the following issues:\n\nSecurity issue fixed:\n\n- This release resolves CVE-2020-14370, in which environment variables could be leaked between containers created using the Varlink API (bsc#1176804).\n\nNon-security issues fixed:\n\n- add dependency to timezone package or podman fails to build a \n container (bsc#1178122)\n\n- Install new auto-update system units\n- Update to v2.1.1 (bsc#1178392):\n * Changes\n - The `podman info` command now includes the cgroup manager\n Podman is using.\n * API\n - The REST API now includes a Server header in all responses.\n - Fixed a bug where the Libpod and Compat Attach endpoints\n could terminate early, before sending all output from the\n container.\n - Fixed a bug where the Compat Create endpoint for containers\n did not properly handle the Interactive parameter.\n - Fixed a bug where the Compat Kill endpoint for containers\n could continue to run after a fatal error.\n - Fixed a bug where the Limit parameter of the Compat List\n endpoint for Containers did not properly handle a limit of 0\n (returning nothing, instead of all containers) [#7722].\n - The Libpod Stats endpoint for containers is being deprecated\n and will be replaced by a similar endpoint with additional\n features in a future release.\n- Changes in v2.1.0\n * Features\n - A new command, `podman image mount`, has been added. This\n allows for an image to be mounted, read-only, to inspect its\n contents without creating a container from it [#1433].\n - The `podman save` and `podman load` commands can now create\n and load archives containing multiple images [#2669].\n - Rootless Podman now supports all `podman network` commands,\n and rootless containers can now be joined to networks.\n - The performance of `podman build` on `ADD` and `COPY`\n instructions has been greatly improved, especially when a\n `.dockerignore` is present.\n - The `podman run` and `podman create` commands now support a\n new mode for the `--cgroups` option, `--cgroups=split`.\n Podman will create two cgroups under the cgroup it was\n launched in, one for the container and one for Conmon. This\n mode is useful for running Podman in a systemd unit, as it\n ensures that all processes are retained in systemd\u0027s cgroup\n hierarchy [#6400].\n - The `podman run` and `podman create` commands can now specify\n options to slirp4netns by using the `--network` option as\n follows: `--net slirp4netns:opt1,opt2`. This allows for,\n among other things, switching the port forwarder used by\n slirp4netns away from rootlessport.\n - The `podman ps` command now features a new option,\n `--storage`, to show containers from Buildah, CRI-O and other\n applications.\n - The `podman run` and `podman create` commands now feature a\n `--sdnotify` option to control the behavior of systemd\u0027s\n sdnotify with containers, enabling improved support for\n Podman in `Type=notify` units.\n - The `podman run` command now features a `--preserve-fds`\n opton to pass file descriptors from the host into the\n container [#6458].\n - The `podman run` and `podman create` commands can now create\n overlay volume mounts, by adding the `:O` option to a bind\n mount (e.g. `-v /test:/test:O`). Overlay volume mounts will\n mount a directory into a container from the host and allow\n changes to it, but not write those changes back to the\n directory on the host.\n - The `podman play kube` command now supports the Socket\n HostPath type [#7112].\n - The `podman play kube` command now supports read-only mounts.\n - The `podman play kube` command now supports setting labels on\n pods from Kubernetes metadata labels.\n - The `podman play kube` command now supports setting container\n restart policy [#7656].\n - The `podman play kube` command now properly handles\n `HostAlias` entries.\n - The `podman generate kube` command now adds entries to\n `/etc/hosts` from `--host-add` generated YAML as `HostAlias`\n entries.\n - The `podman play kube` and `podman generate kube` commands\n now properly support `shareProcessNamespace` to share the PID\n namespace in pods.\n - The `podman volume ls` command now supports the `dangling`\n filter to identify volumes that are dangling (not attached to\n any container).\n - The `podman run` and `podman create` commands now feature a\n `--umask` option to set the umask of the created container.\n - The `podman create` and `podman run` commands now feature a\n `--tz` option to set the timezone within the container [#5128].\n - Environment variables for Podman can now be added in the\n `containers.conf` configuration file.\n - The `--mount` option of `podman run` and `podman create` now\n supports a new mount type, `type=devpts`, to add a `devpts`\n mount to the container. This is useful for containers that\n want to mount `/dev/` from the host into the container, but\n still create a terminal.\n - The `--security-opt` flag to `podman run` and `podman create`\n now supports a new option, `proc-opts`, to specify options\n for the container\u0027s `/proc` filesystem.\n - Podman with the `crun` OCI runtime now supports a new option\n to `podman run` and `podman create`, `--cgroup-conf`, which\n allows for advanced configuration of cgroups on cgroups v2\n systems.\n - The `podman create` and `podman run` commands now support a\n `--override-variant` option, to override the architecture\n variant of the image that will be pulled and ran.\n - A new global option has been added to Podman,\n `--runtime-flags`, which allows for setting flags to use when\n the OCI runtime is called.\n - The `podman manifest add` command now supports the\n `--cert-dir`, `--auth-file`, `--creds`, and `--tls-verify`\n options.\n * Security\n - This release resolves CVE-2020-14370, in which environment\n variables could be leaked between containers created using\n the Varlink API.\n * Changes\n - Podman will now retry pulling an image 3 times if a pull\n fails due to network errors.\n - The `podman exec` command would previously print error\n messages (e.g. `exec session exited with non-zero exit code\n -1`) when the command run exited with a non-0 exit code. It\n no longer does this. The `podman exec` command will still\n exit with the same exit code as the command run in the\n container did.\n - Error messages when creating a container or pod with a name\n that is already in use have been improved.\n - For read-only containers running systemd init, Podman creates\n a tmpfs filesystem at `/run`. This was previously limited to\n 65k in size and mounted `noexec`, but is now unlimited size\n and mounted `exec`.\n - The `podman system reset` command no longer removes\n configuration files for rootless Podman.\n * API\n - The Libpod API version has been bumped to v2.0.0 due to a\n breaking change in the Image List API.\n - Docker-compatible Volume Endpoints (Create, Inspect, List,\n Remove, Prune) are now available!\n - Added an endpoint for generating systemd unit files for\n containers.\n - The `last` parameter to the Libpod container list endpoint\n now has an alias, `limit` [#6413].\n - The Libpod image list API new returns timestamps in Unix\n format, as integer, as opposed to as strings\n - The Compat Inspect endpoint for containers now includes port\n information in NetworkSettings.\n - The Compat List endpoint for images now features limited\n support for the (deprecated) `filter` query parameter [#6797].\n - Fixed a bug where the Compat Create endpoint for containers\n was not correctly handling bind mounts.\n - Fixed a bug where the Compat Create endpoint for containers\n would not return a 404 when the requested image was not\n present.\n - Fixed a bug where the Compat Create endpoint for containers\n did not properly handle Entrypoint and Command from images.\n - Fixed a bug where name history information was not properly\n added in the Libpod Image List endpoint.\n - Fixed a bug where the Libpod image search endpoint improperly\n populated the Description field of responses.\n - Added a `noTrunc` option to the Libpod image search endpoint.\n - Fixed a bug where the Pod List API would return null, instead\n of an empty array, when no pods were present [#7392].\n - Fixed a bug where endpoints that hijacked would do perform\n the hijack too early, before being ready to send and receive\n data [#7195].\n - Fixed a bug where Pod endpoints that can operate on multiple\n containers at once (e.g. Kill, Pause, Unpause, Stop) would\n not forward errors from individual containers that failed.\n - The Compat List endpoint for networks now supports filtering\n results [#7462].\n - Fixed a bug where the Top endpoint for pods would return both\n a 500 and 404 when run on a non-existent pod.\n - Fixed a bug where Pull endpoints did not stream progress back\n to the client.\n - The Version endpoints (Libpod and Compat) now provide version\n in a format compatible with Docker.\n - All non-hijacking responses to API requests should not\n include headers with the version of the server.\n - Fixed a bug where Libpod and Compat Events endpoints did not\n send response headers until the first event occurred [#7263].\n - Fixed a bug where the Build endpoints (Compat and Libpod) did\n not stream progress to the client.\n - Fixed a bug where the Stats endpoints (Compat and Libpod) did\n not properly handle clients disconnecting.\n - Fixed a bug where the Ignore parameter to the Libpod Stop\n endpoint was not performing properly.\n - Fixed a bug where the Compat Logs endpoint for containers did\n not stream its output in the correct format [#7196].\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2020-3378,SUSE-SLE-Module-Containers-15-SP1-2020-3378,SUSE-SLE-Module-Containers-15-SP2-2020-3378,SUSE-Storage-7-2020-3378",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2020_3378-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2020:3378-1",
"url": "https://www.suse.com/support/update/announcement/2020/suse-su-20203378-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2020:3378-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2020-November/007809.html"
},
{
"category": "self",
"summary": "SUSE Bug 1176804",
"url": "https://bugzilla.suse.com/1176804"
},
{
"category": "self",
"summary": "SUSE Bug 1178122",
"url": "https://bugzilla.suse.com/1178122"
},
{
"category": "self",
"summary": "SUSE Bug 1178392",
"url": "https://bugzilla.suse.com/1178392"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-14370 page",
"url": "https://www.suse.com/security/cve/CVE-2020-14370/"
}
],
"title": "Security update for podman",
"tracking": {
"current_release_date": "2020-11-19T08:30:15Z",
"generator": {
"date": "2020-11-19T08:30:15Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2020:3378-1",
"initial_release_date": "2020-11-19T08:30:15Z",
"revision_history": [
{
"date": "2020-11-19T08:30:15Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "podman-2.1.1-4.28.1.aarch64",
"product": {
"name": "podman-2.1.1-4.28.1.aarch64",
"product_id": "podman-2.1.1-4.28.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-2.1.1-4.28.1.i586",
"product": {
"name": "podman-2.1.1-4.28.1.i586",
"product_id": "podman-2.1.1-4.28.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-cni-config-2.1.1-4.28.1.noarch",
"product": {
"name": "podman-cni-config-2.1.1-4.28.1.noarch",
"product_id": "podman-cni-config-2.1.1-4.28.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-2.1.1-4.28.1.ppc64le",
"product": {
"name": "podman-2.1.1-4.28.1.ppc64le",
"product_id": "podman-2.1.1-4.28.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-2.1.1-4.28.1.s390x",
"product": {
"name": "podman-2.1.1-4.28.1.s390x",
"product_id": "podman-2.1.1-4.28.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-2.1.1-4.28.1.x86_64",
"product": {
"name": "podman-2.1.1-4.28.1.x86_64",
"product_id": "podman-2.1.1-4.28.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7",
"product": {
"name": "SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-2.1.1-4.28.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:podman-2.1.1-4.28.1.aarch64"
},
"product_reference": "podman-2.1.1-4.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-2.1.1-4.28.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:podman-2.1.1-4.28.1.ppc64le"
},
"product_reference": "podman-2.1.1-4.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-2.1.1-4.28.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:podman-2.1.1-4.28.1.s390x"
},
"product_reference": "podman-2.1.1-4.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-2.1.1-4.28.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:podman-2.1.1-4.28.1.x86_64"
},
"product_reference": "podman-2.1.1-4.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-cni-config-2.1.1-4.28.1.noarch as component of SUSE Linux Enterprise Module for Containers 15 SP1",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP1:podman-cni-config-2.1.1-4.28.1.noarch"
},
"product_reference": "podman-cni-config-2.1.1-4.28.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-2.1.1-4.28.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP2:podman-2.1.1-4.28.1.aarch64"
},
"product_reference": "podman-2.1.1-4.28.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-2.1.1-4.28.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP2:podman-2.1.1-4.28.1.ppc64le"
},
"product_reference": "podman-2.1.1-4.28.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-2.1.1-4.28.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP2:podman-2.1.1-4.28.1.s390x"
},
"product_reference": "podman-2.1.1-4.28.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-2.1.1-4.28.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP2:podman-2.1.1-4.28.1.x86_64"
},
"product_reference": "podman-2.1.1-4.28.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-cni-config-2.1.1-4.28.1.noarch as component of SUSE Linux Enterprise Module for Containers 15 SP2",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP2:podman-cni-config-2.1.1-4.28.1.noarch"
},
"product_reference": "podman-cni-config-2.1.1-4.28.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-2.1.1-4.28.1.aarch64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:podman-2.1.1-4.28.1.aarch64"
},
"product_reference": "podman-2.1.1-4.28.1.aarch64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-2.1.1-4.28.1.x86_64 as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:podman-2.1.1-4.28.1.x86_64"
},
"product_reference": "podman-2.1.1-4.28.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-14370",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-14370"
}
],
"notes": [
{
"category": "general",
"text": "An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7:podman-2.1.1-4.28.1.aarch64",
"SUSE Enterprise Storage 7:podman-2.1.1-4.28.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:podman-2.1.1-4.28.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:podman-2.1.1-4.28.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:podman-2.1.1-4.28.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:podman-2.1.1-4.28.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:podman-cni-config-2.1.1-4.28.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP2:podman-2.1.1-4.28.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP2:podman-2.1.1-4.28.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP2:podman-2.1.1-4.28.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP2:podman-2.1.1-4.28.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP2:podman-cni-config-2.1.1-4.28.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-14370",
"url": "https://www.suse.com/security/cve/CVE-2020-14370"
},
{
"category": "external",
"summary": "SUSE Bug 1176804 for CVE-2020-14370",
"url": "https://bugzilla.suse.com/1176804"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7:podman-2.1.1-4.28.1.aarch64",
"SUSE Enterprise Storage 7:podman-2.1.1-4.28.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:podman-2.1.1-4.28.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:podman-2.1.1-4.28.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:podman-2.1.1-4.28.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:podman-2.1.1-4.28.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:podman-cni-config-2.1.1-4.28.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP2:podman-2.1.1-4.28.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP2:podman-2.1.1-4.28.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP2:podman-2.1.1-4.28.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP2:podman-2.1.1-4.28.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP2:podman-cni-config-2.1.1-4.28.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7:podman-2.1.1-4.28.1.aarch64",
"SUSE Enterprise Storage 7:podman-2.1.1-4.28.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:podman-2.1.1-4.28.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP1:podman-2.1.1-4.28.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP1:podman-2.1.1-4.28.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP1:podman-2.1.1-4.28.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP1:podman-cni-config-2.1.1-4.28.1.noarch",
"SUSE Linux Enterprise Module for Containers 15 SP2:podman-2.1.1-4.28.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP2:podman-2.1.1-4.28.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP2:podman-2.1.1-4.28.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP2:podman-2.1.1-4.28.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP2:podman-cni-config-2.1.1-4.28.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-19T08:30:15Z",
"details": "moderate"
}
],
"title": "CVE-2020-14370"
}
]
}
SUSE-SU-2022:23018-1
Vulnerability from csaf_suse - Published: 2022-02-25 12:54 - Updated: 2022-02-25 12:54Summary
Security update for conmon, libcontainers-common, libseccomp, podman
Notes
Title of the patch
Security update for conmon, libcontainers-common, libseccomp, podman
Description of the patch
This update for conmon, libcontainers-common, libseccomp, podman fixes the following issues:
podman was updated to 3.4.4.
Security issues fixed:
- fix CVE-2021-41190 [bsc#1193273], opencontainers: OCI manifest and index parsing confusion
- fix CVE-2021-4024 [bsc#1193166], podman machine spawns gvproxy with port binded to all IPs
- fix CVE-2021-20199 [bsc#1181640], Remote traffic to rootless containers is seen as orginating from localhost
- Add: Provides: podman:/usr/bin/podman-remote subpackage for a clearer upgrade
path from podman < 3.1.2
Update to version 3.4.4:
* Bugfixes
- Fixed a bug where the podman exec command would, under some circumstances,
print a warning message about failing to move conmon to the appropriate cgroup (#12535).
- Fixed a bug where named volumes created as part of container creation
(e.g. podman run --volume avolume:/a/mountpoint or similar) would be
mounted with incorrect permissions (#12523).
- Fixed a bug where the podman-remote create and podman-remote run commands
did not properly handle the --entrypoint='' option (to clear the container's entrypoint) (#12521).
- Update to version 3.4.3:
* Security
- This release addresses CVE-2021-4024, where the podman machine command opened the gvproxy API (used to forward ports to podman machine VMs) to the public internet on port 7777.
- This release addresses CVE-2021-41190, where incomplete specification of behavior regarding image manifests could lead to inconsistent decoding on different clients.
* Features
- The --secret type=mount option to podman create and podman run supports a new option, target=, which specifies where in the container the secret will be mounted (#12287).
* Bugfixes
- Fixed a bug where rootless Podman would occasionally print warning messages about failing to move the pause process to a new cgroup (#12065).
- Fixed a bug where the podman run and podman create commands would, when pulling images, still require TLS even with registries set to Insecure via config file (#11933).
- Fixed a bug where the podman generate systemd command generated units that depended on multi-user.target, which has been removed from some distributions (#12438).
- Fixed a bug where Podman could not run containers with images that had /etc/ as a symlink (#12189).
- Fixed a bug where the podman logs -f command would, when using the journald logs backend, exit immediately if the container had previously been restarted (#12263).
- Fixed a bug where, in containers on VMs created by podman machine, the host.containers.internal name pointed to the VM, not the host system (#11642).
- Fixed a bug where containers and pods created by the podman play kube command in VMs managed by podman machine would not automatically forward ports from the host machine (#12248).
- Fixed a bug where podman machine init would fail on OS X when GNU Coreutils was installed (#12329).
- Fixed a bug where podman machine start would exit before SSH on the started VM was accepting connections (#11532).
- Fixed a bug where the podman run command with signal proxying (--sig-proxy) enabled could print an error if it attempted to send a signal to a container that had just exited (#8086).
- Fixed a bug where the podman stats command would not return correct information for containers running Systemd as PID1 (#12400).
- Fixed a bug where the podman image save command would fail on OS X when writing the image to STDOUT (#12402).
- Fixed a bug where the podman ps command did not properly handle PS arguments which contained whitespace (#12452).
- Fixed a bug where the podman-remote wait command could fail to detect that the container exited and return an error under some circumstances (#12457).
- Fixed a bug where the Windows MSI installer for podman-remote would break the PATH environment variable by adding an extra ' (#11416).
* API
- The Libpod Play Kube endpoint now also accepts ConfigMap YAML as part of its payload, and will use provided any ConfigMap to configure provided pods and services.
- Fixed a bug where the Compat Create endpoint for Containers would not always create the container's working directory if it did not exist (#11842).
- Fixed a bug where the Compat Create endpoint for Containers returned an incorrect error message with 404 errors when the requested image was not found (#12315).
- Fixed a bug where the Compat Create endpoint for Containers did not properly handle the HostConfig.Mounts field (#12419).
- Fixed a bug where the Compat Archive endpoint for Containers did not properly report errors when the operation failed (#12420).
- Fixed a bug where the Compat Build endpoint for Images ignored the layers query parameter (for caching intermediate layers from the build) (#12378).
- Fixed a bug where the Compat Build endpoint for Images did not report errors in a manner compatible with Docker (#12392).
- Fixed a bug where the Compat Build endpoint for Images would fail to build if the context directory was a symlink (#12409).
- Fixed a bug where the Compat List endpoint for Images included manifest lists (and not just images) in returned results (#12453).
- Update to version 3.4.2:
* Fixed a bug where podman tag could not tag manifest lists (#12046).
* Fixed a bug where built-in volumes specified by images would not be
created correctly under some circumstances.
* Fixed a bug where, when using Podman Machine on OS X, containers in pods
did not have working port forwarding from the host (#12207).
* Fixed a bug where the podman network reload command command on containers
using the slirp4netns network mode and the rootlessport port forwarding
driver would make an unnecessary attempt to restart rootlessport
on containers that did not forward ports.
* Fixed a bug where the podman generate kube command would generate YAML
including some unnecessary (set to default) fields (e.g. empty SELinux and
DNS configuration blocks, and the privileged flag when set to false) (#11995).
* Fixed a bug where the podman pod rm command could, if interrupted at the right moment,
leave a reference to an already-removed infra container behind (#12034).
* Fixed a bug where the podman pod rm command would not remove pods with
more than one container if all containers save for the infra container
were stopped unless --force was specified (#11713).
* Fixed a bug where the --memory flag to podman run and podman create did
not accept a limit of 0 (which should specify unlimited memory) (#12002).
* Fixed a bug where the remote Podman client's podman build command could
attempt to build a Dockerfile in the working directory of the podman
system service instance instead of the Dockerfile specified by the user (#12054).
* Fixed a bug where the podman logs --tail command could function improperly
(printing more output than requested) when the journald log driver was used.
* Fixed a bug where containers run using the slirp4netns network mode with
IPv6 enabled would not have IPv6 connectivity until several seconds after they started (#11062).
* Fixed a bug where some Podman commands could cause an extra dbus-daemon
process to be created (#9727).
* Fixed a bug where rootless Podman would sometimes print warnings
about a failure to move the pause process into a given CGroup (#12065).
* Fixed a bug where the checkpointed field in podman inspect on a container
was not set to false after a container was restored.
* Fixed a bug where the podman system service command would print
overly-verbose logs about request IDs (#12181).
* Fixed a bug where Podman could, when creating a new container without a name
explicitly specified by the user, sometimes use an auto-generated name already
in use by another container if multiple containers were being created in parallel (#11735).
Update to version 3.4.1:
* Bugfixes
- Fixed a bug where podman machine init could, under some circumstances,
create invalid machine configurations which could not be started (#11824).
- Fixed a bug where the podman machine list command would not properly
populate some output fields.
- Fixed a bug where podman machine rm could leave dangling sockets from
the removed machine (#11393).
- Fixed a bug where podman run --pids-limit=-1 was not supported (it now
sets the PID limit in the container to unlimited) (#11782).
- Fixed a bug where podman run and podman attach could throw errors about
a closed network connection when STDIN was closed by the client (#11856).
- Fixed a bug where the podman stop command could fail when run on a
container that had another podman stop command run on it previously.
- Fixed a bug where the --sync flag to podman ps was nonfunctional.
- Fixed a bug where the Windows and OS X remote clients' podman stats
command would fail (#11909).
- Fixed a bug where the podman play kube command did not properly handle
environment variables whose values contained an = (#11891).
- Fixed a bug where the podman generate kube command could generate
invalid annotations when run on containers with volumes that use SELinux
relabelling (:z or :Z) (#11929).
- Fixed a bug where the podman generate kube command would generate YAML
including some unnecessary (set to default) fields (e.g. user and group,
entrypoint, default protocol for forwarded ports) (#11914, #11915, and #11965).
- Fixed a bug where the podman generate kube command could, under some
circumstances, generate YAML including an invalid targetPort field for
forwarded ports (#11930).
- Fixed a bug where rootless Podman's podman info command could, under
some circumstances, not read available CGroup controllers (#11931).
- Fixed a bug where podman container checkpoint --export would fail to
checkpoint any container created with --log-driver=none (#11974).
* API
- Fixed a bug where the Compat Create endpoint for Containers could panic
when no options were passed to a bind mount of tmpfs (#11961).
Update to version 3.4.0:
* Features
- Pods now support init containers! Init containers are containers which run before the rest of the pod starts. There are two types of init containers: 'always', which always run before the pod is started, and 'once', which only run the first time the pod starts and are subsequently removed. They can be added using the podman create command's --init-ctr option.
- Support for init containers has also been added to podman play kube and podman generate kube - init containers contained in Kubernetes YAML will be created as Podman init containers, and YAML generated by Podman will include any init containers created.
- The podman play kube command now supports building images. If the --build option is given and a directory with the name of the specified image exists in the current working directory and contains a valid Containerfile or Dockerfile, the image will be built and used for the container.
- The podman play kube command now supports a new option, --teardown, which removes any pods and containers created by the given Kubernetes YAML.
- The podman generate kube command now generates annotations for SELinux mount options on volume (:z and :Z) that are respected by the podman play kube command.
- A new command has been added, podman pod logs, to return logs for all containers in a pod at the same time.
- Two new commands have been added, podman volume export (to export a volume to a tar file) and podman volume import) (to populate a volume from a given tar file).
- The podman auto-update command now supports simple rollbacks. If a container fails to start after an automatic update, it will be rolled back to the previous image and restarted again.
- Pods now share their user namespace by default, and the podman pod create command now supports the --userns option. This allows rootless pods to be created with the --userns=keep-id option.
- The podman pod ps command now supports a new filter with its --filter option, until, which returns pods created before a given timestamp.
- The podman image scp command has been added. This command allows images to be transferred between different hosts.
- The podman stats command supports a new option, --interval, to specify the amount of time before the information is refreshed.
- The podman inspect command now includes ports exposed (but not published) by containers (e.g. ports from --expose when --publish-all is not specified).
- The podman inspect command now has a new boolean value, Checkpointed, which indicates that a container was stopped as a result of a podman container checkpoint operation.
- Volumes created by podman volume create now support setting quotas when run atop XFS. The size and inode options allow the maximum size and maximum number of inodes consumed by a volume to be limited.
- The podman info command now outputs information on what log drivers, network drivers, and volume plugins are available for use (#11265).
- The podman info command now outputs the current log driver in use, and the variant and codename of the distribution in use.
- The parameters of the VM created by podman machine init (amount of disk space, memory, CPUs) can now be set in containers.conf.
- The podman machine ls command now shows additional information (CPUs, memory, disk size) about VMs managed by podman machine.
- The podman ps command now includes healthcheck status in container state for containers that have healthchecks (#11527).
* Changes
- The podman build command has a new alias, podman buildx, to improve compatibility with Docker. We have already added support for many docker buildx flags to podman build and aim to continue to do so.
- Cases where Podman is run without a user session or a writable temporary files directory will now produce better error messages.
- The default log driver has been changed from file to journald. The file driver did not properly support log rotation, so this should lead to a better experience. If journald is not available on the system, Podman will automatically revert to the file.
- Podman no longer depends on ip for removing networks (#11403).
- The deprecated --macvlan flag to podman network create now warns when it is used. It will be removed entirely in the Podman 4.0 release.
- The podman machine start command now prints a message when the VM is successfully started.
- The podman stats command can now be used on containers that are paused.
- The podman unshare command will now return the exit code of the command that was run in the user namespace (assuming the command was successfully run).
- Successful healthchecks will no longer add a healthy line to the system log to reduce log spam.
- As a temporary workaround for a lack of shortname prompts in the Podman remote client, VMs created by podman machine now default to only using the docker.io registry.
* Bugfixes
- Fixed a bug where whitespace in the definition of sysctls (particularly default sysctls specified in containers.conf) would cause them to be parsed incorrectly.
- Fixed a bug where the Windows remote client improperly validated volume paths (#10900).
- Fixed a bug where the first line of logs from a container run with the journald log driver could be skipped.
- Fixed a bug where images created by podman commit did not include ports exposed by the container.
- Fixed a bug where the podman auto-update command would ignore the io.containers.autoupdate.authfile label when pulling images (#11171).
- Fixed a bug where the --workdir option to podman create and podman run could not be set to a directory where a volume was mounted (#11352).
- Fixed a bug where systemd socket-activation did not properly work with systemd-managed Podman containers (#10443).
- Fixed a bug where environment variable secrets added to a container were not available to exec sessions launched in the container.
- Fixed a bug where rootless containers could fail to start the rootlessport port-forwarding service when XDG_RUNTIME_DIR was set to a long path.
- Fixed a bug where arguments to the --systemd option to podman create and podman run were case-sensitive (#11387).
- Fixed a bug where the podman manifest rm command would also remove images referenced by the manifest, not just the manifest itself (#11344).
- Fixed a bug where the Podman remote client on OS X would not function properly if the TMPDIR environment variable was not set (#11418).
- Fixed a bug where the /etc/hosts file was not guaranteed to contain an entry for localhost (this is still not guaranteed if --net=host is used; such containers will exactly match the host's /etc/hosts) (#11411).
- Fixed a bug where the podman machine start command could print warnings about unsupported CPU features (#11421).
- Fixed a bug where the podman info command could segfault when accessing cgroup information.
- Fixed a bug where the podman logs -f command could hang when a container exited (#11461).
- Fixed a bug where the podman generate systemd command could not be used on containers that specified a restart policy (#11438).
- Fixed a bug where the remote Podman client's podman build command would fail to build containers if the UID and GID on the client were higher than 65536 (#11474).
- Fixed a bug where the remote Podman client's podman build command would fail to build containers if the context directory was a symlink (#11732).
- Fixed a bug where the --network flag to podman play kube was not properly parsed when a non-bridge network configuration was specified.
- Fixed a bug where the podman inspect command could error when the container being inspected was removed as it was being inspected (#11392).
- Fixed a bug where the podman play kube command ignored the default pod infra image specified in containers.conf.
- Fixed a bug where the --format option to podman inspect was nonfunctional under some circumstances (#8785).
- Fixed a bug where the remote Podman client's podman run and podman exec commands could skip a byte of output every 8192 bytes (#11496).
- Fixed a bug where the podman stats command would print nonsensical results if the container restarted while it was running (#11469).
- Fixed a bug where the remote Podman client would error when STDOUT was redirected on a Windows client (#11444).
- Fixed a bug where the podman run command could return 0 when the application in the container exited with 125 (#11540).
- Fixed a bug where containers with --restart=always set using the rootlessport port-forwarding service could not be restarted automatically.
- Fixed a bug where the --cgroups=split option to podman create and podman run was silently discarded if the container was part of a pod.
- Fixed a bug where the podman container runlabel command could fail if the image name given included a tag.
- Fixed a bug where Podman could add an extra 127.0.0.1 entry to /etc/hosts under some circumstances (#11596).
- Fixed a bug where the remote Podman client's podman untag command did not properly handle tags including a digest (#11557).
- Fixed a bug where the --format option to podman ps did not properly support the table argument for tabular output.
- Fixed a bug where the --filter option to podman ps did not properly handle filtering by healthcheck status (#11687).
- Fixed a bug where the podman run and podman start --attach commands could race when retrieving the exit code of a container that had already been removed resulting in an error (e.g. by an external podman rm -f) (#11633).
- Fixed a bug where the podman generate kube command would add default environment variables to generated YAML.
- Fixed a bug where the podman generate kube command would add the default CMD from the image to generated YAML (#11672).
- Fixed a bug where the podman rm --storage command could fail to remove containers under some circumstances (#11207).
- Fixed a bug where the podman machine ssh command could fail when run on Linux (#11731).
- Fixed a bug where the podman stop command would error when used on a container that was already stopped (#11740).
- Fixed a bug where renaming a container in a pod using the podman rename command, then removing the pod using podman pod rm, could cause Podman to believe the new name of the container was permanently in use, despite the container being removed (#11750).
* API
- The Libpod Pull endpoint for Images now has a new query parameter, quiet, which (when set to true) suppresses image pull progress reports (#10612).
- The Compat Events endpoint now includes several deprecated fields from the Docker v1.21 API for improved compatibility with older clients.
- The Compat List and Inspect endpoints for Images now prefix image IDs with sha256: for improved Docker compatibility (#11623).
- The Compat Create endpoint for Containers now properly sets defaults for healthcheck-related fields (#11225).
- The Compat Create endpoint for Containers now supports volume options provided by the Mounts field (#10831).
- The Compat List endpoint for Secrets now supports a new query parameter, filter, which allows returned results to be filtered.
- The Compat Auth endpoint now returns the correct response code (500 instead of 400) when logging into a registry fails.
- The Version endpoint now includes information about the OCI runtime and Conmon in use (#11227).
- Fixed a bug where the X-Registry-Config header was not properly handled, leading to errors when pulling images (#11235).
- Fixed a bug where invalid query parameters could cause a null pointer dereference when creating error messages.
- Logging of API requests and responses at trace level has been greatly improved, including the addition of an X-Reference-Id header to correlate requests and responses (#10053).
Update to version 3.3.1:
* Bugfixes
- Fixed a bug where unit files created by podman generate systemd could
not cleanup shut down containers when stopped by systemctl stop (#11304).
- Fixed a bug where podman machine commands would not properly locate
the gvproxy binary in some circumstances.
- Fixed a bug where containers created as part of a pod using the
--pod-id-file option would not join the pod's network namespace (#11303).
- Fixed a bug where Podman, when using the systemd cgroups driver,
could sometimes leak dbus sessions.
- Fixed a bug where the until filter to podman logs and podman events
was improperly handled, requiring input to be negated (#11158).
- Fixed a bug where rootless containers using CNI networking run on
systems using systemd-resolved for DNS would fail to start if resolved
symlinked /etc/resolv.conf to an absolute path (#11358).
* API
- A large number of potential file descriptor leaks from improperly closing
client connections have been fixed.
Update to version 3.3.0:
* Fix network aliases with network id
* machine: compute sha256 as we read the image file
* machine: check for file exists instead of listing directory
* pkg/bindings/images.nTar(): slashify hdr.Name values
* Volumes: Only remove from DB if plugin removal succeeds
* For compatibility, ignore Content-Type
* [v3.3] Bump c/image 5.15.2, buildah v1.22.3
* Implement SD-NOTIFY proxy in conmon
* Fix rootless cni dns without systemd stub resolver
* fix rootlessport flake
* Skip stats test in CGv1 container environments
* Fix AVC denials in tests of volume mounts
* Restore buildah-bud test requiring new images
* Revert '.cirrus.yml: use fresh images for all VMs'
* Fix device tests using ls test files
* Enhance priv. dev. check
* Workaround host availability of /dev/kvm
* Skip cgroup-parent test due to frequent flakes
* Cirrus: Fix not uploading logformatter html
Switch to crun (bsc#1188914)
Update to version 3.2.3:
* Bump to v3.2.3
* Update release notes for v3.2.3
* vendor containers/common@v0.38.16
* vendor containers/buildah@v1.21.3
* Fix race conditions in rootless cni setup
* CNI-in-slirp4netns: fix bind-mount for /run/systemd/resolve/stub-resolv.conf
* Make rootless-cni setup more robust
* Support uid,gid,mode options for secrets
* vendor containers/common@v0.38.15
* [CI:DOCS] podman search: clarify that results depend on implementation
* vendor containers/common@v0.38.14
* vendor containers/common@v0.38.13
* [3.2] vendor containers/common@v0.38.12
* Bump README to v3.2.2
* Bump to v3.2.3-dev
- Update to version 3.2.2:
* Bump to v3.2.2
* fix systemcontext to use correct TMPDIR
* Scrub podman commands to use report package
* Fix volumes with uid and gid options
* Vendor in c/common v0.38.11
* Initial release notes for v3.2.2
* Fix restoring of privileged containers
* Fix handling of podman-remote build --device
* Add support for podman remote build -f - .
* Fix panic condition in cgroups.getAvailableControllers
* Fix permissions on initially created named volumes
* Fix building static podman-remote
* add correct slirp ip to /etc/hosts
* disable tty-size exec checks in system tests
* Fix resize race with podman exec -it
* Fix documentation of the --format option of podman push
* Fix systemd-resolved detection.
* Health Check is not handled in the compat LibpodToContainerJSON
* Do not use inotify for OCICNI
* getContainerNetworkInfo: lock netNsCtr before sync
* [NO TESTS NEEDED] Create /etc/mtab with the correct ownership
* Create the /etc/mtab file if does not exists
* [v3.2] cp: do not allow dir->file copying
* create: support images with invalid platform
* vendor containers/common@v0.38.10
* logs: k8s-file: restore poll sleep
* logs: k8s-file: fix spurious error logs
* utils: move message from warning to debug
* Bump to v3.2.2-dev
- Update to version 3.2.1:
* Bump to v3.2.1
* Updated release notes for v3.2.1
* Fix network connect race with docker-compose
* Revert 'Ensure minimum API version is set correctly in tests'
* Fall back to string for dockerfile parameter
* remote events: fix --stream=false
* [CI:DOCS] fix incorrect network remove api doc
* remote: always send resize before the container starts
* remote events: support labels
* remote pull: cancel pull when connection is closed
* Fix network prune api docs
* Improve systemd-resolved detection
* logs: k8s-file: fix race
* Fix image prune --filter cmd behavior
* Several shell completion fixes
* podman-remote build should handle -f option properly
* System tests: deal with crun 0.20.1
* Fix build tags for pkg/machine...
* Fix pre-checkpointing
* container: ignore named hierarchies
* [v3.2] vendor containers/common@v0.38.9
* rootless: fix fast join userns path
* [v3.2] vendor containers/common@v0.38.7
* [v3.2] vendor containers/common@v0.38.6
* Correct qemu options for Intel macs
* Ensure minimum API version is set correctly in tests
* Bump to v3.2.1-dev
- Update to version 3.2.0:
* Bump to v3.2.0
* Fix network create macvlan with subnet option
* Final release notes updates for v3.2.0
* add ipv6 nameservers only when the container has ipv6 enabled
* Use request context instead of background
* [v.3.2] events: support disjunctive filters
* System tests: add :Z to volume mounts
* generate systemd: make mounts portable
* vendor containers/storage@v1.31.3
* vendor containers/common@v0.38.5
* Bump to v3.2.0-dev
* Bump to v3.2.0-RC3
* Update release notes for v3.2.0-RC3
* Fix race on podman start --all
* Fix race condition in running ls container in a pod
* docs: --cert-dir: point to containers-certs.d(5)
* Handle hard links in different directories
* Improve OCI Runtime error
* Handle hard links in remote builds
* Podman info add support for status of cgroup controllers
* Drop container does not exist on removal to debugf
* Downgrade API service routing table logging
* add libimage events
* docs: generate systemd: XDG_RUNTIME_DIR
* Fix problem copying files when container is in host pid namespace
* Bump to v3.2.0-dev
* Bump to v3.2.0-RC2
* update c/common
* Update Cirrus DEST_BRANCH to v3.2
* Updated vendors of c/image, c/storage, Buildah
* Initial release notes for v3.2.0-RC2
* Add script for identifying commits in release branches
* Add host.containers.internal entry into container's etc/hosts
* image prune: remove unused images only with `--all`
* podman network reload add rootless support
* Use more recent `stale` release...
* network tutorial: update with rootless cni changes
* [CI:DOCS] Update first line in intro page
* Use updated VM images + updated automation tooling
* auto-update service: prune images
* make vendor
* fix system upgrade tests
* Print 'extracting' only on compressed file
* podman image tree: restore previous behavior
* fix network restart always test
* fix incorrect log driver in podman container image
* Add support for cli network prune --filter flag
* Move filter parsing to common utils
* Bump github.com/containers/storage from 1.30.2 to 1.30.3
* Update nix pin with `make nixpkgs`
* [CI:DOCS] hack/bats - new helper for running system tests
* fix restart always with slirp4netns
* Bump github.com/opencontainers/runc from 1.0.0-rc93 to 1.0.0-rc94
* Bump github.com/coreos/go-systemd/v22 from 22.3.1 to 22.3.2
* Add host.serviceIsRemote to podman info results
* Add client disconnect to build handler loop
* Remove obsolete skips
* Fix podman-remote build --rm=false ...
* fix: improved 'containers/{name}/wait' endpoint
* Bump github.com/containers/storage from 1.30.1 to 1.30.2
* Add envars to the generated systemd unit
* fix: use UTC Time Stamps in response JSON
* fix container startup for empty pidfile
* Kube like pods should share ipc,net,uts by default
* fix: compat API 'images/get' for multiple images
* Revert escaped double dash man page flag syntax
* Report Download complete in Compatibility mode
* Add documentation on short-names
* Bump github.com/docker/docker
* Adds support to preserve auto update labels in generate and play kube
* [CI:DOCS] Stop conversion of `--` into en dash
* Revert Patch to relabel if selinux not enabled
* fix per review request
* Add support for environment variable secrets
* fix pre review request
* Fix infinite loop in isPathOnVolume
* Add containers.conf information for changing defaults
* CI: run rootless tests under ubuntu
* Fix wrong macvlan PNG in networking doc.
* Add restart-policy to container filters & --filter to podman start
* Fixes docker-compose cannot set static ip when use ipam
* channel: simplify implementation
* build: improve regex for iidfile
* Bump github.com/onsi/gomega from 1.11.0 to 1.12.0
* cgroup: fix rootless --cgroup-parent with pods
* fix: docker APIv2 `images/get`
* codespell cleanup
* Minor podmanimage docs updates.
* Fix handling of runlabel IMAGE and NAME
* Bump to v3.2.0-dev
* Bump to v3.2.0-rc1
* rootless: improve automatic range split
* podman: set volatile storage flag for --rm containers
* Bump github.com/onsi/ginkgo from 1.16.1 to 1.16.2
* Bump github.com/containers/image/v5 from 5.11.1 to 5.12.0
* migrate Podman to containers/common/libimage
* Add filepath glob support to --security-opt unmask
* Force log_driver to k8s-file for containers in containers
* add --mac-address to podman play kube
* compat api: Networks must be empty instead of null
* System tests: honor $OCI_RUNTIME (for CI)
* is this a bug?
* system test image: add arm64v8 image
* Fix troubleshooting documentation on handling sublemental groups.
* Add --all to podman start
* Fix variable reference typo. in multi-arch image action
* cgroup: always honor --cgroup-parent with cgroupfs
* Bump github.com/uber/jaeger-client-go
* Don't require tests for github-actions & metadata
* Detect if in podman machine virtual vm
* Fix multi-arch image workflow typo
* [CI:DOCS] Add titles to remote docs (windows)
* Remove unused VolumeList* structs
* Cirrus: Update F34beta -> F34
* Update container image docs + fix unstable execution
* Bump github.com/containers/storage from 1.30.0 to 1.30.1
* TODO complete
* Docker returns 'die' status rather then 'died' status
* Check if another VM is running on machine start
* [CI:DOCS] Improve titles of command HTML pages
* system tests: networking: fix another race condition
* Use seccomp_profile as default profile if defined in containers.conf
* Bump github.com/json-iterator/go from 1.1.10 to 1.1.11
* Vendored
* Autoupdate local label functional
* System tests: fix two race conditions
* Add more documentation on conmon
* Allow docker volume create API to pass without name
* Cirrus: Update Ubuntu images to 21.04
* Skip blkio-weight test when no kernel BFQ support
* rootless: Tell the user what was led to the error, not just what it is
* Add troubleshooting advice about the --userns option.
* Fix images prune filter until
* Fix logic for pushing stable multi-arch images
* Fixes generate kube incorrect when bind-mounting '/' and '/root'
* libpod/image: unit tests: don't use system's registries.conf.d
* runtime: create userns when CAP_SYS_ADMIN is not present
* rootless: attempt to copy current mappings first
* [CI:DOCS] Restore missing content to manpages
* [CI:DOCS] Fix Markdown layout bugs
* Fix podman ps --filter ancestor to match exact ImageName/ImageID
* Add machine-enabled to containers.conf for machine
* Several multi-arch image build/push fixes
* Add podman run --timeout option
* Parse slirp4netns net options with compat api
* Fix rootlesskit port forwarder with custom slirp cidr
* Fix removal race condition in ListContainers
* Add github-action workflow to build/push multi-arch
* rootless: if root is not sub?id raise a debug message
* Bump github.com/containers/common from 0.36.0 to 0.37.0
* Add go template shell completion for --format
* Add --group-add keep-groups: suplimentary groups into container
* Fixes from make codespell
* Typo fix to usage text of --compress option
* corrupt-image test: fix an oops
* Add --noheading flag to all list commands
* Bump github.com/containers/storage from 1.29.0 to 1.30.0
* Bump github.com/containers/image/v5 from 5.11.0 to 5.11.1
* [CI:DOCS] Fix Markdown table layout bugs
* podman-remote should show podman.sock info
* rmi: don't break when the image is missing a manifest
* [CI:DOCS] Rewrite --uidmap doc in podman-create.1.md and podman-run.1.md
* Add support for CDI device configuration
* [CI:DOCS] Add missing dash to verbose option
* Bump github.com/uber/jaeger-client-go
* Remove an advanced layer diff function
* Ensure mount destination is clean, no trailing slash
* add it for inspect pidfile
* [CI:DOCS] Fix introduction page typo
* support pidfile on container restore
* fix start it
* skip pidfile test on remote
* improve document
* set pidfile default value int containerconfig
* add pidfile in inspection
* add pidfile it for container start
* skip pidfile it on remote
* Modify according to comments
* WIP: drop test requirement
* runtime: bump required conmon version
* runtime: return findConmon to libpod
* oci: drop ExecContainerCleanup
* oci: use `--full-path` option for conmon
* use AttachSocketPath when removing conmon files
* hide conmon-pidfile flag on remote mode
* Fix possible panic in libpod/image/prune.go
* add --ip to podman play kube
* add flag autocomplete
* add ut
* add flag '--pidfile' for podman create/run
* Add network bindings tests: remove and list
* Fix build with GO111MODULE=off
* system tests: build --pull-never: deal with flakes
* compose test: diagnose flakes v3
* podman play kube apply correct log driver
* Fixes podman-remote save to directories does not work
* Bump github.com/rootless-containers/rootlesskit from 0.14.1 to 0.14.2
* Update documentation of podman-run to reflect volume 'U' option
* Fix flake on failed podman-remote build : try 2
* compose test: ongoing efforts to diagnose flakes
* Test that we don't error out on advertised --log-level values
* At trace log level, print error text using %+v instead of %v
* pkg/errorhandling.JoinErrors: don't throw away context for lone errors
* Recognize --log-level=trace
* Fix flake on failed podman-remote build
* System tests: fix racy podman-inspect
* Fixes invalid expression in save command
* Bump github.com/containers/common from 0.35.4 to 0.36.0
* Update nix pin with `make nixpkgs`
* compose test: try to get useful data from flakes
* Remove in-memory state implementation
* Fix message about runtime to show only the actual runtime
* System tests: setup: better cleanup of stray images
* Bump github.com/containers/ocicrypt from 1.1.0 to 1.1.1
* Reflect current state of prune implementation in docs
* Do not delete container twice
* [CI:DOCS] Correct status code for /pods/create
* vendor in containers/storage v1.29.0
* cgroup: do not set cgroup parent when rootless and cgroupfs
* Overhaul Makefile binary and release worflows
* Reorganize Makefile with sections and guide
* Simplify Makefile help target
* Don't shell to obtain current directory
* Remove unnecessary/not-needed release.txt target
* Fix incorrect version number output
* Exclude .gitignore from test req.
* Fix handling of $NAME and $IMAGE in runlabel
* Update podman image Dockerfile to support Podman in container
* Bump github.com/containers/image/v5 from 5.10.5 to 5.11.0
* Fix slashes in socket URLs
* Add network prune filters support to bindings
* Add support for play/generate kube volumes
* Update manifest API endpoints
* Fix panic when not giving a machine name for ssh
* cgroups: force 64 bits to ParseUint
* Bump k8s.io/api from 0.20.5 to 0.21.0
* [CI:DOCS] Fix formatting of podman-build man page
* buildah-bud tests: simplify
* Add missing return
* Bump github.com/onsi/ginkgo from 1.16.0 to 1.16.1
* speed up CI handling of images
* Volumes prune endpoint should use only prune filters
* Cirrus: Use Fedora 34beta images
* Bump go.sum + Makefile for golang 1.16
* Exempt Makefile changes from test requirements
* Adjust libpod API Container Wait documentation to the code
* [CI:DOCS] Update swagger definition of inspect manifest
* use updated ubuntu images
* podman unshare: add --rootless-cni to join the ns
* Update swagger-check
* swagger: remove name wildcards
* Update buildah-bud diffs
* Handle podman-remote --arch, --platform, --os
* buildah-bud tests: handle go pseudoversions, plus...
* Fix flaking rootless compose test
* rootless cni add /usr/sbin to PATH if not present
* System tests: special case for RHEL: require runc
* Add --requires flag to podman run/create
* [CI:DOCS] swagger-check: compare operations
* [CI:DOCS] Polish swagger OpertionIDs
* [NO TESTS NEEDED] Update nix pin with `make nixpkgs`
* Ensure that `--userns=keep-id` sets user in config
* [CI:DOCS] Set all operation id to be compatibile
* Move operationIds to swagger:operation line
* swagger: add operationIds that match with docker
* Cirrus: Make use of shared get_ci_vm container
* Don't relabel volumes if running in a privileged container
* Allow users to override default storage opts with --storage-opt
* Add support for podman --context default
* Verify existence of auth file if specified
* fix machine naming conventions
* Initial network bindings tests
* Update release notes to indicate CVE fix
* Move socket activation check into init() and set global condition.
* Bump github.com/onsi/ginkgo from 1.15.2 to 1.16.0
* Http api tests for network prune with until filter
* podman-run.1.md, podman-create.1.md : Adjust Markdown layout for --userns
* Fix typos --uidmapping and --gidmapping
* Add transport and destination info to manifest doc
* Bump github.com/rootless-containers/rootlesskit from 0.14.0 to 0.14.1
* Add default template functions
* Fix missing podman-remote build options
* Bump github.com/coreos/go-systemd/v22 from 22.3.0 to 22.3.1
* Add ssh connection to root user
* Add rootless docker-compose test to the CI
* Use the slrip4netns dns in the rootless cni ns
* Cleanup the rootless cni namespace
* Add new docker-compose test for two networks
* Make the docker-compose test work rootless
* Remove unused rootless-cni-infra container files
* Only use rootless RLK when the container has ports
* Fix dnsname test
* Enable rootless network connect/disconnect
* Move slirp4netns functions into an extra file
* Fix pod infra container cni network setup
* Add rootless support for cni and --uidmap
* rootless cni without infra container
* Recreate until container prune tests for bindings
* Remove --execute from podman machine ssh
* Fixed podman-remote --network flag
* Makefile: introduce install.docker-full
* Makefile: ensure install.docker creates BINDIR
* Fix unmount doc reference in image.rst
* Should send the OCI runtime path not just the name to buildah
* podman machine shell completion
* Fix handling of remove --log-rusage param
* Fix bindings prune containers flaky test
* [CI:DOCS] Add local html build info to docs/README.md
* Add podman machine list
* Trim white space from /top endpoint results
* Remove semantic version suffices from API calls
* podman machine init --ignition-path
* Document --volume from podman-remote run/create client
* Update main branch to reflect the release of v3.1.0
* Silence podman network reload errors with iptables-nft
* Containers prune endpoint should use only prune filters
* resolve proper aarch64 image names
* APIv2 basic test: relax APIVersion check
* Add machine support for qemu-system-aarch64
* podman machine init user input
* manpage xref: helpful diagnostic for unescaped dash-dash
* Bump to v3.2.0-dev
* swagger: update system version response body
* buildah-bud tests: reenable pull-never test
* [NO TESTS NEEDED] Shrink the size of podman-remote
* Add powershell completions
* [NO TESTS NEEDED] Drop Warning to Info, if cgroups not mounted
* Fix long option format on docs.podman.io
* system tests: friendier messages for 2-arg is()
* service: use LISTEN_FDS
* man pages: correct seccomp-policy label
* rootless: use is_fd_inherited
* podman generate systemd --new do not duplicate params
* play kube: add support for env vars defined from secrets
* play kube: support optional/mandatory env var from config map
* play kube: prepare supporting other env source than config maps
* Add machine support for more Linux distros
* [NO TESTS NEEDED] Use same function podman-remote rmi as podman
* Podman machine enhancements
* Add problematic volume name to kube play error messages
* Fix podman build --pull-never
* [NO TESTS NEEDED] Fix for kernel without CONFIG_USER_NS
* [NO TESTS NEEDED] Turn on podman-remote build --isolation
* Fix list pods filter handling in libpod api
* Remove resize race condition
* [NO TESTS NEEDED] Vendor in containers/buildah v1.20.0
* Use TMPDIR when commiting images
* Add RequiresMountsFor= to systemd generate
* Bump github.com/vbauerster/mpb/v6 from 6.0.2 to 6.0.3
* Fix swapped dimensions from terminal.GetSize
* Rename podman machine create to init and clean up
* Correct json field name
* system tests: new interactive tests
* Improvements for machine
* libpod/image: unit tests: use a `registries.conf` for aliases
* libpod/image: unit tests: defer cleanup
* libpod/image: unit tests: use `require.NoError`
* Add --execute flag to podman machine ssh
* introduce podman machine
* Podman machine CLI and interface stub
* Support multi doc yaml for generate/play kube
* Fix filters in image http compat/libpod api endpoints
* Bump github.com/containers/common from 0.35.3 to 0.35.4
* Bump github.com/containers/storage from 1.28.0 to 1.28.1
* Check if stdin is a term in --interactive --tty mode
* [NO TESTS NEEDED] Remove /tmp/containers-users-* files on reboot
* [NO TESTS NEEDED] Fix rootless volume plugins
* Ensure manually-created volumes have correct ownership
* Bump github.com/rootless-containers/rootlesskit
* Unification of until filter across list/prune endpoints
* Unification of label filter across list/prune endpoints
* fixup
* fix: build endpoint for compat API
* [CI:DOCS] Add note to mappings for user/group userns in build
* Bump k8s.io/api from 0.20.1 to 0.20.5
* Validate passed in timezone from tz option
* WIP: run buildah bud tests using podman
* Fix containers list/prune http api filter behaviour
* Generate Kubernetes PersistentVolumeClaims from named volumes
- Update to version 3.1.2:
* Bump to v3.1.2
* Update release notes for v3.1.2
* Ensure mount destination is clean, no trailing slash
* Fixes podman-remote save to directories does not work
* [CI:DOCS] Add missing dash to verbose option
* [CI:DOCS] Fix Markdown table layout bugs
* [CI:DOCS] Rewrite --uidmap doc in podman-create.1.md and podman-run.1.md
* rmi: don't break when the image is missing a manifest
* Bump containers/image to v5.11.1
* Bump github.com/coreos/go-systemd from 22.2.0 to 22.3.1
* Fix lint
* Bump to v3.1.2-dev
- Split podman-remote into a subpackage
- Add missing scriptlets for systemd units
- Escape macros in comments
- Drop some obsolete workarounds, including %{go_nostrip}
- Update to version 3.1.1:
* Bump to v3.1.1
* Update release notes for v3.1.1
* podman play kube apply correct log driver
* Fix build with GO111MODULE=off
* [CI:DOCS] Set all operation id to be compatibile
* Move operationIds to swagger:operation line
* swagger: add operationIds that match with docker
* Fix missing podman-remote build options
* [NO TESTS NEEDED] Shrink the size of podman-remote
* Move socket activation check into init() and set global condition.
* rootless: use is_fd_inherited
* Recreate until container prune tests for bindings
* System tests: special case for RHEL: require runc
* Document --volume from podman-remote run/create client
* Containers prune endpoint should use only prune filters
* Trim white space from /top endpoint results
* Fix unmount doc reference in image.rst
* Fix handling of remove --log-rusage param
* Makefile: introduce install.docker-full
* Makefile: ensure install.docker creates BINDIR
* Should send the OCI runtime path not just the name to buildah
* Fixed podman-remote --network flag
* podman-run.1.md, podman-create.1.md : Adjust Markdown layout for --userns
* Fix typos --uidmapping and --gidmapping
* Add default template functions
* Don't relabel volumes if running in a privileged container
* Allow users to override default storage opts with --storage-opt
* Add transport and destination info to manifest doc
* Verify existence of auth file if specified
* Ensure that `--userns=keep-id` sets user in config
* [CI:DOCS] Update swagger definition of inspect manifest
* Volumes prune endpoint should use only prune filters
* Adjust libpod API Container Wait documentation to the code
* Add missing return
* [CI:DOCS] Fix formatting of podman-build man page
* cgroups: force 64 bits to ParseUint
* Fix slashes in socket URLs
* [CI:DOCS] Correct status code for /pods/create
* cgroup: do not set cgroup parent when rootless and cgroupfs
* Reflect current state of prune implementation in docs
* Do not delete container twice
* Test that we don't error out on advertised --log-level values
* At trace log level, print error text using %+v instead of %v
* pkg/errorhandling.JoinErrors: don't throw away context for lone errors
* Recognize --log-level=trace
* Fix message about runtime to show only the actual runtime
* Fix handling of $NAME and $IMAGE in runlabel
* Fix flake on failed podman-remote build : try 2
* Fix flake on failed podman-remote build
* Update documentation of podman-run to reflect volume 'U' option
* Fixes invalid expression in save command
* Fix possible panic in libpod/image/prune.go
* Update all containers/ project vendors
* Fix tests
* Bump to v3.1.1-dev
- Update to version 3.1.0:
* Bump to v3.1.0
* Fix test failure
* Update release notes for v3.1.0 final release
* [NO TESTS NEEDED] Turn on podman-remote build --isolation
* Fix long option format on docs.podman.io
* Fix containers list/prune http api filter behaviour
* [CI:DOCS] Add note to mappings for user/group userns in build
* Validate passed in timezone from tz option
* Generate Kubernetes PersistentVolumeClaims from named volumes
* libpod/image: unit tests: use a `registries.conf` for aliases
- Require systemd 241 or newer due to podman dependency go-systemd v22,
otherwise build will fail with unknown C name errors
- Create docker subpackage to allow replacing docker with
corresponding aliases to podman.
- Update to v3.0.1
* Changes
- Several frequently-occurring WARN level log messages have been downgraded to INFO or DEBUG to not clutter terminal output.
Bugfixes
- Fixed a bug where the Created field of podman ps --format=json was formatted as a string instead of an Unix timestamp (integer) (#9315).
- Fixed a bug where failing lookups of individual layers during the podman images command would cause the whole command to fail without printing output.
- Fixed a bug where --cgroups=split did not function properly on cgroups v1 systems.
- Fixed a bug where mounting a volume over an directory in the container that existed, but was empty, could fail (#9393).
- Fixed a bug where mounting a volume over a directory in the container that existed could copy the entirety of the container's rootfs, instead of just the directory mounted over, into the volume (#9415).
- Fixed a bug where Podman would treat the --entrypoint=[''] option to podman run and podman create as a literal empty string in the entrypoint, when instead it should have been ignored (#9377).
- Fixed a bug where Podman would set the HOME environment variable to '' when the container ran as a user without an assigned home directory (#9378).
- Fixed a bug where specifying a pod infra image that had no tags (by using its ID) would cause podman pod create to panic (#9374).
- Fixed a bug where the --runtime option was not properly handled by the podman build command (#9365).
- Fixed a bug where Podman would incorrectly print an error message related to the remote API when the remote API was not in use and starting Podman failed.
- Fixed a bug where Podman would change ownership of a container's working directory, even if it already existed (#9387).
- Fixed a bug where the podman generate systemd --new command would incorrectly escape %t when generating the path for the PID file (#9373).
- Fixed a bug where Podman could, when run inside a Podman container with the host's containers/storage directory mounted into the container, erroneously detect a reboot and reset container state if the temporary directory was not also mounted in (#9191).
- Fixed a bug where some options of the podman build command (including but not limited to --jobs) were nonfunctional (#9247).
* API
- Fixed a breaking change to the Libpod Wait API for Containers where the Conditions parameter changed type in Podman v3.0 (#9351).
- Fixed a bug where the Compat Create endpoint for Containers did not properly handle forwarded ports that did not specify a host port.
- Fixed a bug where the Libpod Wait endpoint for Containers could write duplicate headers after an error occurred.
- Fixed a bug where the Compat Create endpoint for Images would not pull images that already had a matching tag present locally, even if a more recent version was available at the registry (#9232).
- The Compat Create endpoint for Images has had its compatibility with Docker improved, allowing its use with the docker-java library.
* Misc
- Updated Buildah to v1.19.4
- Updated the containers/storage library to v1.24.6
- Changes from v3.0.0
* Features
- Podman now features initial support for Docker Compose.
- Added the podman rename command, which allows containers to be renamed after they are created (#1925).
- The Podman remote client now supports the podman copy command.
- A new command, podman network reload, has been added. This command will re-configure the network of all running containers, and can be used to recreate firewall rules lost when the system firewall was reloaded (e.g. via firewall-cmd --reload).
- Podman networks now have IDs. They can be seen in podman network ls and can be used when removing and inspecting networks. Existing networks receive IDs automatically.
- Podman networks now also support labels. They can be added via the --label option to network create, and podman network ls can filter labels based on them.
- The podman network create command now supports setting bridge MTU and VLAN through the --opt option (#8454).
- The podman container checkpoint and podman container restore commands can now checkpoint and restore containers that include volumes.
- The podman container checkpoint command now supports the --with-previous and --pre-checkpoint options, and the podman container restore command now support the --import-previous option. These add support for two-step checkpointing with lowered dump times.
- The podman push command can now push manifest lists. Podman will first attempt to push as an image, then fall back to pushing as a manifest list if that fails.
- The podman generate kube command can now be run on multiple containers at once, and will generate a single pod containing all of them.
- The podman generate kube and podman play kube commands now support Kubernetes DNS configuration, and will preserve custom DNS configuration when exporting or importing YAML (#9132).
- The podman generate kube command now properly supports generating YAML for containers and pods creating using host networking (--net=host) (#9077).
- The podman kill command now supports a --cidfile option to kill containers given a file containing the container's ID (#8443).
- The podman pod create command now supports the --net=none option (#9165).
- The podman volume create command can now specify volume UID and GID as options with the UID and GID fields passed to the the --opt option.
- Initial support has been added for Docker Volume Plugins. Podman can now define available plugins in containers.conf and use them to create volumes with podman volume create --driver.
- The podman run and podman create commands now support a new option, --platform, to specify the platform of the image to be used when creating the container.
- The --security-opt option to podman run and podman create now supports the systempaths=unconfined option to unrestrict access to all paths in the container, as well as mask and unmask options to allow more granular restriction of container paths.
- The podman stats --format command now supports a new format specified, MemUsageBytes, which prints the raw bytes of memory consumed by a container without human-readable formatting #8945.
- The podman ps command can now filter containers based on what pod they are joined to via the pod filter (#8512).
- The podman pod ps command can now filter pods based on what networks they are joined to via the network filter.
The podman pod ps command can now print information on what networks a pod is joined to via the .Networks specifier to the --format option.
- The podman system prune command now supports filtering what containers, pods, images, and volumes will be pruned.
- The podman volume prune commands now supports filtering what volumes will be pruned.
- The podman system prune command now includes information on space reclaimed (#8658).
- The podman info command will now properly print information about packages in use on Gentoo and Arch systems.
- The containers.conf file now contains an option for disabling creation of a new kernel keyring on container creation (#8384).
- The podman image sign command can now sign multi-arch images by producing a signature for each image in a given manifest list.
- The podman image sign command, when run as rootless, now supports per-user registry configuration files in $HOME/.config/containers/registries.d.
- Configuration options for slirp4netns can now be set system-wide via the NetworkCmdOptions configuration option in containers.conf.
- The MTU of slirp4netns can now be configured via the mtu= network command option (e.g. podman run --net slirp4netns:mtu=9000).
* Security
- A fix for CVE-2021-20199 is included. Podman between v1.8.0 and v2.2.1 used 127.0.0.1 as the source address for all traffic forwarded into rootless containers by a forwarded port; this has been changed to address the issue.
* Changes
- Shortname aliasing support has now been turned on by default. All Podman commands that must pull an image will, if a TTY is available, prompt the user about what image to pull.
- The podman load command no longer accepts a NAME[:TAG] argument. The presence of this argument broke CLI compatibility with Docker by making docker load commands unusable with Podman (#7387).
- The Go bindings for the HTTP API have been rewritten with a focus on limiting dependency footprint and improving extensibility. Read more here.
- The legacy Varlink API has been completely removed from Podman.
- The default log level for Podman has been changed from Error to Warn.
- The podman network create command can now create macvlan networks using the --driver macvlan option for Docker compatibility. The existing --macvlan flag has been deprecated and will be removed in Podman 4.0 some time next year.
- The podman inspect command has had the LogPath and LogTag fields moved into the LogConfig structure (from the root of the Inspect structure). The maximum size of the log file is also included.
- The podman generate systemd command no longer generates unit files using the deprecated KillMode=none option (#8615).
- The podman stop command now releases the container lock while waiting for it to stop - as such, commands like podman ps will no longer block until podman stop completes (#8501).
- Networks created with podman network create --internal no longer use the dnsname plugin. This configuration never functioned as expected.
- Error messages for the remote Podman client have been improved when it cannot connect to a Podman service.
- Error messages for podman run when an invalid SELinux is specified have been improved.
- Rootless Podman features improved support for containers with a single user mapped into the rootless user namespace.
- Pod infra containers now respect default sysctls specified in containers.conf allowing for advanced configuration of the namespaces they will share.
- SSH public key handling for remote Podman has been improved.
* Bugfixes
- Fixed a bug where the podman history --no-trunc command would truncate the Created By field (#9120).
- Fixed a bug where root containers that did not explicitly specify a CNI network to join did not generate an entry for the network in use in the Networks field of the output of podman inspect (#6618).
- Fixed a bug where, under some circumstances, container working directories specified by the image (via the WORKDIR instruction) but not present in the image, would not be created (#9040).
- Fixed a bug where the podman generate systemd command would generate invalid unit files if the container was creating using a command line that included doubled braces ({{ and }}), e.g. --log-opt-tag={{.Name}} (#9034).
- Fixed a bug where the podman generate systemd --new command could generate unit files including invalid Podman commands if the container was created using merged short options (e.g. podman run -dt) (#8847).
- Fixed a bug where the podman generate systemd --new command could generate unit files that did not handle Podman commands including some special characters (e.g. $) (#9176
- Fixed a bug where rootless containers joining CNI networks could not set a static IP address (#7842).
- Fixed a bug where rootless containers joining CNI networks could not set network aliases (#8567).
- Fixed a bug where the remote client could, under some circumstances, not include the Containerfile when sending build context to the server (#8374).
- Fixed a bug where rootless Podman did not mount /sys as a new sysfs in some circumstances where it was acceptable.
- Fixed a bug where rootless containers that both joined a user namespace and a CNI networks would cause a segfault. These options are incompatible and now return an error.
- Fixed a bug where the podman play kube command did not properly handle CMD and ARGS from images (#8803).
- Fixed a bug where the podman play kube command did not properly handle environment variables from images (#8608).
- Fixed a bug where the podman play kube command did not properly print errors that occurred when starting containers.
- Fixed a bug where the podman play kube command errored when hostNetwork was used (#8790).
- Fixed a bug where the podman play kube command would always pull images when the :latest tag was specified, even if the image was available locally (#7838).
- Fixed a bug where the podman play kube command did not properly handle SELinux configuration, rending YAML with custom SELinux configuration unusable (#8710).
- Fixed a bug where the podman generate kube command incorrectly populated the args and command fields of generated YAML (#9211).
- Fixed a bug where containers in a pod would create a duplicate entry in the pod's shared /etc/hosts file every time the container restarted (#8921).
- Fixed a bug where the podman search --list-tags command did not support the --format option (#8740).
- Fixed a bug where the http_proxy option in containers.conf was not being respected, and instead was set unconditionally to true (#8843).
- Fixed a bug where rootless Podman could, on systems with a recent Conmon and users with a long username, fail to attach to containers (#8798).
- Fixed a bug where the podman images command would break and fail to display any images if an empty manifest list was present in storage (#8931).
- Fixed a bug where locale environment variables were not properly passed on to Conmon.
- Fixed a bug where Podman would not build on the MIPS architecture (#8782).
- Fixed a bug where rootless Podman could fail to properly configure user namespaces for rootless containers when the user specified a --uidmap option that included a mapping beginning with UID 0.
- Fixed a bug where the podman logs command using the k8s-file backend did not properly handle partial log lines with a length of 1 (#8879).
- Fixed a bug where the podman logs command with the --follow option did not properly handle log rotation (#8733).
- Fixed a bug where user-specified HOSTNAME environment variables were overwritten by Podman (#8886).
- Fixed a bug where Podman would applied default sysctls from containers.conf in too many situations (e.g. applying network sysctls when the container shared its network with a pod).
- Fixed a bug where Podman did not properly handle cases where a secondary image store was in use and an image was present in both the secondary and primary stores (#8176).
- Fixed a bug where systemd-managed rootless Podman containers where the user in the container was not root could fail as the container's PID file was not accessible to systemd on the host (#8506).
- Fixed a bug where the --privileged option to podman run and podman create would, under some circumstances, not disable Seccomp (#8849).
- Fixed a bug where the podman exec command did not properly add capabilities when the container or exec session were run with --privileged.
- Fixed a bug where rootless Podman would use the --enable-sandbox option to slirp4netns unconditionally, even when pivot_root was disabled, rendering slirp4netns unusable when pivot_root was disabled (#8846).
- Fixed a bug where podman build --logfile did not actually write the build's log to the logfile.
- Fixed a bug where the podman system service command did not close STDIN, and could display user-interactive prompts (#8700).
- Fixed a bug where the podman system reset command could, under some circumstances, remove all the contents of the XDG_RUNTIME_DIR directory (#8680).
- Fixed a bug where the podman network create command created CNI configurations that did not include a default gateway (#8748).
- Fixed a bug where the podman.service systemd unit provided by default used the wrong service type, and would cause systemd to not correctly register the service as started (#8751).
- Fixed a bug where, if the TMPDIR environment variable was set for the container engine in containers.conf, it was being ignored.
- Fixed a bug where the podman events command did not properly handle future times given to the --until option (#8694).
- Fixed a bug where the podman logs command wrote container STDERR logs to STDOUT instead of STDERR (#8683).
- Fixed a bug where containers created from an image with multiple tags would report that they were created from the wrong tag (#8547).
- Fixed a bug where container capabilities were not set properly when the --cap-add=all and --user options to podman create and podman run were combined.
- Fixed a bug where the --layers option to podman build was nonfunctional (#8643).
- Fixed a bug where the podman system prune command did not act recursively, and thus would leave images, containers, pods, and volumes present that would be removed by a subsequent call to podman system prune (#7990).
- Fixed a bug where the --publish option to podman run and podman create did not properly handle ports specified as a range of ports with no host port specified (#8650).
- Fixed a bug where --format did not support JSON output for individual fields (#8444).
- Fixed a bug where the podman stats command would fail when run on root containers using the slirp4netns network mode (#7883).
- Fixed a bug where the Podman remote client would ask for a password even if the server's SSH daemon did not support password authentication (#8498).
- Fixed a bug where the podman stats command would fail if the system did not support one or more of the cgroup controllers Podman supports (#8588).
- Fixed a bug where the --mount option to podman create and podman run did not ignore the consistency mount option.
- Fixed a bug where failures during the resizing of a container's TTY would print the wrong error.
- Fixed a bug where the podman network disconnect command could cause the podman inspect command to fail for a container until it was restarted (#9234).
- Fixed a bug where containers created from a read-only rootfs (using the --rootfs option to podman create and podman run) would fail (#9230).
- Fixed a bug where specifying Go templates to the --format option to multiple Podman commands did not support the join function (#8773).
- Fixed a bug where the podman rmi command could, when run in parallel on multiple images, return layer not known errors (#6510).
- Fixed a bug where the podman inspect command on containers displayed unlimited ulimits incorrectly (#9303).
- Fixed a bug where Podman would fail to start when a volume was mounted over a directory in a container that contained symlinks that terminated outside the directory and its subdirectories (#6003).
API
- Libpod API version has been bumped to v3.0.0.
- All Libpod Pod APIs have been modified to properly report errors with individual containers. Cases where the operation as a whole succeeded but individual containers failed now report an HTTP 409 error (#8865).
- The Compat API for Containers now supports the Rename and Copy APIs.
- Fixed a bug where the Compat Prune APIs (for volumes, containers, and images) did not return the amount of space reclaimed in their responses.
- Fixed a bug where the Compat and Libpod Exec APIs for Containers would drop errors that occurred prior to the exec session successfully starting (e.g. a 'no such file' error if an invalid executable was passed) (#8281)
- Fixed a bug where the Volumes field in the Compat Create API for Containers was being ignored (#8649).
- Fixed a bug where the NetworkMode field in the Compat Create API for Containers was not handling some values, e.g. container:, correctly.
- Fixed a bug where the Compat Create API for Containers did not set container name properly.
- Fixed a bug where containers created using the Compat Create API unconditionally used Kubernetes file logging (the default specified in containers.conf is now used).
- Fixed a bug where the Compat Inspect API for Containers could include container states not recognized by Docker.
- Fixed a bug where Podman did not properly clean up after calls to the Events API when the journald backend was in use, resulting in a leak of file descriptors (#8864).
- Fixed a bug where the Libpod Pull endpoint for Images could fail with an index out of range error under certain circumstances (#8870).
- Fixed a bug where the Libpod Exists endpoint for Images could panic.
- Fixed a bug where the Compat List API for Containers did not support all filters (#8860).
- Fixed a bug where the Compat List API for Containers did not properly populate the Status field.
- Fixed a bug where the Compat and Libpod Resize APIs for Containers ignored the height and width parameters (#7102).
- Fixed a bug where the Compat Search API for Images returned an incorrectly-formatted JSON response (#8758).
- Fixed a bug where the Compat Load API for Images did not properly clean up temporary files.
- Fixed a bug where the Compat Create API for Networks could panic when an empty IPAM configuration was specified.
- Fixed a bug where the Compat Inspect and List APIs for Networks did not include Scope.
- Fixed a bug where the Compat Wait endpoint for Containers did not support the same wait conditions that Docker did.
* Misc
- Updated Buildah to v1.19.2
- Updated the containers/storage library to v1.24.5
- Updated the containers/image library to v5.10.2
- Updated the containers/common library to v0.33.4
- Update to v2.2.1
* Changes
- Due to a conflict with a previously-removed field, we were forced to
modify the way image volumes (mounting images into containers using
--mount type=image) were handled in the database.
As a result, containers created in Podman 2.2.0 with image volume
will not have them in v2.2.1, and these containers will need to be re-created.
* Bugfixes
- Fixed a bug where rootless Podman would, on systems without the
XDG_RUNTIME_DIR environment variable defined, use an incorrect path
for the PID file of the Podman pause process, causing Podman to fail
to start (#8539).
- Fixed a bug where containers created using Podman v1.7 and earlier were
unusable in Podman due to JSON decode errors (#8613).
- Fixed a bug where Podman could retrieve invalid cgroup paths, instead
of erroring, for containers that were not running.
- Fixed a bug where the podman system reset command would print a warning
about a duplicate shutdown handler being registered.
- Fixed a bug where rootless Podman would attempt to mount sysfs in
circumstances where it was not allowed; some OCI runtimes (notably
crun) would fall back to alternatives and not fail, but others
(notably runc) would fail to run containers.
- Fixed a bug where the podman run and podman create commands would fail
to create containers from untagged images (#8558).
- Fixed a bug where remote Podman would prompt for a password even when
the server did not support password authentication (#8498).
- Fixed a bug where the podman exec command did not move the Conmon
process for the exec session into the correct cgroup.
- Fixed a bug where shell completion for the ancestor option to
podman ps --filter did not work correctly.
- Fixed a bug where detached containers would not properly clean themselves
up (or remove themselves if --rm was set) if the Podman command that
created them was invoked with --log-level=debug.
* API
- Fixed a bug where the Compat Create endpoint for Containers did not
properly handle the Binds and Mounts parameters in HostConfig.
- Fixed a bug where the Compat Create endpoint for Containers
ignored the Name query parameter.
- Fixed a bug where the Compat Create endpoint for Containers did not
properly handle the 'default' value for NetworkMode (this value is
used extensively by docker-compose) (#8544).
- Fixed a bug where the Compat Build endpoint for Images would sometimes
incorrectly use the target query parameter as the image's tag.
* Misc
- Podman v2.2.0 vendored a non-released, custom version of the
github.com/spf13/cobra package; this has been reverted to the latest
upstream release to aid in packaging.
- Updated the containers/image library to v5.9.0
- Update to v2.2.0
* Features
- Experimental support for shortname aliasing has been added. This is not enabled by default, but can be turned on by setting the environment variable CONTAINERS_SHORT_NAME_ALIASING to on. Documentation is available here and here.
- Initial support has been added for the podman network connect and podman network disconnect commands, which allow existing containers to modify what networks they are connected to. At present, these commands can only be used on running containers that did not specify --network=none when they were created.
- The podman run command now supports the --network-alias option to set network aliases (additional names the container can be accessed at from other containers via DNS if the dnsname CNI plugin is in use). Aliases can also be added and removed using the new podman network connect and podman network disconnect commands. Please note that this requires a new release (v1.1.0) of the dnsname plugin, and will only work on newly-created CNI networks.
- The podman generate kube command now features support for exporting container's memory and CPU limits (#7855).
- The podman play kube command now features support for setting CPU and Memory limits for containers (#7742).
- The podman play kube command now supports persistent volumes claims using Podman named volumes.
- The podman play kube command now supports Kubernetes configmaps via the --configmap option (#7567).
- The podman play kube command now supports a --log-driver option to set the log driver for created containers.
- The podman play kube command now supports a --start option, enabled by default, to start the pod after creating it. This allows for podman play kube to be more easily used in systemd unitfiles.
- The podman network create command now supports the --ipv6 option to enable dual-stack IPv6 networking for created networks (#7302).
- The podman inspect command can now inspect pods, networks, and volumes, in addition to containers and images (#6757).
- The --mount option for podman run and podman create now supports a new type, image, to mount the contents of an image into the container at a given location.
- The Bash and ZSH completions have been completely reworked and have received significant enhancements! Additionally, support for Fish completions and completions for the podman-remote executable have been added.
- The --log-opt option for podman create and podman run now supports the max-size option to set the maximum size for a container's logs (#7434).
- The --network option to the podman pod create command now allows pods to be configured to use slirp4netns networking, even when run as root (#6097).
- The podman pod stop, podman pod pause, podman pod unpause, and podman pod kill commands now work on multiple containers in parallel and should be significantly faster.
- The podman search command now supports a --list-tags option to list all available tags for a single image in a single repository.
- The podman search command can now output JSON using the --format=json option.
- The podman diff and podman mount commands now work with all containers in the storage library, including those not created by Podman. This allows them to be used with Buildah and CRI-O containers.
- The podman container exists command now features a --external option to check if a container exists not just in Podman, but also in the storage library. This will allow Podman to identify Buildah and CRI-O containers.
- The --tls-verify and --authfile options have been enabled for use with remote Podman.
- The /etc/hosts file now includes the container's name and hostname (both pointing to localhost) when the container is run with --net=none (#8095).
- The podman events command now supports filtering events based on the labels of the container they occurred on using the --filter label=key=value option.
- The podman volume ls command now supports filtering volumes based on their labels using the --filter label=key=value option.
- The --volume and --mount options to podman run and podman create now support two new mount propagation options, unbindable and runbindable.
- The name and id filters for podman pod ps now match based on a regular expression, instead of requiring an exact match.
- The podman pod ps command now supports a new filter status, that matches pods in a certain state.
* Changes
- The podman network rm --force command will now also remove pods that are using the network (#7791).
- The podman volume rm, podman network rm, and podman pod rm commands now return exit code 1 if the object specified for removal does not exist, and exit code 2 if the object is in use and the --force option was not given.
- If /dev/fuse is passed into Podman containers as a device, Podman will open it before starting the container to ensure that the kernel module is loaded on the host and the device is usable in the container.
- Global Podman options that were not supported with remote operation have been removed from podman-remote (e.g. --cgroup-manager, --storage-driver).
- Many errors have been changed to remove repetition and be more clear as to what has gone wrong.
- The --storage option to podman rm is now enabled by default, with slightly changed semantics. If the given container does not exist in Podman but does exist in the storage library, it will be removed even without the --storage option. If the container exists in Podman it will be removed normally. The --storage option for podman rm is now deprecated and will be removed in a future release.
- The --storage option to podman ps has been renamed to --external. An alias has been added so the old form of the option will continue to work.
- Podman now delays the SIGTERM and SIGINT signals during container creation to ensure that Podman is not stopped midway through creating a container resulting in potential resource leakage (#7941).
- The podman save command now strips signatures from images it is exporting, as the formats we export to do not support signatures (#7659).
- A new Degraded state has been added to pods. Pods that have some, but not all, of their containers running are now considered to be Degraded instead of Running.
- Podman will now print a warning when conflicting network options related to port forwarding (e.g. --publish and --net=host) are specified when creating a container.
- The --restart on-failure and --rm options for containers no longer conflict. When both are specified, the container will be restarted if it exits with a non-zero error code, and removed if it exits cleanly (#7906).
- Remote Podman will no longer use settings from the client's containers.conf; defaults will instead be provided by the server's containers.conf (#7657).
- The podman network rm command now has a new alias, podman network remove (#8402).
* Bugfixes
- Fixed a bug where podman load on the remote client did not error when attempting to load a directory, which is not yet supported for remote use.
- Fixed a bug where rootless Podman could hang when the newuidmap binary was not installed (#7776).
- Fixed a bug where the --pull option to podman run, podman create, and podman build did not match Docker's behavior.
- Fixed a bug where sysctl settings from the containers.conf configuration file were applied, even if the container did not join the namespace associated with a sysctl.
- Fixed a bug where Podman would not return the text of errors encounted when trying to run a healthcheck for a container.
- Fixed a bug where Podman was accidentally setting the containers environment variable in addition to the expected container environment variable.
- Fixed a bug where rootless Podman using CNI networking did not properly clean up DNS entries for removed containers (#7789).
- Fixed a bug where the podman untag --all command was not supported with remote Podman.
- Fixed a bug where the podman system service command could time out even if active attach connections were present (#7826).
- Fixed a bug where the podman system service command would sometimes never time out despite no active connections being present.
- Fixed a bug where Podman's handling of capabilities, specifically inheritable, did not match Docker's.
- Fixed a bug where podman run would fail if the image specified was a manifest list and had already been pulled (#7798).
- Fixed a bug where Podman did not take search registries into account when looking up images locally (#6381).
- Fixed a bug where the podman manifest inspect command would fail for images that had already been pulled (#7726).
- Fixed a bug where rootless Podman would not add supplemental GIDs to containers when when a user, but not a group, was set via the --user option to podman create and podman run and sufficient GIDs were available to add the groups (#7782).
- Fixed a bug where remote Podman commands did not properly handle cases where the user gave a name that could also be a short ID for a pod or container (#7837).
- Fixed a bug where podman image prune could leave images ready to be pruned after podman image prune was run (#7872).
- Fixed a bug where the podman logs command with the journald log driver would not read all available logs (#7476).
- Fixed a bug where the --rm and --restart options to podman create and podman run did not conflict when a restart policy that is not on-failure was chosen (#7878).
- Fixed a bug where the --format 'table {{ .Field }}' option to numerous Podman commands ceased to function on Podman v2.0 and up.
- Fixed a bug where pods did not properly share an SELinux label between their containers, resulting in containers being unable to see the processes of other containers when the pod shared a PID namespace (#7886).
- Fixed a bug where the --namespace option to podman ps did not work with the remote client (#7903).
- Fixed a bug where rootless Podman incorrectly calculated the number of UIDs available in the container if multiple different ranges of UIDs were specified.
- Fixed a bug where the /etc/hosts file would not be correctly populated for containers in a user namespace (#7490).
- Fixed a bug where the podman network create and podman network remove commands could race when run in parallel, with unpredictable results (#7807).
- Fixed a bug where the -p option to podman run, podman create, and podman pod create would, when given only a single number (e.g. -p 80), assign the same port for both host and container, instead of generating a random host port (#7947).
- Fixed a bug where Podman containers did not properly store the cgroup manager they were created with, causing them to stop functioning after the cgroup manager was changed in containers.conf or with the --cgroup-manager option (#7830).
- Fixed a bug where the podman inspect command did not include information on the CNI networks a container was connected to if it was not running.
- Fixed a bug where the podman attach command would not print a newline after detaching from the container (#7751).
- Fixed a bug where the HOME environment variable was not set properly in containers when the --userns=keep-id option was set (#8004).
- Fixed a bug where the podman container restore command could panic when the container in question was in a pod (#8026).
- Fixed a bug where the output of the podman image trust show --raw command was not properly formatted.
- Fixed a bug where the podman runlabel command could panic if a label to run was not given (#8038).
- Fixed a bug where the podman run and podman start --attach commands would exit with an error when the user detached manually using the detach keys on remote Podman (#7979).
- Fixed a bug where rootless CNI networking did not use the dnsname CNI plugin if it was not available on the host, despite it always being available in the container used for rootless networking (#8040).
- Fixed a bug where Podman did not properly handle cases where an OCI runtime is specified by its full path, and could revert to using another OCI runtime with the same binary path that existed in the system $PATH on subsequent invocations.
- Fixed a bug where the --net=host option to podman create and podman run would cause the /etc/hosts file to be incorrectly populated (#8054).
- Fixed a bug where the podman inspect command did not include container network information when the container shared its network namespace (IE, joined a pod or another container's network namespace via --net=container:...) (#8073).
- Fixed a bug where the podman ps command did not include information on all ports a container was publishing.
- Fixed a bug where the podman build command incorrectly forwarded STDIN into build containers from RUN instructions.
- Fixed a bug where the podman wait command's --interval option did not work when units were not specified for the duration (#8088).
- Fixed a bug where the --detach-keys and --detach options could be passed to podman create despite having no effect (and not making sense in that context).
- Fixed a bug where Podman could not start containers if running on a system without a /etc/resolv.conf file (which occurs on some WSL2 images) (#8089).
- Fixed a bug where the --extract option to podman cp was nonfunctional.
- Fixed a bug where the --cidfile option to podman run would, when the container was not run with --detach, only create the file after the container exited (#8091).
- Fixed a bug where the podman images and podman images -a commands could panic and not list any images when certain improperly-formatted images were present in storage (#8148).
- Fixed a bug where the podman events command could, when the journald events backend was in use, become nonfunctional when a badly-formatted event or a log message that container certain string was present in the journal (#8125).
- Fixed a bug where remote Podman would, when using SSH transport, not authenticate to the server using hostkeys when connecting on a port other than 22 (#8139).
- Fixed a bug where the podman attach command would not exit when containers stopped (#8154).
- Fixed a bug where Podman did not properly clean paths before verifying them, resulting in Podman refusing to start if the root or temporary directories were specified with extra trailing / characters (#8160).
- Fixed a bug where remote Podman did not support hashed hostnames in the known_hosts file on the host for establishing connections (#8159).
- Fixed a bug where the podman image exists command would return non-zero (false) when multiple potential matches for the given name existed.
- Fixed a bug where the podman manifest inspect command on images that are not manifest lists would error instead of inspecting the image (#8023).
- Fixed a bug where the podman system service command would fail if the directory the Unix socket was to be created inside did not exist (#8184).
- Fixed a bug where pods that shared the IPC namespace (which is done by default) did not share a /dev/shm filesystem between all containers in the pod (#8181).
- Fixed a bug where filters passed to podman volume list were not inclusive (#6765).
- Fixed a bug where the podman volume create command would fail when the volume's data directory already existed (as might occur when a volume was not completely removed) (#8253).
- Fixed a bug where the podman run and podman create commands would deadlock when trying to create a container that mounted the same named volume at multiple locations (e.g. podman run -v testvol:/test1 -v testvol:/test2) (#8221).
- Fixed a bug where the parsing of the --net option to podman build was incorrect (#8322).
- Fixed a bug where the podman build command would print the ID of the built image twice when using remote Podman (#8332).
- Fixed a bug where the podman stats command did not show memory limits for containers (#8265).
- Fixed a bug where the podman pod inspect command printed the static MAC address of the pod in a non-human-readable format (#8386).
- Fixed a bug where the --tls-verify option of the podman play kube command had its logic inverted (false would enforce the use of TLS, true would disable it).
- Fixed a bug where the podman network rm command would error when trying to remove macvlan networks and rootless CNI networks (#8491).
- Fixed a bug where Podman was not setting sane defaults for missing XDG_ environment variables.
- Fixed a bug where remote Podman would check if volume paths to be mounted in the container existed on the host, not the server (#8473).
- Fixed a bug where the podman manifest create and podman manifest add commands on local images would drop any images in the manifest not pulled by the host.
- Fixed a bug where networks made by podman network create did not include the tuning plugin, and as such did not support setting custom MAC addresses (#8385).
- Fixed a bug where container healthchecks did not use $PATH when searching for the Podman executable to run the healthcheck.
- Fixed a bug where the --ip-range option to podman network create did not properly handle non-classful subnets when calculating the last usable IP for DHCP assignment (#8448).
- Fixed a bug where the podman container ps alias for podman ps was missing (#8445).
* API
- The Compat Create endpoint for Container has received a major refactor to share more code with the Libpod Create endpoint, and should be significantly more stable.
- A Compat endpoint for exporting multiple images at once, GET /images/get, has been added (#7950).
- The Compat Network Connect and Network Disconnect endpoints have been added.
- Endpoints that deal with image registries now support a X-Registry-Config header to specify registry authentication configuration.
- The Compat Create endpoint for images now properly supports specifying images by digest.
- The Libpod Build endpoint for images now supports an httpproxy query parameter which, if set to true, will forward the server's HTTP proxy settings into the build container for RUN instructions.
- The Libpod Untag endpoint for images will now remove all tags for the given image if no repository and tag are specified for removal.
- Fixed a bug where the Ping endpoint misspelled a header name (Libpod-Buildha-Version instead of Libpod-Buildah-Version).
- Fixed a bug where the Ping endpoint sent an extra newline at the end of its response where Docker did not.
- Fixed a bug where the Compat Logs endpoint for containers did not send a newline character after each log line.
- Fixed a bug where the Compat Logs endpoint for containers would mangle line endings to change newline characters to add a preceding carriage return (#7942).
- Fixed a bug where the Compat Inspect endpoint for Containers did not properly list the container's stop signal (#7917).
- Fixed a bug where the Compat Inspect endpoint for Containers formatted the container's create time incorrectly (#7860).
- Fixed a bug where the Compat Inspect endpoint for Containers did not include the container's Path, Args, and Restart Count.
- Fixed a bug where the Compat Inspect endpoint for Containers prefixed added and dropped capabilities with CAP_ (Docker does not do so).
- Fixed a bug where the Compat Info endpoint for the Engine did not include configured registries.
- Fixed a bug where the server could panic if a client closed a connection midway through an image pull (#7896).
- Fixed a bug where the Compat Create endpoint for volumes returned an error when a volume with the same name already existed, instead of succeeding with a 201 code (#7740).
- Fixed a bug where a client disconnecting from the Libpod or Compat events endpoints could result in the server using 100% CPU (#7946).
- Fixed a bug where the 'no such image' error message sent by the Compat Inspect endpoint for Images returned a 404 status code with an error that was improperly formatted for Docker compatibility.
- Fixed a bug where the Compat Create endpoint for networks did not properly set a default for the driver parameter if it was not provided by the client.
- Fixed a bug where the Compat Inspect endpoint for images did not populate the RootFS field of the response.
- Fixed a bug where the Compat Inspect endpoint for images would omit the ParentId field if the image had no parent, and the Created field if the image did not have a creation time.
- Fixed a bug where the Compat Remove endpoint for Networks did not support the Force query parameter.
- add dependency to timezone package or podman fails to build a
- Correct invalid use of %{_libexecdir} to ensure files should be in /usr/lib
SELinux support [jsc#SMO-15]
libseccomp was updated to release 2.5.3:
* Update the syscall table for Linux v5.15
* Fix issues with multiplexed syscalls on mipsel introduced in v2.5.2
* Document that seccomp_rule_add() may return -EACCES
Update to release 2.5.2
* Update the syscall table for Linux v5.14-rc7
* Add a function, get_notify_fd(), to the Python bindings to
get the nofication file descriptor.
* Consolidate multiplexed syscall handling for all
architectures into one location.
* Add multiplexed syscall support to PPC and MIPS
* The meaning of SECCOMP_IOCTL_NOTIF_ID_VALID changed within
the kernel. libseccomp's fd notification logic was modified
to support the kernel's previous and new usage of
SECCOMP_IOCTL_NOTIF_ID_VALID.
update to 2.5.1:
* Fix a bug where seccomp_load() could only be called once
* Change the notification fd handling to only request a notification fd if
* the filter has a _NOTIFY action
* Add documentation about SCMP_ACT_NOTIFY to the seccomp_add_rule(3) manpage
* Clarify the maintainers' GPG keys
Update to release 2.5.0
* Add support for the seccomp user notifications, see the
seccomp_notify_alloc(3), seccomp_notify_receive(3),
seccomp_notify_respond(3) manpages for more information
* Add support for new filter optimization approaches, including a balanced
tree optimization, see the SCMP_FLTATR_CTL_OPTIMIZE filter attribute for
more information
* Add support for the 64-bit RISC-V architecture
* Performance improvements when adding new rules to a filter thanks to the
use of internal shadow transactions and improved syscall lookup tables
* Properly document the libseccomp API return values and include them in the
stable API promise
* Improvements to the s390 and s390x multiplexed syscall handling
* Multiple fixes and improvements to the libseccomp manpages
* Moved from manually maintained syscall tables to an automatically generated
syscall table in CSV format
* Update the syscall tables to Linux v5.8.0-rc5
* Python bindings and build now default to Python 3.x
* Improvements to the tests have boosted code coverage to over 93%
Update to release 2.4.3
* Add list of authorized release signatures to README.md
* Fix multiplexing issue with s390/s390x shm* syscalls
* Remove the static flag from libseccomp tools compilation
* Add define for __SNR_ppoll
* Fix potential memory leak identified by clang in the
scmp_bpf_sim tool
Update to release 2.4.2
* Add support for io-uring related system calls
conmon was updated to version 2.0.30:
* Remove unreachable code path
* exit: report if the exit command was killed
* exit: fix race zombie reaper
* conn_sock: allow watchdog messages through the notify socket proxy
* seccomp: add support for seccomp notify
Update to version 2.0.29:
* Reset OOM score back to 0 for container runtime
* call functions registered with atexit on SIGTERM
* conn_sock: fix potential segfault
Update to version 2.0.27:
* Add CRI-O integration test GitHub action
* exec: don't fail on EBADFD
* close_fds: fix close of external fds
* Add arm64 static build binary
Update to version 2.0.26:
* conn_sock: do not fail on EAGAIN
* fix segfault from a double freed pointer
* Fix a bug where conmon could never spawn a container, because
a disagreement between the caller and itself on where the attach
socket was.
* improve --full-attach to ignore the socket-dir directly. that
means callers don't need to specify a socket dir at all (and
can remove it)
* add full-attach option to allow callers to not truncate a very
long path for the attach socket
* close only opened FDs
* set locale to inherit environment
Update to version 2.0.22:
* added man page
* attach: always chdir
* conn_sock: Explicitly free a heap-allocated string
* refactor I/O and add SD_NOTIFY proxy support
Update to version 2.0.21:
* protect against kill(-1)
* Makefile: enable debuginfo generation
* Remove go.sum file and add go.mod
* Fail if conmon config could not be written
* nix: remove double definition for e2fsprogs
* Speedup static build by utilizing CI cache on `/nix` folder
* Fix nix build for failing e2fsprogs tests
* test: fix CI
* Use Podman for building
libcontainers-common was updated to include:
- common 0.44.0
- image 5.16.0
- podman 3.3.1
- storage 1.36.0
(changes too long to list)
CVEs fixed: CVE-2020-14370,CVE-2020-15157,CVE-2021-20199,CVE-2021-20291,CVE-2021-3602
Patchnames
SUSE-SLE-Module-Basesystem-15-SP3-2022-23018,SUSE-SLE-Module-Containers-15-SP3-2022-23018,SUSE-SUSE-MicroOS-5.1-2022-23018
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for conmon, libcontainers-common, libseccomp, podman",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for conmon, libcontainers-common, libseccomp, podman fixes the following issues:\n\npodman was updated to 3.4.4.\n\nSecurity issues fixed:\n\n\n- fix CVE-2021-41190 [bsc#1193273], opencontainers: OCI manifest and index parsing confusion\n- fix CVE-2021-4024 [bsc#1193166], podman machine spawns gvproxy with port binded to all IPs\n- fix CVE-2021-20199 [bsc#1181640], Remote traffic to rootless containers is seen as orginating from localhost\n\n- Add: Provides: podman:/usr/bin/podman-remote subpackage for a clearer upgrade\n path from podman \u003c 3.1.2\n\nUpdate to version 3.4.4:\n\n * Bugfixes\n\n - Fixed a bug where the podman exec command would, under some circumstances,\n print a warning message about failing to move conmon to the appropriate cgroup (#12535).\n - Fixed a bug where named volumes created as part of container creation\n (e.g. podman run --volume avolume:/a/mountpoint or similar) would be\n mounted with incorrect permissions (#12523).\n - Fixed a bug where the podman-remote create and podman-remote run commands\n did not properly handle the --entrypoint=\u0027\u0027 option (to clear the container\u0027s entrypoint) (#12521).\n\n- Update to version 3.4.3:\n\n * Security\n\n - This release addresses CVE-2021-4024, where the podman machine command opened the gvproxy API (used to forward ports to podman machine VMs) to the public internet on port 7777.\n - This release addresses CVE-2021-41190, where incomplete specification of behavior regarding image manifests could lead to inconsistent decoding on different clients.\n\n * Features\n\n - The --secret type=mount option to podman create and podman run supports a new option, target=, which specifies where in the container the secret will be mounted (#12287).\n\n * Bugfixes\n\n - Fixed a bug where rootless Podman would occasionally print warning messages about failing to move the pause process to a new cgroup (#12065).\n - Fixed a bug where the podman run and podman create commands would, when pulling images, still require TLS even with registries set to Insecure via config file (#11933).\n - Fixed a bug where the podman generate systemd command generated units that depended on multi-user.target, which has been removed from some distributions (#12438).\n - Fixed a bug where Podman could not run containers with images that had /etc/ as a symlink (#12189).\n - Fixed a bug where the podman logs -f command would, when using the journald logs backend, exit immediately if the container had previously been restarted (#12263).\n - Fixed a bug where, in containers on VMs created by podman machine, the host.containers.internal name pointed to the VM, not the host system (#11642).\n - Fixed a bug where containers and pods created by the podman play kube command in VMs managed by podman machine would not automatically forward ports from the host machine (#12248).\n - Fixed a bug where podman machine init would fail on OS X when GNU Coreutils was installed (#12329).\n - Fixed a bug where podman machine start would exit before SSH on the started VM was accepting connections (#11532).\n - Fixed a bug where the podman run command with signal proxying (--sig-proxy) enabled could print an error if it attempted to send a signal to a container that had just exited (#8086).\n - Fixed a bug where the podman stats command would not return correct information for containers running Systemd as PID1 (#12400).\n - Fixed a bug where the podman image save command would fail on OS X when writing the image to STDOUT (#12402).\n - Fixed a bug where the podman ps command did not properly handle PS arguments which contained whitespace (#12452).\n - Fixed a bug where the podman-remote wait command could fail to detect that the container exited and return an error under some circumstances (#12457).\n - Fixed a bug where the Windows MSI installer for podman-remote would break the PATH environment variable by adding an extra \u0027 (#11416).\n\n * API\n\n - The Libpod Play Kube endpoint now also accepts ConfigMap YAML as part of its payload, and will use provided any ConfigMap to configure provided pods and services.\n - Fixed a bug where the Compat Create endpoint for Containers would not always create the container\u0027s working directory if it did not exist (#11842).\n - Fixed a bug where the Compat Create endpoint for Containers returned an incorrect error message with 404 errors when the requested image was not found (#12315).\n - Fixed a bug where the Compat Create endpoint for Containers did not properly handle the HostConfig.Mounts field (#12419).\n - Fixed a bug where the Compat Archive endpoint for Containers did not properly report errors when the operation failed (#12420).\n - Fixed a bug where the Compat Build endpoint for Images ignored the layers query parameter (for caching intermediate layers from the build) (#12378).\n - Fixed a bug where the Compat Build endpoint for Images did not report errors in a manner compatible with Docker (#12392).\n - Fixed a bug where the Compat Build endpoint for Images would fail to build if the context directory was a symlink (#12409).\n - Fixed a bug where the Compat List endpoint for Images included manifest lists (and not just images) in returned results (#12453).\n\n- Update to version 3.4.2:\n\n * Fixed a bug where podman tag could not tag manifest lists (#12046).\n * Fixed a bug where built-in volumes specified by images would not be\n created correctly under some circumstances.\n * Fixed a bug where, when using Podman Machine on OS X, containers in pods\n did not have working port forwarding from the host (#12207).\n * Fixed a bug where the podman network reload command command on containers\n using the slirp4netns network mode and the rootlessport port forwarding\n driver would make an unnecessary attempt to restart rootlessport\n on containers that did not forward ports.\n * Fixed a bug where the podman generate kube command would generate YAML\n including some unnecessary (set to default) fields (e.g. empty SELinux and\n DNS configuration blocks, and the privileged flag when set to false) (#11995).\n * Fixed a bug where the podman pod rm command could, if interrupted at the right moment,\n leave a reference to an already-removed infra container behind (#12034).\n * Fixed a bug where the podman pod rm command would not remove pods with\n more than one container if all containers save for the infra container\n were stopped unless --force was specified (#11713).\n * Fixed a bug where the --memory flag to podman run and podman create did\n not accept a limit of 0 (which should specify unlimited memory) (#12002).\n * Fixed a bug where the remote Podman client\u0027s podman build command could\n attempt to build a Dockerfile in the working directory of the podman\n system service instance instead of the Dockerfile specified by the user (#12054).\n * Fixed a bug where the podman logs --tail command could function improperly\n (printing more output than requested) when the journald log driver was used.\n * Fixed a bug where containers run using the slirp4netns network mode with\n IPv6 enabled would not have IPv6 connectivity until several seconds after they started (#11062).\n * Fixed a bug where some Podman commands could cause an extra dbus-daemon\n process to be created (#9727).\n * Fixed a bug where rootless Podman would sometimes print warnings\n about a failure to move the pause process into a given CGroup (#12065).\n * Fixed a bug where the checkpointed field in podman inspect on a container\n was not set to false after a container was restored.\n * Fixed a bug where the podman system service command would print\n overly-verbose logs about request IDs (#12181).\n * Fixed a bug where Podman could, when creating a new container without a name\n explicitly specified by the user, sometimes use an auto-generated name already\n in use by another container if multiple containers were being created in parallel (#11735).\n\nUpdate to version 3.4.1:\n\n * Bugfixes\n\n - Fixed a bug where podman machine init could, under some circumstances,\n create invalid machine configurations which could not be started (#11824).\n - Fixed a bug where the podman machine list command would not properly\n populate some output fields.\n - Fixed a bug where podman machine rm could leave dangling sockets from\n the removed machine (#11393).\n - Fixed a bug where podman run --pids-limit=-1 was not supported (it now\n sets the PID limit in the container to unlimited) (#11782).\n - Fixed a bug where podman run and podman attach could throw errors about\n a closed network connection when STDIN was closed by the client (#11856).\n - Fixed a bug where the podman stop command could fail when run on a\n container that had another podman stop command run on it previously.\n - Fixed a bug where the --sync flag to podman ps was nonfunctional.\n - Fixed a bug where the Windows and OS X remote clients\u0027 podman stats\n command would fail (#11909).\n - Fixed a bug where the podman play kube command did not properly handle\n environment variables whose values contained an = (#11891).\n - Fixed a bug where the podman generate kube command could generate\n invalid annotations when run on containers with volumes that use SELinux\n relabelling (:z or :Z) (#11929).\n - Fixed a bug where the podman generate kube command would generate YAML\n including some unnecessary (set to default) fields (e.g. user and group,\n entrypoint, default protocol for forwarded ports) (#11914, #11915, and #11965).\n - Fixed a bug where the podman generate kube command could, under some\n circumstances, generate YAML including an invalid targetPort field for\n forwarded ports (#11930).\n - Fixed a bug where rootless Podman\u0027s podman info command could, under\n some circumstances, not read available CGroup controllers (#11931).\n - Fixed a bug where podman container checkpoint --export would fail to\n checkpoint any container created with --log-driver=none (#11974).\n\n * API\n\n - Fixed a bug where the Compat Create endpoint for Containers could panic\n when no options were passed to a bind mount of tmpfs (#11961).\n\nUpdate to version 3.4.0:\n\n * Features\n\n - Pods now support init containers! Init containers are containers which run before the rest of the pod starts. There are two types of init containers: \u0027always\u0027, which always run before the pod is started, and \u0027once\u0027, which only run the first time the pod starts and are subsequently removed. They can be added using the podman create command\u0027s --init-ctr option.\n - Support for init containers has also been added to podman play kube and podman generate kube - init containers contained in Kubernetes YAML will be created as Podman init containers, and YAML generated by Podman will include any init containers created.\n - The podman play kube command now supports building images. If the --build option is given and a directory with the name of the specified image exists in the current working directory and contains a valid Containerfile or Dockerfile, the image will be built and used for the container.\n - The podman play kube command now supports a new option, --teardown, which removes any pods and containers created by the given Kubernetes YAML.\n - The podman generate kube command now generates annotations for SELinux mount options on volume (:z and :Z) that are respected by the podman play kube command.\n - A new command has been added, podman pod logs, to return logs for all containers in a pod at the same time.\n - Two new commands have been added, podman volume export (to export a volume to a tar file) and podman volume import) (to populate a volume from a given tar file).\n - The podman auto-update command now supports simple rollbacks. If a container fails to start after an automatic update, it will be rolled back to the previous image and restarted again.\n - Pods now share their user namespace by default, and the podman pod create command now supports the --userns option. This allows rootless pods to be created with the --userns=keep-id option.\n - The podman pod ps command now supports a new filter with its --filter option, until, which returns pods created before a given timestamp.\n - The podman image scp command has been added. This command allows images to be transferred between different hosts.\n - The podman stats command supports a new option, --interval, to specify the amount of time before the information is refreshed.\n - The podman inspect command now includes ports exposed (but not published) by containers (e.g. ports from --expose when --publish-all is not specified).\n - The podman inspect command now has a new boolean value, Checkpointed, which indicates that a container was stopped as a result of a podman container checkpoint operation.\n - Volumes created by podman volume create now support setting quotas when run atop XFS. The size and inode options allow the maximum size and maximum number of inodes consumed by a volume to be limited.\n - The podman info command now outputs information on what log drivers, network drivers, and volume plugins are available for use (#11265).\n - The podman info command now outputs the current log driver in use, and the variant and codename of the distribution in use.\n - The parameters of the VM created by podman machine init (amount of disk space, memory, CPUs) can now be set in containers.conf.\n - The podman machine ls command now shows additional information (CPUs, memory, disk size) about VMs managed by podman machine.\n - The podman ps command now includes healthcheck status in container state for containers that have healthchecks (#11527).\n\n * Changes\n\n - The podman build command has a new alias, podman buildx, to improve compatibility with Docker. We have already added support for many docker buildx flags to podman build and aim to continue to do so.\n - Cases where Podman is run without a user session or a writable temporary files directory will now produce better error messages.\n - The default log driver has been changed from file to journald. The file driver did not properly support log rotation, so this should lead to a better experience. If journald is not available on the system, Podman will automatically revert to the file.\n - Podman no longer depends on ip for removing networks (#11403).\n - The deprecated --macvlan flag to podman network create now warns when it is used. It will be removed entirely in the Podman 4.0 release.\n - The podman machine start command now prints a message when the VM is successfully started.\n - The podman stats command can now be used on containers that are paused.\n - The podman unshare command will now return the exit code of the command that was run in the user namespace (assuming the command was successfully run).\n - Successful healthchecks will no longer add a healthy line to the system log to reduce log spam.\n - As a temporary workaround for a lack of shortname prompts in the Podman remote client, VMs created by podman machine now default to only using the docker.io registry.\n\n * Bugfixes\n\n - Fixed a bug where whitespace in the definition of sysctls (particularly default sysctls specified in containers.conf) would cause them to be parsed incorrectly.\n - Fixed a bug where the Windows remote client improperly validated volume paths (#10900).\n - Fixed a bug where the first line of logs from a container run with the journald log driver could be skipped.\n - Fixed a bug where images created by podman commit did not include ports exposed by the container.\n - Fixed a bug where the podman auto-update command would ignore the io.containers.autoupdate.authfile label when pulling images (#11171).\n - Fixed a bug where the --workdir option to podman create and podman run could not be set to a directory where a volume was mounted (#11352).\n - Fixed a bug where systemd socket-activation did not properly work with systemd-managed Podman containers (#10443).\n - Fixed a bug where environment variable secrets added to a container were not available to exec sessions launched in the container.\n - Fixed a bug where rootless containers could fail to start the rootlessport port-forwarding service when XDG_RUNTIME_DIR was set to a long path.\n - Fixed a bug where arguments to the --systemd option to podman create and podman run were case-sensitive (#11387).\n - Fixed a bug where the podman manifest rm command would also remove images referenced by the manifest, not just the manifest itself (#11344).\n - Fixed a bug where the Podman remote client on OS X would not function properly if the TMPDIR environment variable was not set (#11418).\n - Fixed a bug where the /etc/hosts file was not guaranteed to contain an entry for localhost (this is still not guaranteed if --net=host is used; such containers will exactly match the host\u0027s /etc/hosts) (#11411).\n - Fixed a bug where the podman machine start command could print warnings about unsupported CPU features (#11421).\n - Fixed a bug where the podman info command could segfault when accessing cgroup information.\n - Fixed a bug where the podman logs -f command could hang when a container exited (#11461).\n - Fixed a bug where the podman generate systemd command could not be used on containers that specified a restart policy (#11438).\n - Fixed a bug where the remote Podman client\u0027s podman build command would fail to build containers if the UID and GID on the client were higher than 65536 (#11474).\n - Fixed a bug where the remote Podman client\u0027s podman build command would fail to build containers if the context directory was a symlink (#11732).\n - Fixed a bug where the --network flag to podman play kube was not properly parsed when a non-bridge network configuration was specified.\n - Fixed a bug where the podman inspect command could error when the container being inspected was removed as it was being inspected (#11392).\n - Fixed a bug where the podman play kube command ignored the default pod infra image specified in containers.conf.\n - Fixed a bug where the --format option to podman inspect was nonfunctional under some circumstances (#8785).\n - Fixed a bug where the remote Podman client\u0027s podman run and podman exec commands could skip a byte of output every 8192 bytes (#11496).\n - Fixed a bug where the podman stats command would print nonsensical results if the container restarted while it was running (#11469).\n - Fixed a bug where the remote Podman client would error when STDOUT was redirected on a Windows client (#11444).\n - Fixed a bug where the podman run command could return 0 when the application in the container exited with 125 (#11540).\n - Fixed a bug where containers with --restart=always set using the rootlessport port-forwarding service could not be restarted automatically.\n - Fixed a bug where the --cgroups=split option to podman create and podman run was silently discarded if the container was part of a pod.\n - Fixed a bug where the podman container runlabel command could fail if the image name given included a tag.\n - Fixed a bug where Podman could add an extra 127.0.0.1 entry to /etc/hosts under some circumstances (#11596).\n - Fixed a bug where the remote Podman client\u0027s podman untag command did not properly handle tags including a digest (#11557).\n - Fixed a bug where the --format option to podman ps did not properly support the table argument for tabular output.\n - Fixed a bug where the --filter option to podman ps did not properly handle filtering by healthcheck status (#11687).\n - Fixed a bug where the podman run and podman start --attach commands could race when retrieving the exit code of a container that had already been removed resulting in an error (e.g. by an external podman rm -f) (#11633).\n - Fixed a bug where the podman generate kube command would add default environment variables to generated YAML.\n - Fixed a bug where the podman generate kube command would add the default CMD from the image to generated YAML (#11672).\n - Fixed a bug where the podman rm --storage command could fail to remove containers under some circumstances (#11207).\n - Fixed a bug where the podman machine ssh command could fail when run on Linux (#11731).\n - Fixed a bug where the podman stop command would error when used on a container that was already stopped (#11740).\n - Fixed a bug where renaming a container in a pod using the podman rename command, then removing the pod using podman pod rm, could cause Podman to believe the new name of the container was permanently in use, despite the container being removed (#11750).\n\n * API\n\n - The Libpod Pull endpoint for Images now has a new query parameter, quiet, which (when set to true) suppresses image pull progress reports (#10612).\n - The Compat Events endpoint now includes several deprecated fields from the Docker v1.21 API for improved compatibility with older clients.\n - The Compat List and Inspect endpoints for Images now prefix image IDs with sha256: for improved Docker compatibility (#11623).\n - The Compat Create endpoint for Containers now properly sets defaults for healthcheck-related fields (#11225).\n - The Compat Create endpoint for Containers now supports volume options provided by the Mounts field (#10831).\n - The Compat List endpoint for Secrets now supports a new query parameter, filter, which allows returned results to be filtered.\n - The Compat Auth endpoint now returns the correct response code (500 instead of 400) when logging into a registry fails.\n - The Version endpoint now includes information about the OCI runtime and Conmon in use (#11227).\n - Fixed a bug where the X-Registry-Config header was not properly handled, leading to errors when pulling images (#11235).\n - Fixed a bug where invalid query parameters could cause a null pointer dereference when creating error messages.\n - Logging of API requests and responses at trace level has been greatly improved, including the addition of an X-Reference-Id header to correlate requests and responses (#10053).\n\nUpdate to version 3.3.1:\n\n * Bugfixes\n\n - Fixed a bug where unit files created by podman generate systemd could\n not cleanup shut down containers when stopped by systemctl stop (#11304).\n - Fixed a bug where podman machine commands would not properly locate\n the gvproxy binary in some circumstances.\n - Fixed a bug where containers created as part of a pod using the\n --pod-id-file option would not join the pod\u0027s network namespace (#11303).\n - Fixed a bug where Podman, when using the systemd cgroups driver,\n could sometimes leak dbus sessions.\n - Fixed a bug where the until filter to podman logs and podman events\n was improperly handled, requiring input to be negated (#11158).\n - Fixed a bug where rootless containers using CNI networking run on\n systems using systemd-resolved for DNS would fail to start if resolved\n symlinked /etc/resolv.conf to an absolute path (#11358).\n\n * API\n\n - A large number of potential file descriptor leaks from improperly closing\n client connections have been fixed.\n\nUpdate to version 3.3.0:\n\n * Fix network aliases with network id\n * machine: compute sha256 as we read the image file\n * machine: check for file exists instead of listing directory\n * pkg/bindings/images.nTar(): slashify hdr.Name values\n * Volumes: Only remove from DB if plugin removal succeeds\n * For compatibility, ignore Content-Type\n * [v3.3] Bump c/image 5.15.2, buildah v1.22.3\n * Implement SD-NOTIFY proxy in conmon\n * Fix rootless cni dns without systemd stub resolver\n * fix rootlessport flake\n * Skip stats test in CGv1 container environments\n * Fix AVC denials in tests of volume mounts\n * Restore buildah-bud test requiring new images\n * Revert \u0027.cirrus.yml: use fresh images for all VMs\u0027\n * Fix device tests using ls test files\n * Enhance priv. dev. check\n * Workaround host availability of /dev/kvm\n * Skip cgroup-parent test due to frequent flakes\n * Cirrus: Fix not uploading logformatter html\n\nSwitch to crun (bsc#1188914)\n\nUpdate to version 3.2.3:\n\n * Bump to v3.2.3\n * Update release notes for v3.2.3\n * vendor containers/common@v0.38.16\n * vendor containers/buildah@v1.21.3\n * Fix race conditions in rootless cni setup\n * CNI-in-slirp4netns: fix bind-mount for /run/systemd/resolve/stub-resolv.conf\n * Make rootless-cni setup more robust\n * Support uid,gid,mode options for secrets\n * vendor containers/common@v0.38.15\n * [CI:DOCS] podman search: clarify that results depend on implementation\n * vendor containers/common@v0.38.14\n * vendor containers/common@v0.38.13\n * [3.2] vendor containers/common@v0.38.12\n * Bump README to v3.2.2\n * Bump to v3.2.3-dev\n\n- Update to version 3.2.2:\n * Bump to v3.2.2\n * fix systemcontext to use correct TMPDIR\n * Scrub podman commands to use report package\n * Fix volumes with uid and gid options\n * Vendor in c/common v0.38.11\n * Initial release notes for v3.2.2\n * Fix restoring of privileged containers\n * Fix handling of podman-remote build --device\n * Add support for podman remote build -f - .\n * Fix panic condition in cgroups.getAvailableControllers\n * Fix permissions on initially created named volumes\n * Fix building static podman-remote\n * add correct slirp ip to /etc/hosts\n * disable tty-size exec checks in system tests\n * Fix resize race with podman exec -it\n * Fix documentation of the --format option of podman push\n * Fix systemd-resolved detection.\n * Health Check is not handled in the compat LibpodToContainerJSON\n * Do not use inotify for OCICNI\n * getContainerNetworkInfo: lock netNsCtr before sync\n * [NO TESTS NEEDED] Create /etc/mtab with the correct ownership\n * Create the /etc/mtab file if does not exists\n * [v3.2] cp: do not allow dir-\u003efile copying\n * create: support images with invalid platform\n * vendor containers/common@v0.38.10\n * logs: k8s-file: restore poll sleep\n * logs: k8s-file: fix spurious error logs\n * utils: move message from warning to debug\n * Bump to v3.2.2-dev\n\n- Update to version 3.2.1:\n * Bump to v3.2.1\n * Updated release notes for v3.2.1\n * Fix network connect race with docker-compose\n * Revert \u0027Ensure minimum API version is set correctly in tests\u0027\n * Fall back to string for dockerfile parameter\n * remote events: fix --stream=false\n * [CI:DOCS] fix incorrect network remove api doc\n * remote: always send resize before the container starts\n * remote events: support labels\n * remote pull: cancel pull when connection is closed\n * Fix network prune api docs\n * Improve systemd-resolved detection\n * logs: k8s-file: fix race\n * Fix image prune --filter cmd behavior\n * Several shell completion fixes\n * podman-remote build should handle -f option properly\n * System tests: deal with crun 0.20.1\n * Fix build tags for pkg/machine...\n * Fix pre-checkpointing\n * container: ignore named hierarchies\n * [v3.2] vendor containers/common@v0.38.9\n * rootless: fix fast join userns path\n * [v3.2] vendor containers/common@v0.38.7\n * [v3.2] vendor containers/common@v0.38.6\n * Correct qemu options for Intel macs\n * Ensure minimum API version is set correctly in tests\n * Bump to v3.2.1-dev\n\n- Update to version 3.2.0:\n * Bump to v3.2.0\n * Fix network create macvlan with subnet option\n * Final release notes updates for v3.2.0\n * add ipv6 nameservers only when the container has ipv6 enabled\n * Use request context instead of background\n * [v.3.2] events: support disjunctive filters\n * System tests: add :Z to volume mounts\n * generate systemd: make mounts portable\n * vendor containers/storage@v1.31.3\n * vendor containers/common@v0.38.5\n * Bump to v3.2.0-dev\n * Bump to v3.2.0-RC3\n * Update release notes for v3.2.0-RC3\n * Fix race on podman start --all\n * Fix race condition in running ls container in a pod\n * docs: --cert-dir: point to containers-certs.d(5)\n * Handle hard links in different directories\n * Improve OCI Runtime error\n * Handle hard links in remote builds\n * Podman info add support for status of cgroup controllers\n * Drop container does not exist on removal to debugf\n * Downgrade API service routing table logging\n * add libimage events\n * docs: generate systemd: XDG_RUNTIME_DIR\n * Fix problem copying files when container is in host pid namespace\n * Bump to v3.2.0-dev\n * Bump to v3.2.0-RC2\n * update c/common\n * Update Cirrus DEST_BRANCH to v3.2\n * Updated vendors of c/image, c/storage, Buildah\n * Initial release notes for v3.2.0-RC2\n * Add script for identifying commits in release branches\n * Add host.containers.internal entry into container\u0027s etc/hosts\n * image prune: remove unused images only with `--all`\n * podman network reload add rootless support\n * Use more recent `stale` release...\n * network tutorial: update with rootless cni changes\n * [CI:DOCS] Update first line in intro page\n * Use updated VM images + updated automation tooling\n * auto-update service: prune images\n * make vendor\n * fix system upgrade tests\n * Print \u0027extracting\u0027 only on compressed file\n * podman image tree: restore previous behavior\n * fix network restart always test\n * fix incorrect log driver in podman container image\n * Add support for cli network prune --filter flag\n * Move filter parsing to common utils\n * Bump github.com/containers/storage from 1.30.2 to 1.30.3\n * Update nix pin with `make nixpkgs`\n * [CI:DOCS] hack/bats - new helper for running system tests\n * fix restart always with slirp4netns\n * Bump github.com/opencontainers/runc from 1.0.0-rc93 to 1.0.0-rc94\n * Bump github.com/coreos/go-systemd/v22 from 22.3.1 to 22.3.2\n * Add host.serviceIsRemote to podman info results\n * Add client disconnect to build handler loop\n * Remove obsolete skips\n * Fix podman-remote build --rm=false ...\n * fix: improved \u0027containers/{name}/wait\u0027 endpoint\n * Bump github.com/containers/storage from 1.30.1 to 1.30.2\n * Add envars to the generated systemd unit\n * fix: use UTC Time Stamps in response JSON\n * fix container startup for empty pidfile\n * Kube like pods should share ipc,net,uts by default\n * fix: compat API \u0027images/get\u0027 for multiple images\n * Revert escaped double dash man page flag syntax\n * Report Download complete in Compatibility mode\n * Add documentation on short-names\n * Bump github.com/docker/docker\n * Adds support to preserve auto update labels in generate and play kube\n * [CI:DOCS] Stop conversion of `--` into en dash\n * Revert Patch to relabel if selinux not enabled\n * fix per review request\n * Add support for environment variable secrets\n * fix pre review request\n * Fix infinite loop in isPathOnVolume\n * Add containers.conf information for changing defaults\n * CI: run rootless tests under ubuntu\n * Fix wrong macvlan PNG in networking doc.\n * Add restart-policy to container filters \u0026 --filter to podman start\n * Fixes docker-compose cannot set static ip when use ipam\n * channel: simplify implementation\n * build: improve regex for iidfile\n * Bump github.com/onsi/gomega from 1.11.0 to 1.12.0\n * cgroup: fix rootless --cgroup-parent with pods\n * fix: docker APIv2 `images/get`\n * codespell cleanup\n * Minor podmanimage docs updates.\n * Fix handling of runlabel IMAGE and NAME\n * Bump to v3.2.0-dev\n * Bump to v3.2.0-rc1\n * rootless: improve automatic range split\n * podman: set volatile storage flag for --rm containers\n * Bump github.com/onsi/ginkgo from 1.16.1 to 1.16.2\n * Bump github.com/containers/image/v5 from 5.11.1 to 5.12.0\n * migrate Podman to containers/common/libimage\n * Add filepath glob support to --security-opt unmask\n * Force log_driver to k8s-file for containers in containers\n * add --mac-address to podman play kube\n * compat api: Networks must be empty instead of null\n * System tests: honor $OCI_RUNTIME (for CI)\n * is this a bug?\n * system test image: add arm64v8 image\n * Fix troubleshooting documentation on handling sublemental groups.\n * Add --all to podman start\n * Fix variable reference typo. in multi-arch image action\n * cgroup: always honor --cgroup-parent with cgroupfs\n * Bump github.com/uber/jaeger-client-go\n * Don\u0027t require tests for github-actions \u0026 metadata\n * Detect if in podman machine virtual vm\n * Fix multi-arch image workflow typo\n * [CI:DOCS] Add titles to remote docs (windows)\n * Remove unused VolumeList* structs\n * Cirrus: Update F34beta -\u003e F34\n * Update container image docs + fix unstable execution\n * Bump github.com/containers/storage from 1.30.0 to 1.30.1\n * TODO complete\n * Docker returns \u0027die\u0027 status rather then \u0027died\u0027 status\n * Check if another VM is running on machine start\n * [CI:DOCS] Improve titles of command HTML pages\n * system tests: networking: fix another race condition\n * Use seccomp_profile as default profile if defined in containers.conf\n * Bump github.com/json-iterator/go from 1.1.10 to 1.1.11\n * Vendored\n * Autoupdate local label functional\n * System tests: fix two race conditions\n * Add more documentation on conmon\n * Allow docker volume create API to pass without name\n * Cirrus: Update Ubuntu images to 21.04\n * Skip blkio-weight test when no kernel BFQ support\n * rootless: Tell the user what was led to the error, not just what it is\n * Add troubleshooting advice about the --userns option.\n * Fix images prune filter until\n * Fix logic for pushing stable multi-arch images\n * Fixes generate kube incorrect when bind-mounting \u0027/\u0027 and \u0027/root\u0027\n * libpod/image: unit tests: don\u0027t use system\u0027s registries.conf.d\n * runtime: create userns when CAP_SYS_ADMIN is not present\n * rootless: attempt to copy current mappings first\n * [CI:DOCS] Restore missing content to manpages\n * [CI:DOCS] Fix Markdown layout bugs\n * Fix podman ps --filter ancestor to match exact ImageName/ImageID\n * Add machine-enabled to containers.conf for machine\n * Several multi-arch image build/push fixes\n * Add podman run --timeout option\n * Parse slirp4netns net options with compat api\n * Fix rootlesskit port forwarder with custom slirp cidr\n * Fix removal race condition in ListContainers\n * Add github-action workflow to build/push multi-arch\n * rootless: if root is not sub?id raise a debug message\n * Bump github.com/containers/common from 0.36.0 to 0.37.0\n * Add go template shell completion for --format\n * Add --group-add keep-groups: suplimentary groups into container\n * Fixes from make codespell\n * Typo fix to usage text of --compress option\n * corrupt-image test: fix an oops\n * Add --noheading flag to all list commands\n * Bump github.com/containers/storage from 1.29.0 to 1.30.0\n * Bump github.com/containers/image/v5 from 5.11.0 to 5.11.1\n * [CI:DOCS] Fix Markdown table layout bugs\n * podman-remote should show podman.sock info\n * rmi: don\u0027t break when the image is missing a manifest\n * [CI:DOCS] Rewrite --uidmap doc in podman-create.1.md and podman-run.1.md\n * Add support for CDI device configuration\n * [CI:DOCS] Add missing dash to verbose option\n * Bump github.com/uber/jaeger-client-go\n * Remove an advanced layer diff function\n * Ensure mount destination is clean, no trailing slash\n * add it for inspect pidfile\n * [CI:DOCS] Fix introduction page typo\n * support pidfile on container restore\n * fix start it\n * skip pidfile test on remote\n * improve document\n * set pidfile default value int containerconfig\n * add pidfile in inspection\n * add pidfile it for container start\n * skip pidfile it on remote\n * Modify according to comments\n * WIP: drop test requirement\n * runtime: bump required conmon version\n * runtime: return findConmon to libpod\n * oci: drop ExecContainerCleanup\n * oci: use `--full-path` option for conmon\n * use AttachSocketPath when removing conmon files\n * hide conmon-pidfile flag on remote mode\n * Fix possible panic in libpod/image/prune.go\n * add --ip to podman play kube\n * add flag autocomplete\n * add ut\n * add flag \u0027--pidfile\u0027 for podman create/run\n * Add network bindings tests: remove and list\n * Fix build with GO111MODULE=off\n * system tests: build --pull-never: deal with flakes\n * compose test: diagnose flakes v3\n * podman play kube apply correct log driver\n * Fixes podman-remote save to directories does not work\n * Bump github.com/rootless-containers/rootlesskit from 0.14.1 to 0.14.2\n * Update documentation of podman-run to reflect volume \u0027U\u0027 option\n * Fix flake on failed podman-remote build : try 2\n * compose test: ongoing efforts to diagnose flakes\n * Test that we don\u0027t error out on advertised --log-level values\n * At trace log level, print error text using %+v instead of %v\n * pkg/errorhandling.JoinErrors: don\u0027t throw away context for lone errors\n * Recognize --log-level=trace\n * Fix flake on failed podman-remote build\n * System tests: fix racy podman-inspect\n * Fixes invalid expression in save command\n * Bump github.com/containers/common from 0.35.4 to 0.36.0\n * Update nix pin with `make nixpkgs`\n * compose test: try to get useful data from flakes\n * Remove in-memory state implementation\n * Fix message about runtime to show only the actual runtime\n * System tests: setup: better cleanup of stray images\n * Bump github.com/containers/ocicrypt from 1.1.0 to 1.1.1\n * Reflect current state of prune implementation in docs\n * Do not delete container twice\n * [CI:DOCS] Correct status code for /pods/create\n * vendor in containers/storage v1.29.0\n * cgroup: do not set cgroup parent when rootless and cgroupfs\n * Overhaul Makefile binary and release worflows\n * Reorganize Makefile with sections and guide\n * Simplify Makefile help target\n * Don\u0027t shell to obtain current directory\n * Remove unnecessary/not-needed release.txt target\n * Fix incorrect version number output\n * Exclude .gitignore from test req.\n * Fix handling of $NAME and $IMAGE in runlabel\n * Update podman image Dockerfile to support Podman in container\n * Bump github.com/containers/image/v5 from 5.10.5 to 5.11.0\n * Fix slashes in socket URLs\n * Add network prune filters support to bindings\n * Add support for play/generate kube volumes\n * Update manifest API endpoints\n * Fix panic when not giving a machine name for ssh\n * cgroups: force 64 bits to ParseUint\n * Bump k8s.io/api from 0.20.5 to 0.21.0\n * [CI:DOCS] Fix formatting of podman-build man page\n * buildah-bud tests: simplify\n * Add missing return\n * Bump github.com/onsi/ginkgo from 1.16.0 to 1.16.1\n * speed up CI handling of images\n * Volumes prune endpoint should use only prune filters\n * Cirrus: Use Fedora 34beta images\n * Bump go.sum + Makefile for golang 1.16\n * Exempt Makefile changes from test requirements\n * Adjust libpod API Container Wait documentation to the code\n * [CI:DOCS] Update swagger definition of inspect manifest\n * use updated ubuntu images\n * podman unshare: add --rootless-cni to join the ns\n * Update swagger-check\n * swagger: remove name wildcards\n * Update buildah-bud diffs\n * Handle podman-remote --arch, --platform, --os\n * buildah-bud tests: handle go pseudoversions, plus...\n * Fix flaking rootless compose test\n * rootless cni add /usr/sbin to PATH if not present\n * System tests: special case for RHEL: require runc\n * Add --requires flag to podman run/create\n * [CI:DOCS] swagger-check: compare operations\n * [CI:DOCS] Polish swagger OpertionIDs\n * [NO TESTS NEEDED] Update nix pin with `make nixpkgs`\n * Ensure that `--userns=keep-id` sets user in config\n * [CI:DOCS] Set all operation id to be compatibile\n * Move operationIds to swagger:operation line\n * swagger: add operationIds that match with docker\n * Cirrus: Make use of shared get_ci_vm container\n * Don\u0027t relabel volumes if running in a privileged container\n * Allow users to override default storage opts with --storage-opt\n * Add support for podman --context default\n * Verify existence of auth file if specified\n * fix machine naming conventions\n * Initial network bindings tests\n * Update release notes to indicate CVE fix\n * Move socket activation check into init() and set global condition.\n * Bump github.com/onsi/ginkgo from 1.15.2 to 1.16.0\n * Http api tests for network prune with until filter\n * podman-run.1.md, podman-create.1.md : Adjust Markdown layout for --userns\n * Fix typos --uidmapping and --gidmapping\n * Add transport and destination info to manifest doc\n * Bump github.com/rootless-containers/rootlesskit from 0.14.0 to 0.14.1\n * Add default template functions\n * Fix missing podman-remote build options\n * Bump github.com/coreos/go-systemd/v22 from 22.3.0 to 22.3.1\n * Add ssh connection to root user\n * Add rootless docker-compose test to the CI\n * Use the slrip4netns dns in the rootless cni ns\n * Cleanup the rootless cni namespace\n * Add new docker-compose test for two networks\n * Make the docker-compose test work rootless\n * Remove unused rootless-cni-infra container files\n * Only use rootless RLK when the container has ports\n * Fix dnsname test\n * Enable rootless network connect/disconnect\n * Move slirp4netns functions into an extra file\n * Fix pod infra container cni network setup\n * Add rootless support for cni and --uidmap\n * rootless cni without infra container\n * Recreate until container prune tests for bindings\n * Remove --execute from podman machine ssh\n * Fixed podman-remote --network flag\n * Makefile: introduce install.docker-full\n * Makefile: ensure install.docker creates BINDIR\n * Fix unmount doc reference in image.rst\n * Should send the OCI runtime path not just the name to buildah\n * podman machine shell completion\n * Fix handling of remove --log-rusage param\n * Fix bindings prune containers flaky test\n * [CI:DOCS] Add local html build info to docs/README.md\n * Add podman machine list\n * Trim white space from /top endpoint results\n * Remove semantic version suffices from API calls\n * podman machine init --ignition-path\n * Document --volume from podman-remote run/create client\n * Update main branch to reflect the release of v3.1.0\n * Silence podman network reload errors with iptables-nft\n * Containers prune endpoint should use only prune filters\n * resolve proper aarch64 image names\n * APIv2 basic test: relax APIVersion check\n * Add machine support for qemu-system-aarch64\n * podman machine init user input\n * manpage xref: helpful diagnostic for unescaped dash-dash\n * Bump to v3.2.0-dev\n * swagger: update system version response body\n * buildah-bud tests: reenable pull-never test\n * [NO TESTS NEEDED] Shrink the size of podman-remote\n * Add powershell completions\n * [NO TESTS NEEDED] Drop Warning to Info, if cgroups not mounted\n * Fix long option format on docs.podman.io\n * system tests: friendier messages for 2-arg is()\n * service: use LISTEN_FDS\n * man pages: correct seccomp-policy label\n * rootless: use is_fd_inherited\n * podman generate systemd --new do not duplicate params\n * play kube: add support for env vars defined from secrets\n * play kube: support optional/mandatory env var from config map\n * play kube: prepare supporting other env source than config maps\n * Add machine support for more Linux distros\n * [NO TESTS NEEDED] Use same function podman-remote rmi as podman\n * Podman machine enhancements\n * Add problematic volume name to kube play error messages\n * Fix podman build --pull-never\n * [NO TESTS NEEDED] Fix for kernel without CONFIG_USER_NS\n * [NO TESTS NEEDED] Turn on podman-remote build --isolation\n * Fix list pods filter handling in libpod api\n * Remove resize race condition\n * [NO TESTS NEEDED] Vendor in containers/buildah v1.20.0\n * Use TMPDIR when commiting images\n * Add RequiresMountsFor= to systemd generate\n * Bump github.com/vbauerster/mpb/v6 from 6.0.2 to 6.0.3\n * Fix swapped dimensions from terminal.GetSize\n * Rename podman machine create to init and clean up\n * Correct json field name\n * system tests: new interactive tests\n * Improvements for machine\n * libpod/image: unit tests: use a `registries.conf` for aliases\n * libpod/image: unit tests: defer cleanup\n * libpod/image: unit tests: use `require.NoError`\n * Add --execute flag to podman machine ssh\n * introduce podman machine\n * Podman machine CLI and interface stub\n * Support multi doc yaml for generate/play kube\n * Fix filters in image http compat/libpod api endpoints\n * Bump github.com/containers/common from 0.35.3 to 0.35.4\n * Bump github.com/containers/storage from 1.28.0 to 1.28.1\n * Check if stdin is a term in --interactive --tty mode\n * [NO TESTS NEEDED] Remove /tmp/containers-users-* files on reboot\n * [NO TESTS NEEDED] Fix rootless volume plugins\n * Ensure manually-created volumes have correct ownership\n * Bump github.com/rootless-containers/rootlesskit\n * Unification of until filter across list/prune endpoints\n * Unification of label filter across list/prune endpoints\n * fixup\n * fix: build endpoint for compat API\n * [CI:DOCS] Add note to mappings for user/group userns in build\n * Bump k8s.io/api from 0.20.1 to 0.20.5\n * Validate passed in timezone from tz option\n * WIP: run buildah bud tests using podman\n * Fix containers list/prune http api filter behaviour\n * Generate Kubernetes PersistentVolumeClaims from named volumes\n\n- Update to version 3.1.2:\n * Bump to v3.1.2\n * Update release notes for v3.1.2\n * Ensure mount destination is clean, no trailing slash\n * Fixes podman-remote save to directories does not work\n * [CI:DOCS] Add missing dash to verbose option\n * [CI:DOCS] Fix Markdown table layout bugs\n * [CI:DOCS] Rewrite --uidmap doc in podman-create.1.md and podman-run.1.md\n * rmi: don\u0027t break when the image is missing a manifest\n * Bump containers/image to v5.11.1\n * Bump github.com/coreos/go-systemd from 22.2.0 to 22.3.1\n * Fix lint\n * Bump to v3.1.2-dev\n- Split podman-remote into a subpackage\n- Add missing scriptlets for systemd units\n- Escape macros in comments\n- Drop some obsolete workarounds, including %{go_nostrip}\n\n- Update to version 3.1.1:\n * Bump to v3.1.1\n * Update release notes for v3.1.1\n * podman play kube apply correct log driver\n * Fix build with GO111MODULE=off\n * [CI:DOCS] Set all operation id to be compatibile\n * Move operationIds to swagger:operation line\n * swagger: add operationIds that match with docker\n * Fix missing podman-remote build options\n * [NO TESTS NEEDED] Shrink the size of podman-remote\n * Move socket activation check into init() and set global condition.\n * rootless: use is_fd_inherited\n * Recreate until container prune tests for bindings\n * System tests: special case for RHEL: require runc\n * Document --volume from podman-remote run/create client\n * Containers prune endpoint should use only prune filters\n * Trim white space from /top endpoint results\n * Fix unmount doc reference in image.rst\n * Fix handling of remove --log-rusage param\n * Makefile: introduce install.docker-full\n * Makefile: ensure install.docker creates BINDIR\n * Should send the OCI runtime path not just the name to buildah\n * Fixed podman-remote --network flag\n * podman-run.1.md, podman-create.1.md : Adjust Markdown layout for --userns\n * Fix typos --uidmapping and --gidmapping\n * Add default template functions\n * Don\u0027t relabel volumes if running in a privileged container\n * Allow users to override default storage opts with --storage-opt\n * Add transport and destination info to manifest doc\n * Verify existence of auth file if specified\n * Ensure that `--userns=keep-id` sets user in config\n * [CI:DOCS] Update swagger definition of inspect manifest\n * Volumes prune endpoint should use only prune filters\n * Adjust libpod API Container Wait documentation to the code\n * Add missing return\n * [CI:DOCS] Fix formatting of podman-build man page\n * cgroups: force 64 bits to ParseUint\n * Fix slashes in socket URLs\n * [CI:DOCS] Correct status code for /pods/create\n * cgroup: do not set cgroup parent when rootless and cgroupfs\n * Reflect current state of prune implementation in docs\n * Do not delete container twice\n * Test that we don\u0027t error out on advertised --log-level values\n * At trace log level, print error text using %+v instead of %v\n * pkg/errorhandling.JoinErrors: don\u0027t throw away context for lone errors\n * Recognize --log-level=trace\n * Fix message about runtime to show only the actual runtime\n * Fix handling of $NAME and $IMAGE in runlabel\n * Fix flake on failed podman-remote build : try 2\n * Fix flake on failed podman-remote build\n * Update documentation of podman-run to reflect volume \u0027U\u0027 option\n * Fixes invalid expression in save command\n * Fix possible panic in libpod/image/prune.go\n * Update all containers/ project vendors\n * Fix tests\n * Bump to v3.1.1-dev\n\n- Update to version 3.1.0:\n * Bump to v3.1.0\n * Fix test failure\n * Update release notes for v3.1.0 final release\n * [NO TESTS NEEDED] Turn on podman-remote build --isolation\n * Fix long option format on docs.podman.io\n * Fix containers list/prune http api filter behaviour\n * [CI:DOCS] Add note to mappings for user/group userns in build\n * Validate passed in timezone from tz option\n * Generate Kubernetes PersistentVolumeClaims from named volumes\n * libpod/image: unit tests: use a `registries.conf` for aliases\n- Require systemd 241 or newer due to podman dependency go-systemd v22,\n otherwise build will fail with unknown C name errors\n\n- Create docker subpackage to allow replacing docker with\n corresponding aliases to podman.\n\n- Update to v3.0.1\n * Changes\n - Several frequently-occurring WARN level log messages have been downgraded to INFO or DEBUG to not clutter terminal output.\nBugfixes\n - Fixed a bug where the Created field of podman ps --format=json was formatted as a string instead of an Unix timestamp (integer) (#9315).\n - Fixed a bug where failing lookups of individual layers during the podman images command would cause the whole command to fail without printing output.\n - Fixed a bug where --cgroups=split did not function properly on cgroups v1 systems.\n - Fixed a bug where mounting a volume over an directory in the container that existed, but was empty, could fail (#9393).\n - Fixed a bug where mounting a volume over a directory in the container that existed could copy the entirety of the container\u0027s rootfs, instead of just the directory mounted over, into the volume (#9415).\n - Fixed a bug where Podman would treat the --entrypoint=[\u0027\u0027] option to podman run and podman create as a literal empty string in the entrypoint, when instead it should have been ignored (#9377).\n - Fixed a bug where Podman would set the HOME environment variable to \u0027\u0027 when the container ran as a user without an assigned home directory (#9378).\n - Fixed a bug where specifying a pod infra image that had no tags (by using its ID) would cause podman pod create to panic (#9374).\n - Fixed a bug where the --runtime option was not properly handled by the podman build command (#9365).\n - Fixed a bug where Podman would incorrectly print an error message related to the remote API when the remote API was not in use and starting Podman failed.\n - Fixed a bug where Podman would change ownership of a container\u0027s working directory, even if it already existed (#9387).\n - Fixed a bug where the podman generate systemd --new command would incorrectly escape %t when generating the path for the PID file (#9373).\n - Fixed a bug where Podman could, when run inside a Podman container with the host\u0027s containers/storage directory mounted into the container, erroneously detect a reboot and reset container state if the temporary directory was not also mounted in (#9191).\n - Fixed a bug where some options of the podman build command (including but not limited to --jobs) were nonfunctional (#9247).\n * API\n - Fixed a breaking change to the Libpod Wait API for Containers where the Conditions parameter changed type in Podman v3.0 (#9351).\n - Fixed a bug where the Compat Create endpoint for Containers did not properly handle forwarded ports that did not specify a host port.\n - Fixed a bug where the Libpod Wait endpoint for Containers could write duplicate headers after an error occurred.\n - Fixed a bug where the Compat Create endpoint for Images would not pull images that already had a matching tag present locally, even if a more recent version was available at the registry (#9232).\n - The Compat Create endpoint for Images has had its compatibility with Docker improved, allowing its use with the docker-java library.\n * Misc\n - Updated Buildah to v1.19.4\n - Updated the containers/storage library to v1.24.6\n- Changes from v3.0.0\n * Features\n - Podman now features initial support for Docker Compose.\n - Added the podman rename command, which allows containers to be renamed after they are created (#1925).\n - The Podman remote client now supports the podman copy command.\n - A new command, podman network reload, has been added. This command will re-configure the network of all running containers, and can be used to recreate firewall rules lost when the system firewall was reloaded (e.g. via firewall-cmd --reload).\n - Podman networks now have IDs. They can be seen in podman network ls and can be used when removing and inspecting networks. Existing networks receive IDs automatically.\n - Podman networks now also support labels. They can be added via the --label option to network create, and podman network ls can filter labels based on them.\n - The podman network create command now supports setting bridge MTU and VLAN through the --opt option (#8454).\n - The podman container checkpoint and podman container restore commands can now checkpoint and restore containers that include volumes.\n - The podman container checkpoint command now supports the --with-previous and --pre-checkpoint options, and the podman container restore command now support the --import-previous option. These add support for two-step checkpointing with lowered dump times.\n - The podman push command can now push manifest lists. Podman will first attempt to push as an image, then fall back to pushing as a manifest list if that fails.\n - The podman generate kube command can now be run on multiple containers at once, and will generate a single pod containing all of them.\n - The podman generate kube and podman play kube commands now support Kubernetes DNS configuration, and will preserve custom DNS configuration when exporting or importing YAML (#9132).\n - The podman generate kube command now properly supports generating YAML for containers and pods creating using host networking (--net=host) (#9077).\n - The podman kill command now supports a --cidfile option to kill containers given a file containing the container\u0027s ID (#8443).\n - The podman pod create command now supports the --net=none option (#9165).\n - The podman volume create command can now specify volume UID and GID as options with the UID and GID fields passed to the the --opt option.\n - Initial support has been added for Docker Volume Plugins. Podman can now define available plugins in containers.conf and use them to create volumes with podman volume create --driver.\n - The podman run and podman create commands now support a new option, --platform, to specify the platform of the image to be used when creating the container.\n - The --security-opt option to podman run and podman create now supports the systempaths=unconfined option to unrestrict access to all paths in the container, as well as mask and unmask options to allow more granular restriction of container paths.\n - The podman stats --format command now supports a new format specified, MemUsageBytes, which prints the raw bytes of memory consumed by a container without human-readable formatting #8945.\n - The podman ps command can now filter containers based on what pod they are joined to via the pod filter (#8512).\n - The podman pod ps command can now filter pods based on what networks they are joined to via the network filter.\n The podman pod ps command can now print information on what networks a pod is joined to via the .Networks specifier to the --format option.\n - The podman system prune command now supports filtering what containers, pods, images, and volumes will be pruned.\n - The podman volume prune commands now supports filtering what volumes will be pruned.\n - The podman system prune command now includes information on space reclaimed (#8658).\n - The podman info command will now properly print information about packages in use on Gentoo and Arch systems.\n - The containers.conf file now contains an option for disabling creation of a new kernel keyring on container creation (#8384).\n - The podman image sign command can now sign multi-arch images by producing a signature for each image in a given manifest list.\n - The podman image sign command, when run as rootless, now supports per-user registry configuration files in $HOME/.config/containers/registries.d.\n - Configuration options for slirp4netns can now be set system-wide via the NetworkCmdOptions configuration option in containers.conf.\n - The MTU of slirp4netns can now be configured via the mtu= network command option (e.g. podman run --net slirp4netns:mtu=9000).\n * Security\n - A fix for CVE-2021-20199 is included. Podman between v1.8.0 and v2.2.1 used 127.0.0.1 as the source address for all traffic forwarded into rootless containers by a forwarded port; this has been changed to address the issue.\n * Changes\n - Shortname aliasing support has now been turned on by default. All Podman commands that must pull an image will, if a TTY is available, prompt the user about what image to pull.\n - The podman load command no longer accepts a NAME[:TAG] argument. The presence of this argument broke CLI compatibility with Docker by making docker load commands unusable with Podman (#7387).\n - The Go bindings for the HTTP API have been rewritten with a focus on limiting dependency footprint and improving extensibility. Read more here.\n - The legacy Varlink API has been completely removed from Podman.\n - The default log level for Podman has been changed from Error to Warn.\n - The podman network create command can now create macvlan networks using the --driver macvlan option for Docker compatibility. The existing --macvlan flag has been deprecated and will be removed in Podman 4.0 some time next year.\n - The podman inspect command has had the LogPath and LogTag fields moved into the LogConfig structure (from the root of the Inspect structure). The maximum size of the log file is also included.\n - The podman generate systemd command no longer generates unit files using the deprecated KillMode=none option (#8615).\n - The podman stop command now releases the container lock while waiting for it to stop - as such, commands like podman ps will no longer block until podman stop completes (#8501).\n - Networks created with podman network create --internal no longer use the dnsname plugin. This configuration never functioned as expected.\n - Error messages for the remote Podman client have been improved when it cannot connect to a Podman service.\n - Error messages for podman run when an invalid SELinux is specified have been improved.\n - Rootless Podman features improved support for containers with a single user mapped into the rootless user namespace.\n - Pod infra containers now respect default sysctls specified in containers.conf allowing for advanced configuration of the namespaces they will share.\n - SSH public key handling for remote Podman has been improved.\n * Bugfixes\n - Fixed a bug where the podman history --no-trunc command would truncate the Created By field (#9120).\n - Fixed a bug where root containers that did not explicitly specify a CNI network to join did not generate an entry for the network in use in the Networks field of the output of podman inspect (#6618).\n - Fixed a bug where, under some circumstances, container working directories specified by the image (via the WORKDIR instruction) but not present in the image, would not be created (#9040).\n - Fixed a bug where the podman generate systemd command would generate invalid unit files if the container was creating using a command line that included doubled braces ({{ and }}), e.g. --log-opt-tag={{.Name}} (#9034).\n - Fixed a bug where the podman generate systemd --new command could generate unit files including invalid Podman commands if the container was created using merged short options (e.g. podman run -dt) (#8847).\n - Fixed a bug where the podman generate systemd --new command could generate unit files that did not handle Podman commands including some special characters (e.g. $) (#9176\n - Fixed a bug where rootless containers joining CNI networks could not set a static IP address (#7842).\n - Fixed a bug where rootless containers joining CNI networks could not set network aliases (#8567).\n - Fixed a bug where the remote client could, under some circumstances, not include the Containerfile when sending build context to the server (#8374).\n - Fixed a bug where rootless Podman did not mount /sys as a new sysfs in some circumstances where it was acceptable.\n - Fixed a bug where rootless containers that both joined a user namespace and a CNI networks would cause a segfault. These options are incompatible and now return an error.\n - Fixed a bug where the podman play kube command did not properly handle CMD and ARGS from images (#8803).\n - Fixed a bug where the podman play kube command did not properly handle environment variables from images (#8608).\n - Fixed a bug where the podman play kube command did not properly print errors that occurred when starting containers.\n - Fixed a bug where the podman play kube command errored when hostNetwork was used (#8790).\n - Fixed a bug where the podman play kube command would always pull images when the :latest tag was specified, even if the image was available locally (#7838).\n - Fixed a bug where the podman play kube command did not properly handle SELinux configuration, rending YAML with custom SELinux configuration unusable (#8710).\n - Fixed a bug where the podman generate kube command incorrectly populated the args and command fields of generated YAML (#9211).\n - Fixed a bug where containers in a pod would create a duplicate entry in the pod\u0027s shared /etc/hosts file every time the container restarted (#8921).\n - Fixed a bug where the podman search --list-tags command did not support the --format option (#8740).\n - Fixed a bug where the http_proxy option in containers.conf was not being respected, and instead was set unconditionally to true (#8843).\n - Fixed a bug where rootless Podman could, on systems with a recent Conmon and users with a long username, fail to attach to containers (#8798).\n - Fixed a bug where the podman images command would break and fail to display any images if an empty manifest list was present in storage (#8931).\n - Fixed a bug where locale environment variables were not properly passed on to Conmon.\n - Fixed a bug where Podman would not build on the MIPS architecture (#8782).\n - Fixed a bug where rootless Podman could fail to properly configure user namespaces for rootless containers when the user specified a --uidmap option that included a mapping beginning with UID 0.\n - Fixed a bug where the podman logs command using the k8s-file backend did not properly handle partial log lines with a length of 1 (#8879).\n - Fixed a bug where the podman logs command with the --follow option did not properly handle log rotation (#8733).\n - Fixed a bug where user-specified HOSTNAME environment variables were overwritten by Podman (#8886).\n - Fixed a bug where Podman would applied default sysctls from containers.conf in too many situations (e.g. applying network sysctls when the container shared its network with a pod).\n - Fixed a bug where Podman did not properly handle cases where a secondary image store was in use and an image was present in both the secondary and primary stores (#8176).\n - Fixed a bug where systemd-managed rootless Podman containers where the user in the container was not root could fail as the container\u0027s PID file was not accessible to systemd on the host (#8506).\n - Fixed a bug where the --privileged option to podman run and podman create would, under some circumstances, not disable Seccomp (#8849).\n - Fixed a bug where the podman exec command did not properly add capabilities when the container or exec session were run with --privileged.\n - Fixed a bug where rootless Podman would use the --enable-sandbox option to slirp4netns unconditionally, even when pivot_root was disabled, rendering slirp4netns unusable when pivot_root was disabled (#8846).\n - Fixed a bug where podman build --logfile did not actually write the build\u0027s log to the logfile.\n - Fixed a bug where the podman system service command did not close STDIN, and could display user-interactive prompts (#8700).\n - Fixed a bug where the podman system reset command could, under some circumstances, remove all the contents of the XDG_RUNTIME_DIR directory (#8680).\n - Fixed a bug where the podman network create command created CNI configurations that did not include a default gateway (#8748).\n - Fixed a bug where the podman.service systemd unit provided by default used the wrong service type, and would cause systemd to not correctly register the service as started (#8751).\n - Fixed a bug where, if the TMPDIR environment variable was set for the container engine in containers.conf, it was being ignored.\n - Fixed a bug where the podman events command did not properly handle future times given to the --until option (#8694).\n - Fixed a bug where the podman logs command wrote container STDERR logs to STDOUT instead of STDERR (#8683).\n - Fixed a bug where containers created from an image with multiple tags would report that they were created from the wrong tag (#8547).\n - Fixed a bug where container capabilities were not set properly when the --cap-add=all and --user options to podman create and podman run were combined.\n - Fixed a bug where the --layers option to podman build was nonfunctional (#8643).\n - Fixed a bug where the podman system prune command did not act recursively, and thus would leave images, containers, pods, and volumes present that would be removed by a subsequent call to podman system prune (#7990).\n - Fixed a bug where the --publish option to podman run and podman create did not properly handle ports specified as a range of ports with no host port specified (#8650).\n - Fixed a bug where --format did not support JSON output for individual fields (#8444).\n - Fixed a bug where the podman stats command would fail when run on root containers using the slirp4netns network mode (#7883).\n - Fixed a bug where the Podman remote client would ask for a password even if the server\u0027s SSH daemon did not support password authentication (#8498).\n - Fixed a bug where the podman stats command would fail if the system did not support one or more of the cgroup controllers Podman supports (#8588).\n - Fixed a bug where the --mount option to podman create and podman run did not ignore the consistency mount option.\n - Fixed a bug where failures during the resizing of a container\u0027s TTY would print the wrong error.\n - Fixed a bug where the podman network disconnect command could cause the podman inspect command to fail for a container until it was restarted (#9234).\n - Fixed a bug where containers created from a read-only rootfs (using the --rootfs option to podman create and podman run) would fail (#9230).\n - Fixed a bug where specifying Go templates to the --format option to multiple Podman commands did not support the join function (#8773).\n - Fixed a bug where the podman rmi command could, when run in parallel on multiple images, return layer not known errors (#6510).\n - Fixed a bug where the podman inspect command on containers displayed unlimited ulimits incorrectly (#9303).\n - Fixed a bug where Podman would fail to start when a volume was mounted over a directory in a container that contained symlinks that terminated outside the directory and its subdirectories (#6003).\nAPI\n - Libpod API version has been bumped to v3.0.0.\n - All Libpod Pod APIs have been modified to properly report errors with individual containers. Cases where the operation as a whole succeeded but individual containers failed now report an HTTP 409 error (#8865).\n - The Compat API for Containers now supports the Rename and Copy APIs.\n - Fixed a bug where the Compat Prune APIs (for volumes, containers, and images) did not return the amount of space reclaimed in their responses.\n - Fixed a bug where the Compat and Libpod Exec APIs for Containers would drop errors that occurred prior to the exec session successfully starting (e.g. a \u0027no such file\u0027 error if an invalid executable was passed) (#8281)\n - Fixed a bug where the Volumes field in the Compat Create API for Containers was being ignored (#8649).\n - Fixed a bug where the NetworkMode field in the Compat Create API for Containers was not handling some values, e.g. container:, correctly.\n - Fixed a bug where the Compat Create API for Containers did not set container name properly.\n - Fixed a bug where containers created using the Compat Create API unconditionally used Kubernetes file logging (the default specified in containers.conf is now used).\n - Fixed a bug where the Compat Inspect API for Containers could include container states not recognized by Docker.\n - Fixed a bug where Podman did not properly clean up after calls to the Events API when the journald backend was in use, resulting in a leak of file descriptors (#8864).\n - Fixed a bug where the Libpod Pull endpoint for Images could fail with an index out of range error under certain circumstances (#8870).\n - Fixed a bug where the Libpod Exists endpoint for Images could panic.\n - Fixed a bug where the Compat List API for Containers did not support all filters (#8860).\n - Fixed a bug where the Compat List API for Containers did not properly populate the Status field.\n - Fixed a bug where the Compat and Libpod Resize APIs for Containers ignored the height and width parameters (#7102).\n - Fixed a bug where the Compat Search API for Images returned an incorrectly-formatted JSON response (#8758).\n - Fixed a bug where the Compat Load API for Images did not properly clean up temporary files.\n - Fixed a bug where the Compat Create API for Networks could panic when an empty IPAM configuration was specified.\n - Fixed a bug where the Compat Inspect and List APIs for Networks did not include Scope.\n - Fixed a bug where the Compat Wait endpoint for Containers did not support the same wait conditions that Docker did.\n * Misc\n - Updated Buildah to v1.19.2\n - Updated the containers/storage library to v1.24.5\n - Updated the containers/image library to v5.10.2\n - Updated the containers/common library to v0.33.4\n\n- Update to v2.2.1\n * Changes\n - Due to a conflict with a previously-removed field, we were forced to\n modify the way image volumes (mounting images into containers using\n --mount type=image) were handled in the database.\n As a result, containers created in Podman 2.2.0 with image volume\n will not have them in v2.2.1, and these containers will need to be re-created.\n * Bugfixes\n - Fixed a bug where rootless Podman would, on systems without the\n XDG_RUNTIME_DIR environment variable defined, use an incorrect path\n for the PID file of the Podman pause process, causing Podman to fail\n to start (#8539).\n - Fixed a bug where containers created using Podman v1.7 and earlier were\n unusable in Podman due to JSON decode errors (#8613).\n - Fixed a bug where Podman could retrieve invalid cgroup paths, instead\n of erroring, for containers that were not running.\n - Fixed a bug where the podman system reset command would print a warning\n about a duplicate shutdown handler being registered.\n - Fixed a bug where rootless Podman would attempt to mount sysfs in\n circumstances where it was not allowed; some OCI runtimes (notably\n crun) would fall back to alternatives and not fail, but others\n (notably runc) would fail to run containers.\n - Fixed a bug where the podman run and podman create commands would fail\n to create containers from untagged images (#8558).\n - Fixed a bug where remote Podman would prompt for a password even when\n the server did not support password authentication (#8498).\n - Fixed a bug where the podman exec command did not move the Conmon\n process for the exec session into the correct cgroup.\n - Fixed a bug where shell completion for the ancestor option to\n podman ps --filter did not work correctly.\n - Fixed a bug where detached containers would not properly clean themselves\n up (or remove themselves if --rm was set) if the Podman command that\n created them was invoked with --log-level=debug.\n * API\n - Fixed a bug where the Compat Create endpoint for Containers did not\n properly handle the Binds and Mounts parameters in HostConfig.\n - Fixed a bug where the Compat Create endpoint for Containers\n ignored the Name query parameter.\n - Fixed a bug where the Compat Create endpoint for Containers did not\n properly handle the \u0027default\u0027 value for NetworkMode (this value is\n used extensively by docker-compose) (#8544).\n - Fixed a bug where the Compat Build endpoint for Images would sometimes\n incorrectly use the target query parameter as the image\u0027s tag.\n * Misc\n - Podman v2.2.0 vendored a non-released, custom version of the\n github.com/spf13/cobra package; this has been reverted to the latest\n upstream release to aid in packaging.\n - Updated the containers/image library to v5.9.0\n\n- Update to v2.2.0\n * Features\n - Experimental support for shortname aliasing has been added. This is not enabled by default, but can be turned on by setting the environment variable CONTAINERS_SHORT_NAME_ALIASING to on. Documentation is available here and here.\n - Initial support has been added for the podman network connect and podman network disconnect commands, which allow existing containers to modify what networks they are connected to. At present, these commands can only be used on running containers that did not specify --network=none when they were created.\n - The podman run command now supports the --network-alias option to set network aliases (additional names the container can be accessed at from other containers via DNS if the dnsname CNI plugin is in use). Aliases can also be added and removed using the new podman network connect and podman network disconnect commands. Please note that this requires a new release (v1.1.0) of the dnsname plugin, and will only work on newly-created CNI networks.\n - The podman generate kube command now features support for exporting container\u0027s memory and CPU limits (#7855).\n - The podman play kube command now features support for setting CPU and Memory limits for containers (#7742).\n - The podman play kube command now supports persistent volumes claims using Podman named volumes.\n - The podman play kube command now supports Kubernetes configmaps via the --configmap option (#7567).\n - The podman play kube command now supports a --log-driver option to set the log driver for created containers.\n - The podman play kube command now supports a --start option, enabled by default, to start the pod after creating it. This allows for podman play kube to be more easily used in systemd unitfiles.\n - The podman network create command now supports the --ipv6 option to enable dual-stack IPv6 networking for created networks (#7302).\n - The podman inspect command can now inspect pods, networks, and volumes, in addition to containers and images (#6757).\n - The --mount option for podman run and podman create now supports a new type, image, to mount the contents of an image into the container at a given location.\n - The Bash and ZSH completions have been completely reworked and have received significant enhancements! Additionally, support for Fish completions and completions for the podman-remote executable have been added.\n - The --log-opt option for podman create and podman run now supports the max-size option to set the maximum size for a container\u0027s logs (#7434).\n - The --network option to the podman pod create command now allows pods to be configured to use slirp4netns networking, even when run as root (#6097).\n - The podman pod stop, podman pod pause, podman pod unpause, and podman pod kill commands now work on multiple containers in parallel and should be significantly faster.\n - The podman search command now supports a --list-tags option to list all available tags for a single image in a single repository.\n - The podman search command can now output JSON using the --format=json option.\n - The podman diff and podman mount commands now work with all containers in the storage library, including those not created by Podman. This allows them to be used with Buildah and CRI-O containers.\n - The podman container exists command now features a --external option to check if a container exists not just in Podman, but also in the storage library. This will allow Podman to identify Buildah and CRI-O containers.\n - The --tls-verify and --authfile options have been enabled for use with remote Podman.\n - The /etc/hosts file now includes the container\u0027s name and hostname (both pointing to localhost) when the container is run with --net=none (#8095).\n - The podman events command now supports filtering events based on the labels of the container they occurred on using the --filter label=key=value option.\n - The podman volume ls command now supports filtering volumes based on their labels using the --filter label=key=value option.\n - The --volume and --mount options to podman run and podman create now support two new mount propagation options, unbindable and runbindable.\n - The name and id filters for podman pod ps now match based on a regular expression, instead of requiring an exact match.\n - The podman pod ps command now supports a new filter status, that matches pods in a certain state.\n * Changes\n - The podman network rm --force command will now also remove pods that are using the network (#7791).\n - The podman volume rm, podman network rm, and podman pod rm commands now return exit code 1 if the object specified for removal does not exist, and exit code 2 if the object is in use and the --force option was not given.\n - If /dev/fuse is passed into Podman containers as a device, Podman will open it before starting the container to ensure that the kernel module is loaded on the host and the device is usable in the container.\n - Global Podman options that were not supported with remote operation have been removed from podman-remote (e.g. --cgroup-manager, --storage-driver).\n - Many errors have been changed to remove repetition and be more clear as to what has gone wrong.\n - The --storage option to podman rm is now enabled by default, with slightly changed semantics. If the given container does not exist in Podman but does exist in the storage library, it will be removed even without the --storage option. If the container exists in Podman it will be removed normally. The --storage option for podman rm is now deprecated and will be removed in a future release.\n - The --storage option to podman ps has been renamed to --external. An alias has been added so the old form of the option will continue to work.\n - Podman now delays the SIGTERM and SIGINT signals during container creation to ensure that Podman is not stopped midway through creating a container resulting in potential resource leakage (#7941).\n - The podman save command now strips signatures from images it is exporting, as the formats we export to do not support signatures (#7659).\n - A new Degraded state has been added to pods. Pods that have some, but not all, of their containers running are now considered to be Degraded instead of Running.\n - Podman will now print a warning when conflicting network options related to port forwarding (e.g. --publish and --net=host) are specified when creating a container.\n - The --restart on-failure and --rm options for containers no longer conflict. When both are specified, the container will be restarted if it exits with a non-zero error code, and removed if it exits cleanly (#7906).\n - Remote Podman will no longer use settings from the client\u0027s containers.conf; defaults will instead be provided by the server\u0027s containers.conf (#7657).\n - The podman network rm command now has a new alias, podman network remove (#8402).\n * Bugfixes\n - Fixed a bug where podman load on the remote client did not error when attempting to load a directory, which is not yet supported for remote use.\n - Fixed a bug where rootless Podman could hang when the newuidmap binary was not installed (#7776).\n - Fixed a bug where the --pull option to podman run, podman create, and podman build did not match Docker\u0027s behavior.\n - Fixed a bug where sysctl settings from the containers.conf configuration file were applied, even if the container did not join the namespace associated with a sysctl.\n - Fixed a bug where Podman would not return the text of errors encounted when trying to run a healthcheck for a container.\n - Fixed a bug where Podman was accidentally setting the containers environment variable in addition to the expected container environment variable.\n - Fixed a bug where rootless Podman using CNI networking did not properly clean up DNS entries for removed containers (#7789).\n - Fixed a bug where the podman untag --all command was not supported with remote Podman.\n - Fixed a bug where the podman system service command could time out even if active attach connections were present (#7826).\n - Fixed a bug where the podman system service command would sometimes never time out despite no active connections being present.\n - Fixed a bug where Podman\u0027s handling of capabilities, specifically inheritable, did not match Docker\u0027s.\n - Fixed a bug where podman run would fail if the image specified was a manifest list and had already been pulled (#7798).\n - Fixed a bug where Podman did not take search registries into account when looking up images locally (#6381).\n - Fixed a bug where the podman manifest inspect command would fail for images that had already been pulled (#7726).\n - Fixed a bug where rootless Podman would not add supplemental GIDs to containers when when a user, but not a group, was set via the --user option to podman create and podman run and sufficient GIDs were available to add the groups (#7782).\n - Fixed a bug where remote Podman commands did not properly handle cases where the user gave a name that could also be a short ID for a pod or container (#7837).\n - Fixed a bug where podman image prune could leave images ready to be pruned after podman image prune was run (#7872).\n - Fixed a bug where the podman logs command with the journald log driver would not read all available logs (#7476).\n - Fixed a bug where the --rm and --restart options to podman create and podman run did not conflict when a restart policy that is not on-failure was chosen (#7878).\n - Fixed a bug where the --format \u0027table {{ .Field }}\u0027 option to numerous Podman commands ceased to function on Podman v2.0 and up.\n - Fixed a bug where pods did not properly share an SELinux label between their containers, resulting in containers being unable to see the processes of other containers when the pod shared a PID namespace (#7886).\n - Fixed a bug where the --namespace option to podman ps did not work with the remote client (#7903).\n - Fixed a bug where rootless Podman incorrectly calculated the number of UIDs available in the container if multiple different ranges of UIDs were specified.\n - Fixed a bug where the /etc/hosts file would not be correctly populated for containers in a user namespace (#7490).\n - Fixed a bug where the podman network create and podman network remove commands could race when run in parallel, with unpredictable results (#7807).\n - Fixed a bug where the -p option to podman run, podman create, and podman pod create would, when given only a single number (e.g. -p 80), assign the same port for both host and container, instead of generating a random host port (#7947).\n - Fixed a bug where Podman containers did not properly store the cgroup manager they were created with, causing them to stop functioning after the cgroup manager was changed in containers.conf or with the --cgroup-manager option (#7830).\n - Fixed a bug where the podman inspect command did not include information on the CNI networks a container was connected to if it was not running.\n - Fixed a bug where the podman attach command would not print a newline after detaching from the container (#7751).\n - Fixed a bug where the HOME environment variable was not set properly in containers when the --userns=keep-id option was set (#8004).\n - Fixed a bug where the podman container restore command could panic when the container in question was in a pod (#8026).\n - Fixed a bug where the output of the podman image trust show --raw command was not properly formatted.\n - Fixed a bug where the podman runlabel command could panic if a label to run was not given (#8038).\n - Fixed a bug where the podman run and podman start --attach commands would exit with an error when the user detached manually using the detach keys on remote Podman (#7979).\n - Fixed a bug where rootless CNI networking did not use the dnsname CNI plugin if it was not available on the host, despite it always being available in the container used for rootless networking (#8040).\n - Fixed a bug where Podman did not properly handle cases where an OCI runtime is specified by its full path, and could revert to using another OCI runtime with the same binary path that existed in the system $PATH on subsequent invocations.\n - Fixed a bug where the --net=host option to podman create and podman run would cause the /etc/hosts file to be incorrectly populated (#8054).\n - Fixed a bug where the podman inspect command did not include container network information when the container shared its network namespace (IE, joined a pod or another container\u0027s network namespace via --net=container:...) (#8073).\n - Fixed a bug where the podman ps command did not include information on all ports a container was publishing.\n - Fixed a bug where the podman build command incorrectly forwarded STDIN into build containers from RUN instructions.\n - Fixed a bug where the podman wait command\u0027s --interval option did not work when units were not specified for the duration (#8088).\n - Fixed a bug where the --detach-keys and --detach options could be passed to podman create despite having no effect (and not making sense in that context).\n - Fixed a bug where Podman could not start containers if running on a system without a /etc/resolv.conf file (which occurs on some WSL2 images) (#8089).\n - Fixed a bug where the --extract option to podman cp was nonfunctional.\n - Fixed a bug where the --cidfile option to podman run would, when the container was not run with --detach, only create the file after the container exited (#8091).\n - Fixed a bug where the podman images and podman images -a commands could panic and not list any images when certain improperly-formatted images were present in storage (#8148).\n - Fixed a bug where the podman events command could, when the journald events backend was in use, become nonfunctional when a badly-formatted event or a log message that container certain string was present in the journal (#8125).\n - Fixed a bug where remote Podman would, when using SSH transport, not authenticate to the server using hostkeys when connecting on a port other than 22 (#8139).\n - Fixed a bug where the podman attach command would not exit when containers stopped (#8154).\n - Fixed a bug where Podman did not properly clean paths before verifying them, resulting in Podman refusing to start if the root or temporary directories were specified with extra trailing / characters (#8160).\n - Fixed a bug where remote Podman did not support hashed hostnames in the known_hosts file on the host for establishing connections (#8159).\n - Fixed a bug where the podman image exists command would return non-zero (false) when multiple potential matches for the given name existed.\n - Fixed a bug where the podman manifest inspect command on images that are not manifest lists would error instead of inspecting the image (#8023).\n - Fixed a bug where the podman system service command would fail if the directory the Unix socket was to be created inside did not exist (#8184).\n - Fixed a bug where pods that shared the IPC namespace (which is done by default) did not share a /dev/shm filesystem between all containers in the pod (#8181).\n - Fixed a bug where filters passed to podman volume list were not inclusive (#6765).\n - Fixed a bug where the podman volume create command would fail when the volume\u0027s data directory already existed (as might occur when a volume was not completely removed) (#8253).\n - Fixed a bug where the podman run and podman create commands would deadlock when trying to create a container that mounted the same named volume at multiple locations (e.g. podman run -v testvol:/test1 -v testvol:/test2) (#8221).\n - Fixed a bug where the parsing of the --net option to podman build was incorrect (#8322).\n - Fixed a bug where the podman build command would print the ID of the built image twice when using remote Podman (#8332).\n - Fixed a bug where the podman stats command did not show memory limits for containers (#8265).\n - Fixed a bug where the podman pod inspect command printed the static MAC address of the pod in a non-human-readable format (#8386).\n - Fixed a bug where the --tls-verify option of the podman play kube command had its logic inverted (false would enforce the use of TLS, true would disable it).\n - Fixed a bug where the podman network rm command would error when trying to remove macvlan networks and rootless CNI networks (#8491).\n - Fixed a bug where Podman was not setting sane defaults for missing XDG_ environment variables.\n - Fixed a bug where remote Podman would check if volume paths to be mounted in the container existed on the host, not the server (#8473).\n - Fixed a bug where the podman manifest create and podman manifest add commands on local images would drop any images in the manifest not pulled by the host.\n - Fixed a bug where networks made by podman network create did not include the tuning plugin, and as such did not support setting custom MAC addresses (#8385).\n - Fixed a bug where container healthchecks did not use $PATH when searching for the Podman executable to run the healthcheck.\n - Fixed a bug where the --ip-range option to podman network create did not properly handle non-classful subnets when calculating the last usable IP for DHCP assignment (#8448).\n - Fixed a bug where the podman container ps alias for podman ps was missing (#8445).\n * API\n - The Compat Create endpoint for Container has received a major refactor to share more code with the Libpod Create endpoint, and should be significantly more stable.\n - A Compat endpoint for exporting multiple images at once, GET /images/get, has been added (#7950).\n - The Compat Network Connect and Network Disconnect endpoints have been added.\n - Endpoints that deal with image registries now support a X-Registry-Config header to specify registry authentication configuration.\n - The Compat Create endpoint for images now properly supports specifying images by digest.\n - The Libpod Build endpoint for images now supports an httpproxy query parameter which, if set to true, will forward the server\u0027s HTTP proxy settings into the build container for RUN instructions.\n - The Libpod Untag endpoint for images will now remove all tags for the given image if no repository and tag are specified for removal.\n - Fixed a bug where the Ping endpoint misspelled a header name (Libpod-Buildha-Version instead of Libpod-Buildah-Version).\n - Fixed a bug where the Ping endpoint sent an extra newline at the end of its response where Docker did not.\n - Fixed a bug where the Compat Logs endpoint for containers did not send a newline character after each log line.\n - Fixed a bug where the Compat Logs endpoint for containers would mangle line endings to change newline characters to add a preceding carriage return (#7942).\n - Fixed a bug where the Compat Inspect endpoint for Containers did not properly list the container\u0027s stop signal (#7917).\n - Fixed a bug where the Compat Inspect endpoint for Containers formatted the container\u0027s create time incorrectly (#7860).\n - Fixed a bug where the Compat Inspect endpoint for Containers did not include the container\u0027s Path, Args, and Restart Count.\n - Fixed a bug where the Compat Inspect endpoint for Containers prefixed added and dropped capabilities with CAP_ (Docker does not do so).\n - Fixed a bug where the Compat Info endpoint for the Engine did not include configured registries.\n - Fixed a bug where the server could panic if a client closed a connection midway through an image pull (#7896).\n - Fixed a bug where the Compat Create endpoint for volumes returned an error when a volume with the same name already existed, instead of succeeding with a 201 code (#7740).\n - Fixed a bug where a client disconnecting from the Libpod or Compat events endpoints could result in the server using 100% CPU (#7946).\n - Fixed a bug where the \u0027no such image\u0027 error message sent by the Compat Inspect endpoint for Images returned a 404 status code with an error that was improperly formatted for Docker compatibility.\n - Fixed a bug where the Compat Create endpoint for networks did not properly set a default for the driver parameter if it was not provided by the client.\n - Fixed a bug where the Compat Inspect endpoint for images did not populate the RootFS field of the response.\n - Fixed a bug where the Compat Inspect endpoint for images would omit the ParentId field if the image had no parent, and the Created field if the image did not have a creation time.\n - Fixed a bug where the Compat Remove endpoint for Networks did not support the Force query parameter.\n\n- add dependency to timezone package or podman fails to build a\n- Correct invalid use of %{_libexecdir} to ensure files should be in /usr/lib\nSELinux support [jsc#SMO-15]\n\n\nlibseccomp was updated to release 2.5.3:\n\n* Update the syscall table for Linux v5.15\n* Fix issues with multiplexed syscalls on mipsel introduced in v2.5.2\n* Document that seccomp_rule_add() may return -EACCES\n\nUpdate to release 2.5.2\n\n* Update the syscall table for Linux v5.14-rc7 \n* Add a function, get_notify_fd(), to the Python bindings to\n get the nofication file descriptor.\n* Consolidate multiplexed syscall handling for all\n architectures into one location.\n* Add multiplexed syscall support to PPC and MIPS\n* The meaning of SECCOMP_IOCTL_NOTIF_ID_VALID changed within\n the kernel. libseccomp\u0027s fd notification logic was modified\n to support the kernel\u0027s previous and new usage of\n SECCOMP_IOCTL_NOTIF_ID_VALID.\n\nupdate to 2.5.1:\n\n* Fix a bug where seccomp_load() could only be called once\n* Change the notification fd handling to only request a notification fd if\n* the filter has a _NOTIFY action\n* Add documentation about SCMP_ACT_NOTIFY to the seccomp_add_rule(3) manpage\n* Clarify the maintainers\u0027 GPG keys\n\nUpdate to release 2.5.0\n\n* Add support for the seccomp user notifications, see the\n seccomp_notify_alloc(3), seccomp_notify_receive(3),\n seccomp_notify_respond(3) manpages for more information\n* Add support for new filter optimization approaches, including a balanced\n tree optimization, see the SCMP_FLTATR_CTL_OPTIMIZE filter attribute for\n more information\n* Add support for the 64-bit RISC-V architecture\n* Performance improvements when adding new rules to a filter thanks to the\n use of internal shadow transactions and improved syscall lookup tables\n* Properly document the libseccomp API return values and include them in the\n stable API promise\n* Improvements to the s390 and s390x multiplexed syscall handling\n* Multiple fixes and improvements to the libseccomp manpages\n* Moved from manually maintained syscall tables to an automatically generated\n syscall table in CSV format\n* Update the syscall tables to Linux v5.8.0-rc5\n* Python bindings and build now default to Python 3.x\n* Improvements to the tests have boosted code coverage to over 93%\n\nUpdate to release 2.4.3\n\n* Add list of authorized release signatures to README.md\n* Fix multiplexing issue with s390/s390x shm* syscalls\n* Remove the static flag from libseccomp tools compilation\n* Add define for __SNR_ppoll\n* Fix potential memory leak identified by clang in the\n scmp_bpf_sim tool\n\nUpdate to release 2.4.2\n\n* Add support for io-uring related system calls\n\n\nconmon was updated to version 2.0.30:\n\n * Remove unreachable code path\n * exit: report if the exit command was killed\n * exit: fix race zombie reaper\n * conn_sock: allow watchdog messages through the notify socket proxy\n * seccomp: add support for seccomp notify\n\nUpdate to version 2.0.29:\n\n * Reset OOM score back to 0 for container runtime\n * call functions registered with atexit on SIGTERM\n * conn_sock: fix potential segfault\n\nUpdate to version 2.0.27:\n\n * Add CRI-O integration test GitHub action\n * exec: don\u0027t fail on EBADFD\n * close_fds: fix close of external fds\n * Add arm64 static build binary\n\nUpdate to version 2.0.26:\n\n * conn_sock: do not fail on EAGAIN\n * fix segfault from a double freed pointer\n * Fix a bug where conmon could never spawn a container, because\n a disagreement between the caller and itself on where the attach\n socket was.\n * improve --full-attach to ignore the socket-dir directly. that\n means callers don\u0027t need to specify a socket dir at all (and\n can remove it)\n * add full-attach option to allow callers to not truncate a very\n long path for the attach socket\n * close only opened FDs\n * set locale to inherit environment\n\nUpdate to version 2.0.22:\n\n * added man page\n * attach: always chdir\n * conn_sock: Explicitly free a heap-allocated string\n * refactor I/O and add SD_NOTIFY proxy support\n\nUpdate to version 2.0.21:\n\n * protect against kill(-1)\n * Makefile: enable debuginfo generation\n * Remove go.sum file and add go.mod\n * Fail if conmon config could not be written\n * nix: remove double definition for e2fsprogs\n * Speedup static build by utilizing CI cache on `/nix` folder\n * Fix nix build for failing e2fsprogs tests\n * test: fix CI\n * Use Podman for building\n\nlibcontainers-common was updated to include:\n\n- common 0.44.0\n- image 5.16.0\n- podman 3.3.1\n- storage 1.36.0\n(changes too long to list)\n\nCVEs fixed: CVE-2020-14370,CVE-2020-15157,CVE-2021-20199,CVE-2021-20291,CVE-2021-3602\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Module-Basesystem-15-SP3-2022-23018,SUSE-SLE-Module-Containers-15-SP3-2022-23018,SUSE-SUSE-MicroOS-5.1-2022-23018",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_23018-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:23018-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-202223018-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:23018-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010347.html"
},
{
"category": "self",
"summary": "SUSE Bug 1176804",
"url": "https://bugzilla.suse.com/1176804"
},
{
"category": "self",
"summary": "SUSE Bug 1177598",
"url": "https://bugzilla.suse.com/1177598"
},
{
"category": "self",
"summary": "SUSE Bug 1181640",
"url": "https://bugzilla.suse.com/1181640"
},
{
"category": "self",
"summary": "SUSE Bug 1182998",
"url": "https://bugzilla.suse.com/1182998"
},
{
"category": "self",
"summary": "SUSE Bug 1188520",
"url": "https://bugzilla.suse.com/1188520"
},
{
"category": "self",
"summary": "SUSE Bug 1188914",
"url": "https://bugzilla.suse.com/1188914"
},
{
"category": "self",
"summary": "SUSE Bug 1193166",
"url": "https://bugzilla.suse.com/1193166"
},
{
"category": "self",
"summary": "SUSE Bug 1193273",
"url": "https://bugzilla.suse.com/1193273"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-14370 page",
"url": "https://www.suse.com/security/cve/CVE-2020-14370/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15157 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15157/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-20199 page",
"url": "https://www.suse.com/security/cve/CVE-2021-20199/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-20291 page",
"url": "https://www.suse.com/security/cve/CVE-2021-20291/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3602 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3602/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-4024 page",
"url": "https://www.suse.com/security/cve/CVE-2021-4024/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-41190 page",
"url": "https://www.suse.com/security/cve/CVE-2021-41190/"
}
],
"title": "Security update for conmon, libcontainers-common, libseccomp, podman",
"tracking": {
"current_release_date": "2022-02-25T12:54:40Z",
"generator": {
"date": "2022-02-25T12:54:40Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:23018-1",
"initial_release_date": "2022-02-25T12:54:40Z",
"revision_history": [
{
"date": "2022-02-25T12:54:40Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"product": {
"name": "libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"product_id": "libseccomp-devel-2.5.3-150300.10.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "libseccomp2-2.5.3-150300.10.5.1.aarch64",
"product": {
"name": "libseccomp2-2.5.3-150300.10.5.1.aarch64",
"product_id": "libseccomp2-2.5.3-150300.10.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "conmon-2.0.30-150300.8.3.1.aarch64",
"product": {
"name": "conmon-2.0.30-150300.8.3.1.aarch64",
"product_id": "conmon-2.0.30-150300.8.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "podman-3.4.4-150300.9.3.2.aarch64",
"product": {
"name": "podman-3.4.4-150300.9.3.2.aarch64",
"product_id": "podman-3.4.4-150300.9.3.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libcontainers-common-20210626-150300.8.3.1.noarch",
"product": {
"name": "libcontainers-common-20210626-150300.8.3.1.noarch",
"product_id": "libcontainers-common-20210626-150300.8.3.1.noarch"
}
},
{
"category": "product_version",
"name": "podman-cni-config-3.4.4-150300.9.3.2.noarch",
"product": {
"name": "podman-cni-config-3.4.4-150300.9.3.2.noarch",
"product_id": "podman-cni-config-3.4.4-150300.9.3.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"product": {
"name": "libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"product_id": "libseccomp-devel-2.5.3-150300.10.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"product": {
"name": "libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"product_id": "libseccomp2-2.5.3-150300.10.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "conmon-2.0.30-150300.8.3.1.ppc64le",
"product": {
"name": "conmon-2.0.30-150300.8.3.1.ppc64le",
"product_id": "conmon-2.0.30-150300.8.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "podman-3.4.4-150300.9.3.2.ppc64le",
"product": {
"name": "podman-3.4.4-150300.9.3.2.ppc64le",
"product_id": "podman-3.4.4-150300.9.3.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"product": {
"name": "libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"product_id": "libseccomp-devel-2.5.3-150300.10.5.1.s390x"
}
},
{
"category": "product_version",
"name": "libseccomp2-2.5.3-150300.10.5.1.s390x",
"product": {
"name": "libseccomp2-2.5.3-150300.10.5.1.s390x",
"product_id": "libseccomp2-2.5.3-150300.10.5.1.s390x"
}
},
{
"category": "product_version",
"name": "conmon-2.0.30-150300.8.3.1.s390x",
"product": {
"name": "conmon-2.0.30-150300.8.3.1.s390x",
"product_id": "conmon-2.0.30-150300.8.3.1.s390x"
}
},
{
"category": "product_version",
"name": "podman-3.4.4-150300.9.3.2.s390x",
"product": {
"name": "podman-3.4.4-150300.9.3.2.s390x",
"product_id": "podman-3.4.4-150300.9.3.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"product": {
"name": "libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"product_id": "libseccomp-devel-2.5.3-150300.10.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "libseccomp2-2.5.3-150300.10.5.1.x86_64",
"product": {
"name": "libseccomp2-2.5.3-150300.10.5.1.x86_64",
"product_id": "libseccomp2-2.5.3-150300.10.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "conmon-2.0.30-150300.8.3.1.x86_64",
"product": {
"name": "conmon-2.0.30-150300.8.3.1.x86_64",
"product_id": "conmon-2.0.30-150300.8.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "podman-3.4.4-150300.9.3.2.x86_64",
"product": {
"name": "podman-3.4.4-150300.9.3.2.x86_64",
"product_id": "podman-3.4.4-150300.9.3.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-basesystem:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Containers 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Module for Containers 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-containers:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Micro 5.1",
"product": {
"name": "SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-microos:5.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libcontainers-common-20210626-150300.8.3.1.noarch as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:libcontainers-common-20210626-150300.8.3.1.noarch"
},
"product_reference": "libcontainers-common-20210626-150300.8.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libseccomp-devel-2.5.3-150300.10.5.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64"
},
"product_reference": "libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libseccomp-devel-2.5.3-150300.10.5.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le"
},
"product_reference": "libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libseccomp-devel-2.5.3-150300.10.5.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.s390x"
},
"product_reference": "libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libseccomp-devel-2.5.3-150300.10.5.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64"
},
"product_reference": "libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libseccomp2-2.5.3-150300.10.5.1.aarch64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.aarch64"
},
"product_reference": "libseccomp2-2.5.3-150300.10.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libseccomp2-2.5.3-150300.10.5.1.ppc64le as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.ppc64le"
},
"product_reference": "libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libseccomp2-2.5.3-150300.10.5.1.s390x as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.s390x"
},
"product_reference": "libseccomp2-2.5.3-150300.10.5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libseccomp2-2.5.3-150300.10.5.1.x86_64 as component of SUSE Linux Enterprise Module for Basesystem 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.x86_64"
},
"product_reference": "libseccomp2-2.5.3-150300.10.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Basesystem 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2.0.30-150300.8.3.1.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.aarch64"
},
"product_reference": "conmon-2.0.30-150300.8.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2.0.30-150300.8.3.1.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.ppc64le"
},
"product_reference": "conmon-2.0.30-150300.8.3.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2.0.30-150300.8.3.1.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.s390x"
},
"product_reference": "conmon-2.0.30-150300.8.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2.0.30-150300.8.3.1.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.x86_64"
},
"product_reference": "conmon-2.0.30-150300.8.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-3.4.4-150300.9.3.2.aarch64 as component of SUSE Linux Enterprise Module for Containers 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.aarch64"
},
"product_reference": "podman-3.4.4-150300.9.3.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-3.4.4-150300.9.3.2.ppc64le as component of SUSE Linux Enterprise Module for Containers 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.ppc64le"
},
"product_reference": "podman-3.4.4-150300.9.3.2.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-3.4.4-150300.9.3.2.s390x as component of SUSE Linux Enterprise Module for Containers 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.s390x"
},
"product_reference": "podman-3.4.4-150300.9.3.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-3.4.4-150300.9.3.2.x86_64 as component of SUSE Linux Enterprise Module for Containers 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.x86_64"
},
"product_reference": "podman-3.4.4-150300.9.3.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-cni-config-3.4.4-150300.9.3.2.noarch as component of SUSE Linux Enterprise Module for Containers 15 SP3",
"product_id": "SUSE Linux Enterprise Module for Containers 15 SP3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
},
"product_reference": "podman-cni-config-3.4.4-150300.9.3.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Containers 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2.0.30-150300.8.3.1.aarch64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.aarch64"
},
"product_reference": "conmon-2.0.30-150300.8.3.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2.0.30-150300.8.3.1.s390x as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.s390x"
},
"product_reference": "conmon-2.0.30-150300.8.3.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2.0.30-150300.8.3.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.x86_64"
},
"product_reference": "conmon-2.0.30-150300.8.3.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcontainers-common-20210626-150300.8.3.1.noarch as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:libcontainers-common-20210626-150300.8.3.1.noarch"
},
"product_reference": "libcontainers-common-20210626-150300.8.3.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libseccomp2-2.5.3-150300.10.5.1.aarch64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.aarch64"
},
"product_reference": "libseccomp2-2.5.3-150300.10.5.1.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libseccomp2-2.5.3-150300.10.5.1.s390x as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.s390x"
},
"product_reference": "libseccomp2-2.5.3-150300.10.5.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libseccomp2-2.5.3-150300.10.5.1.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.x86_64"
},
"product_reference": "libseccomp2-2.5.3-150300.10.5.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-3.4.4-150300.9.3.2.aarch64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.aarch64"
},
"product_reference": "podman-3.4.4-150300.9.3.2.aarch64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-3.4.4-150300.9.3.2.s390x as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.s390x"
},
"product_reference": "podman-3.4.4-150300.9.3.2.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-3.4.4-150300.9.3.2.x86_64 as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.x86_64"
},
"product_reference": "podman-3.4.4-150300.9.3.2.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-cni-config-3.4.4-150300.9.3.2.noarch as component of SUSE Linux Enterprise Micro 5.1",
"product_id": "SUSE Linux Enterprise Micro 5.1:podman-cni-config-3.4.4-150300.9.3.2.noarch"
},
"product_reference": "podman-cni-config-3.4.4-150300.9.3.2.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Micro 5.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-14370",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-14370"
}
],
"notes": [
{
"category": "general",
"text": "An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-cni-config-3.4.4-150300.9.3.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-14370",
"url": "https://www.suse.com/security/cve/CVE-2020-14370"
},
{
"category": "external",
"summary": "SUSE Bug 1176804 for CVE-2020-14370",
"url": "https://bugzilla.suse.com/1176804"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-cni-config-3.4.4-150300.9.3.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-cni-config-3.4.4-150300.9.3.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-25T12:54:40Z",
"details": "moderate"
}
],
"title": "CVE-2020-14370"
},
{
"cve": "CVE-2020-15157",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15157"
}
],
"notes": [
{
"category": "general",
"text": "In containerd (an industry-standard container runtime) before version 1.2.14 there is a credential leaking vulnerability. If a container image manifest in the OCI Image format or Docker Image V2 Schema 2 format includes a URL for the location of a specific image layer (otherwise known as a \"foreign layer\"), the default containerd resolver will follow that URL to attempt to download it. In v1.2.x but not 1.3.0 or later, the default containerd resolver will provide its authentication credentials if the server where the URL is located presents an HTTP 401 status code along with registry-specific HTTP headers. If an attacker publishes a public image with a manifest that directs one of the layers to be fetched from a web server they control and they trick a user or system into pulling the image, they can obtain the credentials used for pulling that image. In some cases, this may be the user\u0027s username and password for the registry. In other cases, this may be the credentials attached to the cloud virtual instance which can grant access to other cloud resources in the account. The default containerd resolver is used by the cri-containerd plugin (which can be used by Kubernetes), the ctr development tool, and other client programs that have explicitly linked against it. This vulnerability has been fixed in containerd 1.2.14. containerd 1.3 and later are not affected. If you are using containerd 1.3 or later, you are not affected. If you are using cri-containerd in the 1.2 series or prior, you should ensure you only pull images from trusted sources. Other container runtimes built on top of containerd but not using the default resolver (such as Docker) are not affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-cni-config-3.4.4-150300.9.3.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15157",
"url": "https://www.suse.com/security/cve/CVE-2020-15157"
},
{
"category": "external",
"summary": "SUSE Bug 1177598 for CVE-2020-15157",
"url": "https://bugzilla.suse.com/1177598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-cni-config-3.4.4-150300.9.3.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-cni-config-3.4.4-150300.9.3.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-25T12:54:40Z",
"details": "moderate"
}
],
"title": "CVE-2020-15157"
},
{
"cve": "CVE-2021-20199",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-20199"
}
],
"notes": [
{
"category": "general",
"text": "Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 (including from remote hosts). This impacts containerized applications that trust localhost (127.0.01) connections by default and do not require authentication. This issue affects Podman 1.8.0 onwards.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-cni-config-3.4.4-150300.9.3.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-20199",
"url": "https://www.suse.com/security/cve/CVE-2021-20199"
},
{
"category": "external",
"summary": "SUSE Bug 1181640 for CVE-2021-20199",
"url": "https://bugzilla.suse.com/1181640"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-cni-config-3.4.4-150300.9.3.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-cni-config-3.4.4-150300.9.3.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-25T12:54:40Z",
"details": "low"
}
],
"title": "CVE-2021-20199"
},
{
"cve": "CVE-2021-20291",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-20291"
}
],
"notes": [
{
"category": "general",
"text": "A deadlock vulnerability was found in \u0027github.com/containers/storage\u0027 in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-cni-config-3.4.4-150300.9.3.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-20291",
"url": "https://www.suse.com/security/cve/CVE-2021-20291"
},
{
"category": "external",
"summary": "SUSE Bug 1196497 for CVE-2021-20291",
"url": "https://bugzilla.suse.com/1196497"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-cni-config-3.4.4-150300.9.3.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-cni-config-3.4.4-150300.9.3.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-25T12:54:40Z",
"details": "moderate"
}
],
"title": "CVE-2021-20291"
},
{
"cve": "CVE-2021-3602",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3602"
}
],
"notes": [
{
"category": "general",
"text": "An information disclosure flaw was found in Buildah, when building containers using chroot isolation. Running processes in container builds (e.g. Dockerfile RUN commands) can access environment variables from parent and grandparent processes. When run in a container in a CI/CD environment, environment variables may include sensitive information that was shared with the container in order to be used only by Buildah itself (e.g. container registry credentials).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-cni-config-3.4.4-150300.9.3.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3602",
"url": "https://www.suse.com/security/cve/CVE-2021-3602"
},
{
"category": "external",
"summary": "SUSE Bug 1188520 for CVE-2021-3602",
"url": "https://bugzilla.suse.com/1188520"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-cni-config-3.4.4-150300.9.3.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-cni-config-3.4.4-150300.9.3.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-25T12:54:40Z",
"details": "moderate"
}
],
"title": "CVE-2021-3602"
},
{
"cve": "CVE-2021-4024",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-4024"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in podman. The `podman machine` function (used to create and manage Podman virtual machine containing a Podman process) spawns a `gvproxy` process on the host system. The `gvproxy` API is accessible on port 7777 on all IP addresses on the host. If that port is open on the host\u0027s firewall, an attacker can potentially use the `gvproxy` API to forward ports on the host to ports in the VM, making private services on the VM accessible to the network. This issue could be also used to interrupt the host\u0027s services by forwarding all ports to the VM.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-cni-config-3.4.4-150300.9.3.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-4024",
"url": "https://www.suse.com/security/cve/CVE-2021-4024"
},
{
"category": "external",
"summary": "SUSE Bug 1193166 for CVE-2021-4024",
"url": "https://bugzilla.suse.com/1193166"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-cni-config-3.4.4-150300.9.3.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-cni-config-3.4.4-150300.9.3.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-25T12:54:40Z",
"details": "moderate"
}
],
"title": "CVE-2021-4024"
},
{
"cve": "CVE-2021-41190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-41190"
}
],
"notes": [
{
"category": "general",
"text": "The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operations. Documents that contain both \"manifests\" and \"layers\" fields could be interpreted as either a manifest or an index in the absence of an accompanying Content-Type header. If a Content-Type header changed between two pulls of the same digest, a client may interpret the resulting content differently. The OCI Distribution Specification has been updated to require that a mediaType value present in a manifest or index match the Content-Type header used during the push and pull operations. Clients pulling from a registry may distrust the Content-Type header and reject an ambiguous document that contains both \"manifests\" and \"layers\" fields or \"manifests\" and \"config\" fields if they are unable to update to version 1.0.1 of the spec.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-cni-config-3.4.4-150300.9.3.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-41190",
"url": "https://www.suse.com/security/cve/CVE-2021-41190"
},
{
"category": "external",
"summary": "SUSE Bug 1193273 for CVE-2021-41190",
"url": "https://bugzilla.suse.com/1193273"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-cni-config-3.4.4-150300.9.3.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Micro 5.1:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Micro 5.1:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Micro 5.1:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Micro 5.1:podman-cni-config-3.4.4-150300.9.3.2.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libcontainers-common-20210626-150300.8.3.1.noarch",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"SUSE Linux Enterprise Module for Basesystem 15 SP3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:conmon-2.0.30-150300.8.3.1.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.aarch64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.ppc64le",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.s390x",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-3.4.4-150300.9.3.2.x86_64",
"SUSE Linux Enterprise Module for Containers 15 SP3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-02-25T12:54:40Z",
"details": "moderate"
}
],
"title": "CVE-2021-41190"
}
]
}
SUSE-SU-2022:3312-1
Vulnerability from csaf_suse - Published: 2022-09-19 15:36 - Updated: 2022-09-19 15:36Summary
Security update for libcontainers-common
Notes
Title of the patch
Security update for libcontainers-common
Description of the patch
This update for libcontainers-common fixes the following issues:
libcontainers-common was updated:
- common component was updated to 0.44.0.
- storage component was updated to 1.36.0.
- image component was updated to 5.16.0.
- podman component was updated to 3.3.1.
3.3.1:
Bugfixes:
- Fixed a bug where unit files created by `podman generate systemd` could not cleanup shut down containers when stopped by `systemctl stop` .
- Fixed a bug where `podman machine` commands would not properly locate the `gvproxy` binary in some circumstances.
- Fixed a bug where containers created as part of a pod using the `--pod-id-file` option would not join the pod's network namespace .
- Fixed a bug where Podman, when using the systemd cgroups driver, could sometimes leak dbus sessions.
- Fixed a bug where the `until` filter to `podman logs` and `podman events` was improperly handled, requiring input to be negated .
- Fixed a bug where rootless containers using CNI networking run on systems using `systemd-resolved` for DNS would fail to start if resolved symlinked `/etc/resolv.conf` to an absolute path .
API:
- A large number of potential file descriptor leaks from improperly closing client connections have been fixed.
3.3.0:
Features:
- Containers inside VMs created by `podman machine` will now automatically handle port forwarding - containers in `podman machine` VMs that publish ports via `--publish` or `--publish-all` will have these ports not just forwarded on the VM, but also on the host system.
- The `podman play kube` command's `--network` option now accepts advanced network options (e.g. `--network slirp4netns:port_handler=slirp4netns`) .
- The `podman play kube` commmand now supports Kubernetes liveness probes, which will be created as Podman healthchecks.
- Podman now provides a systemd unit, `podman-restart.service`, which, when enabled, will restart all containers that were started with `--restart=always` after the system reboots.
- Rootless Podman can now be configured to use CNI networking by default by using the `rootless_networking` option in `containers.conf`.
- Images can now be pulled using `image:tag@digest` syntax (e.g. `podman pull fedora:34@sha256:1b0d4ddd99b1a8c8a80e885aafe6034c95f266da44ead992aab388e6aa91611a`) .
- The `podman container checkpoint` and `podman container restore` commands can now be used to checkpoint containers that are in pods, and restore those containers into pods.
- The `podman container restore` command now features a new option, `--publish`, to change the ports that are forwarded to a container that is being restored from an exported checkpoint.
- The `podman container checkpoint` command now features a new option, `--compress`, to specify the compression algorithm that will be used on the generated checkpoint.
- The `podman pull` command can now pull multiple images at once (e.g. `podman pull fedora:34 ubi8:latest` will pull both specified images).
- THe `podman cp` command can now copy files from one container into another directly (e.g. `podman cp containera:/etc/hosts containerb:/etc/`) .
- The `podman cp` command now supports a new option, `--archive`, which controls whether copied files will be chown'd to the UID and GID of the user of the destination container.
- The `podman stats` command now provides two additional metrics: Average CPU, and CPU time.
- The `podman pod create` command supports a new flag, `--pid`, to specify the PID namespace of the pod. If specified, containers that join the pod will automatically share its PID namespace.
- The `podman pod create` command supports a new flag, `--infra-name`, which allows the name of the pod's infra container to be set .
- The `podman auto-update` command has had its output reformatted - it is now much clearer what images were pulled and what containers were updated.
- The `podman auto-update` command now supports a new option, `--dry-run`, which reports what would be updated but does not actually perform the update .
- The `podman build` command now supports a new option, `--secret`, to mount secrets into build containers.
- The `podman manifest remove` command now has a new alias, `podman manifest rm`.
- The `podman login` command now supports a new option, `--verbose`, to print detailed information about where the credentials entered were stored.
- The `podman events` command now supports a new event, `exec_died`, which is produced when an exec session exits, and includes the exit code of the exec session.
- The `podman system connection add` command now supports adding connections that connect using the `tcp://` and `unix://` URL schemes.
- The `podman system connection list` command now supports a new flag, `--format`, to determine how the output is printed.
- The `podman volume prune` and `podman volume ls` commands' `--filter` option now support a new filter, `until`, that matches volumes created before a certain time .
- The `podman ps --filter` option's `network` filter now accepts a new value: `container:`, which matches containers that share a network namespace with a specific container .
- The `podman diff` command can now accept two arguments, allowing two images or two containers to be specified; the diff between the two will be printed .
- Podman can now optionally copy-up content from containers into volumes mounted into those containers earlier (at creation time, instead of at runtime) via the `prepare_on_create` option in `containers.conf` .
- A new option, `--gpus`, has been added to `podman create` and `podman run` as a no-op for better compatibility with Docker. If the nvidia-container-runtime package is installed, GPUs should be automatically added to containers without using the flag.
- If an invalid subcommand is provided, similar commands to try will now be suggested in the error message.
### Changes
- The `podman system reset` command now removes non-Podman (e.g. Buildah and CRI-O) containers as well.
- The new port forwarding offered by `podman machine` requires [gvproxy] in order to function.
- Podman will now automatically create the default CNI network if it does not exist, for both root and rootless users. This will only be done once per user - if the network is subsequently removed, it will not be recreated.
- The `install.cni` makefile option has been removed. It is no longer required to distribute the default `87-podman.conflist` CNI configuration file, as Podman will now automatically create it.
- The `--root` option to Podman will not automatically clear all default storage options when set. Storage options can be set manually using `--storage-opt` .
- The output of `podman system connection list` is now deterministic, with connections being sorted alpabetically by their name.
- The auto-update service (`podman-auto-update.service`) has had its default timer adjusted so it now starts at a random time up to 15 minutes after midnight, to help prevent system congestion from numerous daily services run at once.
- Systemd unit files generated by `podman generate systemd` now depend on `network-online.target` by default .
- Systemd unit files generated by `podman generate systemd` now use `Type=notify` by default, instead of using PID files.
- The `podman info` command's logic for detecting package versions on Gentoo has been improved, and should be significantly faster.
Bugfixes:
- Fixed a bug where the `podman play kube` command did not perform SELinux relabelling of volumes specified with a `mountPath` that included the `:z` or `:Z` options .
- Fixed a bug where the `podman play kube` command would ignore the `USER` and `EXPOSE` directives in images .
- Fixed a bug where the `podman play kube` command would only accept lowercase pull policies.
- Fixed a bug where named volumes mounted into containers with the `:z` or `:Z` options were not appropriately relabelled for access from the container .
- Fixed a bug where the `podman logs -f` command, with the `journald` log driver, could sometimes fail to pick up the last line of output from a container .
- Fixed a bug where running `podman rm` on a container created with the `--rm` option would occasionally emit an error message saying the container failed to be removed, when it was successfully removed.
- Fixed a bug where starting a Podman container would segfault if the `LISTEN_PID` and `LISTEN_FDS` environment variables were set, but `LISTEN_FDNAMES` was not .
- Fixed a bug where exec sessions in containers were sometimes not cleaned up when run without `-d` and when the associated `podman exec` process was killed before completion.
- Fixed a bug where `podman system service` could, when run in a systemd unit file with sdnotify in use, drop some connections when it was starting up.
- Fixed a bug where containers run using the REST API using the `slirp4netns` network mode would leave zombie processes that were not cleaned up until `podman system service` exited .
- Fixed a bug where the `podman system service` command would leave zombie processes after its initial launch that were not cleaned up until it exited .
- Fixed a bug where VMs created by `podman machine` could not be started after the host system restarted .
- Fixed a bug where the `podman pod ps` command would not show headers for optional information (e.g. container names when the `--ctr-names` option was given).
- Fixed a bug where the remote Podman client's `podman create` and `podman run` commands would ignore timezone configuration from the server's `containers.conf` file .
- Fixed a bug where the remote Podman client's `podman build` command would only respect `.containerignore` and not `.dockerignore` files (when both are present, `.containerignore` will be preferred) .
- Fixed a bug where the remote Podman client's `podman build` command would fail to send the Dockerfile being built to the server when it was excluded by the `.dockerignore` file, resulting in an error .
- Fixed a bug where the remote Podman client's `podman build` command could unexpectedly stop streaming the output of the build .
- Fixed a bug where the remote Podman client's `podman build` command would fail to build when run on Windows .
- Fixed a bug where the `podman manifest create` command accepted at most two arguments (an arbitrary number of images are allowed as arguments, which will be added to the manifest).
- Fixed a bug where named volumes would not be properly chowned to the UID and GID of the directory they were mounted over when first mounted into a container .
- Fixed a bug where named volumes created using a volume plugin would be removed from Podman, even if the plugin reported a failure to remove the volume .
- Fixed a bug where the remote Podman client's `podman exec -i` command would hang when input was provided via shell redirection (e.g. `podman --remote exec -i foo cat <<<'hello'`) .
- Fixed a bug where containers created with `--rm` were not immediately removed after being started by `podman start` if they failed to start .
- Fixed a bug where the `--storage-opt` flag to `podman create` and `podman run` was nonfunctional .
- Fixed a bug where the `--device-cgroup-rule` option to `podman create` and `podman run` was nonfunctional .
- Fixed a bug where the `--tls-verify` option to `podman manifest push` was nonfunctional.
- Fixed a bug where the `podman import` command could, in some circumstances, produce empty images .
- Fixed a bug where images pulled using the `docker-daemon:` transport had the wrong registry (`localhost` instead of `docker.io/library`) .
- Fixed a bug where operations that pruned images (`podman image prune` and `podman system prune`) would prune untagged images with children .
- Fixed a bug where dual-stack networks created by `podman network create` did not properly auto-assign an IPv4 subnet when one was not explicitly specified .
- Fixed a bug where port forwarding using the `rootlessport` port forwarder would break when a network was disconnected and then reconnected .
- Fixed a bug where Podman would ignore user-specified SELinux policies for containers using the Kata OCI runtime, or containers using systemd as PID 1 .
- Fixed a bug where Podman containers created using `--net=host` would add an entry to `/etc/hosts` for the container's hostname pointing to `127.0.1.1` .
- Fixed a bug where the `podman unpause --all` command would throw an error for every container that was not paused .
- Fixed a bug where timestamps for the `since` and `until` filters using Unix timestamps with a nanoseconds portion could not be parsed .
- Fixed a bug where the `podman info` command would sometimes print the wrong path for the `slirp4netns` binary.
- Fixed a bug where rootless Podman containers joined to a CNI network would not have functional DNS when the host used systemd-resolved without the resolved stub resolver being enabled .
- Fixed a bug where `podman network connect` and `podman network disconnect` of rootless containers could sometimes break port forwarding to the container .
- Fixed a bug where joining a container to a CNI network by ID and adding network aliases to this network would cause the container to fail to start .
### API
- Fixed a bug where the Compat List endpoint for Containers included healthcheck information for all containers, even those that did not have a configured healthcheck.
- Fixed a bug where the Compat Create endpoint for Containers would fail to create containers with the `NetworkMode` parameter set to `default` .
- Fixed a bug where the Compat Create endpoint for Containers did not properly handle healthcheck commands .
- Fixed a bug where the Compat Wait endpoint for Containers would always send an empty string error message when no error occurred.
- Fixed a bug where the Libpod Stats endpoint for Containers would not error when run on rootless containers on cgroups v1 systems (nonsensical results would be returned, as this configuration cannot be supportable).
- Fixed a bug where the Compat List endpoint for Images omitted the `ContainerConfig` field .
- Fixed a bug where the Compat Build endpoint for Images was too strict when validating the `Content-Type` header, rejecting content that Docker would have accepted .
- Fixed a bug where the Compat Pull endpoint for Images could fail, but return a 200 status code, if an image name that could not be parsed was provided.
- Fixed a bug where the Compat Pull endpoint for Images would continue to pull images after the client disconnected.
- Fixed a bug where the Compat List endpoint for Networks would fail for non-bridge (e.g. macvlan) networks .
- Fixed a bug where the Libpod List endpoint for Networks would return nil, instead of an empty list, when no networks were present .
- The Compat and Libpod Logs endpoints for Containers now support the `until` query parameter .
- The Compat Import endpoint for Images now supports the `platform`, `message`, and `repo` query parameters.
- The Compat Pull endpoint for Images now supports the `platform` query parameter.
Misc:
- Updated Buildah to v1.22.3
- Updated the containers/storage library to v1.34.1
- Updated the containers/image library to v5.15.2
- Updated the containers/common library to v0.42.1
storage was updated to 1.36.0.
Updated image to 5.16.0.
Update podman to 3.2.3:
Security:
- This release addresses CVE-2021-3602, an issue with the `podman build` command with the `--isolation chroot` flag that results in environment variables from the host leaking into build containers. (bsc#1188520)
Bugfixes:
- Fixed a bug where events related to images could occur before the relevant operation had completed (e.g. an image pull event could be written before the pull was finished) .
- Fixed a bug where `podman save` would refuse to save images with an architecture different from that of the host .
- Fixed a bug where the `podman import` command did not correctly handle images without tags .
- Fixed a bug where Podman's journald events backend would fail and prevent Podman from running when run on a host with systemd as PID1 but in an environment (e.g. a container) without systemd .
- Fixed a bug where containers using rootless CNI networking would fail to start when the `dnsname` CNI plugin was in use and the host system's `/etc/resolv.conf` was a symlink ([#10855] and [#10929](https://github.com/containers/podman/issues/10929)).
- Fixed a bug where containers using rootless CNI networking could fail to start due to a race in rootless CNI initialization .
Update podman to 3.2.2
3.2.2:
- Podman's handling of the Architecture field of images has been relaxed. Since 3.2.0, Podman required that the architecture of the image match the architecture of the system to run containers based on an image, but images often incorrectly report architecture, causing Podman to reject valid images ([#10648] and [#10682](https://github.com/containers/podman/issues/10682)).
- Podman no longer uses inotify to monitor for changes to CNI configurations. This removes potential issues where Podman cannot be run because a user has exhausted their available inotify sessions .
Bugfixes
- Fixed a bug where the `podman cp` would, when given a directory as its source and a target that existed and was a file, copy the contents of the directory into the parent directory of the file; this now results in an error.
- Fixed a bug where the `podman logs` command would, when following a running container's logs, not include the last line of output from the container when it exited when the `k8s-file` driver was in use .
- Fixed a bug where Podman would fail to run containers if `systemd-resolved` was incorrectly detected as the system's DNS server .
- Fixed a bug where the `podman exec -t` command would only resize the exec session's TTY after the session started, leading to a race condition where the terminal would initially not have a size set .
- Fixed a bug where Podman containers using the `slirp4netns` network mode would add an incorrect entry to `/etc/hosts` pointing the container's hostname to the wrong IP address.
- Fixed a bug where Podman would create volumes specified by images with incorrect permissions ([#10188] and [#10606](https://github.com/containers/podman/issues/10606)).
- Fixed a bug where Podman would not respect the `uid` and `gid` options to `podman volume create -o` .
- Fixed a bug where the `podman run` command could panic when parsing the system's cgroup configuration .
- Fixed a bug where the remote Podman client's `podman build -f - ...` command did not read a Containerfile from STDIN .
- Fixed a bug where the `podman container restore --import` command would fail to restore checkpoints created from privileged containers .
- Fixed a bug where Podman was not respecting the `TMPDIR` environment variable when pulling images .
- Fixed a bug where a number of Podman commands did not properly support using Go templates as an argument to the `--format` option.
API:
- Fixed a bug where the Compat Inspect endpoint for Containers did not include information on container healthchecks .
- Fixed a bug where the Libpod and Compat Build endpoints for Images did not properly handle the `devices` query parameter .
Misc:
- Fixed a bug where the Makefile's `make podman-remote-static` target to build a statically-linked `podman-remote` binary was instead producing dynamic binaries .
- Updated the containers/common library to v0.38.11
3.2.1:
Changes:
- Podman now allows corrupt images (e.g. from restarting the system during an image pull) to be replaced by a `podman pull` of the same image (instead of requiring they be removed first, then re-pulled).
Bugfixes:
- Fixed a bug where Podman would fail to start containers if a Seccomp profile was not available at `/usr/share/containers/seccomp.json` .
- Fixed a bug where the `podman machine start` command failed on OS X machines with the AMD64 architecture and certain QEMU versions .
- Fixed a bug where Podman would always use the slow path for joining the rootless user namespace.
- Fixed a bug where the `podman stats` command would fail on Cgroups v1 systems when run on a container running systemd .
- Fixed a bug where pre-checkpoint support for `podman container checkpoint` did not function correctly.
- Fixed a bug where the remote Podman client's `podman build` command did not properly handle the `-f` option .
- Fixed a bug where the remote Podman client's `podman run` command would sometimes not resize the container's terminal before execution began .
- Fixed a bug where the `--filter` option to the `podman image prune` command was nonfunctional.
- Fixed a bug where the `podman logs -f` command would exit before all output for a container was printed when the `k8s-file` log driver was in use .
- Fixed a bug where Podman would not correctly detect that systemd-resolved was in use on the host and adjust DNS servers in the container appropriately under some circumstances .
- Fixed a bug where the `podman network connect` and `podman network disconnect` commands acted improperly when containers were in the Created state, marking the changes as done but not actually performing them.
API:
- Fixed a bug where the Compat and Libpod Prune endpoints for Networks returned null, instead of an empty array, when nothing was pruned.
- Fixed a bug where the Create API for Images would continue to pull images even if a client closed the connection mid-pull .
- Fixed a bug where the Events API did not include some information (including labels) when sending events.
- Fixed a bug where the Events API would, when streaming was not requested, send at most one event .
3.2.0:
Features:
- Docker Compose is now supported with rootless Podman .
- The `podman network connect`, `podman network disconnect`, and `podman network reload` commands have been enabled for rootless Podman.
- An experimental new set of commands, `podman machine`, was added to assist in managing virtual machines containing a Podman server. These are intended for easing the use of Podman on OS X by handling the creation of a Linux VM for running Podman.
- The `podman generate kube` command can now be run on Podman named volumes (generating `PersistentVolumeClaim` YAML), in addition to pods and containers.
- The `podman play kube` command now supports two new options, `--ip` and `--mac`, to set static IPs and MAC addresses for created pods ([#8442] and [#9731](https://github.com/containers/podman/issues/9731)).
- The `podman play kube` command's support for `PersistentVolumeClaim` YAML has been greatly improved.
- The `podman generate kube` command now preserves the label used by `podman auto-update` to identify containers to update as a Kubernetes annotation, and the `podman play kube` command will convert this annotation back into a label. This allows `podman auto-update` to be used with containers created by `podman play kube`.
- The `podman play kube` command now supports Kubernetes `secretRef` YAML (using the secrets support from `podman secret`) for environment variables.
- Secrets can now be added to containers as environment variables using the `type=env` option to the `--secret` flag to `podman create` and `podman run`.
- The `podman start` command now supports the `--all` option, allowing all containers to be started simultaneously with a single command. The `--filter` option has also been added to filter which containers to start when `--all` is used.
- Filtering containers with the `--filter` option to `podman ps` and `podman start` now supports a new filter, `restart-policy`, to filter containers based on their restart policy.
- The `--group-add` option to rootless `podman run` and `podman create` now accepts a new value, `keep-groups`, which instructs Podman to retain the supplemental groups of the user running Podman in the created container. This is only supported with the `crun` OCI runtime.
- The `podman run` and `podman create` commands now support a new option, `--timeout`. This sets a maximum time the container is allowed to run, after which it is killed .
- The `podman run` and `podman create` commands now support a new option, `--pidfile`. This will create a file when the container is started containing the PID of the first process in the container.
- The `podman run` and `podman create` commands now support a new option, `--requires`. The `--requires` option adds dependency containers - containers that must be running before the current container. Commands like `podman start` will automatically start the requirements of a container before starting the container itself.
- Auto-updating containers can now be done with locally-built images, not just images hosted on a registry, by creating containers with the `io.containers.autoupdate` label set to `local`.
- Podman now supports the [Container Device Interface] (CDI) standard.
- Podman now adds an entry to `/etc/hosts`, `host.containers.internal`, pointing to the current gateway (which, for root containers, is usually a bridge interface on the host system) .
- The `podman ps`, `podman pod ps`, `podman network list`, `podman secret list`, and `podman volume list` commands now support a `--noheading` option, which will cause Podman to omit the heading line including column names.
- The `podman unshare` command now supports a new flag, `--rootless-cni`, to join the rootless network namespace. This allows commands to be run in the same network environment as rootless containers with CNI networking.
- The `--security-opt unmask=` option to `podman run` and `podman create` now supports glob operations to unmask a group of paths at once (e.g. `podman run --security-opt unmask=/proc/* ...` will unmask all paths in `/proc` in the container).
- The `podman network prune` command now supports a `--filter` option to filter which networks will be pruned.
### Changes
- The change in Podman 3.1.2 where the `:z` and `:Z` mount options for volumes were ignored for privileged containers has been reverted after discussion in [#10209].
- Podman's rootless CNI functionality no longer requires a sidecar container! The removal of the requirement for the `rootless-cni-infra` container means that rootless CNI is now usable on all architectures, not just AMD64, and no longer requires pulling an image .
- The Image handling code used by Podman has seen a major rewrite to improve code sharing with our other projects, Buildah and CRI-O. This should result in fewer bugs and performance gains in the long term. Work on this is still ongoing.
- The `podman auto-update` command now prunes previous versions of images after updating if they are unused, to prevent disk exhaustion after repeated updates .
- The `podman play kube` now treats environment variables configured as references to a `ConfigMap` as mandatory unless the `optional` parameter was set; this better matches the behavior of Kubernetes.
- Podman now supports the `--context=default` flag from Docker as a no-op for compatibility purposes.
- When Podman is run as root, but without `CAP_SYS_ADMIN` being available, it will run in a user namespace using the same code as rootless Podman (instead of failing outright).
- The `podman info` command now includes the path of the Seccomp profile Podman is using, available cgroup controllers, and whether Podman is connected to a remote service or running containers locally.
- Containers created with the `--rm` option now automatically use the `volatile` storage flag when available for their root filesystems, causing them not to write changes to disk as often as they will be removed at completion anyways. This should result in improved performance.
- The `podman generate systemd --new` command will now include environment variables referenced by the container in generated unit files if the value would be looked up from the system environment.
- Podman now requires that Conmon v2.0.24 be available.
Bugfixes:
- Fixed a bug where the remote Podman client's `podman build` command did not support the `--arch`, `--platform`, and `--os`, options.
- Fixed a bug where the remote Podman client's `podman build` command ignored the `--rm=false` option .
- Fixed a bug where the remote Podman client's `podman build --iidfile` command could include extra output (in addition to just the image ID) in the image ID file written .
- Fixed a bug where the remote Podman client's `podman build` command did not preserve hardlinks when moving files into the container via `COPY` instructions .
- Fixed a bug where the `podman generate systemd --new` command could generate extra `--iidfile` arguments if the container was already created with one.
- Fixed a bug where the `podman generate systemd --new` command would generate unit files that did not include `RequiresMountsFor` lines .
- Fixed a bug where the `podman generate kube` command produced incorrect YAML for containers which bind-mounted both `/` and `/root` from the host system into the container .
- Fixed a bug where pods created by `podman play kube` from YAML that specified `ShareProcessNamespace` would only share the PID namespace (and not also the UTS, Network, and IPC namespaces) .
- Fixed a bug where the `podman network reload` command could generate spurious error messages when `iptables-nft` was in use.
- Fixed a bug where rootless Podman could fail to attach to containers when the user running Podman had a large UID.
- Fixed a bug where the `podman ps` command could fail with a `no such container` error due to a race condition with container removal .
- Fixed a bug where containers using the `slirp4netns` network mode and setting a custom `slirp4netns` subnet while using the `rootlesskit` port forwarder would not be able to forward ports .
- Fixed a bug where the `--filter ancestor=` option to `podman ps` did not require an exact match of the image name/ID to include a container in its results.
- Fixed a bug where the `--filter until=` option to `podman image prune` would prune images created after the specified time (instead of before).
- Fixed a bug where setting a custom Seccomp profile via the `seccomp_profile` option in `containers.conf` had no effect, and the default profile was used instead.
- Fixed a bug where the `--cgroup-parent` option to `podman create` and `podman run` was ignored in rootless Podman on cgroups v2 systems with the `cgroupfs` cgroup manager .
- Fixed a bug where the `IMAGE` and `NAME` variables in `podman container runlabel` were not being correctly substituted .
- Fixed a bug where Podman could freeze when creating containers with a specific combination of volumes and working directory .
- Fixed a bug where rootless Podman containers restarted by restart policy (e.g. containers created with `--restart=always`) would lose networking after being restarted .
- Fixed a bug where the `podman cp` command could not copy files into containers created with the `--pid=host` flag .
- Fixed a bug where filters to the `podman events` command could not be specified twice (if a filter is specified more than once, it will match if any of the given values match - logical or) .
- Fixed a bug where Podman would include IPv6 nameservers in `resolv.conf` in containers without IPv6 connectivity .
- Fixed a bug where containers could not be created with static IP addresses when connecting to a network using the `macvlan` driver .
### API
- Fixed a bug where the Compat Create endpoint for Containers did not allow advanced network options to be set .
- Fixed a bug where the Compat Create endpoint for Containers ignored static IP information provided in the `IPAMConfig` block .
- Fixed a bug where the Compat Inspect endpoint for Containers returned null (instead of an empty list) for Networks when the container was not joined to a CNI network .
- Fixed a bug where the Compat Wait endpoint for Containers could miss containers exiting if they were immediately restarted.
- Fixed a bug where the Compat Create endpoint for Volumes required that the user provide a name for the new volume .
- Fixed a bug where the Libpod Info handler would sometimes not return the correct path to the Podman API socket.
- Fixed a bug where the Compat Events handler used the wrong name for container exited events (`died` instead of `die`) .
- Fixed a bug where the Compat Push endpoint for Images could leak goroutines if the remote end closed the connection prematurely.
Update storage to 1.32.5
Update podman to 3.1.2
3.1.2:
Bugfixes:
- Fixed a bug where images with empty layers were stored incorrectly, causing them to be unable to be pushed or saved.
- Fixed a bug where the `podman rmi` command could fail to remove corrupt images from storage.
- Fixed a bug where the remote Podman client's `podman save` command did not support the `oci-dir` and `docker-dir` formats .
- Fixed a bug where volume mounts from `podman play kube` created with a trailing `/` in the container path were were not properly superceding named volumes from the image .
- Fixed a bug where Podman could fail to build on 32-bit architectures.
Update podman to 3.1.1
- Podman now recognizes `trace` as a valid argument to the `--log-level` command. Trace logging is now the most verbose level of logging available.
- The `:z` and `:Z` options for volume mounts are now ignored when the container is privileged or is run with SELinux isolation disabled (`--security-opt label=disable`). This matches better matches Docker's behavior in this case.
Bugfixes
- Fixed a bug where pruning images with the `podman image prune` or `podman system prune` commands could cause Podman to panic.
- Fixed a bug where the `podman save` command did not properly error when the `--compress` flag was used with incompatible format types.
- Fixed a bug where the `--security-opt` and `--ulimit` options to the remote Podman client's `podman build` command were nonfunctional.
- Fixed a bug where the `--log-rusage` option to the remote Podman client's `podman build` command was nonfunctional .
- Fixed a bug where the `podman build` command could, in some circumstances, use the wrong OCI runtime .
- Fixed a bug where the remote Podman client's `podman build` command could return 0 despite failing .
- Fixed a bug where the `podman container runlabel` command did not properly expand the `IMAGE` and `NAME` variables in the label .
- Fixed a bug where poststop OCI hooks would be executed twice on containers started with the `--rm` argument .
- Fixed a bug where rootless Podman could fail to launch containers on cgroups v2 systems when the `cgroupfs` cgroup manager was in use.
- Fixed a bug where the `podman stats` command could error when statistics tracked exceeded the maximum size of a 32-bit signed integer .
- Fixed a bug where rootless Podman containers run with `--userns=keepid` (without a `--user` flag in addition) would grant exec sessions run in them too many capabilities .
- Fixed a bug where the `--authfile` option to `podman build` did not validate that the path given existed .
- Fixed a bug where the `--storage-opt` option to Podman was appending to, instead of overriding (as is documented), the default storage options.
- Fixed a bug where the `podman system service` connection did not function properly when run in a socket-activated systemd unit file as a non-root user.
- Fixed a bug where the `--network` option to the `podman play kube` command of the remote Podman client was being ignored .
- Fixed a bug where the `--log-driver` option to the `podman play kube` command was nonfunctional .
API
- Fixed a bug where the Libpod Create endpoint for Manifests did not properly validate the image the manifest was being created with.
- Fixed a bug where the Libpod DF endpoint could, in error cases, append an extra null to the JSON response, causing decode errors.
- Fixed a bug where the Libpod and Compat Top endpoint for Containers would return process names that included extra whitespace.
- Fixed a bug where the Compat Prune endpoint for Containers accepted too many types of filter.
Update podman to 3.1.0
Features:
- A set of new commands has been added to manage secrets! The `podman secret create`, `podman secret inspect`, `podman secret ls` and `podman secret rm` commands have been added to handle secrets, along with the `--secret` option to `podman run` and `podman create` to add secrets to containers. The initial driver for secrets does not support encryption - this will be added in a future release.
- A new command to prune networks, `podman network prune`, has been added .
- The `-v` option to `podman run` and `podman create` now supports a new volume option, `:U`, to chown the volume's source directory on the host to match the UID and GID of the container and prevent permissions issues .
- Three new commands, `podman network exists`, `podman volume exists`, and `podman manifest exists`, have been added to check for the existence of networks, volumes, and manifest lists.
- The `podman cp` command can now copy files into directories mounted as `tmpfs` in a running container.
- The `podman volume prune` command will now list volumes that will be pruned when prompting the user whether to continue and perform the prune .
- The Podman remote client's `podman build` command now supports the `--disable-compression`, `--excludes`, and `--jobs` options.
- The Podman remote client's `podman push` command now supports the `--format` option.
- The Podman remote client's `podman rm` command now supports the `--all` and `--ignore` options.
- The Podman remote client's `podman search` command now supports the `--no-trunc` and `--list-tags` options.
- The `podman play kube` command can now read in Kubernetes YAML from `STDIN` when `-` is specified as file name (`podman play kube -`), allowing input to be piped into the command for scripting .
- The `podman generate systemd` command now supports a `--no-header` option, which disables creation of the header comment automatically added by Podman to generated unit files.
- The `podman generate kube` command can now generate `PersistentVolumeClaim` YAML for Podman named volumes .
- The `podman generate kube` command can now generate YAML files containing multiple resources (pods or deployments) .
Security:
- This release resolves CVE-2021-20291, a deadlock vulnerability in the storage library caused by pulling a specially-crafted container image. (bsc#1196497)
Changes:
- The Podman remote client's `podman build` command no longer allows the `-v` flag to be used. Volumes are not yet supported with remote Podman when the client and service are on different machines.
- The `podman kill` and `podman stop` commands now print the name given by the user for each container, instead of the full ID.
- When the `--security-opt unmask=ALL` or `--security-opt unmask=/sys/fs/cgroup` options to `podman create` or `podman run` are given, Podman will mount cgroups into the container as read-write, instead of read-only .
- The `podman rmi` command has been changed to better handle cases where an image is incomplete or corrupted, which can be caused by interrupted image pulls.
- The `podman rename` command has been improved to be more atomic, eliminating many race conditions that could potentially render a renamed container unusable.
- Detection of which OCI runtimes run using virtual machines and thus require custom SELinux labelling has been improved .
- The hidden `--trace` option to `podman` has been turned into a no-op. It was used in very early versions for performance tracing, but has not been supported for some time.
- The `podman generate systemd` command now generates `RequiresMountsFor` lines to ensure necessary storage directories are mounted before systemd starts Podman.
- Podman will now emit a warning when `--tty` and `--interactive` are both passed, but `STDIN` is not a TTY. This will be made into an error in the next major Podman release some time next year.
### Bugfixes
- Fixed a bug where rootless Podman containers joined to CNI networks could not receive traffic from forwarded ports .
- Fixed a bug where `podman network create` with the `--macvlan` flag did not honor the `--gateway`, `--subnet`, and `--opt` options .
- Fixed a bug where the `podman generate kube` command generated invalid YAML for privileged containers .
- Fixed a bug where the `podman generate kube` command could not be used with containers that were not running.
- Fixed a bug where the `podman generate systemd` command could duplicate some parameters to Podman in generated unit files .
- Fixed a bug where Podman did not add annotations specified in `containers.conf` to containers.
- Foxed a bug where Podman did not respect the `no_hosts` default in `containers.conf` when creating containers.
- Fixed a bug where the `--tail=0`, `--since`, and `--follow` options to the `podman logs` command did not function properly when using the `journald` log backend.
- Fixed a bug where specifying more than one container to `podman logs` when the `journald` log backend was in use did not function correctly.
- Fixed a bug where the `podman run` and `podman create` commands would panic if a memory limit was set, but the swap limit was set to unlimited .
- Fixed a bug where the `--network` option to `podman run`, `podman create`, and `podman pod create` would error if the user attempted to specify CNI networks by ID, instead of name .
- Fixed a bug where Podman's cgroup handling for cgroups v1 systems did not properly handle cases where a cgroup existed on some, but not all, controllers, resulting in errors from the `podman stats` command .
- Fixed a bug where the `podman cp` did not properly handle cases where `/dev/stdout` was specified as the destination (it was treated identically to `-`) .
- Fixed a bug where the `podman cp` command would create files with incorrect ownership .
- Fixed a bug where the `podman cp` command did not properly handle cases where the destination directory did not exist.
- Fixed a bug where the `podman cp` command did not properly evaluate symlinks when copying out of containers.
- Fixed a bug where the `podman rm -fa` command would error when attempting to remove containers created with `--rm` .
- Fixed a bug where the ordering of capabilities was nondeterministic in the `CapDrop` field of the output of `podman inspect` on a container .
- Fixed a bug where the `podman network connect` command could be used with containers that were not initially connected to a CNI bridge network (e.g. containers created with `--net=host`) .
- Fixed a bug where DNS search domains required by the `dnsname` CNI plugin were not being added to container's `resolv.conf` under some circumstances.
- Fixed a bug where the `--ignorefile` option to `podman build` was nonfunctional .
- Fixed a bug where the `--timestamp` option to `podman build` was nonfunctional .
- Fixed a bug where the `--iidfile` option to `podman build` could cause Podman to panic if an error occurred during the build.
- Fixed a bug where the `--dns-search` option to `podman build` was nonfunctional .
- Fixed a bug where the `--pull-never` option to `podman build` was nonfunctional .
- Fixed a bug where the `--build-arg` option to `podman build` would, when given a key but not a value, error (instead of attempting to look up the key as an environment variable) .
- Fixed a bug where the `--isolation` option to `podman build` in the remote Podman client was nonfunctional.
- Fixed a bug where the `podman network disconnect` command could cause errors when the container that had a network removed was stopped and its network was cleaned up .
- Fixed a bug where the `podman network rm` command did not properly check what networks a container was present in, resulting in unexpected behavior if `podman network connect` or `podman network disconnect` had been used with the network .
- Fixed a bug where some errors with stopping a container could cause Podman to panic, and the container to be stuck in an unusable `stopping` state .
- Fixed a bug where the `podman load` command could return 0 even in cases where an error occurred .
- Fixed a bug where specifying storage options to Podman using the `--storage-opt` option would override all storage options. Instead, storage options are now overridden only when the `--storage-driver` option is used to override the current graph driver .
- Fixed a bug where containers created with `--privileged` could request more capabilities than were available to Podman.
- Fixed a bug where `podman commit` did not use the `TMPDIR` environment variable to place temporary files created during the commit .
- Fixed a bug where remote Podman could error when attempting to resize short-lived containers .
- Fixed a bug where Podman was unusable on kernels built without `CONFIG_USER_NS`.
- Fixed a bug where the ownership of volumes created by `podman volume create` and then mounted into a container could be incorrect .
- Fixed a bug where Podman volumes using a volume plugin could not pass certain options, and could not be used as non-root users.
- Fixed a bug where the `--tz` option to `podman create` and `podman run` did not properly validate its input.
### API
- Fixed a bug where the `X-Registry-Auth` header did not accept `null` as a valid value.
- A new compat endpoint, `/auth`, has been added. This endpoint validates credentials against a registry .
- Fixed a bug where the compat Build endpoint for Images specified labels using the wrong type (array vs map). Both formats will be accepted now.
- Fixed a bug where the compat Build endpoint for Images did not report that it successfully tagged the built image in its response.
- Fixed a bug where the compat Create endpoint for Images did not provide progress information on pulling the image in its response.
- Fixed a bug where the compat Push endpoint for Images did not properly handle the destination (used a query parameter, instead of a path parameter).
- Fixed a bug where the compat Push endpoint for Images did not send the progress of the push and the digest of the pushed image in the response body.
- Fixed a bug where the compat List endpoint for Networks returned null, instead of an empty array (`[]`), when no networks were present .
- Fixed a bug where the compat List endpoint for Networks returned nulls, instead of empty maps, for networks that do not have Labels and/or Options.
- The Libpod Inspect endpoint for networks (`/libpod/network/$ID/json`) now has an alias at `/libpod/network/$ID` .
- Fixed a bug where the libpod Inspect endpoint for Networks returned a 1-size array of results, instead of a single result .
- The Compat List endpoint for Networks now supports the legacy format for filters in parallel with the current filter format .
- Fixed a bug where the compat Create endpoint for Containers did not properly handle tmpfs filesystems specified with options .
- Fixed a bug where the compat Create endpoint for Containers did not create bind-mount source directories .
- Fixed a bug where the compat Create endpoint for Containers did not properly handle the `NanoCpus` option .
- Fixed a bug where the Libpod create endpoint for Containers has a misnamed field in its JSON.
- Fixed a bug where the compat List endpoint for Containers did not populate information on forwarded ports
- Fixed a bug where the compat List endpoint for Containers did not populate information on container CNI networks .
- Fixed a bug where the compat and libpod Stop endpoints for Containers would ignore a timeout of 0.
- Fixed a bug where the compat and libpod Resize endpoints for Containers did not set the correct terminal sizes (dimensions were reversed) .
- Fixed a bug where the compat Remove endpoint for Containers would not return 404 when attempting to remove a container that does not exist .
- Fixed a bug where the compat Prune endpoint for Volumes would still prune even if an invalid filter was specified.
- Numerous bugs related to filters have been addressed.
Update podman to 3.0.1
3.0.1:
Changes:
- Several frequently-occurring `WARN` level log messages have been downgraded to `INFO` or `DEBUG` to not clutter terminal output.
Bugfixes:
- Fixed a bug where the `Created` field of `podman ps --format=json` was formatted as a string instead of an Unix timestamp (integer) .
- Fixed a bug where failing lookups of individual layers during the `podman images` command would cause the whole command to fail without printing output.
- Fixed a bug where `--cgroups=split` did not function properly on cgroups v1 systems.
- Fixed a bug where mounting a volume over an directory in the container that existed, but was empty, could fail .
- Fixed a bug where mounting a volume over a directory in the container that existed could copy the entirety of the container's rootfs, instead of just the directory mounted over, into the volume .
- Fixed a bug where Podman would treat the `--entrypoint=['']` option to `podman run` and `podman create` as a literal empty string in the entrypoint, when instead it should have been ignored .
- Fixed a bug where Podman would set the `HOME` environment variable to `''` when the container ran as a user without an assigned home directory .
- Fixed a bug where specifying a pod infra image that had no tags (by using its ID) would cause `podman pod create` to panic .
- Fixed a bug where the `--runtime` option was not properly handled by the `podman build` command .
- Fixed a bug where Podman would incorrectly print an error message related to the remote API when the remote API was not in use and starting Podman failed.
- Fixed a bug where Podman would change ownership of a container's working directory, even if it already existed .
- Fixed a bug where the `podman generate systemd --new` command would incorrectly escape `%t` when generating the path for the PID file .
- Fixed a bug where Podman could, when run inside a Podman container with the host's containers/storage directory mounted into the container, erroneously detect a reboot and reset container state if the temporary directory was not also mounted in .
- Fixed a bug where some options of the `podman build` command (including but not limited to `--jobs`) were nonfunctional .
### API
- Fixed a breaking change to the Libpod Wait API for Containers where the Conditions parameter changed type in Podman v3.0 .
- Fixed a bug where the Compat Create endpoint for Containers did not properly handle forwarded ports that did not specify a host port.
- Fixed a bug where the Libpod Wait endpoint for Containers could write duplicate headers after an error occurred.
- Fixed a bug where the Compat Create endpoint for Images would not pull images that already had a matching tag present locally, even if a more recent version was available at the registry .
- The Compat Create endpoint for Images has had its compatibility with Docker improved, allowing its use with the `docker-java` library.
### Misc
- Updated Buildah to v1.19.4
- Updated the containers/storage library to v1.24.6
3.0.0:
Features:
- Podman now features initial support for Docker Compose.
- Added the `podman rename` command, which allows containers to be renamed after they are created .
- The Podman remote client now supports the `podman copy` command.
- A new command, `podman network reload`, has been added. This command will re-configure the network of all running containers, and can be used to recreate firewall rules lost when the system firewall was reloaded (e.g. via `firewall-cmd --reload`).
- Podman networks now have IDs. They can be seen in `podman network ls` and can be used when removing and inspecting networks. Existing networks receive IDs automatically.
- Podman networks now also support labels. They can be added via the `--label` option to `network create`, and `podman network ls` can filter labels based on them.
- The `podman network create` command now supports setting bridge MTU and VLAN through the `--opt` option .
- The `podman container checkpoint` and `podman container restore` commands can now checkpoint and restore containers that include volumes.
- The `podman container checkpoint` command now supports the `--with-previous` and `--pre-checkpoint` options, and the `podman container restore` command now support the `--import-previous` option. These add support for two-step checkpointing with lowered dump times.
- The `podman push` command can now push manifest lists. Podman will first attempt to push as an image, then fall back to pushing as a manifest list if that fails.
- The `podman generate kube` command can now be run on multiple containers at once, and will generate a single pod containing all of them.
- The `podman generate kube` and `podman play kube` commands now support Kubernetes DNS configuration, and will preserve custom DNS configuration when exporting or importing YAML .
- The `podman generate kube` command now properly supports generating YAML for containers and pods creating using host networking (`--net=host`) .
- The `podman kill` command now supports a `--cidfile` option to kill containers given a file containing the container's ID .
- The `podman pod create` command now supports the `--net=none` option .
- The `podman volume create` command can now specify volume UID and GID as options with the `UID` and `GID` fields passed to the the `--opt` option.
- Initial support has been added for Docker Volume Plugins. Podman can now define available plugins in `containers.conf` and use them to create volumes with `podman volume create --driver`.
- The `podman run` and `podman create` commands now support a new option, `--platform`, to specify the platform of the image to be used when creating the container.
- The `--security-opt` option to `podman run` and `podman create` now supports the `systempaths=unconfined` option to unrestrict access to all paths in the container, as well as `mask` and `unmask` options to allow more granular restriction of container paths.
- The `podman stats --format` command now supports a new format specified, `MemUsageBytes`, which prints the raw bytes of memory consumed by a container without human-readable formatting [#8945].
- The `podman ps` command can now filter containers based on what pod they are joined to via the `pod` filter .
- The `podman pod ps` command can now filter pods based on what networks they are joined to via the `network` filter.
- The `podman pod ps` command can now print information on what networks a pod is joined to via the `.Networks` specifier to the `--format` option.
- The `podman system prune` command now supports filtering what containers, pods, images, and volumes will be pruned.
- The `podman volume prune` commands now supports filtering what volumes will be pruned.
- The `podman system prune` command now includes information on space reclaimed .
- The `podman info` command will now properly print information about packages in use on Gentoo and Arch systems.
- The `containers.conf` file now contains an option for disabling creation of a new kernel keyring on container creation .
- The `podman image sign` command can now sign multi-arch images by producing a signature for each image in a given manifest list.
- The `podman image sign` command, when run as rootless, now supports per-user registry configuration files in `$HOME/.config/containers/registries.d`.
- Configuration options for `slirp4netns` can now be set system-wide via the `NetworkCmdOptions` configuration option in `containers.conf`.
- The MTU of `slirp4netns` can now be configured via the `mtu=` network command option (e.g. `podman run --net slirp4netns:mtu=9000`).
Security:
- A fix for CVE-2021-20199 is included. Podman between v1.8.0 and v2.2.1 used `127.0.0.1` as the source address for all traffic forwarded into rootless containers by a forwarded port; this has been changed to address the issue. (bsc#1181640)
Changes:
- Shortname aliasing support has now been turned on by default. All Podman commands that must pull an image will, if a TTY is available, prompt the user about what image to pull.
- The `podman load` command no longer accepts a `NAME[:TAG]` argument. The presence of this argument broke CLI compatibility with Docker by making `docker load` commands unusable with Podman .
- The Go bindings for the HTTP API have been rewritten with a focus on limiting dependency footprint and improving extensibility. Read more [here].
- The legacy Varlink API has been completely removed from Podman.
- The default log level for Podman has been changed from Error to Warn.
- The `podman network create` command can now create `macvlan` networks using the `--driver macvlan` option for Docker compatibility. The existing `--macvlan` flag has been deprecated and will be removed in Podman 4.0 some time next year.
- The `podman inspect` command has had the `LogPath` and `LogTag` fields moved into the `LogConfig` structure (from the root of the Inspect structure). The maximum size of the log file is also included.
- The `podman generate systemd` command no longer generates unit files using the deprecated `KillMode=none` option .
- The `podman stop` command now releases the container lock while waiting for it to stop - as such, commands like `podman ps` will no longer block until `podman stop` completes .
- Networks created with `podman network create --internal` no longer use the `dnsname` plugin. This configuration never functioned as expected.
- Error messages for the remote Podman client have been improved when it cannot connect to a Podman service.
- Error messages for `podman run` when an invalid SELinux is specified have been improved.
- Rootless Podman features improved support for containers with a single user mapped into the rootless user namespace.
- Pod infra containers now respect default sysctls specified in `containers.conf` allowing for advanced configuration of the namespaces they will share.
- SSH public key handling for remote Podman has been improved.
### Bugfixes
- Fixed a bug where the `podman history --no-trunc` command would truncate the `Created By` field .
- Fixed a bug where root containers that did not explicitly specify a CNI network to join did not generate an entry for the network in use in the `Networks` field of the output of `podman inspect` .
- Fixed a bug where, under some circumstances, container working directories specified by the image (via the `WORKDIR` instruction) but not present in the image, would not be created .
- Fixed a bug where the `podman generate systemd` command would generate invalid unit files if the container was creating using a command line that included doubled braces (`{{` and `}}`), e.g. `--log-opt-tag={{.Name}}` .
- Fixed a bug where the `podman generate systemd --new` command could generate unit files including invalid Podman commands if the container was created using merged short options (e.g. `podman run -dt`) .
- Fixed a bug where the `podman generate systemd --new` command could generate unit files that did not handle Podman commands including some special characters (e.g. `$`) ([#9176]
- Fixed a bug where rootless containers joining CNI networks could not set a static IP address .
- Fixed a bug where rootless containers joining CNI networks could not set network aliases .
- Fixed a bug where the remote client could, under some circumstances, not include the `Containerfile` when sending build context to the server .
- Fixed a bug where rootless Podman did not mount `/sys` as a new `sysfs` in some circumstances where it was acceptable.
- Fixed a bug where rootless containers that both joined a user namespace and a CNI networks would cause a segfault. These options are incompatible and now return an error.
- Fixed a bug where the `podman play kube` command did not properly handle `CMD` and `ARGS` from images .
- Fixed a bug where the `podman play kube` command did not properly handle environment variables from images .
- Fixed a bug where the `podman play kube` command did not properly print errors that occurred when starting containers.
- Fixed a bug where the `podman play kube` command errored when `hostNetwork` was used .
- Fixed a bug where the `podman play kube` command would always pull images when the `:latest` tag was specified, even if the image was available locally .
- Fixed a bug where the `podman play kube` command did not properly handle SELinux configuration, rending YAML with custom SELinux configuration unusable .
- Fixed a bug where the `podman generate kube` command incorrectly populated the `args` and `command` fields of generated YAML .
- Fixed a bug where containers in a pod would create a duplicate entry in the pod's shared `/etc/hosts` file every time the container restarted .
- Fixed a bug where the `podman search --list-tags` command did not support the `--format` option .
- Fixed a bug where the `http_proxy` option in `containers.conf` was not being respected, and instead was set unconditionally to true .
- Fixed a bug where rootless Podman could, on systems with a recent Conmon and users with a long username, fail to attach to containers .
- Fixed a bug where the `podman images` command would break and fail to display any images if an empty manifest list was present in storage .
- Fixed a bug where locale environment variables were not properly passed on to Conmon.
- Fixed a bug where Podman would not build on the MIPS architecture .
- Fixed a bug where rootless Podman could fail to properly configure user namespaces for rootless containers when the user specified a `--uidmap` option that included a mapping beginning with UID `0`.
- Fixed a bug where the `podman logs` command using the `k8s-file` backend did not properly handle partial log lines with a length of 1 .
- Fixed a bug where the `podman logs` command with the `--follow` option did not properly handle log rotation .
- Fixed a bug where user-specified `HOSTNAME` environment variables were overwritten by Podman .
- Fixed a bug where Podman would applied default sysctls from `containers.conf` in too many situations (e.g. applying network sysctls when the container shared its network with a pod).
- Fixed a bug where Podman did not properly handle cases where a secondary image store was in use and an image was present in both the secondary and primary stores .
- Fixed a bug where systemd-managed rootless Podman containers where the user in the container was not root could fail as the container's PID file was not accessible to systemd on the host .
- Fixed a bug where the `--privileged` option to `podman run` and `podman create` would, under some circumstances, not disable Seccomp .
- Fixed a bug where the `podman exec` command did not properly add capabilities when the container or exec session were run with `--privileged`.
- Fixed a bug where rootless Podman would use the `--enable-sandbox` option to `slirp4netns` unconditionally, even when `pivot_root` was disabled, rendering `slirp4netns` unusable when `pivot_root` was disabled .
- Fixed a bug where `podman build --logfile` did not actually write the build's log to the logfile.
- Fixed a bug where the `podman system service` command did not close STDIN, and could display user-interactive prompts .
- Fixed a bug where the `podman system reset` command could, under some circumstances, remove all the contents of the `XDG_RUNTIME_DIR` directory .
- Fixed a bug where the `podman network create` command created CNI configurations that did not include a default gateway .
- Fixed a bug where the `podman.service` systemd unit provided by default used the wrong service type, and would cause systemd to not correctly register the service as started .
- Fixed a bug where, if the `TMPDIR` environment variable was set for the container engine in `containers.conf`, it was being ignored.
- Fixed a bug where the `podman events` command did not properly handle future times given to the `--until` option .
- Fixed a bug where the `podman logs` command wrote container `STDERR` logs to `STDOUT` instead of `STDERR` .
- Fixed a bug where containers created from an image with multiple tags would report that they were created from the wrong tag .
- Fixed a bug where container capabilities were not set properly when the `--cap-add=all` and `--user` options to `podman create` and `podman run` were combined.
- Fixed a bug where the `--layers` option to `podman build` was nonfunctional .
- Fixed a bug where the `podman system prune` command did not act recursively, and thus would leave images, containers, pods, and volumes present that would be removed by a subsequent call to `podman system prune` .
- Fixed a bug where the `--publish` option to `podman run` and `podman create` did not properly handle ports specified as a range of ports with no host port specified .
- Fixed a bug where `--format` did not support JSON output for individual fields .
- Fixed a bug where the `podman stats` command would fail when run on root containers using the `slirp4netns` network mode .
- Fixed a bug where the Podman remote client would ask for a password even if the server's SSH daemon did not support password authentication .
- Fixed a bug where the `podman stats` command would fail if the system did not support one or more of the cgroup controllers Podman supports .
- Fixed a bug where the `--mount` option to `podman create` and `podman run` did not ignore the `consistency` mount option.
- Fixed a bug where failures during the resizing of a container's TTY would print the wrong error.
- Fixed a bug where the `podman network disconnect` command could cause the `podman inspect` command to fail for a container until it was restarted .
- Fixed a bug where containers created from a read-only rootfs (using the `--rootfs` option to `podman create` and `podman run`) would fail .
- Fixed a bug where specifying Go templates to the `--format` option to multiple Podman commands did not support the `join` function .
- Fixed a bug where the `podman rmi` command could, when run in parallel on multiple images, return `layer not known` errors .
- Fixed a bug where the `podman inspect` command on containers displayed unlimited ulimits incorrectly .
- Fixed a bug where Podman would fail to start when a volume was mounted over a directory in a container that contained symlinks that terminated outside the directory and its subdirectories .
### API
- All Libpod Pod APIs have been modified to properly report errors with individual containers. Cases where the operation as a whole succeeded but individual containers failed now report an HTTP 409 error .
- The Compat API for Containers now supports the Rename and Copy APIs.
- Fixed a bug where the Compat Prune APIs (for volumes, containers, and images) did not return the amount of space reclaimed in their responses.
- Fixed a bug where the Compat and Libpod Exec APIs for Containers would drop errors that occurred prior to the exec session successfully starting (e.g. a 'no such file' error if an invalid executable was passed)
- Fixed a bug where the Volumes field in the Compat Create API for Containers was being ignored .
- Fixed a bug where the NetworkMode field in the Compat Create API for Containers was not handling some values, e.g. `container:`, correctly.
- Fixed a bug where the Compat Create API for Containers did not set container name properly.
- Fixed a bug where containers created using the Compat Create API unconditionally used Kubernetes file logging (the default specified in `containers.conf` is now used).
- Fixed a bug where the Compat Inspect API for Containers could include container states not recognized by Docker.
- Fixed a bug where Podman did not properly clean up after calls to the Events API when the `journald` backend was in use, resulting in a leak of file descriptors .
- Fixed a bug where the Libpod Pull endpoint for Images could fail with an `index out of range` error under certain circumstances .
- Fixed a bug where the Libpod Exists endpoint for Images could panic.
- Fixed a bug where the Compat List API for Containers did not support all filters .
- Fixed a bug where the Compat List API for Containers did not properly populate the Status field.
- Fixed a bug where the Compat and Libpod Resize APIs for Containers ignored the height and width parameters .
- Fixed a bug where the Compat Search API for Images returned an incorrectly-formatted JSON response .
- Fixed a bug where the Compat Load API for Images did not properly clean up temporary files.
- Fixed a bug where the Compat Create API for Networks could panic when an empty IPAM configuration was specified.
- Fixed a bug where the Compat Inspect and List APIs for Networks did not include Scope.
- Fixed a bug where the Compat Wait endpoint for Containers did not support the same wait conditions that Docker did.
Patchnames
SUSE-2022-3312,SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-3312,SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-3312,SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-3312,SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-3312,SUSE-SLE-Product-SLES-15-SP1-BCL-2022-3312,SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-3312,SUSE-SLE-Product-SLES-15-SP2-BCL-2022-3312,SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-3312,SUSE-SLE-Product-SLES_SAP-15-SP1-2022-3312,SUSE-SLE-Product-SLES_SAP-15-SP2-2022-3312,SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-3312,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-3312,SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-3312,SUSE-Storage-6-2022-3312,SUSE-Storage-7-2022-3312
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for libcontainers-common",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for libcontainers-common fixes the following issues:\n\nlibcontainers-common was updated:\n\n- common component was updated to 0.44.0.\n- storage component was updated to 1.36.0.\n- image component was updated to 5.16.0.\n- podman component was updated to 3.3.1.\n\n3.3.1:\n\nBugfixes:\n\n- Fixed a bug where unit files created by `podman generate systemd` could not cleanup shut down containers when stopped by `systemctl stop` .\n- Fixed a bug where `podman machine` commands would not properly locate the `gvproxy` binary in some circumstances.\n- Fixed a bug where containers created as part of a pod using the `--pod-id-file` option would not join the pod\u0027s network namespace .\n- Fixed a bug where Podman, when using the systemd cgroups driver, could sometimes leak dbus sessions.\n- Fixed a bug where the `until` filter to `podman logs` and `podman events` was improperly handled, requiring input to be negated .\n- Fixed a bug where rootless containers using CNI networking run on systems using `systemd-resolved` for DNS would fail to start if resolved symlinked `/etc/resolv.conf` to an absolute path .\n\nAPI:\n\n- A large number of potential file descriptor leaks from improperly closing client connections have been fixed.\n\n3.3.0:\n\nFeatures:\n\n- Containers inside VMs created by `podman machine` will now automatically handle port forwarding - containers in `podman machine` VMs that publish ports via `--publish` or `--publish-all` will have these ports not just forwarded on the VM, but also on the host system.\n- The `podman play kube` command\u0027s `--network` option now accepts advanced network options (e.g. `--network slirp4netns:port_handler=slirp4netns`) .\n- The `podman play kube` commmand now supports Kubernetes liveness probes, which will be created as Podman healthchecks.\n- Podman now provides a systemd unit, `podman-restart.service`, which, when enabled, will restart all containers that were started with `--restart=always` after the system reboots.\n- Rootless Podman can now be configured to use CNI networking by default by using the `rootless_networking` option in `containers.conf`.\n- Images can now be pulled using `image:tag@digest` syntax (e.g. `podman pull fedora:34@sha256:1b0d4ddd99b1a8c8a80e885aafe6034c95f266da44ead992aab388e6aa91611a`) .\n- The `podman container checkpoint` and `podman container restore` commands can now be used to checkpoint containers that are in pods, and restore those containers into pods.\n- The `podman container restore` command now features a new option, `--publish`, to change the ports that are forwarded to a container that is being restored from an exported checkpoint.\n- The `podman container checkpoint` command now features a new option, `--compress`, to specify the compression algorithm that will be used on the generated checkpoint.\n- The `podman pull` command can now pull multiple images at once (e.g. `podman pull fedora:34 ubi8:latest` will pull both specified images).\n- THe `podman cp` command can now copy files from one container into another directly (e.g. `podman cp containera:/etc/hosts containerb:/etc/`) .\n- The `podman cp` command now supports a new option, `--archive`, which controls whether copied files will be chown\u0027d to the UID and GID of the user of the destination container.\n- The `podman stats` command now provides two additional metrics: Average CPU, and CPU time.\n- The `podman pod create` command supports a new flag, `--pid`, to specify the PID namespace of the pod. If specified, containers that join the pod will automatically share its PID namespace.\n- The `podman pod create` command supports a new flag, `--infra-name`, which allows the name of the pod\u0027s infra container to be set .\n- The `podman auto-update` command has had its output reformatted - it is now much clearer what images were pulled and what containers were updated.\n- The `podman auto-update` command now supports a new option, `--dry-run`, which reports what would be updated but does not actually perform the update .\n- The `podman build` command now supports a new option, `--secret`, to mount secrets into build containers.\n- The `podman manifest remove` command now has a new alias, `podman manifest rm`.\n- The `podman login` command now supports a new option, `--verbose`, to print detailed information about where the credentials entered were stored.\n- The `podman events` command now supports a new event, `exec_died`, which is produced when an exec session exits, and includes the exit code of the exec session.\n- The `podman system connection add` command now supports adding connections that connect using the `tcp://` and `unix://` URL schemes.\n- The `podman system connection list` command now supports a new flag, `--format`, to determine how the output is printed.\n- The `podman volume prune` and `podman volume ls` commands\u0027 `--filter` option now support a new filter, `until`, that matches volumes created before a certain time .\n- The `podman ps --filter` option\u0027s `network` filter now accepts a new value: `container:`, which matches containers that share a network namespace with a specific container .\n- The `podman diff` command can now accept two arguments, allowing two images or two containers to be specified; the diff between the two will be printed .\n- Podman can now optionally copy-up content from containers into volumes mounted into those containers earlier (at creation time, instead of at runtime) via the `prepare_on_create` option in `containers.conf` .\n- A new option, `--gpus`, has been added to `podman create` and `podman run` as a no-op for better compatibility with Docker. If the nvidia-container-runtime package is installed, GPUs should be automatically added to containers without using the flag.\n- If an invalid subcommand is provided, similar commands to try will now be suggested in the error message.\n### Changes\n- The `podman system reset` command now removes non-Podman (e.g. Buildah and CRI-O) containers as well.\n- The new port forwarding offered by `podman machine` requires [gvproxy] in order to function.\n- Podman will now automatically create the default CNI network if it does not exist, for both root and rootless users. This will only be done once per user - if the network is subsequently removed, it will not be recreated.\n- The `install.cni` makefile option has been removed. It is no longer required to distribute the default `87-podman.conflist` CNI configuration file, as Podman will now automatically create it.\n- The `--root` option to Podman will not automatically clear all default storage options when set. Storage options can be set manually using `--storage-opt` .\n- The output of `podman system connection list` is now deterministic, with connections being sorted alpabetically by their name.\n- The auto-update service (`podman-auto-update.service`) has had its default timer adjusted so it now starts at a random time up to 15 minutes after midnight, to help prevent system congestion from numerous daily services run at once.\n- Systemd unit files generated by `podman generate systemd` now depend on `network-online.target` by default .\n- Systemd unit files generated by `podman generate systemd` now use `Type=notify` by default, instead of using PID files.\n- The `podman info` command\u0027s logic for detecting package versions on Gentoo has been improved, and should be significantly faster.\n\nBugfixes:\n\n- Fixed a bug where the `podman play kube` command did not perform SELinux relabelling of volumes specified with a `mountPath` that included the `:z` or `:Z` options .\n- Fixed a bug where the `podman play kube` command would ignore the `USER` and `EXPOSE` directives in images .\n- Fixed a bug where the `podman play kube` command would only accept lowercase pull policies.\n- Fixed a bug where named volumes mounted into containers with the `:z` or `:Z` options were not appropriately relabelled for access from the container .\n- Fixed a bug where the `podman logs -f` command, with the `journald` log driver, could sometimes fail to pick up the last line of output from a container .\n- Fixed a bug where running `podman rm` on a container created with the `--rm` option would occasionally emit an error message saying the container failed to be removed, when it was successfully removed.\n- Fixed a bug where starting a Podman container would segfault if the `LISTEN_PID` and `LISTEN_FDS` environment variables were set, but `LISTEN_FDNAMES` was not .\n- Fixed a bug where exec sessions in containers were sometimes not cleaned up when run without `-d` and when the associated `podman exec` process was killed before completion.\n- Fixed a bug where `podman system service` could, when run in a systemd unit file with sdnotify in use, drop some connections when it was starting up.\n- Fixed a bug where containers run using the REST API using the `slirp4netns` network mode would leave zombie processes that were not cleaned up until `podman system service` exited .\n- Fixed a bug where the `podman system service` command would leave zombie processes after its initial launch that were not cleaned up until it exited .\n- Fixed a bug where VMs created by `podman machine` could not be started after the host system restarted .\n- Fixed a bug where the `podman pod ps` command would not show headers for optional information (e.g. container names when the `--ctr-names` option was given).\n- Fixed a bug where the remote Podman client\u0027s `podman create` and `podman run` commands would ignore timezone configuration from the server\u0027s `containers.conf` file .\n- Fixed a bug where the remote Podman client\u0027s `podman build` command would only respect `.containerignore` and not `.dockerignore` files (when both are present, `.containerignore` will be preferred) .\n- Fixed a bug where the remote Podman client\u0027s `podman build` command would fail to send the Dockerfile being built to the server when it was excluded by the `.dockerignore` file, resulting in an error .\n- Fixed a bug where the remote Podman client\u0027s `podman build` command could unexpectedly stop streaming the output of the build .\n- Fixed a bug where the remote Podman client\u0027s `podman build` command would fail to build when run on Windows .\n- Fixed a bug where the `podman manifest create` command accepted at most two arguments (an arbitrary number of images are allowed as arguments, which will be added to the manifest).\n- Fixed a bug where named volumes would not be properly chowned to the UID and GID of the directory they were mounted over when first mounted into a container .\n- Fixed a bug where named volumes created using a volume plugin would be removed from Podman, even if the plugin reported a failure to remove the volume .\n- Fixed a bug where the remote Podman client\u0027s `podman exec -i` command would hang when input was provided via shell redirection (e.g. `podman --remote exec -i foo cat \u003c\u003c\u003c\u0027hello\u0027`) .\n- Fixed a bug where containers created with `--rm` were not immediately removed after being started by `podman start` if they failed to start .\n- Fixed a bug where the `--storage-opt` flag to `podman create` and `podman run` was nonfunctional .\n- Fixed a bug where the `--device-cgroup-rule` option to `podman create` and `podman run` was nonfunctional .\n- Fixed a bug where the `--tls-verify` option to `podman manifest push` was nonfunctional.\n- Fixed a bug where the `podman import` command could, in some circumstances, produce empty images .\n- Fixed a bug where images pulled using the `docker-daemon:` transport had the wrong registry (`localhost` instead of `docker.io/library`) .\n- Fixed a bug where operations that pruned images (`podman image prune` and `podman system prune`) would prune untagged images with children .\n- Fixed a bug where dual-stack networks created by `podman network create` did not properly auto-assign an IPv4 subnet when one was not explicitly specified .\n- Fixed a bug where port forwarding using the `rootlessport` port forwarder would break when a network was disconnected and then reconnected .\n- Fixed a bug where Podman would ignore user-specified SELinux policies for containers using the Kata OCI runtime, or containers using systemd as PID 1 .\n- Fixed a bug where Podman containers created using `--net=host` would add an entry to `/etc/hosts` for the container\u0027s hostname pointing to `127.0.1.1` .\n- Fixed a bug where the `podman unpause --all` command would throw an error for every container that was not paused .\n- Fixed a bug where timestamps for the `since` and `until` filters using Unix timestamps with a nanoseconds portion could not be parsed .\n- Fixed a bug where the `podman info` command would sometimes print the wrong path for the `slirp4netns` binary.\n- Fixed a bug where rootless Podman containers joined to a CNI network would not have functional DNS when the host used systemd-resolved without the resolved stub resolver being enabled .\n- Fixed a bug where `podman network connect` and `podman network disconnect` of rootless containers could sometimes break port forwarding to the container .\n- Fixed a bug where joining a container to a CNI network by ID and adding network aliases to this network would cause the container to fail to start .\n### API\n- Fixed a bug where the Compat List endpoint for Containers included healthcheck information for all containers, even those that did not have a configured healthcheck.\n- Fixed a bug where the Compat Create endpoint for Containers would fail to create containers with the `NetworkMode` parameter set to `default` .\n- Fixed a bug where the Compat Create endpoint for Containers did not properly handle healthcheck commands .\n- Fixed a bug where the Compat Wait endpoint for Containers would always send an empty string error message when no error occurred.\n- Fixed a bug where the Libpod Stats endpoint for Containers would not error when run on rootless containers on cgroups v1 systems (nonsensical results would be returned, as this configuration cannot be supportable).\n- Fixed a bug where the Compat List endpoint for Images omitted the `ContainerConfig` field .\n- Fixed a bug where the Compat Build endpoint for Images was too strict when validating the `Content-Type` header, rejecting content that Docker would have accepted .\n- Fixed a bug where the Compat Pull endpoint for Images could fail, but return a 200 status code, if an image name that could not be parsed was provided.\n- Fixed a bug where the Compat Pull endpoint for Images would continue to pull images after the client disconnected.\n- Fixed a bug where the Compat List endpoint for Networks would fail for non-bridge (e.g. macvlan) networks .\n- Fixed a bug where the Libpod List endpoint for Networks would return nil, instead of an empty list, when no networks were present .\n- The Compat and Libpod Logs endpoints for Containers now support the `until` query parameter .\n- The Compat Import endpoint for Images now supports the `platform`, `message`, and `repo` query parameters.\n- The Compat Pull endpoint for Images now supports the `platform` query parameter.\n\nMisc:\n\n- Updated Buildah to v1.22.3\n- Updated the containers/storage library to v1.34.1\n- Updated the containers/image library to v5.15.2\n- Updated the containers/common library to v0.42.1\n\nstorage was updated to 1.36.0.\n\nUpdated image to 5.16.0.\n\nUpdate podman to 3.2.3:\n\nSecurity:\n\n- This release addresses CVE-2021-3602, an issue with the `podman build` command with the `--isolation chroot` flag that results in environment variables from the host leaking into build containers. (bsc#1188520)\n\nBugfixes:\n\n- Fixed a bug where events related to images could occur before the relevant operation had completed (e.g. an image pull event could be written before the pull was finished) .\n- Fixed a bug where `podman save` would refuse to save images with an architecture different from that of the host .\n- Fixed a bug where the `podman import` command did not correctly handle images without tags .\n- Fixed a bug where Podman\u0027s journald events backend would fail and prevent Podman from running when run on a host with systemd as PID1 but in an environment (e.g. a container) without systemd .\n- Fixed a bug where containers using rootless CNI networking would fail to start when the `dnsname` CNI plugin was in use and the host system\u0027s `/etc/resolv.conf` was a symlink ([#10855] and [#10929](https://github.com/containers/podman/issues/10929)).\n- Fixed a bug where containers using rootless CNI networking could fail to start due to a race in rootless CNI initialization .\n\nUpdate podman to 3.2.2\n\n3.2.2:\n\n- Podman\u0027s handling of the Architecture field of images has been relaxed. Since 3.2.0, Podman required that the architecture of the image match the architecture of the system to run containers based on an image, but images often incorrectly report architecture, causing Podman to reject valid images ([#10648] and [#10682](https://github.com/containers/podman/issues/10682)).\n- Podman no longer uses inotify to monitor for changes to CNI configurations. This removes potential issues where Podman cannot be run because a user has exhausted their available inotify sessions .\n\nBugfixes\n\n- Fixed a bug where the `podman cp` would, when given a directory as its source and a target that existed and was a file, copy the contents of the directory into the parent directory of the file; this now results in an error.\n- Fixed a bug where the `podman logs` command would, when following a running container\u0027s logs, not include the last line of output from the container when it exited when the `k8s-file` driver was in use .\n- Fixed a bug where Podman would fail to run containers if `systemd-resolved` was incorrectly detected as the system\u0027s DNS server .\n- Fixed a bug where the `podman exec -t` command would only resize the exec session\u0027s TTY after the session started, leading to a race condition where the terminal would initially not have a size set .\n- Fixed a bug where Podman containers using the `slirp4netns` network mode would add an incorrect entry to `/etc/hosts` pointing the container\u0027s hostname to the wrong IP address.\n- Fixed a bug where Podman would create volumes specified by images with incorrect permissions ([#10188] and [#10606](https://github.com/containers/podman/issues/10606)).\n- Fixed a bug where Podman would not respect the `uid` and `gid` options to `podman volume create -o` .\n- Fixed a bug where the `podman run` command could panic when parsing the system\u0027s cgroup configuration .\n- Fixed a bug where the remote Podman client\u0027s `podman build -f - ...` command did not read a Containerfile from STDIN .\n- Fixed a bug where the `podman container restore --import` command would fail to restore checkpoints created from privileged containers .\n- Fixed a bug where Podman was not respecting the `TMPDIR` environment variable when pulling images .\n- Fixed a bug where a number of Podman commands did not properly support using Go templates as an argument to the `--format` option.\n\nAPI:\n\n- Fixed a bug where the Compat Inspect endpoint for Containers did not include information on container healthchecks .\n- Fixed a bug where the Libpod and Compat Build endpoints for Images did not properly handle the `devices` query parameter .\n\nMisc:\n\n- Fixed a bug where the Makefile\u0027s `make podman-remote-static` target to build a statically-linked `podman-remote` binary was instead producing dynamic binaries .\n- Updated the containers/common library to v0.38.11\n\n3.2.1:\n\nChanges:\n- Podman now allows corrupt images (e.g. from restarting the system during an image pull) to be replaced by a `podman pull` of the same image (instead of requiring they be removed first, then re-pulled).\n\nBugfixes:\n\n- Fixed a bug where Podman would fail to start containers if a Seccomp profile was not available at `/usr/share/containers/seccomp.json` .\n- Fixed a bug where the `podman machine start` command failed on OS X machines with the AMD64 architecture and certain QEMU versions .\n- Fixed a bug where Podman would always use the slow path for joining the rootless user namespace.\n- Fixed a bug where the `podman stats` command would fail on Cgroups v1 systems when run on a container running systemd .\n- Fixed a bug where pre-checkpoint support for `podman container checkpoint` did not function correctly.\n- Fixed a bug where the remote Podman client\u0027s `podman build` command did not properly handle the `-f` option .\n- Fixed a bug where the remote Podman client\u0027s `podman run` command would sometimes not resize the container\u0027s terminal before execution began .\n- Fixed a bug where the `--filter` option to the `podman image prune` command was nonfunctional.\n- Fixed a bug where the `podman logs -f` command would exit before all output for a container was printed when the `k8s-file` log driver was in use .\n- Fixed a bug where Podman would not correctly detect that systemd-resolved was in use on the host and adjust DNS servers in the container appropriately under some circumstances .\n- Fixed a bug where the `podman network connect` and `podman network disconnect` commands acted improperly when containers were in the Created state, marking the changes as done but not actually performing them.\n\nAPI:\n\n- Fixed a bug where the Compat and Libpod Prune endpoints for Networks returned null, instead of an empty array, when nothing was pruned.\n- Fixed a bug where the Create API for Images would continue to pull images even if a client closed the connection mid-pull .\n- Fixed a bug where the Events API did not include some information (including labels) when sending events.\n- Fixed a bug where the Events API would, when streaming was not requested, send at most one event .\n\n3.2.0:\n\nFeatures:\n\n- Docker Compose is now supported with rootless Podman .\n- The `podman network connect`, `podman network disconnect`, and `podman network reload` commands have been enabled for rootless Podman.\n- An experimental new set of commands, `podman machine`, was added to assist in managing virtual machines containing a Podman server. These are intended for easing the use of Podman on OS X by handling the creation of a Linux VM for running Podman.\n- The `podman generate kube` command can now be run on Podman named volumes (generating `PersistentVolumeClaim` YAML), in addition to pods and containers.\n- The `podman play kube` command now supports two new options, `--ip` and `--mac`, to set static IPs and MAC addresses for created pods ([#8442] and [#9731](https://github.com/containers/podman/issues/9731)).\n- The `podman play kube` command\u0027s support for `PersistentVolumeClaim` YAML has been greatly improved.\n- The `podman generate kube` command now preserves the label used by `podman auto-update` to identify containers to update as a Kubernetes annotation, and the `podman play kube` command will convert this annotation back into a label. This allows `podman auto-update` to be used with containers created by `podman play kube`.\n- The `podman play kube` command now supports Kubernetes `secretRef` YAML (using the secrets support from `podman secret`) for environment variables.\n- Secrets can now be added to containers as environment variables using the `type=env` option to the `--secret` flag to `podman create` and `podman run`.\n- The `podman start` command now supports the `--all` option, allowing all containers to be started simultaneously with a single command. The `--filter` option has also been added to filter which containers to start when `--all` is used.\n- Filtering containers with the `--filter` option to `podman ps` and `podman start` now supports a new filter, `restart-policy`, to filter containers based on their restart policy.\n- The `--group-add` option to rootless `podman run` and `podman create` now accepts a new value, `keep-groups`, which instructs Podman to retain the supplemental groups of the user running Podman in the created container. This is only supported with the `crun` OCI runtime.\n- The `podman run` and `podman create` commands now support a new option, `--timeout`. This sets a maximum time the container is allowed to run, after which it is killed .\n- The `podman run` and `podman create` commands now support a new option, `--pidfile`. This will create a file when the container is started containing the PID of the first process in the container.\n- The `podman run` and `podman create` commands now support a new option, `--requires`. The `--requires` option adds dependency containers - containers that must be running before the current container. Commands like `podman start` will automatically start the requirements of a container before starting the container itself.\n- Auto-updating containers can now be done with locally-built images, not just images hosted on a registry, by creating containers with the `io.containers.autoupdate` label set to `local`.\n- Podman now supports the [Container Device Interface] (CDI) standard.\n- Podman now adds an entry to `/etc/hosts`, `host.containers.internal`, pointing to the current gateway (which, for root containers, is usually a bridge interface on the host system) .\n- The `podman ps`, `podman pod ps`, `podman network list`, `podman secret list`, and `podman volume list` commands now support a `--noheading` option, which will cause Podman to omit the heading line including column names.\n- The `podman unshare` command now supports a new flag, `--rootless-cni`, to join the rootless network namespace. This allows commands to be run in the same network environment as rootless containers with CNI networking.\n- The `--security-opt unmask=` option to `podman run` and `podman create` now supports glob operations to unmask a group of paths at once (e.g. `podman run --security-opt unmask=/proc/* ...` will unmask all paths in `/proc` in the container).\n- The `podman network prune` command now supports a `--filter` option to filter which networks will be pruned.\n### Changes\n- The change in Podman 3.1.2 where the `:z` and `:Z` mount options for volumes were ignored for privileged containers has been reverted after discussion in [#10209].\n- Podman\u0027s rootless CNI functionality no longer requires a sidecar container! The removal of the requirement for the `rootless-cni-infra` container means that rootless CNI is now usable on all architectures, not just AMD64, and no longer requires pulling an image .\n- The Image handling code used by Podman has seen a major rewrite to improve code sharing with our other projects, Buildah and CRI-O. This should result in fewer bugs and performance gains in the long term. Work on this is still ongoing.\n- The `podman auto-update` command now prunes previous versions of images after updating if they are unused, to prevent disk exhaustion after repeated updates .\n- The `podman play kube` now treats environment variables configured as references to a `ConfigMap` as mandatory unless the `optional` parameter was set; this better matches the behavior of Kubernetes.\n- Podman now supports the `--context=default` flag from Docker as a no-op for compatibility purposes.\n- When Podman is run as root, but without `CAP_SYS_ADMIN` being available, it will run in a user namespace using the same code as rootless Podman (instead of failing outright).\n- The `podman info` command now includes the path of the Seccomp profile Podman is using, available cgroup controllers, and whether Podman is connected to a remote service or running containers locally.\n- Containers created with the `--rm` option now automatically use the `volatile` storage flag when available for their root filesystems, causing them not to write changes to disk as often as they will be removed at completion anyways. This should result in improved performance.\n- The `podman generate systemd --new` command will now include environment variables referenced by the container in generated unit files if the value would be looked up from the system environment.\n- Podman now requires that Conmon v2.0.24 be available.\n\nBugfixes:\n\n- Fixed a bug where the remote Podman client\u0027s `podman build` command did not support the `--arch`, `--platform`, and `--os`, options.\n- Fixed a bug where the remote Podman client\u0027s `podman build` command ignored the `--rm=false` option .\n- Fixed a bug where the remote Podman client\u0027s `podman build --iidfile` command could include extra output (in addition to just the image ID) in the image ID file written .\n- Fixed a bug where the remote Podman client\u0027s `podman build` command did not preserve hardlinks when moving files into the container via `COPY` instructions .\n- Fixed a bug where the `podman generate systemd --new` command could generate extra `--iidfile` arguments if the container was already created with one.\n- Fixed a bug where the `podman generate systemd --new` command would generate unit files that did not include `RequiresMountsFor` lines .\n- Fixed a bug where the `podman generate kube` command produced incorrect YAML for containers which bind-mounted both `/` and `/root` from the host system into the container .\n- Fixed a bug where pods created by `podman play kube` from YAML that specified `ShareProcessNamespace` would only share the PID namespace (and not also the UTS, Network, and IPC namespaces) .\n- Fixed a bug where the `podman network reload` command could generate spurious error messages when `iptables-nft` was in use.\n- Fixed a bug where rootless Podman could fail to attach to containers when the user running Podman had a large UID.\n- Fixed a bug where the `podman ps` command could fail with a `no such container` error due to a race condition with container removal .\n- Fixed a bug where containers using the `slirp4netns` network mode and setting a custom `slirp4netns` subnet while using the `rootlesskit` port forwarder would not be able to forward ports .\n- Fixed a bug where the `--filter ancestor=` option to `podman ps` did not require an exact match of the image name/ID to include a container in its results.\n- Fixed a bug where the `--filter until=` option to `podman image prune` would prune images created after the specified time (instead of before).\n- Fixed a bug where setting a custom Seccomp profile via the `seccomp_profile` option in `containers.conf` had no effect, and the default profile was used instead.\n- Fixed a bug where the `--cgroup-parent` option to `podman create` and `podman run` was ignored in rootless Podman on cgroups v2 systems with the `cgroupfs` cgroup manager .\n- Fixed a bug where the `IMAGE` and `NAME` variables in `podman container runlabel` were not being correctly substituted .\n- Fixed a bug where Podman could freeze when creating containers with a specific combination of volumes and working directory .\n- Fixed a bug where rootless Podman containers restarted by restart policy (e.g. containers created with `--restart=always`) would lose networking after being restarted .\n- Fixed a bug where the `podman cp` command could not copy files into containers created with the `--pid=host` flag .\n- Fixed a bug where filters to the `podman events` command could not be specified twice (if a filter is specified more than once, it will match if any of the given values match - logical or) .\n- Fixed a bug where Podman would include IPv6 nameservers in `resolv.conf` in containers without IPv6 connectivity .\n- Fixed a bug where containers could not be created with static IP addresses when connecting to a network using the `macvlan` driver .\n### API\n- Fixed a bug where the Compat Create endpoint for Containers did not allow advanced network options to be set .\n- Fixed a bug where the Compat Create endpoint for Containers ignored static IP information provided in the `IPAMConfig` block .\n- Fixed a bug where the Compat Inspect endpoint for Containers returned null (instead of an empty list) for Networks when the container was not joined to a CNI network .\n- Fixed a bug where the Compat Wait endpoint for Containers could miss containers exiting if they were immediately restarted.\n- Fixed a bug where the Compat Create endpoint for Volumes required that the user provide a name for the new volume .\n- Fixed a bug where the Libpod Info handler would sometimes not return the correct path to the Podman API socket.\n- Fixed a bug where the Compat Events handler used the wrong name for container exited events (`died` instead of `die`) .\n- Fixed a bug where the Compat Push endpoint for Images could leak goroutines if the remote end closed the connection prematurely.\n\n\nUpdate storage to 1.32.5\n\nUpdate podman to 3.1.2\n\n3.1.2:\n\nBugfixes:\n\n- Fixed a bug where images with empty layers were stored incorrectly, causing them to be unable to be pushed or saved.\n- Fixed a bug where the `podman rmi` command could fail to remove corrupt images from storage.\n- Fixed a bug where the remote Podman client\u0027s `podman save` command did not support the `oci-dir` and `docker-dir` formats .\n- Fixed a bug where volume mounts from `podman play kube` created with a trailing `/` in the container path were were not properly superceding named volumes from the image .\n- Fixed a bug where Podman could fail to build on 32-bit architectures.\n\nUpdate podman to 3.1.1\n\n- Podman now recognizes `trace` as a valid argument to the `--log-level` command. Trace logging is now the most verbose level of logging available.\n- The `:z` and `:Z` options for volume mounts are now ignored when the container is privileged or is run with SELinux isolation disabled (`--security-opt label=disable`). This matches better matches Docker\u0027s behavior in this case.\n\nBugfixes\n\n- Fixed a bug where pruning images with the `podman image prune` or `podman system prune` commands could cause Podman to panic.\n- Fixed a bug where the `podman save` command did not properly error when the `--compress` flag was used with incompatible format types.\n- Fixed a bug where the `--security-opt` and `--ulimit` options to the remote Podman client\u0027s `podman build` command were nonfunctional.\n- Fixed a bug where the `--log-rusage` option to the remote Podman client\u0027s `podman build` command was nonfunctional .\n- Fixed a bug where the `podman build` command could, in some circumstances, use the wrong OCI runtime .\n- Fixed a bug where the remote Podman client\u0027s `podman build` command could return 0 despite failing .\n- Fixed a bug where the `podman container runlabel` command did not properly expand the `IMAGE` and `NAME` variables in the label .\n- Fixed a bug where poststop OCI hooks would be executed twice on containers started with the `--rm` argument .\n- Fixed a bug where rootless Podman could fail to launch containers on cgroups v2 systems when the `cgroupfs` cgroup manager was in use.\n- Fixed a bug where the `podman stats` command could error when statistics tracked exceeded the maximum size of a 32-bit signed integer .\n- Fixed a bug where rootless Podman containers run with `--userns=keepid` (without a `--user` flag in addition) would grant exec sessions run in them too many capabilities .\n- Fixed a bug where the `--authfile` option to `podman build` did not validate that the path given existed .\n- Fixed a bug where the `--storage-opt` option to Podman was appending to, instead of overriding (as is documented), the default storage options.\n- Fixed a bug where the `podman system service` connection did not function properly when run in a socket-activated systemd unit file as a non-root user.\n- Fixed a bug where the `--network` option to the `podman play kube` command of the remote Podman client was being ignored .\n- Fixed a bug where the `--log-driver` option to the `podman play kube` command was nonfunctional .\n\nAPI\n\n- Fixed a bug where the Libpod Create endpoint for Manifests did not properly validate the image the manifest was being created with.\n- Fixed a bug where the Libpod DF endpoint could, in error cases, append an extra null to the JSON response, causing decode errors.\n- Fixed a bug where the Libpod and Compat Top endpoint for Containers would return process names that included extra whitespace.\n- Fixed a bug where the Compat Prune endpoint for Containers accepted too many types of filter.\n\nUpdate podman to 3.1.0\n\nFeatures:\n\n- A set of new commands has been added to manage secrets! The `podman secret create`, `podman secret inspect`, `podman secret ls` and `podman secret rm` commands have been added to handle secrets, along with the `--secret` option to `podman run` and `podman create` to add secrets to containers. The initial driver for secrets does not support encryption - this will be added in a future release.\n- A new command to prune networks, `podman network prune`, has been added .\n- The `-v` option to `podman run` and `podman create` now supports a new volume option, `:U`, to chown the volume\u0027s source directory on the host to match the UID and GID of the container and prevent permissions issues .\n- Three new commands, `podman network exists`, `podman volume exists`, and `podman manifest exists`, have been added to check for the existence of networks, volumes, and manifest lists.\n- The `podman cp` command can now copy files into directories mounted as `tmpfs` in a running container.\n- The `podman volume prune` command will now list volumes that will be pruned when prompting the user whether to continue and perform the prune .\n- The Podman remote client\u0027s `podman build` command now supports the `--disable-compression`, `--excludes`, and `--jobs` options.\n- The Podman remote client\u0027s `podman push` command now supports the `--format` option.\n- The Podman remote client\u0027s `podman rm` command now supports the `--all` and `--ignore` options.\n- The Podman remote client\u0027s `podman search` command now supports the `--no-trunc` and `--list-tags` options.\n- The `podman play kube` command can now read in Kubernetes YAML from `STDIN` when `-` is specified as file name (`podman play kube -`), allowing input to be piped into the command for scripting .\n- The `podman generate systemd` command now supports a `--no-header` option, which disables creation of the header comment automatically added by Podman to generated unit files.\n- The `podman generate kube` command can now generate `PersistentVolumeClaim` YAML for Podman named volumes .\n- The `podman generate kube` command can now generate YAML files containing multiple resources (pods or deployments) .\n\nSecurity:\n\n- This release resolves CVE-2021-20291, a deadlock vulnerability in the storage library caused by pulling a specially-crafted container image. (bsc#1196497)\n\nChanges:\n\n- The Podman remote client\u0027s `podman build` command no longer allows the `-v` flag to be used. Volumes are not yet supported with remote Podman when the client and service are on different machines.\n- The `podman kill` and `podman stop` commands now print the name given by the user for each container, instead of the full ID.\n- When the `--security-opt unmask=ALL` or `--security-opt unmask=/sys/fs/cgroup` options to `podman create` or `podman run` are given, Podman will mount cgroups into the container as read-write, instead of read-only .\n- The `podman rmi` command has been changed to better handle cases where an image is incomplete or corrupted, which can be caused by interrupted image pulls.\n- The `podman rename` command has been improved to be more atomic, eliminating many race conditions that could potentially render a renamed container unusable.\n- Detection of which OCI runtimes run using virtual machines and thus require custom SELinux labelling has been improved .\n- The hidden `--trace` option to `podman` has been turned into a no-op. It was used in very early versions for performance tracing, but has not been supported for some time.\n- The `podman generate systemd` command now generates `RequiresMountsFor` lines to ensure necessary storage directories are mounted before systemd starts Podman.\n- Podman will now emit a warning when `--tty` and `--interactive` are both passed, but `STDIN` is not a TTY. This will be made into an error in the next major Podman release some time next year.\n### Bugfixes\n- Fixed a bug where rootless Podman containers joined to CNI networks could not receive traffic from forwarded ports .\n- Fixed a bug where `podman network create` with the `--macvlan` flag did not honor the `--gateway`, `--subnet`, and `--opt` options .\n- Fixed a bug where the `podman generate kube` command generated invalid YAML for privileged containers .\n- Fixed a bug where the `podman generate kube` command could not be used with containers that were not running.\n- Fixed a bug where the `podman generate systemd` command could duplicate some parameters to Podman in generated unit files .\n- Fixed a bug where Podman did not add annotations specified in `containers.conf` to containers.\n- Foxed a bug where Podman did not respect the `no_hosts` default in `containers.conf` when creating containers.\n- Fixed a bug where the `--tail=0`, `--since`, and `--follow` options to the `podman logs` command did not function properly when using the `journald` log backend.\n- Fixed a bug where specifying more than one container to `podman logs` when the `journald` log backend was in use did not function correctly.\n- Fixed a bug where the `podman run` and `podman create` commands would panic if a memory limit was set, but the swap limit was set to unlimited .\n- Fixed a bug where the `--network` option to `podman run`, `podman create`, and `podman pod create` would error if the user attempted to specify CNI networks by ID, instead of name .\n- Fixed a bug where Podman\u0027s cgroup handling for cgroups v1 systems did not properly handle cases where a cgroup existed on some, but not all, controllers, resulting in errors from the `podman stats` command .\n- Fixed a bug where the `podman cp` did not properly handle cases where `/dev/stdout` was specified as the destination (it was treated identically to `-`) .\n- Fixed a bug where the `podman cp` command would create files with incorrect ownership .\n- Fixed a bug where the `podman cp` command did not properly handle cases where the destination directory did not exist.\n- Fixed a bug where the `podman cp` command did not properly evaluate symlinks when copying out of containers.\n- Fixed a bug where the `podman rm -fa` command would error when attempting to remove containers created with `--rm` .\n- Fixed a bug where the ordering of capabilities was nondeterministic in the `CapDrop` field of the output of `podman inspect` on a container .\n- Fixed a bug where the `podman network connect` command could be used with containers that were not initially connected to a CNI bridge network (e.g. containers created with `--net=host`) .\n- Fixed a bug where DNS search domains required by the `dnsname` CNI plugin were not being added to container\u0027s `resolv.conf` under some circumstances.\n- Fixed a bug where the `--ignorefile` option to `podman build` was nonfunctional .\n- Fixed a bug where the `--timestamp` option to `podman build` was nonfunctional .\n- Fixed a bug where the `--iidfile` option to `podman build` could cause Podman to panic if an error occurred during the build.\n- Fixed a bug where the `--dns-search` option to `podman build` was nonfunctional .\n- Fixed a bug where the `--pull-never` option to `podman build` was nonfunctional .\n- Fixed a bug where the `--build-arg` option to `podman build` would, when given a key but not a value, error (instead of attempting to look up the key as an environment variable) .\n- Fixed a bug where the `--isolation` option to `podman build` in the remote Podman client was nonfunctional.\n- Fixed a bug where the `podman network disconnect` command could cause errors when the container that had a network removed was stopped and its network was cleaned up .\n- Fixed a bug where the `podman network rm` command did not properly check what networks a container was present in, resulting in unexpected behavior if `podman network connect` or `podman network disconnect` had been used with the network .\n- Fixed a bug where some errors with stopping a container could cause Podman to panic, and the container to be stuck in an unusable `stopping` state .\n- Fixed a bug where the `podman load` command could return 0 even in cases where an error occurred .\n- Fixed a bug where specifying storage options to Podman using the `--storage-opt` option would override all storage options. Instead, storage options are now overridden only when the `--storage-driver` option is used to override the current graph driver .\n- Fixed a bug where containers created with `--privileged` could request more capabilities than were available to Podman.\n- Fixed a bug where `podman commit` did not use the `TMPDIR` environment variable to place temporary files created during the commit .\n- Fixed a bug where remote Podman could error when attempting to resize short-lived containers .\n- Fixed a bug where Podman was unusable on kernels built without `CONFIG_USER_NS`.\n- Fixed a bug where the ownership of volumes created by `podman volume create` and then mounted into a container could be incorrect .\n- Fixed a bug where Podman volumes using a volume plugin could not pass certain options, and could not be used as non-root users.\n- Fixed a bug where the `--tz` option to `podman create` and `podman run` did not properly validate its input.\n### API\n- Fixed a bug where the `X-Registry-Auth` header did not accept `null` as a valid value.\n- A new compat endpoint, `/auth`, has been added. This endpoint validates credentials against a registry .\n- Fixed a bug where the compat Build endpoint for Images specified labels using the wrong type (array vs map). Both formats will be accepted now.\n- Fixed a bug where the compat Build endpoint for Images did not report that it successfully tagged the built image in its response.\n- Fixed a bug where the compat Create endpoint for Images did not provide progress information on pulling the image in its response.\n- Fixed a bug where the compat Push endpoint for Images did not properly handle the destination (used a query parameter, instead of a path parameter).\n- Fixed a bug where the compat Push endpoint for Images did not send the progress of the push and the digest of the pushed image in the response body.\n- Fixed a bug where the compat List endpoint for Networks returned null, instead of an empty array (`[]`), when no networks were present .\n- Fixed a bug where the compat List endpoint for Networks returned nulls, instead of empty maps, for networks that do not have Labels and/or Options.\n- The Libpod Inspect endpoint for networks (`/libpod/network/$ID/json`) now has an alias at `/libpod/network/$ID` .\n- Fixed a bug where the libpod Inspect endpoint for Networks returned a 1-size array of results, instead of a single result .\n- The Compat List endpoint for Networks now supports the legacy format for filters in parallel with the current filter format .\n- Fixed a bug where the compat Create endpoint for Containers did not properly handle tmpfs filesystems specified with options .\n- Fixed a bug where the compat Create endpoint for Containers did not create bind-mount source directories .\n- Fixed a bug where the compat Create endpoint for Containers did not properly handle the `NanoCpus` option .\n- Fixed a bug where the Libpod create endpoint for Containers has a misnamed field in its JSON.\n- Fixed a bug where the compat List endpoint for Containers did not populate information on forwarded ports \n- Fixed a bug where the compat List endpoint for Containers did not populate information on container CNI networks .\n- Fixed a bug where the compat and libpod Stop endpoints for Containers would ignore a timeout of 0.\n- Fixed a bug where the compat and libpod Resize endpoints for Containers did not set the correct terminal sizes (dimensions were reversed) .\n- Fixed a bug where the compat Remove endpoint for Containers would not return 404 when attempting to remove a container that does not exist .\n- Fixed a bug where the compat Prune endpoint for Volumes would still prune even if an invalid filter was specified.\n- Numerous bugs related to filters have been addressed.\n\nUpdate podman to 3.0.1\n\n3.0.1:\n\nChanges:\n\n- Several frequently-occurring `WARN` level log messages have been downgraded to `INFO` or `DEBUG` to not clutter terminal output.\n\nBugfixes:\n\n- Fixed a bug where the `Created` field of `podman ps --format=json` was formatted as a string instead of an Unix timestamp (integer) .\n- Fixed a bug where failing lookups of individual layers during the `podman images` command would cause the whole command to fail without printing output.\n- Fixed a bug where `--cgroups=split` did not function properly on cgroups v1 systems.\n- Fixed a bug where mounting a volume over an directory in the container that existed, but was empty, could fail .\n- Fixed a bug where mounting a volume over a directory in the container that existed could copy the entirety of the container\u0027s rootfs, instead of just the directory mounted over, into the volume .\n- Fixed a bug where Podman would treat the `--entrypoint=[\u0027\u0027]` option to `podman run` and `podman create` as a literal empty string in the entrypoint, when instead it should have been ignored .\n- Fixed a bug where Podman would set the `HOME` environment variable to `\u0027\u0027` when the container ran as a user without an assigned home directory .\n- Fixed a bug where specifying a pod infra image that had no tags (by using its ID) would cause `podman pod create` to panic .\n- Fixed a bug where the `--runtime` option was not properly handled by the `podman build` command .\n- Fixed a bug where Podman would incorrectly print an error message related to the remote API when the remote API was not in use and starting Podman failed.\n- Fixed a bug where Podman would change ownership of a container\u0027s working directory, even if it already existed .\n- Fixed a bug where the `podman generate systemd --new` command would incorrectly escape `%t` when generating the path for the PID file .\n- Fixed a bug where Podman could, when run inside a Podman container with the host\u0027s containers/storage directory mounted into the container, erroneously detect a reboot and reset container state if the temporary directory was not also mounted in .\n- Fixed a bug where some options of the `podman build` command (including but not limited to `--jobs`) were nonfunctional .\n### API\n- Fixed a breaking change to the Libpod Wait API for Containers where the Conditions parameter changed type in Podman v3.0 .\n- Fixed a bug where the Compat Create endpoint for Containers did not properly handle forwarded ports that did not specify a host port.\n- Fixed a bug where the Libpod Wait endpoint for Containers could write duplicate headers after an error occurred.\n- Fixed a bug where the Compat Create endpoint for Images would not pull images that already had a matching tag present locally, even if a more recent version was available at the registry .\n- The Compat Create endpoint for Images has had its compatibility with Docker improved, allowing its use with the `docker-java` library.\n### Misc\n- Updated Buildah to v1.19.4\n- Updated the containers/storage library to v1.24.6\n\n3.0.0:\n\nFeatures:\n\n- Podman now features initial support for Docker Compose.\n- Added the `podman rename` command, which allows containers to be renamed after they are created .\n- The Podman remote client now supports the `podman copy` command.\n- A new command, `podman network reload`, has been added. This command will re-configure the network of all running containers, and can be used to recreate firewall rules lost when the system firewall was reloaded (e.g. via `firewall-cmd --reload`).\n- Podman networks now have IDs. They can be seen in `podman network ls` and can be used when removing and inspecting networks. Existing networks receive IDs automatically.\n- Podman networks now also support labels. They can be added via the `--label` option to `network create`, and `podman network ls` can filter labels based on them.\n- The `podman network create` command now supports setting bridge MTU and VLAN through the `--opt` option .\n- The `podman container checkpoint` and `podman container restore` commands can now checkpoint and restore containers that include volumes.\n- The `podman container checkpoint` command now supports the `--with-previous` and `--pre-checkpoint` options, and the `podman container restore` command now support the `--import-previous` option. These add support for two-step checkpointing with lowered dump times.\n- The `podman push` command can now push manifest lists. Podman will first attempt to push as an image, then fall back to pushing as a manifest list if that fails.\n- The `podman generate kube` command can now be run on multiple containers at once, and will generate a single pod containing all of them.\n- The `podman generate kube` and `podman play kube` commands now support Kubernetes DNS configuration, and will preserve custom DNS configuration when exporting or importing YAML .\n- The `podman generate kube` command now properly supports generating YAML for containers and pods creating using host networking (`--net=host`) .\n- The `podman kill` command now supports a `--cidfile` option to kill containers given a file containing the container\u0027s ID .\n- The `podman pod create` command now supports the `--net=none` option .\n- The `podman volume create` command can now specify volume UID and GID as options with the `UID` and `GID` fields passed to the the `--opt` option.\n- Initial support has been added for Docker Volume Plugins. Podman can now define available plugins in `containers.conf` and use them to create volumes with `podman volume create --driver`.\n- The `podman run` and `podman create` commands now support a new option, `--platform`, to specify the platform of the image to be used when creating the container.\n- The `--security-opt` option to `podman run` and `podman create` now supports the `systempaths=unconfined` option to unrestrict access to all paths in the container, as well as `mask` and `unmask` options to allow more granular restriction of container paths.\n- The `podman stats --format` command now supports a new format specified, `MemUsageBytes`, which prints the raw bytes of memory consumed by a container without human-readable formatting [#8945].\n- The `podman ps` command can now filter containers based on what pod they are joined to via the `pod` filter .\n- The `podman pod ps` command can now filter pods based on what networks they are joined to via the `network` filter.\n- The `podman pod ps` command can now print information on what networks a pod is joined to via the `.Networks` specifier to the `--format` option.\n- The `podman system prune` command now supports filtering what containers, pods, images, and volumes will be pruned.\n- The `podman volume prune` commands now supports filtering what volumes will be pruned.\n- The `podman system prune` command now includes information on space reclaimed .\n- The `podman info` command will now properly print information about packages in use on Gentoo and Arch systems.\n- The `containers.conf` file now contains an option for disabling creation of a new kernel keyring on container creation .\n- The `podman image sign` command can now sign multi-arch images by producing a signature for each image in a given manifest list.\n- The `podman image sign` command, when run as rootless, now supports per-user registry configuration files in `$HOME/.config/containers/registries.d`.\n- Configuration options for `slirp4netns` can now be set system-wide via the `NetworkCmdOptions` configuration option in `containers.conf`.\n- The MTU of `slirp4netns` can now be configured via the `mtu=` network command option (e.g. `podman run --net slirp4netns:mtu=9000`).\n\nSecurity:\n\n- A fix for CVE-2021-20199 is included. Podman between v1.8.0 and v2.2.1 used `127.0.0.1` as the source address for all traffic forwarded into rootless containers by a forwarded port; this has been changed to address the issue. (bsc#1181640)\n\nChanges:\n\n- Shortname aliasing support has now been turned on by default. All Podman commands that must pull an image will, if a TTY is available, prompt the user about what image to pull.\n- The `podman load` command no longer accepts a `NAME[:TAG]` argument. The presence of this argument broke CLI compatibility with Docker by making `docker load` commands unusable with Podman .\n- The Go bindings for the HTTP API have been rewritten with a focus on limiting dependency footprint and improving extensibility. Read more [here].\n- The legacy Varlink API has been completely removed from Podman.\n- The default log level for Podman has been changed from Error to Warn.\n- The `podman network create` command can now create `macvlan` networks using the `--driver macvlan` option for Docker compatibility. The existing `--macvlan` flag has been deprecated and will be removed in Podman 4.0 some time next year.\n- The `podman inspect` command has had the `LogPath` and `LogTag` fields moved into the `LogConfig` structure (from the root of the Inspect structure). The maximum size of the log file is also included.\n- The `podman generate systemd` command no longer generates unit files using the deprecated `KillMode=none` option .\n- The `podman stop` command now releases the container lock while waiting for it to stop - as such, commands like `podman ps` will no longer block until `podman stop` completes .\n- Networks created with `podman network create --internal` no longer use the `dnsname` plugin. This configuration never functioned as expected.\n- Error messages for the remote Podman client have been improved when it cannot connect to a Podman service.\n- Error messages for `podman run` when an invalid SELinux is specified have been improved.\n- Rootless Podman features improved support for containers with a single user mapped into the rootless user namespace.\n- Pod infra containers now respect default sysctls specified in `containers.conf` allowing for advanced configuration of the namespaces they will share.\n- SSH public key handling for remote Podman has been improved.\n### Bugfixes\n- Fixed a bug where the `podman history --no-trunc` command would truncate the `Created By` field .\n- Fixed a bug where root containers that did not explicitly specify a CNI network to join did not generate an entry for the network in use in the `Networks` field of the output of `podman inspect` .\n- Fixed a bug where, under some circumstances, container working directories specified by the image (via the `WORKDIR` instruction) but not present in the image, would not be created .\n- Fixed a bug where the `podman generate systemd` command would generate invalid unit files if the container was creating using a command line that included doubled braces (`{{` and `}}`), e.g. `--log-opt-tag={{.Name}}` .\n- Fixed a bug where the `podman generate systemd --new` command could generate unit files including invalid Podman commands if the container was created using merged short options (e.g. `podman run -dt`) .\n- Fixed a bug where the `podman generate systemd --new` command could generate unit files that did not handle Podman commands including some special characters (e.g. `$`) ([#9176]\n- Fixed a bug where rootless containers joining CNI networks could not set a static IP address .\n- Fixed a bug where rootless containers joining CNI networks could not set network aliases .\n- Fixed a bug where the remote client could, under some circumstances, not include the `Containerfile` when sending build context to the server .\n- Fixed a bug where rootless Podman did not mount `/sys` as a new `sysfs` in some circumstances where it was acceptable.\n- Fixed a bug where rootless containers that both joined a user namespace and a CNI networks would cause a segfault. These options are incompatible and now return an error.\n- Fixed a bug where the `podman play kube` command did not properly handle `CMD` and `ARGS` from images .\n- Fixed a bug where the `podman play kube` command did not properly handle environment variables from images .\n- Fixed a bug where the `podman play kube` command did not properly print errors that occurred when starting containers.\n- Fixed a bug where the `podman play kube` command errored when `hostNetwork` was used .\n- Fixed a bug where the `podman play kube` command would always pull images when the `:latest` tag was specified, even if the image was available locally .\n- Fixed a bug where the `podman play kube` command did not properly handle SELinux configuration, rending YAML with custom SELinux configuration unusable .\n- Fixed a bug where the `podman generate kube` command incorrectly populated the `args` and `command` fields of generated YAML .\n- Fixed a bug where containers in a pod would create a duplicate entry in the pod\u0027s shared `/etc/hosts` file every time the container restarted .\n- Fixed a bug where the `podman search --list-tags` command did not support the `--format` option .\n- Fixed a bug where the `http_proxy` option in `containers.conf` was not being respected, and instead was set unconditionally to true .\n- Fixed a bug where rootless Podman could, on systems with a recent Conmon and users with a long username, fail to attach to containers .\n- Fixed a bug where the `podman images` command would break and fail to display any images if an empty manifest list was present in storage .\n- Fixed a bug where locale environment variables were not properly passed on to Conmon.\n- Fixed a bug where Podman would not build on the MIPS architecture .\n- Fixed a bug where rootless Podman could fail to properly configure user namespaces for rootless containers when the user specified a `--uidmap` option that included a mapping beginning with UID `0`.\n- Fixed a bug where the `podman logs` command using the `k8s-file` backend did not properly handle partial log lines with a length of 1 .\n- Fixed a bug where the `podman logs` command with the `--follow` option did not properly handle log rotation .\n- Fixed a bug where user-specified `HOSTNAME` environment variables were overwritten by Podman .\n- Fixed a bug where Podman would applied default sysctls from `containers.conf` in too many situations (e.g. applying network sysctls when the container shared its network with a pod).\n- Fixed a bug where Podman did not properly handle cases where a secondary image store was in use and an image was present in both the secondary and primary stores .\n- Fixed a bug where systemd-managed rootless Podman containers where the user in the container was not root could fail as the container\u0027s PID file was not accessible to systemd on the host .\n- Fixed a bug where the `--privileged` option to `podman run` and `podman create` would, under some circumstances, not disable Seccomp .\n- Fixed a bug where the `podman exec` command did not properly add capabilities when the container or exec session were run with `--privileged`.\n- Fixed a bug where rootless Podman would use the `--enable-sandbox` option to `slirp4netns` unconditionally, even when `pivot_root` was disabled, rendering `slirp4netns` unusable when `pivot_root` was disabled .\n- Fixed a bug where `podman build --logfile` did not actually write the build\u0027s log to the logfile.\n- Fixed a bug where the `podman system service` command did not close STDIN, and could display user-interactive prompts .\n- Fixed a bug where the `podman system reset` command could, under some circumstances, remove all the contents of the `XDG_RUNTIME_DIR` directory .\n- Fixed a bug where the `podman network create` command created CNI configurations that did not include a default gateway .\n- Fixed a bug where the `podman.service` systemd unit provided by default used the wrong service type, and would cause systemd to not correctly register the service as started .\n- Fixed a bug where, if the `TMPDIR` environment variable was set for the container engine in `containers.conf`, it was being ignored.\n- Fixed a bug where the `podman events` command did not properly handle future times given to the `--until` option .\n- Fixed a bug where the `podman logs` command wrote container `STDERR` logs to `STDOUT` instead of `STDERR` .\n- Fixed a bug where containers created from an image with multiple tags would report that they were created from the wrong tag .\n- Fixed a bug where container capabilities were not set properly when the `--cap-add=all` and `--user` options to `podman create` and `podman run` were combined.\n- Fixed a bug where the `--layers` option to `podman build` was nonfunctional .\n- Fixed a bug where the `podman system prune` command did not act recursively, and thus would leave images, containers, pods, and volumes present that would be removed by a subsequent call to `podman system prune` .\n- Fixed a bug where the `--publish` option to `podman run` and `podman create` did not properly handle ports specified as a range of ports with no host port specified .\n- Fixed a bug where `--format` did not support JSON output for individual fields .\n- Fixed a bug where the `podman stats` command would fail when run on root containers using the `slirp4netns` network mode .\n- Fixed a bug where the Podman remote client would ask for a password even if the server\u0027s SSH daemon did not support password authentication .\n- Fixed a bug where the `podman stats` command would fail if the system did not support one or more of the cgroup controllers Podman supports .\n- Fixed a bug where the `--mount` option to `podman create` and `podman run` did not ignore the `consistency` mount option.\n- Fixed a bug where failures during the resizing of a container\u0027s TTY would print the wrong error.\n- Fixed a bug where the `podman network disconnect` command could cause the `podman inspect` command to fail for a container until it was restarted .\n- Fixed a bug where containers created from a read-only rootfs (using the `--rootfs` option to `podman create` and `podman run`) would fail .\n- Fixed a bug where specifying Go templates to the `--format` option to multiple Podman commands did not support the `join` function .\n- Fixed a bug where the `podman rmi` command could, when run in parallel on multiple images, return `layer not known` errors .\n- Fixed a bug where the `podman inspect` command on containers displayed unlimited ulimits incorrectly .\n- Fixed a bug where Podman would fail to start when a volume was mounted over a directory in a container that contained symlinks that terminated outside the directory and its subdirectories .\n### API\n- All Libpod Pod APIs have been modified to properly report errors with individual containers. Cases where the operation as a whole succeeded but individual containers failed now report an HTTP 409 error .\n- The Compat API for Containers now supports the Rename and Copy APIs.\n- Fixed a bug where the Compat Prune APIs (for volumes, containers, and images) did not return the amount of space reclaimed in their responses.\n- Fixed a bug where the Compat and Libpod Exec APIs for Containers would drop errors that occurred prior to the exec session successfully starting (e.g. a \u0027no such file\u0027 error if an invalid executable was passed) \n- Fixed a bug where the Volumes field in the Compat Create API for Containers was being ignored .\n- Fixed a bug where the NetworkMode field in the Compat Create API for Containers was not handling some values, e.g. `container:`, correctly.\n- Fixed a bug where the Compat Create API for Containers did not set container name properly.\n- Fixed a bug where containers created using the Compat Create API unconditionally used Kubernetes file logging (the default specified in `containers.conf` is now used).\n- Fixed a bug where the Compat Inspect API for Containers could include container states not recognized by Docker.\n- Fixed a bug where Podman did not properly clean up after calls to the Events API when the `journald` backend was in use, resulting in a leak of file descriptors .\n- Fixed a bug where the Libpod Pull endpoint for Images could fail with an `index out of range` error under certain circumstances .\n- Fixed a bug where the Libpod Exists endpoint for Images could panic.\n- Fixed a bug where the Compat List API for Containers did not support all filters .\n- Fixed a bug where the Compat List API for Containers did not properly populate the Status field.\n- Fixed a bug where the Compat and Libpod Resize APIs for Containers ignored the height and width parameters .\n- Fixed a bug where the Compat Search API for Images returned an incorrectly-formatted JSON response .\n- Fixed a bug where the Compat Load API for Images did not properly clean up temporary files.\n- Fixed a bug where the Compat Create API for Networks could panic when an empty IPAM configuration was specified.\n- Fixed a bug where the Compat Inspect and List APIs for Networks did not include Scope.\n- Fixed a bug where the Compat Wait endpoint for Containers did not support the same wait conditions that Docker did.\n\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2022-3312,SUSE-SLE-Product-HPC-15-SP1-ESPOS-2022-3312,SUSE-SLE-Product-HPC-15-SP1-LTSS-2022-3312,SUSE-SLE-Product-HPC-15-SP2-ESPOS-2022-3312,SUSE-SLE-Product-HPC-15-SP2-LTSS-2022-3312,SUSE-SLE-Product-SLES-15-SP1-BCL-2022-3312,SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-3312,SUSE-SLE-Product-SLES-15-SP2-BCL-2022-3312,SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-3312,SUSE-SLE-Product-SLES_SAP-15-SP1-2022-3312,SUSE-SLE-Product-SLES_SAP-15-SP2-2022-3312,SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-3312,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-3312,SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-3312,SUSE-Storage-6-2022-3312,SUSE-Storage-7-2022-3312",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_3312-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2022:3312-1",
"url": "https://www.suse.com/support/update/announcement/2022/suse-su-20223312-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2022:3312-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2022-September/012287.html"
},
{
"category": "self",
"summary": "SUSE Bug 1176804",
"url": "https://bugzilla.suse.com/1176804"
},
{
"category": "self",
"summary": "SUSE Bug 1177598",
"url": "https://bugzilla.suse.com/1177598"
},
{
"category": "self",
"summary": "SUSE Bug 1181640",
"url": "https://bugzilla.suse.com/1181640"
},
{
"category": "self",
"summary": "SUSE Bug 1182998",
"url": "https://bugzilla.suse.com/1182998"
},
{
"category": "self",
"summary": "SUSE Bug 1188520",
"url": "https://bugzilla.suse.com/1188520"
},
{
"category": "self",
"summary": "SUSE Bug 1189893",
"url": "https://bugzilla.suse.com/1189893"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-14370 page",
"url": "https://www.suse.com/security/cve/CVE-2020-14370/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15157 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15157/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-20199 page",
"url": "https://www.suse.com/security/cve/CVE-2021-20199/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-20291 page",
"url": "https://www.suse.com/security/cve/CVE-2021-20291/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3602 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3602/"
}
],
"title": "Security update for libcontainers-common",
"tracking": {
"current_release_date": "2022-09-19T15:36:55Z",
"generator": {
"date": "2022-09-19T15:36:55Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2022:3312-1",
"initial_release_date": "2022-09-19T15:36:55Z",
"revision_history": [
{
"date": "2022-09-19T15:36:55Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libcontainers-common-20210626-150100.3.15.1.noarch",
"product": {
"name": "libcontainers-common-20210626-150100.3.15.1.noarch",
"product_id": "libcontainers-common-20210626-150100.3.15.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP1-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_bcl:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP2-BCL",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_bcl:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Proxy 4.1",
"product": {
"name": "SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-proxy:4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Retail Branch Server 4.1",
"product": {
"name": "SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-retail-branch-server:4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Manager Server 4.1",
"product": {
"name": "SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse-manager-server:4.1"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 6",
"product": {
"name": "SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:6"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7",
"product": {
"name": "SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libcontainers-common-20210626-150100.3.15.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libcontainers-common-20210626-150100.3.15.1.noarch"
},
"product_reference": "libcontainers-common-20210626-150100.3.15.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcontainers-common-20210626-150100.3.15.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch"
},
"product_reference": "libcontainers-common-20210626-150100.3.15.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcontainers-common-20210626-150100.3.15.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libcontainers-common-20210626-150100.3.15.1.noarch"
},
"product_reference": "libcontainers-common-20210626-150100.3.15.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcontainers-common-20210626-150100.3.15.1.noarch as component of SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch"
},
"product_reference": "libcontainers-common-20210626-150100.3.15.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcontainers-common-20210626-150100.3.15.1.noarch as component of SUSE Linux Enterprise Server 15 SP1-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP1-BCL:libcontainers-common-20210626-150100.3.15.1.noarch"
},
"product_reference": "libcontainers-common-20210626-150100.3.15.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcontainers-common-20210626-150100.3.15.1.noarch as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch"
},
"product_reference": "libcontainers-common-20210626-150100.3.15.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcontainers-common-20210626-150100.3.15.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-BCL",
"product_id": "SUSE Linux Enterprise Server 15 SP2-BCL:libcontainers-common-20210626-150100.3.15.1.noarch"
},
"product_reference": "libcontainers-common-20210626-150100.3.15.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-BCL"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcontainers-common-20210626-150100.3.15.1.noarch as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch"
},
"product_reference": "libcontainers-common-20210626-150100.3.15.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcontainers-common-20210626-150100.3.15.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:libcontainers-common-20210626-150100.3.15.1.noarch"
},
"product_reference": "libcontainers-common-20210626-150100.3.15.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcontainers-common-20210626-150100.3.15.1.noarch as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:libcontainers-common-20210626-150100.3.15.1.noarch"
},
"product_reference": "libcontainers-common-20210626-150100.3.15.1.noarch",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcontainers-common-20210626-150100.3.15.1.noarch as component of SUSE Manager Proxy 4.1",
"product_id": "SUSE Manager Proxy 4.1:libcontainers-common-20210626-150100.3.15.1.noarch"
},
"product_reference": "libcontainers-common-20210626-150100.3.15.1.noarch",
"relates_to_product_reference": "SUSE Manager Proxy 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcontainers-common-20210626-150100.3.15.1.noarch as component of SUSE Manager Retail Branch Server 4.1",
"product_id": "SUSE Manager Retail Branch Server 4.1:libcontainers-common-20210626-150100.3.15.1.noarch"
},
"product_reference": "libcontainers-common-20210626-150100.3.15.1.noarch",
"relates_to_product_reference": "SUSE Manager Retail Branch Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcontainers-common-20210626-150100.3.15.1.noarch as component of SUSE Manager Server 4.1",
"product_id": "SUSE Manager Server 4.1:libcontainers-common-20210626-150100.3.15.1.noarch"
},
"product_reference": "libcontainers-common-20210626-150100.3.15.1.noarch",
"relates_to_product_reference": "SUSE Manager Server 4.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcontainers-common-20210626-150100.3.15.1.noarch as component of SUSE Enterprise Storage 6",
"product_id": "SUSE Enterprise Storage 6:libcontainers-common-20210626-150100.3.15.1.noarch"
},
"product_reference": "libcontainers-common-20210626-150100.3.15.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcontainers-common-20210626-150100.3.15.1.noarch as component of SUSE Enterprise Storage 7",
"product_id": "SUSE Enterprise Storage 7:libcontainers-common-20210626-150100.3.15.1.noarch"
},
"product_reference": "libcontainers-common-20210626-150100.3.15.1.noarch",
"relates_to_product_reference": "SUSE Enterprise Storage 7"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-14370",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-14370"
}
],
"notes": [
{
"category": "general",
"text": "An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Enterprise Storage 7:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Proxy 4.1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Retail Branch Server 4.1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Server 4.1:libcontainers-common-20210626-150100.3.15.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-14370",
"url": "https://www.suse.com/security/cve/CVE-2020-14370"
},
{
"category": "external",
"summary": "SUSE Bug 1176804 for CVE-2020-14370",
"url": "https://bugzilla.suse.com/1176804"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Enterprise Storage 7:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Proxy 4.1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Retail Branch Server 4.1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Server 4.1:libcontainers-common-20210626-150100.3.15.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Enterprise Storage 7:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Proxy 4.1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Retail Branch Server 4.1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Server 4.1:libcontainers-common-20210626-150100.3.15.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-19T15:36:55Z",
"details": "moderate"
}
],
"title": "CVE-2020-14370"
},
{
"cve": "CVE-2020-15157",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15157"
}
],
"notes": [
{
"category": "general",
"text": "In containerd (an industry-standard container runtime) before version 1.2.14 there is a credential leaking vulnerability. If a container image manifest in the OCI Image format or Docker Image V2 Schema 2 format includes a URL for the location of a specific image layer (otherwise known as a \"foreign layer\"), the default containerd resolver will follow that URL to attempt to download it. In v1.2.x but not 1.3.0 or later, the default containerd resolver will provide its authentication credentials if the server where the URL is located presents an HTTP 401 status code along with registry-specific HTTP headers. If an attacker publishes a public image with a manifest that directs one of the layers to be fetched from a web server they control and they trick a user or system into pulling the image, they can obtain the credentials used for pulling that image. In some cases, this may be the user\u0027s username and password for the registry. In other cases, this may be the credentials attached to the cloud virtual instance which can grant access to other cloud resources in the account. The default containerd resolver is used by the cri-containerd plugin (which can be used by Kubernetes), the ctr development tool, and other client programs that have explicitly linked against it. This vulnerability has been fixed in containerd 1.2.14. containerd 1.3 and later are not affected. If you are using containerd 1.3 or later, you are not affected. If you are using cri-containerd in the 1.2 series or prior, you should ensure you only pull images from trusted sources. Other container runtimes built on top of containerd but not using the default resolver (such as Docker) are not affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Enterprise Storage 7:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Proxy 4.1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Retail Branch Server 4.1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Server 4.1:libcontainers-common-20210626-150100.3.15.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15157",
"url": "https://www.suse.com/security/cve/CVE-2020-15157"
},
{
"category": "external",
"summary": "SUSE Bug 1177598 for CVE-2020-15157",
"url": "https://bugzilla.suse.com/1177598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Enterprise Storage 7:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Proxy 4.1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Retail Branch Server 4.1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Server 4.1:libcontainers-common-20210626-150100.3.15.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Enterprise Storage 7:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Proxy 4.1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Retail Branch Server 4.1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Server 4.1:libcontainers-common-20210626-150100.3.15.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-19T15:36:55Z",
"details": "moderate"
}
],
"title": "CVE-2020-15157"
},
{
"cve": "CVE-2021-20199",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-20199"
}
],
"notes": [
{
"category": "general",
"text": "Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 (including from remote hosts). This impacts containerized applications that trust localhost (127.0.01) connections by default and do not require authentication. This issue affects Podman 1.8.0 onwards.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Enterprise Storage 7:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Proxy 4.1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Retail Branch Server 4.1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Server 4.1:libcontainers-common-20210626-150100.3.15.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-20199",
"url": "https://www.suse.com/security/cve/CVE-2021-20199"
},
{
"category": "external",
"summary": "SUSE Bug 1181640 for CVE-2021-20199",
"url": "https://bugzilla.suse.com/1181640"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Enterprise Storage 7:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Proxy 4.1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Retail Branch Server 4.1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Server 4.1:libcontainers-common-20210626-150100.3.15.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Enterprise Storage 7:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Proxy 4.1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Retail Branch Server 4.1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Server 4.1:libcontainers-common-20210626-150100.3.15.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-19T15:36:55Z",
"details": "low"
}
],
"title": "CVE-2021-20199"
},
{
"cve": "CVE-2021-20291",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-20291"
}
],
"notes": [
{
"category": "general",
"text": "A deadlock vulnerability was found in \u0027github.com/containers/storage\u0027 in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Enterprise Storage 7:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Proxy 4.1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Retail Branch Server 4.1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Server 4.1:libcontainers-common-20210626-150100.3.15.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-20291",
"url": "https://www.suse.com/security/cve/CVE-2021-20291"
},
{
"category": "external",
"summary": "SUSE Bug 1196497 for CVE-2021-20291",
"url": "https://bugzilla.suse.com/1196497"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Enterprise Storage 7:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Proxy 4.1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Retail Branch Server 4.1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Server 4.1:libcontainers-common-20210626-150100.3.15.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Enterprise Storage 7:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Proxy 4.1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Retail Branch Server 4.1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Server 4.1:libcontainers-common-20210626-150100.3.15.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-19T15:36:55Z",
"details": "moderate"
}
],
"title": "CVE-2021-20291"
},
{
"cve": "CVE-2021-3602",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3602"
}
],
"notes": [
{
"category": "general",
"text": "An information disclosure flaw was found in Buildah, when building containers using chroot isolation. Running processes in container builds (e.g. Dockerfile RUN commands) can access environment variables from parent and grandparent processes. When run in a container in a CI/CD environment, environment variables may include sensitive information that was shared with the container in order to be used only by Buildah itself (e.g. container registry credentials).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 6:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Enterprise Storage 7:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Proxy 4.1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Retail Branch Server 4.1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Server 4.1:libcontainers-common-20210626-150100.3.15.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3602",
"url": "https://www.suse.com/security/cve/CVE-2021-3602"
},
{
"category": "external",
"summary": "SUSE Bug 1188520 for CVE-2021-3602",
"url": "https://bugzilla.suse.com/1188520"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 6:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Enterprise Storage 7:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Proxy 4.1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Retail Branch Server 4.1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Server 4.1:libcontainers-common-20210626-150100.3.15.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 6:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Enterprise Storage 7:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-BCL:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP1-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-BCL:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server 15 SP2-LTSS:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Proxy 4.1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Retail Branch Server 4.1:libcontainers-common-20210626-150100.3.15.1.noarch",
"SUSE Manager Server 4.1:libcontainers-common-20210626-150100.3.15.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-09-19T15:36:55Z",
"details": "moderate"
}
],
"title": "CVE-2021-3602"
}
]
}
RHSA-2021_0531
Vulnerability from csaf_redhat - Published: 2021-02-16 14:25 - Updated: 2024-11-22 15:41Summary
Red Hat Security Advisory: container-tools:rhel8 security, bug fix, and enhancement update
Notes
Topic
An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.
Security Fix(es):
* podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API (CVE-2020-14370)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.\n\nSecurity Fix(es):\n\n* podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API (CVE-2020-14370)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:0531",
"url": "https://access.redhat.com/errata/RHSA-2021:0531"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/"
},
{
"category": "external",
"summary": "1678546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678546"
},
{
"category": "external",
"summary": "1701359",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701359"
},
{
"category": "external",
"summary": "1701361",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701361"
},
{
"category": "external",
"summary": "1843168",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843168"
},
{
"category": "external",
"summary": "1846629",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1846629"
},
{
"category": "external",
"summary": "1848150",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848150"
},
{
"category": "external",
"summary": "1873064",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1873064"
},
{
"category": "external",
"summary": "1873204",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1873204"
},
{
"category": "external",
"summary": "1874268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1874268"
},
{
"category": "external",
"summary": "1876576",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1876576"
},
{
"category": "external",
"summary": "1877865",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1877865"
},
{
"category": "external",
"summary": "1880987",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1880987"
},
{
"category": "external",
"summary": "1881218",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881218"
},
{
"category": "external",
"summary": "1883945",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1883945"
},
{
"category": "external",
"summary": "1884668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1884668"
},
{
"category": "external",
"summary": "1895105",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1895105"
},
{
"category": "external",
"summary": "1897012",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1897012"
},
{
"category": "external",
"summary": "1898911",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898911"
},
{
"category": "external",
"summary": "1902673",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902673"
},
{
"category": "external",
"summary": "1903412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1903412"
},
{
"category": "external",
"summary": "1925928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1925928"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0531.json"
}
],
"title": "Red Hat Security Advisory: container-tools:rhel8 security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2024-11-22T15:41:32+00:00",
"generator": {
"date": "2024-11-22T15:41:32+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2021:0531",
"initial_release_date": "2021-02-16T14:25:28+00:00",
"revision_history": [
{
"date": "2021-02-16T14:25:28+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-02-16T14:25:28+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-22T15:41:32+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "container-tools:rhel8:8030120210208205200:c127ee91",
"product": {
"name": "container-tools:rhel8:8030120210208205200:c127ee91",
"product_id": "container-tools:rhel8:8030120210208205200:c127ee91",
"product_identification_helper": {
"purl": "pkg:rpmmod/redhat/container-tools@rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.noarch",
"product": {
"name": "cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.noarch",
"product_id": "cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cockpit-podman@27.1-3.module%2Bel8.3.1%2B9857%2B68fb1526?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.noarch",
"product": {
"name": "container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.noarch",
"product_id": "container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/container-selinux@2.155.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=noarch\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "podman-docker-0:2.2.1-7.module+el8.3.1+9857+68fb1526.noarch",
"product": {
"name": "podman-docker-0:2.2.1-7.module+el8.3.1+9857+68fb1526.noarch",
"product_id": "podman-docker-0:2.2.1-7.module+el8.3.1+9857+68fb1526.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-docker@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.noarch",
"product": {
"name": "python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.noarch",
"product_id": "python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-podman-api@1.2.0-0.2.gitd0a45fe.module%2Bel8.3.1%2B9857%2B68fb1526?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.noarch",
"product": {
"name": "toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.noarch",
"product_id": "toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox@0.0.8-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.noarch",
"product": {
"name": "udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.noarch",
"product_id": "udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/udica@0.2.4-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debuginfo@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debugsource@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon@2.0.22-3.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon-debuginfo@2.0.22-3.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon-debugsource@2.0.22-3.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@0.9.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debuginfo@0.9.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debugsource@0.9.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containers-common@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crit@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/criu@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/criu-debuginfo@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/criu-debugsource@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crun@0.16-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crun-debuginfo@0.16-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crun-debugsource@0.16-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fuse-overlayfs@1.3.0-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fuse-overlayfs-debuginfo@1.3.0-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fuse-overlayfs-debugsource@1.3.0-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64",
"product": {
"name": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64",
"product_id": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64",
"product": {
"name": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64",
"product_id": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp-debuginfo@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64",
"product": {
"name": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64",
"product_id": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp-debugsource@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64",
"product": {
"name": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64",
"product_id": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp-devel@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/oci-seccomp-bpf-hook@1.2.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/oci-seccomp-bpf-hook-debuginfo@1.2.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/oci-seccomp-bpf-hook-debugsource@1.2.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit-debuginfo@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-criu@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.0.0-70.rc92.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.0.0-70.rc92.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debugsource@1.0.0-70.rc92.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slirp4netns@1.1.8-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slirp4netns-debuginfo@1.1.8-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
},
{
"category": "product_version",
"name": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64",
"product": {
"name": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64",
"product_id": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slirp4netns-debugsource@1.1.8-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.src",
"product": {
"name": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.src",
"product_id": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=src"
}
}
},
{
"category": "product_version",
"name": "cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.src",
"product": {
"name": "cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.src",
"product_id": "cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cockpit-podman@27.1-3.module%2Bel8.3.1%2B9857%2B68fb1526?arch=src"
}
}
},
{
"category": "product_version",
"name": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.src",
"product": {
"name": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.src",
"product_id": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon@2.0.22-3.module%2Bel8.3.1%2B9857%2B68fb1526?arch=src\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.src",
"product": {
"name": "container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.src",
"product_id": "container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/container-selinux@2.155.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=src\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.src",
"product": {
"name": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.src",
"product_id": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@0.9.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=src"
}
}
},
{
"category": "product_version",
"name": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.src",
"product": {
"name": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.src",
"product_id": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/criu@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=src"
}
}
},
{
"category": "product_version",
"name": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.src",
"product": {
"name": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.src",
"product_id": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crun@0.16-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=src"
}
}
},
{
"category": "product_version",
"name": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.src",
"product": {
"name": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.src",
"product_id": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fuse-overlayfs@1.3.0-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=src"
}
}
},
{
"category": "product_version",
"name": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.src",
"product": {
"name": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.src",
"product_id": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=src"
}
}
},
{
"category": "product_version",
"name": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.src",
"product": {
"name": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.src",
"product_id": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/oci-seccomp-bpf-hook@1.2.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=src"
}
}
},
{
"category": "product_version",
"name": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.src",
"product": {
"name": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.src",
"product_id": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=src"
}
}
},
{
"category": "product_version",
"name": "python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.src",
"product": {
"name": "python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.src",
"product_id": "python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-podman-api@1.2.0-0.2.gitd0a45fe.module%2Bel8.3.1%2B9857%2B68fb1526?arch=src"
}
}
},
{
"category": "product_version",
"name": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.src",
"product": {
"name": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.src",
"product_id": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.0.0-70.rc92.module%2Bel8.3.1%2B9857%2B68fb1526?arch=src"
}
}
},
{
"category": "product_version",
"name": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.src",
"product": {
"name": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.src",
"product_id": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.src",
"product": {
"name": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.src",
"product_id": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slirp4netns@1.1.8-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=src"
}
}
},
{
"category": "product_version",
"name": "toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.src",
"product": {
"name": "toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.src",
"product_id": "toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox@0.0.8-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=src"
}
}
},
{
"category": "product_version",
"name": "udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.src",
"product": {
"name": "udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.src",
"product_id": "udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/udica@0.2.4-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debuginfo@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debugsource@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon@2.0.22-3.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon-debuginfo@2.0.22-3.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon-debugsource@2.0.22-3.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@0.9.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debuginfo@0.9.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debugsource@0.9.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containers-common@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crit@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/criu@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/criu-debuginfo@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/criu-debugsource@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crun@0.16-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crun-debuginfo@0.16-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crun-debugsource@0.16-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fuse-overlayfs@1.3.0-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fuse-overlayfs-debuginfo@1.3.0-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fuse-overlayfs-debugsource@1.3.0-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le",
"product": {
"name": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le",
"product_id": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le",
"product": {
"name": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le",
"product_id": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp-debuginfo@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le",
"product": {
"name": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le",
"product_id": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp-debugsource@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le",
"product": {
"name": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le",
"product_id": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp-devel@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/oci-seccomp-bpf-hook@1.2.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/oci-seccomp-bpf-hook-debuginfo@1.2.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/oci-seccomp-bpf-hook-debugsource@1.2.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit-debuginfo@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-criu@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.0.0-70.rc92.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.0.0-70.rc92.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debugsource@1.0.0-70.rc92.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slirp4netns@1.1.8-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slirp4netns-debuginfo@1.1.8-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product": {
"name": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product_id": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slirp4netns-debugsource@1.1.8-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debuginfo@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debugsource@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon@2.0.22-3.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon-debuginfo@2.0.22-3.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon-debugsource@2.0.22-3.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@0.9.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debuginfo@0.9.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debugsource@0.9.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containers-common@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crit@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/criu@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/criu-debuginfo@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/criu-debugsource@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crun@0.16-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crun-debuginfo@0.16-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crun-debugsource@0.16-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fuse-overlayfs@1.3.0-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fuse-overlayfs-debuginfo@1.3.0-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fuse-overlayfs-debugsource@1.3.0-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x",
"product": {
"name": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x",
"product_id": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x",
"product": {
"name": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x",
"product_id": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp-debuginfo@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x",
"product": {
"name": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x",
"product_id": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp-debugsource@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x",
"product": {
"name": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x",
"product_id": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp-devel@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/oci-seccomp-bpf-hook@1.2.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/oci-seccomp-bpf-hook-debuginfo@1.2.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/oci-seccomp-bpf-hook-debugsource@1.2.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit-debuginfo@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-criu@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.0.0-70.rc92.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.0.0-70.rc92.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debugsource@1.0.0-70.rc92.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slirp4netns@1.1.8-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slirp4netns-debuginfo@1.1.8-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x",
"product": {
"name": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x",
"product_id": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slirp4netns-debugsource@1.1.8-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debuginfo@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debugsource@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon@2.0.22-3.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon-debuginfo@2.0.22-3.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon-debugsource@2.0.22-3.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026epoch=2"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@0.9.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debuginfo@0.9.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debugsource@0.9.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containers-common@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crit@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/criu@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/criu-debuginfo@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/criu-debugsource@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crun@0.16-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crun-debuginfo@0.16-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crun-debugsource@0.16-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fuse-overlayfs@1.3.0-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fuse-overlayfs-debuginfo@1.3.0-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fuse-overlayfs-debugsource@1.3.0-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64",
"product": {
"name": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64",
"product_id": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64",
"product": {
"name": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64",
"product_id": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp-debuginfo@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64",
"product": {
"name": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64",
"product_id": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp-debugsource@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64",
"product": {
"name": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64",
"product_id": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp-devel@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/oci-seccomp-bpf-hook@1.2.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/oci-seccomp-bpf-hook-debuginfo@1.2.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/oci-seccomp-bpf-hook-debugsource@1.2.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit-debuginfo@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-criu@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.0.0-70.rc92.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.0.0-70.rc92.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debugsource@1.0.0-70.rc92.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slirp4netns@1.1.8-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slirp4netns-debuginfo@1.1.8-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64",
"product": {
"name": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64",
"product_id": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slirp4netns-debugsource@1.1.8-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
"product_reference": "container-tools:rhel8:8030120210208205200:c127ee91",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.src as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.src"
},
"product_reference": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.src",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.noarch as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.noarch"
},
"product_reference": "cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.noarch",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.src as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.src"
},
"product_reference": "cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.src",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.src as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.src"
},
"product_reference": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.src",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.noarch as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.noarch"
},
"product_reference": "container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.noarch",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.src as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.src"
},
"product_reference": "container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.src",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.src as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.src"
},
"product_reference": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.src",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crit-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crit-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crit-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crit-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.src as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.src"
},
"product_reference": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.src",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.src as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.src"
},
"product_reference": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.src",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.src as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.src"
},
"product_reference": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.src",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64"
},
"product_reference": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le"
},
"product_reference": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x"
},
"product_reference": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.src as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.src"
},
"product_reference": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.src",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64"
},
"product_reference": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64"
},
"product_reference": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le"
},
"product_reference": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x"
},
"product_reference": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64"
},
"product_reference": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64"
},
"product_reference": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le"
},
"product_reference": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x"
},
"product_reference": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64"
},
"product_reference": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64"
},
"product_reference": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le"
},
"product_reference": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x"
},
"product_reference": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64"
},
"product_reference": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.src as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.src"
},
"product_reference": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.src",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.src as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.src"
},
"product_reference": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.src",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-0:2.2.1-7.module+el8.3.1+9857+68fb1526.noarch as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-docker-0:2.2.1-7.module+el8.3.1+9857+68fb1526.noarch"
},
"product_reference": "podman-docker-0:2.2.1-7.module+el8.3.1+9857+68fb1526.noarch",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.noarch as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.noarch"
},
"product_reference": "python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.noarch",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.src as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.src"
},
"product_reference": "python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.src",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.src as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.src"
},
"product_reference": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.src",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.src as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.src"
},
"product_reference": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.src",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.src as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.src"
},
"product_reference": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.src",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64"
},
"product_reference": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le"
},
"product_reference": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x"
},
"product_reference": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64 as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64"
},
"product_reference": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.noarch as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.noarch"
},
"product_reference": "toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.noarch",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.src as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.src"
},
"product_reference": "toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.src",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.noarch as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.noarch"
},
"product_reference": "udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.noarch",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.src as a component of container-tools:rhel8:8030120210208205200:c127ee91 as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.src"
},
"product_reference": "udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.src",
"relates_to_product_reference": "AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-14370",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2020-07-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1874268"
}
],
"notes": [
{
"category": "description",
"text": "An information disclosure flaw was found in containers/podman. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container leak into subsequent containers. This flaw allows an attacker who controls the subsequent containers to gain access to sensitive information stored in such variables. The highest threat from this vulnerability is to confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Whilst OpenShift Container Platform (OCP) does include podman, the Varlink API is not enabled by default. However, as it is trivial to activate this feature, OCP has been marked as affected.\n\nOCP 3.11 has previously packaged podman, but instead now relies on the version from rhel-extra.The older version previously packaged is not vulnerable to this CVE and hence has been marked not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.noarch",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.noarch",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crit-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crit-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crit-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crit-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-docker-0:2.2.1-7.module+el8.3.1+9857+68fb1526.noarch",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.noarch",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.noarch",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.noarch",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.src"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14370"
},
{
"category": "external",
"summary": "RHBZ#1874268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1874268"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14370",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14370"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14370",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14370"
}
],
"release_date": "2020-09-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-02-16T14:25:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.noarch",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.noarch",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crit-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crit-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crit-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crit-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-docker-0:2.2.1-7.module+el8.3.1+9857+68fb1526.noarch",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.noarch",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.noarch",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.noarch",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0531"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.noarch",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.noarch",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crit-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crit-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crit-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crit-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-docker-0:2.2.1-7.module+el8.3.1+9857+68fb1526.noarch",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.noarch",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.noarch",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.src",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.noarch",
"AppStream-8.3.1.MAIN:container-tools:rhel8:8030120210208205200:c127ee91:udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.src"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API"
}
]
}
RHSA-2020_5056
Vulnerability from csaf_redhat - Published: 2020-11-10 13:54 - Updated: 2024-12-17 21:12Summary
Red Hat Security Advisory: podman security and bug fix update
Notes
Topic
An update for podman is now available for Red Hat Enterprise Linux 7 Extras.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.
Security Fix(es):
* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)
* podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API (CVE-2020-14370)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* podman does not use $TMPDIR loading a tar file (BZ#1877699)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for podman is now available for Red Hat Enterprise Linux 7 Extras.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.\n\nSecurity Fix(es):\n\n* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)\n\n* podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API (CVE-2020-14370)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* podman does not use $TMPDIR loading a tar file (BZ#1877699)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:5056",
"url": "https://access.redhat.com/errata/RHSA-2020:5056"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1853652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853652"
},
{
"category": "external",
"summary": "1874268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1874268"
},
{
"category": "external",
"summary": "1877699",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1877699"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5056.json"
}
],
"title": "Red Hat Security Advisory: podman security and bug fix update",
"tracking": {
"current_release_date": "2024-12-17T21:12:43+00:00",
"generator": {
"date": "2024-12-17T21:12:43+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2020:5056",
"initial_release_date": "2020-11-10T13:54:40+00:00",
"revision_history": [
{
"date": "2020-11-10T13:54:40+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-11-10T13:54:40+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T21:12:43+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux 7 Extras",
"product": {
"name": "Red Hat Enterprise Linux 7 Extras",
"product_id": "7Server-EXTRAS-7.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_other:7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux 7 Extras",
"product": {
"name": "Red Hat Enterprise Linux 7 Extras",
"product_id": "7Workstation-EXTRAS-7.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_other:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Extras"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-0:1.6.4-26.el7_9.x86_64",
"product": {
"name": "podman-0:1.6.4-26.el7_9.x86_64",
"product_id": "podman-0:1.6.4-26.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@1.6.4-26.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"product": {
"name": "podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"product_id": "podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@1.6.4-26.el7_9?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-0:1.6.4-26.el7_9.src",
"product": {
"name": "podman-0:1.6.4-26.el7_9.src",
"product_id": "podman-0:1.6.4-26.el7_9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@1.6.4-26.el7_9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-docker-0:1.6.4-26.el7_9.noarch",
"product": {
"name": "podman-docker-0:1.6.4-26.el7_9.noarch",
"product_id": "podman-docker-0:1.6.4-26.el7_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-docker@1.6.4-26.el7_9?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-0:1.6.4-26.el7_9.ppc64le",
"product": {
"name": "podman-0:1.6.4-26.el7_9.ppc64le",
"product_id": "podman-0:1.6.4-26.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@1.6.4-26.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"product": {
"name": "podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"product_id": "podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@1.6.4-26.el7_9?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-0:1.6.4-26.el7_9.s390x",
"product": {
"name": "podman-0:1.6.4-26.el7_9.s390x",
"product_id": "podman-0:1.6.4-26.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@1.6.4-26.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"product": {
"name": "podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"product_id": "podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@1.6.4-26.el7_9?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:1.6.4-26.el7_9.ppc64le as a component of Red Hat Enterprise Linux 7 Extras",
"product_id": "7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.ppc64le"
},
"product_reference": "podman-0:1.6.4-26.el7_9.ppc64le",
"relates_to_product_reference": "7Server-EXTRAS-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:1.6.4-26.el7_9.s390x as a component of Red Hat Enterprise Linux 7 Extras",
"product_id": "7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.s390x"
},
"product_reference": "podman-0:1.6.4-26.el7_9.s390x",
"relates_to_product_reference": "7Server-EXTRAS-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:1.6.4-26.el7_9.src as a component of Red Hat Enterprise Linux 7 Extras",
"product_id": "7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.src"
},
"product_reference": "podman-0:1.6.4-26.el7_9.src",
"relates_to_product_reference": "7Server-EXTRAS-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:1.6.4-26.el7_9.x86_64 as a component of Red Hat Enterprise Linux 7 Extras",
"product_id": "7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.x86_64"
},
"product_reference": "podman-0:1.6.4-26.el7_9.x86_64",
"relates_to_product_reference": "7Server-EXTRAS-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-0:1.6.4-26.el7_9.ppc64le as a component of Red Hat Enterprise Linux 7 Extras",
"product_id": "7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.ppc64le"
},
"product_reference": "podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"relates_to_product_reference": "7Server-EXTRAS-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-0:1.6.4-26.el7_9.s390x as a component of Red Hat Enterprise Linux 7 Extras",
"product_id": "7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.s390x"
},
"product_reference": "podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"relates_to_product_reference": "7Server-EXTRAS-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-0:1.6.4-26.el7_9.x86_64 as a component of Red Hat Enterprise Linux 7 Extras",
"product_id": "7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.x86_64"
},
"product_reference": "podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"relates_to_product_reference": "7Server-EXTRAS-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-0:1.6.4-26.el7_9.noarch as a component of Red Hat Enterprise Linux 7 Extras",
"product_id": "7Server-EXTRAS-7.9:podman-docker-0:1.6.4-26.el7_9.noarch"
},
"product_reference": "podman-docker-0:1.6.4-26.el7_9.noarch",
"relates_to_product_reference": "7Server-EXTRAS-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:1.6.4-26.el7_9.ppc64le as a component of Red Hat Enterprise Linux 7 Extras",
"product_id": "7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.ppc64le"
},
"product_reference": "podman-0:1.6.4-26.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-EXTRAS-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:1.6.4-26.el7_9.s390x as a component of Red Hat Enterprise Linux 7 Extras",
"product_id": "7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.s390x"
},
"product_reference": "podman-0:1.6.4-26.el7_9.s390x",
"relates_to_product_reference": "7Workstation-EXTRAS-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:1.6.4-26.el7_9.src as a component of Red Hat Enterprise Linux 7 Extras",
"product_id": "7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.src"
},
"product_reference": "podman-0:1.6.4-26.el7_9.src",
"relates_to_product_reference": "7Workstation-EXTRAS-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:1.6.4-26.el7_9.x86_64 as a component of Red Hat Enterprise Linux 7 Extras",
"product_id": "7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.x86_64"
},
"product_reference": "podman-0:1.6.4-26.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-EXTRAS-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-0:1.6.4-26.el7_9.ppc64le as a component of Red Hat Enterprise Linux 7 Extras",
"product_id": "7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.ppc64le"
},
"product_reference": "podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-EXTRAS-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-0:1.6.4-26.el7_9.s390x as a component of Red Hat Enterprise Linux 7 Extras",
"product_id": "7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.s390x"
},
"product_reference": "podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"relates_to_product_reference": "7Workstation-EXTRAS-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-0:1.6.4-26.el7_9.x86_64 as a component of Red Hat Enterprise Linux 7 Extras",
"product_id": "7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.x86_64"
},
"product_reference": "podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-EXTRAS-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-0:1.6.4-26.el7_9.noarch as a component of Red Hat Enterprise Linux 7 Extras",
"product_id": "7Workstation-EXTRAS-7.9:podman-docker-0:1.6.4-26.el7_9.noarch"
},
"product_reference": "podman-docker-0:1.6.4-26.el7_9.noarch",
"relates_to_product_reference": "7Workstation-EXTRAS-7.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-14040",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2020-06-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1853652"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in the golang.org/x/text library. A library or application must use one of the vulnerable functions, such as unicode.Transform, transform.String, or transform.Byte, to be susceptible to this vulnerability. If an attacker is able to supply specific characters or strings to the vulnerable application, there is the potential to cause an infinite loop to occur using more memory, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* OpenShift ServiceMesh (OSSM) 1.0 is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities. Jaeger was packaged with ServiceMesh in 1.0, and hence is also marked OOSS, but the Jaeger-Operator is a standalone product and is affected by this vulnerability.\n\n* Because Service Telemetry Framework does not directly use unicode.UTF16, no update will be provided at this time for STF\u0027s sg-core-container.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.ppc64le",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.s390x",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.src",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.x86_64",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"7Server-EXTRAS-7.9:podman-docker-0:1.6.4-26.el7_9.noarch",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.ppc64le",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.s390x",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.src",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.x86_64",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"7Workstation-EXTRAS-7.9:podman-docker-0:1.6.4-26.el7_9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14040"
},
{
"category": "external",
"summary": "RHBZ#1853652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853652"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14040"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/39491",
"url": "https://github.com/golang/go/issues/39491"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0",
"url": "https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0"
}
],
"release_date": "2020-06-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-10T13:54:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.ppc64le",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.s390x",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.src",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.x86_64",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"7Server-EXTRAS-7.9:podman-docker-0:1.6.4-26.el7_9.noarch",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.ppc64le",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.s390x",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.src",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.x86_64",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"7Workstation-EXTRAS-7.9:podman-docker-0:1.6.4-26.el7_9.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5056"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.ppc64le",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.s390x",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.src",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.x86_64",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"7Server-EXTRAS-7.9:podman-docker-0:1.6.4-26.el7_9.noarch",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.ppc64le",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.s390x",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.src",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.x86_64",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"7Workstation-EXTRAS-7.9:podman-docker-0:1.6.4-26.el7_9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash"
},
{
"cve": "CVE-2020-14370",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2020-07-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1874268"
}
],
"notes": [
{
"category": "description",
"text": "An information disclosure flaw was found in containers/podman. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container leak into subsequent containers. This flaw allows an attacker who controls the subsequent containers to gain access to sensitive information stored in such variables. The highest threat from this vulnerability is to confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Whilst OpenShift Container Platform (OCP) does include podman, the Varlink API is not enabled by default. However, as it is trivial to activate this feature, OCP has been marked as affected.\n\nOCP 3.11 has previously packaged podman, but instead now relies on the version from rhel-extra.The older version previously packaged is not vulnerable to this CVE and hence has been marked not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.ppc64le",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.s390x",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.src",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.x86_64",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"7Server-EXTRAS-7.9:podman-docker-0:1.6.4-26.el7_9.noarch",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.ppc64le",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.s390x",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.src",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.x86_64",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"7Workstation-EXTRAS-7.9:podman-docker-0:1.6.4-26.el7_9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14370"
},
{
"category": "external",
"summary": "RHBZ#1874268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1874268"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14370",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14370"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14370",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14370"
}
],
"release_date": "2020-09-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-10T13:54:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.ppc64le",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.s390x",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.src",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.x86_64",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"7Server-EXTRAS-7.9:podman-docker-0:1.6.4-26.el7_9.noarch",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.ppc64le",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.s390x",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.src",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.x86_64",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"7Workstation-EXTRAS-7.9:podman-docker-0:1.6.4-26.el7_9.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5056"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.ppc64le",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.s390x",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.src",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.x86_64",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"7Server-EXTRAS-7.9:podman-docker-0:1.6.4-26.el7_9.noarch",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.ppc64le",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.s390x",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.src",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.x86_64",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"7Workstation-EXTRAS-7.9:podman-docker-0:1.6.4-26.el7_9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API"
}
]
}
RHSA-2020:4297
Vulnerability from csaf_redhat - Published: 2020-10-27 14:53 - Updated: 2025-12-04 04:44Summary
Red Hat Security Advisory: OpenShift Container Platform 4.6.1 package security update
Notes
Topic
An update for jenkins-2-plugins, openshift-clients, podman, runc, and skopeo is now available for Red Hat OpenShift Container Platform 4.6.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.
The runC tool is a lightweight, portable implementation of the Open Container Format (OCF) that provides container runtime.
The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files.
Security Fix(es):
* jenkins-jira-plugin: plugin information disclosure (CVE-2019-16541)
* jenkins-2-plugins/mailer: Missing hostname validation in Mailer Plugin could result in MITM (CVE-2020-2252)
* jenkins-2-plugins/blueocean: Path traversal vulnerability in Blue Ocean Plugin could allow to read arbitrary files (CVE-2020-2254)
* jenkins-2-plugins/blueocean: Blue Ocean Plugin does not perform permission checks in several HTTP endpoints implementing connection tests. (CVE-2020-2255)
* kubernetes: Docker config secrets leaked when file is malformed and loglevel >= 4 (CVE-2020-8564)
* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)
* podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API (CVE-2020-14370)
* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for jenkins-2-plugins, openshift-clients, podman, runc, and skopeo is now available for Red Hat OpenShift Container Platform 4.6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.\n\nThe runC tool is a lightweight, portable implementation of the Open Container Format (OCF) that provides container runtime.\n\nThe skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. \n\nSecurity Fix(es):\n\n* jenkins-jira-plugin: plugin information disclosure (CVE-2019-16541)\n\n* jenkins-2-plugins/mailer: Missing hostname validation in Mailer Plugin could result in MITM (CVE-2020-2252)\n\n* jenkins-2-plugins/blueocean: Path traversal vulnerability in Blue Ocean Plugin could allow to read arbitrary files (CVE-2020-2254)\n\n* jenkins-2-plugins/blueocean: Blue Ocean Plugin does not perform permission checks in several HTTP endpoints implementing connection tests. (CVE-2020-2255)\n\n* kubernetes: Docker config secrets leaked when file is malformed and loglevel \u003e= 4 (CVE-2020-8564)\n\n* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)\n\n* podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API (CVE-2020-14370)\n\n* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:4297",
"url": "https://access.redhat.com/errata/RHSA-2020:4297"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1819663",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819663"
},
{
"category": "external",
"summary": "1853652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853652"
},
{
"category": "external",
"summary": "1867099",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1867099"
},
{
"category": "external",
"summary": "1874268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1874268"
},
{
"category": "external",
"summary": "1880454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1880454"
},
{
"category": "external",
"summary": "1880456",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1880456"
},
{
"category": "external",
"summary": "1880460",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1880460"
},
{
"category": "external",
"summary": "1886637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1886637"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4297.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.6.1 package security update",
"tracking": {
"current_release_date": "2025-12-04T04:44:49+00:00",
"generator": {
"date": "2025-12-04T04:44:49+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.13"
}
},
"id": "RHSA-2020:4297",
"initial_release_date": "2020-10-27T14:53:57+00:00",
"revision_history": [
{
"date": "2020-10-27T14:53:57+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-10-27T14:53:57+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-04T04:44:49+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.6",
"product": {
"name": "Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.6::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.6",
"product": {
"name": "Red Hat OpenShift Container Platform 4.6",
"product_id": "7Server-RH7-RHOSE-4.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.6::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"product": {
"name": "podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"product_id": "podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@1.9.3-3.rhaos4.6.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"product": {
"name": "podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"product_id": "podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@1.9.3-3.rhaos4.6.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"product": {
"name": "podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"product_id": "podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@1.9.3-3.rhaos4.6.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"product": {
"name": "podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"product_id": "podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@1.9.3-3.rhaos4.6.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"product": {
"name": "podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"product_id": "podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@1.9.3-3.rhaos4.6.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"product": {
"name": "podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"product_id": "podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@1.9.3-3.rhaos4.6.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"product": {
"name": "containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"product_id": "containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containers-common@1.1.1-2.rhaos4.6.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"product": {
"name": "skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"product_id": "skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.1.1-2.rhaos4.6.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"product": {
"name": "skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"product_id": "skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.1.1-2.rhaos4.6.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"product": {
"name": "skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"product_id": "skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.1.1-2.rhaos4.6.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"product": {
"name": "skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"product_id": "skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.1.1-2.rhaos4.6.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"product": {
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"product_id": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.0.0-81.rhaos4.6.git5b757d4.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"product": {
"name": "runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"product_id": "runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debugsource@1.0.0-81.rhaos4.6.git5b757d4.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"product": {
"name": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"product_id": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.0.0-81.rhaos4.6.git5b757d4.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"product": {
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"product_id": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.6.0-202010081244.p0.git.3794.4743d24.el8?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product": {
"name": "podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product_id": "podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@1.9.3-3.rhaos4.6.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product": {
"name": "podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product_id": "podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@1.9.3-3.rhaos4.6.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product": {
"name": "podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product_id": "podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@1.9.3-3.rhaos4.6.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product": {
"name": "podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product_id": "podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@1.9.3-3.rhaos4.6.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product": {
"name": "podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product_id": "podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@1.9.3-3.rhaos4.6.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product": {
"name": "podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product_id": "podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@1.9.3-3.rhaos4.6.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"product": {
"name": "containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"product_id": "containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containers-common@1.1.1-2.rhaos4.6.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"product": {
"name": "skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"product_id": "skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.1.1-2.rhaos4.6.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"product": {
"name": "skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"product_id": "skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.1.1-2.rhaos4.6.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"product": {
"name": "skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"product_id": "skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.1.1-2.rhaos4.6.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"product": {
"name": "skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"product_id": "skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.1.1-2.rhaos4.6.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"product": {
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"product_id": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.0.0-81.rhaos4.6.git5b757d4.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"product": {
"name": "runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"product_id": "runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debugsource@1.0.0-81.rhaos4.6.git5b757d4.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"product": {
"name": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"product_id": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.0.0-81.rhaos4.6.git5b757d4.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"product": {
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"product_id": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.6.0-202010081244.p0.git.3794.4743d24.el8?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product": {
"name": "podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product_id": "podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@1.9.3-3.rhaos4.6.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product": {
"name": "podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product_id": "podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@1.9.3-3.rhaos4.6.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product": {
"name": "podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product_id": "podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@1.9.3-3.rhaos4.6.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product": {
"name": "podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product_id": "podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@1.9.3-3.rhaos4.6.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product": {
"name": "podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product_id": "podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@1.9.3-3.rhaos4.6.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product": {
"name": "podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product_id": "podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@1.9.3-3.rhaos4.6.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"product": {
"name": "containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"product_id": "containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containers-common@1.1.1-2.rhaos4.6.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"product": {
"name": "skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"product_id": "skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.1.1-2.rhaos4.6.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64",
"product": {
"name": "skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64",
"product_id": "skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.1.1-2.rhaos4.6.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"product": {
"name": "skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"product_id": "skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.1.1-2.rhaos4.6.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"product": {
"name": "skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"product_id": "skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.1.1-2.rhaos4.6.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"product": {
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"product_id": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.0.0-81.rhaos4.6.git5b757d4.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"product": {
"name": "runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"product_id": "runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debugsource@1.0.0-81.rhaos4.6.git5b757d4.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"product": {
"name": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"product_id": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.0.0-81.rhaos4.6.git5b757d4.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"product": {
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"product_id": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.6.0-202010081244.p0.git.3794.4743d24.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"product": {
"name": "openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"product_id": "openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.6.0-202010081244.p0.git.3794.4743d24.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"product": {
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"product_id": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.0.0-81.rhaos4.6.git5b757d4.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"product": {
"name": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"product_id": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.0.0-81.rhaos4.6.git5b757d4.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"product": {
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"product_id": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.6.0-202010081244.p0.git.3794.4743d24.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"product": {
"name": "openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"product_id": "openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.6.0-202010081244.p0.git.3794.4743d24.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-0:1.9.3-3.rhaos4.6.el8.src",
"product": {
"name": "podman-0:1.9.3-3.rhaos4.6.el8.src",
"product_id": "podman-0:1.9.3-3.rhaos4.6.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@1.9.3-3.rhaos4.6.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"product": {
"name": "jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"product_id": "jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.6.1601368321-1.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"product": {
"name": "skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"product_id": "skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.1.1-2.rhaos4.6.el8?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"product": {
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"product_id": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.0.0-81.rhaos4.6.git5b757d4.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"product": {
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"product_id": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.6.0-202010081244.p0.git.3794.4743d24.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"product": {
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"product_id": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.0.0-81.rhaos4.6.git5b757d4.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"product": {
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"product_id": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.6.0-202010081244.p0.git.3794.4743d24.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"product": {
"name": "podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"product_id": "podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-docker@1.9.3-3.rhaos4.6.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"product": {
"name": "jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"product_id": "jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.6.1601368321-1.el8?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src"
},
"product_reference": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64"
},
"product_reference": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64"
},
"product_reference": "openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src"
},
"product_reference": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64"
},
"product_reference": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64"
},
"product_reference": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le"
},
"product_reference": "containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containers-common-1:1.1.1-2.rhaos4.6.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x"
},
"product_reference": "containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64"
},
"product_reference": "containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch"
},
"product_reference": "jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.6.1601368321-1.el8.src as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src"
},
"product_reference": "jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le"
},
"product_reference": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x"
},
"product_reference": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src"
},
"product_reference": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64"
},
"product_reference": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64"
},
"product_reference": "openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:1.9.3-3.rhaos4.6.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le"
},
"product_reference": "podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:1.9.3-3.rhaos4.6.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x"
},
"product_reference": "podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:1.9.3-3.rhaos4.6.el8.src as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src"
},
"product_reference": "podman-0:1.9.3-3.rhaos4.6.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:1.9.3-3.rhaos4.6.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64"
},
"product_reference": "podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le"
},
"product_reference": "podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x"
},
"product_reference": "podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64"
},
"product_reference": "podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le"
},
"product_reference": "podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x"
},
"product_reference": "podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64"
},
"product_reference": "podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch"
},
"product_reference": "podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le"
},
"product_reference": "podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x"
},
"product_reference": "podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64"
},
"product_reference": "podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le"
},
"product_reference": "podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x"
},
"product_reference": "podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64"
},
"product_reference": "podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le"
},
"product_reference": "podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x"
},
"product_reference": "podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64"
},
"product_reference": "podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le"
},
"product_reference": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x"
},
"product_reference": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src"
},
"product_reference": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64"
},
"product_reference": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le"
},
"product_reference": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x"
},
"product_reference": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64"
},
"product_reference": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le"
},
"product_reference": "runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x"
},
"product_reference": "runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64"
},
"product_reference": "runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le"
},
"product_reference": "skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-1:1.1.1-2.rhaos4.6.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x"
},
"product_reference": "skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-1:1.1.1-2.rhaos4.6.el8.src as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src"
},
"product_reference": "skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64"
},
"product_reference": "skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le"
},
"product_reference": "skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x"
},
"product_reference": "skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64"
},
"product_reference": "skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le"
},
"product_reference": "skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x"
},
"product_reference": "skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64"
},
"product_reference": "skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le"
},
"product_reference": "skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x"
},
"product_reference": "skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
},
"product_reference": "skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-16541",
"cwe": {
"id": "CWE-522",
"name": "Insufficiently Protected Credentials"
},
"discovery_date": "2019-11-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1819663"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins JIRA Plugin 3.0.10 and earlier does not declare the correct (folder) scope for per-folder Jira site definitions, allowing users to select and use credentials with System scope.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-jira-plugin: plugin information disclosure",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-16541"
},
{
"category": "external",
"summary": "RHBZ#1819663",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819663"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-16541",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16541"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16541",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16541"
},
{
"category": "external",
"summary": "https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1106",
"url": "https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1106"
}
],
"release_date": "2019-11-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T14:53:57+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4297"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-jira-plugin: plugin information disclosure"
},
{
"cve": "CVE-2020-2252",
"cwe": {
"id": "CWE-297",
"name": "Improper Validation of Certificate with Host Mismatch"
},
"discovery_date": "2020-09-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1880454"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins Mailer Plugin 1.32 and earlier does not perform hostname validation when connecting to the configured SMTP server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/mailer: Missing hostname validation in Mailer Plugin could result in MITM",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2252"
},
{
"category": "external",
"summary": "RHBZ#1880454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1880454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2252",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2252"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2252",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2252"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1813",
"url": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1813"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2020/09/16/3",
"url": "https://www.openwall.com/lists/oss-security/2020/09/16/3"
}
],
"release_date": "2020-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T14:53:57+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4297"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-2-plugins/mailer: Missing hostname validation in Mailer Plugin could result in MITM"
},
{
"cve": "CVE-2020-2254",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2020-09-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1880456"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins Blue Ocean Plugin 1.23.2 and earlier provides an undocumented feature flag that, when enabled, allows an attacker with Job/Configure or Job/Create permission to read arbitrary files on the Jenkins controller file system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/blueocean: Path traversal vulnerability in Blue Ocean Plugin could allow to read arbitrary files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2254"
},
{
"category": "external",
"summary": "RHBZ#1880456",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1880456"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2254",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2254"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2254",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2254"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2020/09/16/3",
"url": "http://www.openwall.com/lists/oss-security/2020/09/16/3"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1956",
"url": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1956"
}
],
"release_date": "2020-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T14:53:57+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4297"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-2-plugins/blueocean: Path traversal vulnerability in Blue Ocean Plugin could allow to read arbitrary files"
},
{
"cve": "CVE-2020-2255",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"discovery_date": "2020-09-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1880460"
}
],
"notes": [
{
"category": "description",
"text": "A missing permission check in Jenkins Blue Ocean Plugin 1.23.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/blueocean: Blue Ocean Plugin does not perform permission checks in several HTTP endpoints implementing connection tests.",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2255"
},
{
"category": "external",
"summary": "RHBZ#1880460",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1880460"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2255",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2255"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2255",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2255"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1961",
"url": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1961"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2020/09/16/3",
"url": "https://www.openwall.com/lists/oss-security/2020/09/16/3"
}
],
"release_date": "2020-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T14:53:57+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4297"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-2-plugins/blueocean: Blue Ocean Plugin does not perform permission checks in several HTTP endpoints implementing connection tests."
},
{
"acknowledgments": [
{
"names": [
"the Kubernetes Product Security Committee"
]
},
{
"names": [
"Nikolaos Moraitis"
],
"organization": "Red Hat",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2020-8564",
"cwe": {
"id": "CWE-117",
"name": "Improper Output Neutralization for Logs"
},
"discovery_date": "2020-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1886637"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in kubernetes. In Kubernetes, if the logging level is to at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. This can occur with client tools like `kubectl`, or other components that use registry credentials in a docker config file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kubernetes: Docker config secrets leaked when file is malformed and loglevel \u003e= 4",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8564"
},
{
"category": "external",
"summary": "RHBZ#1886637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1886637"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8564",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8564"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8564",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8564"
},
{
"category": "external",
"summary": "https://github.com/kubernetes/kubernetes/issues/95622",
"url": "https://github.com/kubernetes/kubernetes/issues/95622"
},
{
"category": "external",
"summary": "https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk",
"url": "https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk"
}
],
"release_date": "2020-10-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T14:53:57+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4297"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kubernetes: Docker config secrets leaked when file is malformed and loglevel \u003e= 4"
},
{
"cve": "CVE-2020-14040",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2020-06-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1853652"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in the golang.org/x/text library. A library or application must use one of the vulnerable functions, such as unicode.Transform, transform.String, or transform.Byte, to be susceptible to this vulnerability. If an attacker is able to supply specific characters or strings to the vulnerable application, there is the potential to cause an infinite loop to occur using more memory, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* OpenShift ServiceMesh (OSSM) 1.0 is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities. Jaeger was packaged with ServiceMesh in 1.0, and hence is also marked OOSS, but the Jaeger-Operator is a standalone product and is affected by this vulnerability.\n\n* Because Service Telemetry Framework does not directly use unicode.UTF16, no update will be provided at this time for STF\u0027s sg-core-container.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14040"
},
{
"category": "external",
"summary": "RHBZ#1853652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853652"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14040"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/39491",
"url": "https://github.com/golang/go/issues/39491"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0",
"url": "https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0"
}
],
"release_date": "2020-06-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T14:53:57+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4297"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash"
},
{
"cve": "CVE-2020-14370",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2020-07-30T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1874268"
}
],
"notes": [
{
"category": "description",
"text": "An information disclosure flaw was found in containers/podman. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container leak into subsequent containers. This flaw allows an attacker who controls the subsequent containers to gain access to sensitive information stored in such variables. The highest threat from this vulnerability is to confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Whilst OpenShift Container Platform (OCP) does include podman, the Varlink API is not enabled by default. However, as it is trivial to activate this feature, OCP has been marked as affected.\n\nOCP 3.11 has previously packaged podman, but instead now relies on the version from rhel-extra.The older version previously packaged is not vulnerable to this CVE and hence has been marked not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14370"
},
{
"category": "external",
"summary": "RHBZ#1874268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1874268"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14370",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14370"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14370",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14370"
}
],
"release_date": "2020-09-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T14:53:57+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4297"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API"
},
{
"cve": "CVE-2020-15586",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2020-07-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1856953"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found Go\u0027s net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: data race in certain net/http servers including ReverseProxy can lead to DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) components are primarily written in Go, meaning that any component using the net/http package includes the vulnerable code. OCP server endpoints using ReverseProxy are protected by authentication, reducing the severity of this vulnerability to Low for OCP.\n\nSimilar to OCP, OpenShift ServiceMesh (OSSM), RedHat OpenShift Jaeger (RHOSJ) and OpenShift Virtualization are also primarily written in Go and are protected via authentication, reducing the severity of this vulnerability to Low.\n\nRed Hat Gluster Storage 3 and Red Hat Openshift Container Storage 4 components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.\n\nRed Hat Ceph Storage 3 and 4 components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15586"
},
{
"category": "external",
"summary": "RHBZ#1856953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856953"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15586",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15586"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15586",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15586"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ",
"url": "https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T14:53:57+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4297"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: data race in certain net/http servers including ReverseProxy can lead to DoS"
},
{
"cve": "CVE-2020-16845",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2020-08-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1867099"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP), OpenShift ServiceMesh (OSSM), RedHat OpenShift Jaeger (RHOSJ) and OpenShift Virtualization components are primarily written in Go, meaning that any component using the encoding/binary package includes the vulnerable code. The affected components are behind OpenShift OAuth authentication, therefore the impact is low.\n\nRed Hat Gluster Storage 3, Red Hat OpenShift Container Storage 4 and Red Hat Ceph Storage (3 and 4) components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64"
],
"known_not_affected": [
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-16845"
},
{
"category": "external",
"summary": "RHBZ#1867099",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1867099"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-16845",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16845"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-16845",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16845"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/NyPIaucMgXo",
"url": "https://groups.google.com/g/golang-announce/c/NyPIaucMgXo"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T14:53:57+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4297"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs"
}
]
}
RHSA-2020:5056
Vulnerability from csaf_redhat - Published: 2020-11-10 13:54 - Updated: 2025-12-04 04:44Summary
Red Hat Security Advisory: podman security and bug fix update
Notes
Topic
An update for podman is now available for Red Hat Enterprise Linux 7 Extras.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.
Security Fix(es):
* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)
* podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API (CVE-2020-14370)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Bug Fix(es):
* podman does not use $TMPDIR loading a tar file (BZ#1877699)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for podman is now available for Red Hat Enterprise Linux 7 Extras.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.\n\nSecurity Fix(es):\n\n* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)\n\n* podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API (CVE-2020-14370)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* podman does not use $TMPDIR loading a tar file (BZ#1877699)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:5056",
"url": "https://access.redhat.com/errata/RHSA-2020:5056"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1853652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853652"
},
{
"category": "external",
"summary": "1874268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1874268"
},
{
"category": "external",
"summary": "1877699",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1877699"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_5056.json"
}
],
"title": "Red Hat Security Advisory: podman security and bug fix update",
"tracking": {
"current_release_date": "2025-12-04T04:44:52+00:00",
"generator": {
"date": "2025-12-04T04:44:52+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.13"
}
},
"id": "RHSA-2020:5056",
"initial_release_date": "2020-11-10T13:54:40+00:00",
"revision_history": [
{
"date": "2020-11-10T13:54:40+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-11-10T13:54:40+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-12-04T04:44:52+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux 7 Extras",
"product": {
"name": "Red Hat Enterprise Linux 7 Extras",
"product_id": "7Server-EXTRAS-7.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_other:7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux 7 Extras",
"product": {
"name": "Red Hat Enterprise Linux 7 Extras",
"product_id": "7Workstation-EXTRAS-7.9",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_other:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Extras"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-0:1.6.4-26.el7_9.x86_64",
"product": {
"name": "podman-0:1.6.4-26.el7_9.x86_64",
"product_id": "podman-0:1.6.4-26.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@1.6.4-26.el7_9?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"product": {
"name": "podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"product_id": "podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@1.6.4-26.el7_9?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-0:1.6.4-26.el7_9.src",
"product": {
"name": "podman-0:1.6.4-26.el7_9.src",
"product_id": "podman-0:1.6.4-26.el7_9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@1.6.4-26.el7_9?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-docker-0:1.6.4-26.el7_9.noarch",
"product": {
"name": "podman-docker-0:1.6.4-26.el7_9.noarch",
"product_id": "podman-docker-0:1.6.4-26.el7_9.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-docker@1.6.4-26.el7_9?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-0:1.6.4-26.el7_9.ppc64le",
"product": {
"name": "podman-0:1.6.4-26.el7_9.ppc64le",
"product_id": "podman-0:1.6.4-26.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@1.6.4-26.el7_9?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"product": {
"name": "podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"product_id": "podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@1.6.4-26.el7_9?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-0:1.6.4-26.el7_9.s390x",
"product": {
"name": "podman-0:1.6.4-26.el7_9.s390x",
"product_id": "podman-0:1.6.4-26.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@1.6.4-26.el7_9?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"product": {
"name": "podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"product_id": "podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@1.6.4-26.el7_9?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:1.6.4-26.el7_9.ppc64le as a component of Red Hat Enterprise Linux 7 Extras",
"product_id": "7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.ppc64le"
},
"product_reference": "podman-0:1.6.4-26.el7_9.ppc64le",
"relates_to_product_reference": "7Server-EXTRAS-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:1.6.4-26.el7_9.s390x as a component of Red Hat Enterprise Linux 7 Extras",
"product_id": "7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.s390x"
},
"product_reference": "podman-0:1.6.4-26.el7_9.s390x",
"relates_to_product_reference": "7Server-EXTRAS-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:1.6.4-26.el7_9.src as a component of Red Hat Enterprise Linux 7 Extras",
"product_id": "7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.src"
},
"product_reference": "podman-0:1.6.4-26.el7_9.src",
"relates_to_product_reference": "7Server-EXTRAS-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:1.6.4-26.el7_9.x86_64 as a component of Red Hat Enterprise Linux 7 Extras",
"product_id": "7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.x86_64"
},
"product_reference": "podman-0:1.6.4-26.el7_9.x86_64",
"relates_to_product_reference": "7Server-EXTRAS-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-0:1.6.4-26.el7_9.ppc64le as a component of Red Hat Enterprise Linux 7 Extras",
"product_id": "7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.ppc64le"
},
"product_reference": "podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"relates_to_product_reference": "7Server-EXTRAS-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-0:1.6.4-26.el7_9.s390x as a component of Red Hat Enterprise Linux 7 Extras",
"product_id": "7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.s390x"
},
"product_reference": "podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"relates_to_product_reference": "7Server-EXTRAS-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-0:1.6.4-26.el7_9.x86_64 as a component of Red Hat Enterprise Linux 7 Extras",
"product_id": "7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.x86_64"
},
"product_reference": "podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"relates_to_product_reference": "7Server-EXTRAS-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-0:1.6.4-26.el7_9.noarch as a component of Red Hat Enterprise Linux 7 Extras",
"product_id": "7Server-EXTRAS-7.9:podman-docker-0:1.6.4-26.el7_9.noarch"
},
"product_reference": "podman-docker-0:1.6.4-26.el7_9.noarch",
"relates_to_product_reference": "7Server-EXTRAS-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:1.6.4-26.el7_9.ppc64le as a component of Red Hat Enterprise Linux 7 Extras",
"product_id": "7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.ppc64le"
},
"product_reference": "podman-0:1.6.4-26.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-EXTRAS-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:1.6.4-26.el7_9.s390x as a component of Red Hat Enterprise Linux 7 Extras",
"product_id": "7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.s390x"
},
"product_reference": "podman-0:1.6.4-26.el7_9.s390x",
"relates_to_product_reference": "7Workstation-EXTRAS-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:1.6.4-26.el7_9.src as a component of Red Hat Enterprise Linux 7 Extras",
"product_id": "7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.src"
},
"product_reference": "podman-0:1.6.4-26.el7_9.src",
"relates_to_product_reference": "7Workstation-EXTRAS-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:1.6.4-26.el7_9.x86_64 as a component of Red Hat Enterprise Linux 7 Extras",
"product_id": "7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.x86_64"
},
"product_reference": "podman-0:1.6.4-26.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-EXTRAS-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-0:1.6.4-26.el7_9.ppc64le as a component of Red Hat Enterprise Linux 7 Extras",
"product_id": "7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.ppc64le"
},
"product_reference": "podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"relates_to_product_reference": "7Workstation-EXTRAS-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-0:1.6.4-26.el7_9.s390x as a component of Red Hat Enterprise Linux 7 Extras",
"product_id": "7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.s390x"
},
"product_reference": "podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"relates_to_product_reference": "7Workstation-EXTRAS-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-0:1.6.4-26.el7_9.x86_64 as a component of Red Hat Enterprise Linux 7 Extras",
"product_id": "7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.x86_64"
},
"product_reference": "podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"relates_to_product_reference": "7Workstation-EXTRAS-7.9"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-0:1.6.4-26.el7_9.noarch as a component of Red Hat Enterprise Linux 7 Extras",
"product_id": "7Workstation-EXTRAS-7.9:podman-docker-0:1.6.4-26.el7_9.noarch"
},
"product_reference": "podman-docker-0:1.6.4-26.el7_9.noarch",
"relates_to_product_reference": "7Workstation-EXTRAS-7.9"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-14040",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2020-06-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1853652"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in the golang.org/x/text library. A library or application must use one of the vulnerable functions, such as unicode.Transform, transform.String, or transform.Byte, to be susceptible to this vulnerability. If an attacker is able to supply specific characters or strings to the vulnerable application, there is the potential to cause an infinite loop to occur using more memory, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* OpenShift ServiceMesh (OSSM) 1.0 is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities. Jaeger was packaged with ServiceMesh in 1.0, and hence is also marked OOSS, but the Jaeger-Operator is a standalone product and is affected by this vulnerability.\n\n* Because Service Telemetry Framework does not directly use unicode.UTF16, no update will be provided at this time for STF\u0027s sg-core-container.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.ppc64le",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.s390x",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.src",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.x86_64",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"7Server-EXTRAS-7.9:podman-docker-0:1.6.4-26.el7_9.noarch",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.ppc64le",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.s390x",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.src",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.x86_64",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"7Workstation-EXTRAS-7.9:podman-docker-0:1.6.4-26.el7_9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14040"
},
{
"category": "external",
"summary": "RHBZ#1853652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853652"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14040"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/39491",
"url": "https://github.com/golang/go/issues/39491"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0",
"url": "https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0"
}
],
"release_date": "2020-06-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-10T13:54:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.ppc64le",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.s390x",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.src",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.x86_64",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"7Server-EXTRAS-7.9:podman-docker-0:1.6.4-26.el7_9.noarch",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.ppc64le",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.s390x",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.src",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.x86_64",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"7Workstation-EXTRAS-7.9:podman-docker-0:1.6.4-26.el7_9.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5056"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.ppc64le",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.s390x",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.src",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.x86_64",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"7Server-EXTRAS-7.9:podman-docker-0:1.6.4-26.el7_9.noarch",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.ppc64le",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.s390x",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.src",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.x86_64",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"7Workstation-EXTRAS-7.9:podman-docker-0:1.6.4-26.el7_9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash"
},
{
"cve": "CVE-2020-14370",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2020-07-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1874268"
}
],
"notes": [
{
"category": "description",
"text": "An information disclosure flaw was found in containers/podman. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container leak into subsequent containers. This flaw allows an attacker who controls the subsequent containers to gain access to sensitive information stored in such variables. The highest threat from this vulnerability is to confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Whilst OpenShift Container Platform (OCP) does include podman, the Varlink API is not enabled by default. However, as it is trivial to activate this feature, OCP has been marked as affected.\n\nOCP 3.11 has previously packaged podman, but instead now relies on the version from rhel-extra.The older version previously packaged is not vulnerable to this CVE and hence has been marked not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.ppc64le",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.s390x",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.src",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.x86_64",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"7Server-EXTRAS-7.9:podman-docker-0:1.6.4-26.el7_9.noarch",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.ppc64le",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.s390x",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.src",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.x86_64",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"7Workstation-EXTRAS-7.9:podman-docker-0:1.6.4-26.el7_9.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14370"
},
{
"category": "external",
"summary": "RHBZ#1874268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1874268"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14370",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14370"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14370",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14370"
}
],
"release_date": "2020-09-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-11-10T13:54:40+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.ppc64le",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.s390x",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.src",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.x86_64",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"7Server-EXTRAS-7.9:podman-docker-0:1.6.4-26.el7_9.noarch",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.ppc64le",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.s390x",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.src",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.x86_64",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"7Workstation-EXTRAS-7.9:podman-docker-0:1.6.4-26.el7_9.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:5056"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.ppc64le",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.s390x",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.src",
"7Server-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.x86_64",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"7Server-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"7Server-EXTRAS-7.9:podman-docker-0:1.6.4-26.el7_9.noarch",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.ppc64le",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.s390x",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.src",
"7Workstation-EXTRAS-7.9:podman-0:1.6.4-26.el7_9.x86_64",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.ppc64le",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.s390x",
"7Workstation-EXTRAS-7.9:podman-debuginfo-0:1.6.4-26.el7_9.x86_64",
"7Workstation-EXTRAS-7.9:podman-docker-0:1.6.4-26.el7_9.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API"
}
]
}
RHSA-2020_4297
Vulnerability from csaf_redhat - Published: 2020-10-27 14:53 - Updated: 2024-12-17 21:12Summary
Red Hat Security Advisory: OpenShift Container Platform 4.6.1 package security update
Notes
Topic
An update for jenkins-2-plugins, openshift-clients, podman, runc, and skopeo is now available for Red Hat OpenShift Container Platform 4.6.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.
The runC tool is a lightweight, portable implementation of the Open Container Format (OCF) that provides container runtime.
The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files.
Security Fix(es):
* jenkins-jira-plugin: plugin information disclosure (CVE-2019-16541)
* jenkins-2-plugins/mailer: Missing hostname validation in Mailer Plugin could result in MITM (CVE-2020-2252)
* jenkins-2-plugins/blueocean: Path traversal vulnerability in Blue Ocean Plugin could allow to read arbitrary files (CVE-2020-2254)
* jenkins-2-plugins/blueocean: Blue Ocean Plugin does not perform permission checks in several HTTP endpoints implementing connection tests. (CVE-2020-2255)
* kubernetes: Docker config secrets leaked when file is malformed and loglevel >= 4 (CVE-2020-8564)
* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)
* podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API (CVE-2020-14370)
* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for jenkins-2-plugins, openshift-clients, podman, runc, and skopeo is now available for Red Hat OpenShift Container Platform 4.6.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.\n\nThe runC tool is a lightweight, portable implementation of the Open Container Format (OCF) that provides container runtime.\n\nThe skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files. \n\nSecurity Fix(es):\n\n* jenkins-jira-plugin: plugin information disclosure (CVE-2019-16541)\n\n* jenkins-2-plugins/mailer: Missing hostname validation in Mailer Plugin could result in MITM (CVE-2020-2252)\n\n* jenkins-2-plugins/blueocean: Path traversal vulnerability in Blue Ocean Plugin could allow to read arbitrary files (CVE-2020-2254)\n\n* jenkins-2-plugins/blueocean: Blue Ocean Plugin does not perform permission checks in several HTTP endpoints implementing connection tests. (CVE-2020-2255)\n\n* kubernetes: Docker config secrets leaked when file is malformed and loglevel \u003e= 4 (CVE-2020-8564)\n\n* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)\n\n* podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API (CVE-2020-14370)\n\n* golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs (CVE-2020-16845)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2020:4297",
"url": "https://access.redhat.com/errata/RHSA-2020:4297"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1819663",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819663"
},
{
"category": "external",
"summary": "1853652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853652"
},
{
"category": "external",
"summary": "1867099",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1867099"
},
{
"category": "external",
"summary": "1874268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1874268"
},
{
"category": "external",
"summary": "1880454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1880454"
},
{
"category": "external",
"summary": "1880456",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1880456"
},
{
"category": "external",
"summary": "1880460",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1880460"
},
{
"category": "external",
"summary": "1886637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1886637"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2020/rhsa-2020_4297.json"
}
],
"title": "Red Hat Security Advisory: OpenShift Container Platform 4.6.1 package security update",
"tracking": {
"current_release_date": "2024-12-17T21:12:03+00:00",
"generator": {
"date": "2024-12-17T21:12:03+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.3"
}
},
"id": "RHSA-2020:4297",
"initial_release_date": "2020-10-27T14:53:57+00:00",
"revision_history": [
{
"date": "2020-10-27T14:53:57+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2020-10-27T14:53:57+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-12-17T21:12:03+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.6",
"product": {
"name": "Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.6::el8"
}
}
},
{
"category": "product_name",
"name": "Red Hat OpenShift Container Platform 4.6",
"product": {
"name": "Red Hat OpenShift Container Platform 4.6",
"product_id": "7Server-RH7-RHOSE-4.6",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:4.6::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"product": {
"name": "podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"product_id": "podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@1.9.3-3.rhaos4.6.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"product": {
"name": "podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"product_id": "podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@1.9.3-3.rhaos4.6.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"product": {
"name": "podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"product_id": "podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@1.9.3-3.rhaos4.6.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"product": {
"name": "podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"product_id": "podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@1.9.3-3.rhaos4.6.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"product": {
"name": "podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"product_id": "podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@1.9.3-3.rhaos4.6.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"product": {
"name": "podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"product_id": "podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@1.9.3-3.rhaos4.6.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"product": {
"name": "containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"product_id": "containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containers-common@1.1.1-2.rhaos4.6.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"product": {
"name": "skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"product_id": "skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.1.1-2.rhaos4.6.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"product": {
"name": "skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"product_id": "skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.1.1-2.rhaos4.6.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"product": {
"name": "skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"product_id": "skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.1.1-2.rhaos4.6.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"product": {
"name": "skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"product_id": "skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.1.1-2.rhaos4.6.el8?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"product": {
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"product_id": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.0.0-81.rhaos4.6.git5b757d4.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"product": {
"name": "runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"product_id": "runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debugsource@1.0.0-81.rhaos4.6.git5b757d4.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"product": {
"name": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"product_id": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.0.0-81.rhaos4.6.git5b757d4.el8?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"product": {
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"product_id": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.6.0-202010081244.p0.git.3794.4743d24.el8?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product": {
"name": "podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product_id": "podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@1.9.3-3.rhaos4.6.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product": {
"name": "podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product_id": "podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@1.9.3-3.rhaos4.6.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product": {
"name": "podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product_id": "podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@1.9.3-3.rhaos4.6.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product": {
"name": "podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product_id": "podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@1.9.3-3.rhaos4.6.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product": {
"name": "podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product_id": "podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@1.9.3-3.rhaos4.6.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product": {
"name": "podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product_id": "podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@1.9.3-3.rhaos4.6.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"product": {
"name": "containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"product_id": "containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containers-common@1.1.1-2.rhaos4.6.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"product": {
"name": "skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"product_id": "skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.1.1-2.rhaos4.6.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"product": {
"name": "skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"product_id": "skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.1.1-2.rhaos4.6.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"product": {
"name": "skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"product_id": "skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.1.1-2.rhaos4.6.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"product": {
"name": "skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"product_id": "skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.1.1-2.rhaos4.6.el8?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"product": {
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"product_id": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.0.0-81.rhaos4.6.git5b757d4.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"product": {
"name": "runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"product_id": "runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debugsource@1.0.0-81.rhaos4.6.git5b757d4.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"product": {
"name": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"product_id": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.0.0-81.rhaos4.6.git5b757d4.el8?arch=ppc64le"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"product": {
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"product_id": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.6.0-202010081244.p0.git.3794.4743d24.el8?arch=ppc64le"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product": {
"name": "podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product_id": "podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@1.9.3-3.rhaos4.6.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product": {
"name": "podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product_id": "podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@1.9.3-3.rhaos4.6.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product": {
"name": "podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product_id": "podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@1.9.3-3.rhaos4.6.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product": {
"name": "podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product_id": "podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@1.9.3-3.rhaos4.6.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product": {
"name": "podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product_id": "podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@1.9.3-3.rhaos4.6.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product": {
"name": "podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product_id": "podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@1.9.3-3.rhaos4.6.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"product": {
"name": "containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"product_id": "containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containers-common@1.1.1-2.rhaos4.6.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"product": {
"name": "skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"product_id": "skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.1.1-2.rhaos4.6.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64",
"product": {
"name": "skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64",
"product_id": "skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.1.1-2.rhaos4.6.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"product": {
"name": "skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"product_id": "skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.1.1-2.rhaos4.6.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"product": {
"name": "skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"product_id": "skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.1.1-2.rhaos4.6.el8?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"product": {
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"product_id": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.0.0-81.rhaos4.6.git5b757d4.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"product": {
"name": "runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"product_id": "runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debugsource@1.0.0-81.rhaos4.6.git5b757d4.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"product": {
"name": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"product_id": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.0.0-81.rhaos4.6.git5b757d4.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"product": {
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"product_id": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.6.0-202010081244.p0.git.3794.4743d24.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"product": {
"name": "openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"product_id": "openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.6.0-202010081244.p0.git.3794.4743d24.el8?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"product": {
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"product_id": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.0.0-81.rhaos4.6.git5b757d4.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"product": {
"name": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"product_id": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.0.0-81.rhaos4.6.git5b757d4.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"product": {
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"product_id": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.6.0-202010081244.p0.git.3794.4743d24.el7?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"product": {
"name": "openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"product_id": "openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients-redistributable@4.6.0-202010081244.p0.git.3794.4743d24.el7?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-0:1.9.3-3.rhaos4.6.el8.src",
"product": {
"name": "podman-0:1.9.3-3.rhaos4.6.el8.src",
"product_id": "podman-0:1.9.3-3.rhaos4.6.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@1.9.3-3.rhaos4.6.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"product": {
"name": "jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"product_id": "jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.6.1601368321-1.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"product": {
"name": "skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"product_id": "skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.1.1-2.rhaos4.6.el8?arch=src\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"product": {
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"product_id": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.0.0-81.rhaos4.6.git5b757d4.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"product": {
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"product_id": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.6.0-202010081244.p0.git.3794.4743d24.el8?arch=src"
}
}
},
{
"category": "product_version",
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"product": {
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"product_id": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.0.0-81.rhaos4.6.git5b757d4.el7?arch=src"
}
}
},
{
"category": "product_version",
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"product": {
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"product_id": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openshift-clients@4.6.0-202010081244.p0.git.3794.4743d24.el7?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"product": {
"name": "podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"product_id": "podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-docker@1.9.3-3.rhaos4.6.el8?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"product": {
"name": "jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"product_id": "jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/jenkins-2-plugins@4.6.1601368321-1.el8?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src"
},
"product_reference": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64"
},
"product_reference": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64"
},
"product_reference": "openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src"
},
"product_reference": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64"
},
"product_reference": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64"
},
"product_reference": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le"
},
"product_reference": "containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containers-common-1:1.1.1-2.rhaos4.6.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x"
},
"product_reference": "containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64"
},
"product_reference": "containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch"
},
"product_reference": "jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "jenkins-2-plugins-0:4.6.1601368321-1.el8.src as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src"
},
"product_reference": "jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le"
},
"product_reference": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x"
},
"product_reference": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src"
},
"product_reference": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64"
},
"product_reference": "openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64"
},
"product_reference": "openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:1.9.3-3.rhaos4.6.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le"
},
"product_reference": "podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:1.9.3-3.rhaos4.6.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x"
},
"product_reference": "podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:1.9.3-3.rhaos4.6.el8.src as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src"
},
"product_reference": "podman-0:1.9.3-3.rhaos4.6.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:1.9.3-3.rhaos4.6.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64"
},
"product_reference": "podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le"
},
"product_reference": "podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x"
},
"product_reference": "podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64"
},
"product_reference": "podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le"
},
"product_reference": "podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x"
},
"product_reference": "podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64"
},
"product_reference": "podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch"
},
"product_reference": "podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le"
},
"product_reference": "podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x"
},
"product_reference": "podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64"
},
"product_reference": "podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le"
},
"product_reference": "podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x"
},
"product_reference": "podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64"
},
"product_reference": "podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le"
},
"product_reference": "podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x"
},
"product_reference": "podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64"
},
"product_reference": "podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le"
},
"product_reference": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x"
},
"product_reference": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src"
},
"product_reference": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64"
},
"product_reference": "runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le"
},
"product_reference": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x"
},
"product_reference": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64"
},
"product_reference": "runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le"
},
"product_reference": "runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x"
},
"product_reference": "runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64"
},
"product_reference": "runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le"
},
"product_reference": "skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-1:1.1.1-2.rhaos4.6.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x"
},
"product_reference": "skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-1:1.1.1-2.rhaos4.6.el8.src as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src"
},
"product_reference": "skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64"
},
"product_reference": "skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le"
},
"product_reference": "skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x"
},
"product_reference": "skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64"
},
"product_reference": "skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le"
},
"product_reference": "skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x"
},
"product_reference": "skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64"
},
"product_reference": "skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le"
},
"product_reference": "skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x"
},
"product_reference": "skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"relates_to_product_reference": "8Base-RHOSE-4.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64 as a component of Red Hat OpenShift Container Platform 4.6",
"product_id": "8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
},
"product_reference": "skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64",
"relates_to_product_reference": "8Base-RHOSE-4.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2019-16541",
"cwe": {
"id": "CWE-522",
"name": "Insufficiently Protected Credentials"
},
"discovery_date": "2019-11-21T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1819663"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins JIRA Plugin 3.0.10 and earlier does not declare the correct (folder) scope for per-folder Jira site definitions, allowing users to select and use credentials with System scope.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-jira-plugin: plugin information disclosure",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2019-16541"
},
{
"category": "external",
"summary": "RHBZ#1819663",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1819663"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2019-16541",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16541"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2019-16541",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2019-16541"
},
{
"category": "external",
"summary": "https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1106",
"url": "https://jenkins.io/security/advisory/2019-11-21/#SECURITY-1106"
}
],
"release_date": "2019-11-21T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T14:53:57+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4297"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-jira-plugin: plugin information disclosure"
},
{
"cve": "CVE-2020-2252",
"cwe": {
"id": "CWE-297",
"name": "Improper Validation of Certificate with Host Mismatch"
},
"discovery_date": "2020-09-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1880454"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins Mailer Plugin 1.32 and earlier does not perform hostname validation when connecting to the configured SMTP server.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/mailer: Missing hostname validation in Mailer Plugin could result in MITM",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2252"
},
{
"category": "external",
"summary": "RHBZ#1880454",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1880454"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2252",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2252"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2252",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2252"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1813",
"url": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1813"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2020/09/16/3",
"url": "https://www.openwall.com/lists/oss-security/2020/09/16/3"
}
],
"release_date": "2020-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T14:53:57+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4297"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-2-plugins/mailer: Missing hostname validation in Mailer Plugin could result in MITM"
},
{
"cve": "CVE-2020-2254",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"discovery_date": "2020-09-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1880456"
}
],
"notes": [
{
"category": "description",
"text": "Jenkins Blue Ocean Plugin 1.23.2 and earlier provides an undocumented feature flag that, when enabled, allows an attacker with Job/Configure or Job/Create permission to read arbitrary files on the Jenkins controller file system.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/blueocean: Path traversal vulnerability in Blue Ocean Plugin could allow to read arbitrary files",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2254"
},
{
"category": "external",
"summary": "RHBZ#1880456",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1880456"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2254",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2254"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2254",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2254"
},
{
"category": "external",
"summary": "http://www.openwall.com/lists/oss-security/2020/09/16/3",
"url": "http://www.openwall.com/lists/oss-security/2020/09/16/3"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1956",
"url": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1956"
}
],
"release_date": "2020-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T14:53:57+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4297"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-2-plugins/blueocean: Path traversal vulnerability in Blue Ocean Plugin could allow to read arbitrary files"
},
{
"cve": "CVE-2020-2255",
"cwe": {
"id": "CWE-862",
"name": "Missing Authorization"
},
"discovery_date": "2020-09-16T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1880460"
}
],
"notes": [
{
"category": "description",
"text": "A missing permission check in Jenkins Blue Ocean Plugin 1.23.2 and earlier allows attackers with Overall/Read permission to connect to an attacker-specified URL.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "jenkins-2-plugins/blueocean: Blue Ocean Plugin does not perform permission checks in several HTTP endpoints implementing connection tests.",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-2255"
},
{
"category": "external",
"summary": "RHBZ#1880460",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1880460"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-2255",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-2255"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-2255",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-2255"
},
{
"category": "external",
"summary": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1961",
"url": "https://www.jenkins.io/security/advisory/2020-09-16/#SECURITY-1961"
},
{
"category": "external",
"summary": "https://www.openwall.com/lists/oss-security/2020/09/16/3",
"url": "https://www.openwall.com/lists/oss-security/2020/09/16/3"
}
],
"release_date": "2020-09-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T14:53:57+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4297"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "jenkins-2-plugins/blueocean: Blue Ocean Plugin does not perform permission checks in several HTTP endpoints implementing connection tests."
},
{
"acknowledgments": [
{
"names": [
"the Kubernetes Product Security Committee"
]
},
{
"names": [
"Nikolaos Moraitis"
],
"organization": "Red Hat",
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2020-8564",
"cwe": {
"id": "CWE-117",
"name": "Improper Output Neutralization for Logs"
},
"discovery_date": "2020-10-09T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1886637"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in kubernetes. In Kubernetes, if the logging level is to at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. This can occur with client tools like `kubectl`, or other components that use registry credentials in a docker config file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "kubernetes: Docker config secrets leaked when file is malformed and loglevel \u003e= 4",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-8564"
},
{
"category": "external",
"summary": "RHBZ#1886637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1886637"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-8564",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8564"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-8564",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-8564"
},
{
"category": "external",
"summary": "https://github.com/kubernetes/kubernetes/issues/95622",
"url": "https://github.com/kubernetes/kubernetes/issues/95622"
},
{
"category": "external",
"summary": "https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk",
"url": "https://groups.google.com/g/kubernetes-announce/c/ScdmyORnPDk"
}
],
"release_date": "2020-10-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T14:53:57+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4297"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "kubernetes: Docker config secrets leaked when file is malformed and loglevel \u003e= 4"
},
{
"cve": "CVE-2020-14040",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2020-06-17T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1853652"
}
],
"notes": [
{
"category": "description",
"text": "A denial of service vulnerability was found in the golang.org/x/text library. A library or application must use one of the vulnerable functions, such as unicode.Transform, transform.String, or transform.Byte, to be susceptible to this vulnerability. If an attacker is able to supply specific characters or strings to the vulnerable application, there is the potential to cause an infinite loop to occur using more memory, resulting in a denial of service.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "* OpenShift ServiceMesh (OSSM) 1.0 is Out Of Support Scope (OOSS) for Moderate and Low impact vulnerabilities. Jaeger was packaged with ServiceMesh in 1.0, and hence is also marked OOSS, but the Jaeger-Operator is a standalone product and is affected by this vulnerability.\n\n* Because Service Telemetry Framework does not directly use unicode.UTF16, no update will be provided at this time for STF\u0027s sg-core-container.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14040"
},
{
"category": "external",
"summary": "RHBZ#1853652",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1853652"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14040",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14040"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14040",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14040"
},
{
"category": "external",
"summary": "https://github.com/golang/go/issues/39491",
"url": "https://github.com/golang/go/issues/39491"
},
{
"category": "external",
"summary": "https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0",
"url": "https://groups.google.com/forum/#!topic/golang-announce/bXVeAmGOqz0"
}
],
"release_date": "2020-06-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T14:53:57+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4297"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash"
},
{
"cve": "CVE-2020-14370",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2020-07-30T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1874268"
}
],
"notes": [
{
"category": "description",
"text": "An information disclosure flaw was found in containers/podman. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container leak into subsequent containers. This flaw allows an attacker who controls the subsequent containers to gain access to sensitive information stored in such variables. The highest threat from this vulnerability is to confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Whilst OpenShift Container Platform (OCP) does include podman, the Varlink API is not enabled by default. However, as it is trivial to activate this feature, OCP has been marked as affected.\n\nOCP 3.11 has previously packaged podman, but instead now relies on the version from rhel-extra.The older version previously packaged is not vulnerable to this CVE and hence has been marked not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14370"
},
{
"category": "external",
"summary": "RHBZ#1874268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1874268"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14370",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14370"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14370",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14370"
}
],
"release_date": "2020-09-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T14:53:57+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4297"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API"
},
{
"cve": "CVE-2020-15586",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"discovery_date": "2020-07-14T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1856953"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found Go\u0027s net/http package. Servers using ReverseProxy from net/http in the Go standard library are vulnerable to a data race that results in a denial of service. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: data race in certain net/http servers including ReverseProxy can lead to DoS",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP) components are primarily written in Go, meaning that any component using the net/http package includes the vulnerable code. OCP server endpoints using ReverseProxy are protected by authentication, reducing the severity of this vulnerability to Low for OCP.\n\nSimilar to OCP, OpenShift ServiceMesh (OSSM), RedHat OpenShift Jaeger (RHOSJ) and OpenShift Virtualization are also primarily written in Go and are protected via authentication, reducing the severity of this vulnerability to Low.\n\nRed Hat Gluster Storage 3 and Red Hat Openshift Container Storage 4 components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.\n\nRed Hat Ceph Storage 3 and 4 components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64"
],
"known_not_affected": [
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-15586"
},
{
"category": "external",
"summary": "RHBZ#1856953",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1856953"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-15586",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15586"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-15586",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-15586"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ",
"url": "https://groups.google.com/g/golang-announce/c/XZNfaiwgt2w/m/E6gHDs32AQAJ"
}
],
"release_date": "2020-07-14T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T14:53:57+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4297"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: data race in certain net/http servers including ReverseProxy can lead to DoS"
},
{
"cve": "CVE-2020-16845",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"discovery_date": "2020-08-07T00:00:00+00:00",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1867099"
}
],
"notes": [
{
"category": "description",
"text": "A flaw was found in the Go encoding/binary package. Certain invalid inputs to the ReadUvarint or the ReadVarint causes those functions to read an unlimited number of bytes from the ByteReader argument before returning an error. This flaw possibly leads to processing more input than expected. The highest threat from this vulnerability is to system availability.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "OpenShift Container Platform (OCP), OpenShift ServiceMesh (OSSM), RedHat OpenShift Jaeger (RHOSJ) and OpenShift Virtualization components are primarily written in Go, meaning that any component using the encoding/binary package includes the vulnerable code. The affected components are behind OpenShift OAuth authentication, therefore the impact is low.\n\nRed Hat Gluster Storage 3, Red Hat OpenShift Container Storage 4 and Red Hat Ceph Storage (3 and 4) components are built with the affected version of Go, however the vulnerable functionality is currently not used by these products and hence this issue has been rated as having a security impact of Low.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64"
],
"known_not_affected": [
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-16845"
},
{
"category": "external",
"summary": "RHBZ#1867099",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1867099"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-16845",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16845"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-16845",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-16845"
},
{
"category": "external",
"summary": "https://groups.google.com/g/golang-announce/c/NyPIaucMgXo",
"url": "https://groups.google.com/g/golang-announce/c/NyPIaucMgXo"
}
],
"release_date": "2020-08-06T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2020-10-27T14:53:57+00:00",
"details": "For OpenShift Container Platform 4.6 see the following documentation, which\nwill be updated shortly for this release, for important instructions on how\nto upgrade your cluster and fully apply this asynchronous errata update:\n\nhttps://docs.openshift.com/container-platform/4.6/release_notes/ocp-4-6-release-notes.html\n\nDetails on how to access this content are available at\nhttps://docs.openshift.com/container-platform/4.6/updating/updating-cluster-cli.html.",
"product_ids": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2020:4297"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.src",
"7Server-RH7-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.src",
"7Server-RH7-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"7Server-RH7-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el7.x86_64",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:containers-common-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.noarch",
"8Base-RHOSE-4.6:jenkins-2-plugins-0:4.6.1601368321-1.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.ppc64le",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.s390x",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.src",
"8Base-RHOSE-4.6:openshift-clients-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:openshift-clients-redistributable-0:4.6.0-202010081244.p0.git.3794.4743d24.el8.x86_64",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:podman-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-debugsource-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-docker-0:1.9.3-3.rhaos4.6.el8.noarch",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-remote-debuginfo-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:podman-tests-0:1.9.3-3.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.src",
"8Base-RHOSE-4.6:runc-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debuginfo-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.ppc64le",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.s390x",
"8Base-RHOSE-4.6:runc-debugsource-0:1.0.0-81.rhaos4.6.git5b757d4.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.src",
"8Base-RHOSE-4.6:skopeo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debuginfo-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-debugsource-1:1.1.1-2.rhaos4.6.el8.x86_64",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.ppc64le",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.s390x",
"8Base-RHOSE-4.6:skopeo-tests-1:1.1.1-2.rhaos4.6.el8.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "golang: ReadUvarint and ReadVarint can read an unlimited number of bytes from invalid inputs"
}
]
}
RHSA-2021:0531
Vulnerability from csaf_redhat - Published: 2021-02-16 14:25 - Updated: 2025-11-21 18:20Summary
Red Hat Security Advisory: container-tools:rhel8 security, bug fix, and enhancement update
Notes
Topic
An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.
Security Fix(es):
* podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API (CVE-2020-14370)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for the container-tools:rhel8 module is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.\n\nSecurity Fix(es):\n\n* podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API (CVE-2020-14370)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2021:0531",
"url": "https://access.redhat.com/errata/RHSA-2021:0531"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/",
"url": "https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.3_release_notes/"
},
{
"category": "external",
"summary": "1678546",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1678546"
},
{
"category": "external",
"summary": "1701359",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701359"
},
{
"category": "external",
"summary": "1701361",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1701361"
},
{
"category": "external",
"summary": "1843168",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1843168"
},
{
"category": "external",
"summary": "1846629",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1846629"
},
{
"category": "external",
"summary": "1848150",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1848150"
},
{
"category": "external",
"summary": "1873064",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1873064"
},
{
"category": "external",
"summary": "1873204",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1873204"
},
{
"category": "external",
"summary": "1874268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1874268"
},
{
"category": "external",
"summary": "1876576",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1876576"
},
{
"category": "external",
"summary": "1877865",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1877865"
},
{
"category": "external",
"summary": "1880987",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1880987"
},
{
"category": "external",
"summary": "1881218",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1881218"
},
{
"category": "external",
"summary": "1883945",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1883945"
},
{
"category": "external",
"summary": "1884668",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1884668"
},
{
"category": "external",
"summary": "1895105",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1895105"
},
{
"category": "external",
"summary": "1897012",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1897012"
},
{
"category": "external",
"summary": "1898911",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1898911"
},
{
"category": "external",
"summary": "1902673",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1902673"
},
{
"category": "external",
"summary": "1903412",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1903412"
},
{
"category": "external",
"summary": "1925928",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1925928"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2021/rhsa-2021_0531.json"
}
],
"title": "Red Hat Security Advisory: container-tools:rhel8 security, bug fix, and enhancement update",
"tracking": {
"current_release_date": "2025-11-21T18:20:21+00:00",
"generator": {
"date": "2025-11-21T18:20:21+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2021:0531",
"initial_release_date": "2021-02-16T14:25:28+00:00",
"revision_history": [
{
"date": "2021-02-16T14:25:28+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2021-02-16T14:25:28+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T18:20:21+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::appstream"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debuginfo@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debugsource@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon@2.0.22-3.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026epoch=2\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon-debuginfo@2.0.22-3.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026epoch=2\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon-debugsource@2.0.22-3.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026epoch=2\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@0.9.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debuginfo@0.9.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debugsource@0.9.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containers-common@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026epoch=1\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crit@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/criu@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/criu-debuginfo@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/criu-debugsource@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crun@0.16-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crun-debuginfo@0.16-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crun-debugsource@0.16-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fuse-overlayfs@1.3.0-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fuse-overlayfs-debuginfo@1.3.0-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fuse-overlayfs-debugsource@1.3.0-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64::container-tools:rhel8",
"product": {
"name": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64 (container-tools:rhel8)",
"product_id": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64::container-tools:rhel8",
"product": {
"name": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64 (container-tools:rhel8)",
"product_id": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp-debuginfo@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64::container-tools:rhel8",
"product": {
"name": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64 (container-tools:rhel8)",
"product_id": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp-debugsource@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64::container-tools:rhel8",
"product": {
"name": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64 (container-tools:rhel8)",
"product_id": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp-devel@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/oci-seccomp-bpf-hook@1.2.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/oci-seccomp-bpf-hook-debuginfo@1.2.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/oci-seccomp-bpf-hook-debugsource@1.2.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit-debuginfo@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-criu@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.0.0-70.rc92.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.0.0-70.rc92.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debugsource@1.0.0-70.rc92.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026epoch=1\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026epoch=1\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026epoch=1\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026epoch=1\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slirp4netns@1.1.8-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slirp4netns-debuginfo@1.1.8-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product": {
"name": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8)",
"product_id": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slirp4netns-debugsource@1.1.8-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=aarch64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"product": {
"name": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.src (container-tools:rhel8)",
"product_id": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=src\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"product": {
"name": "cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.src (container-tools:rhel8)",
"product_id": "cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cockpit-podman@27.1-3.module%2Bel8.3.1%2B9857%2B68fb1526?arch=src\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"product": {
"name": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.src (container-tools:rhel8)",
"product_id": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon@2.0.22-3.module%2Bel8.3.1%2B9857%2B68fb1526?arch=src\u0026epoch=2\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"product": {
"name": "container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.src (container-tools:rhel8)",
"product_id": "container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/container-selinux@2.155.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=src\u0026epoch=2\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"product": {
"name": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.src (container-tools:rhel8)",
"product_id": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@0.9.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=src\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"product": {
"name": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.src (container-tools:rhel8)",
"product_id": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/criu@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=src\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"product": {
"name": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.src (container-tools:rhel8)",
"product_id": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crun@0.16-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=src\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"product": {
"name": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.src (container-tools:rhel8)",
"product_id": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fuse-overlayfs@1.3.0-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=src\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.src::container-tools:rhel8",
"product": {
"name": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.src (container-tools:rhel8)",
"product_id": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.src::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=src\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"product": {
"name": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.src (container-tools:rhel8)",
"product_id": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/oci-seccomp-bpf-hook@1.2.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=src\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"product": {
"name": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.src (container-tools:rhel8)",
"product_id": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=src\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"product": {
"name": "python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.src (container-tools:rhel8)",
"product_id": "python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-podman-api@1.2.0-0.2.gitd0a45fe.module%2Bel8.3.1%2B9857%2B68fb1526?arch=src\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"product": {
"name": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.src (container-tools:rhel8)",
"product_id": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.0.0-70.rc92.module%2Bel8.3.1%2B9857%2B68fb1526?arch=src\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"product": {
"name": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.src (container-tools:rhel8)",
"product_id": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=src\u0026epoch=1\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"product": {
"name": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.src (container-tools:rhel8)",
"product_id": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slirp4netns@1.1.8-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=src\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"product": {
"name": "toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.src (container-tools:rhel8)",
"product_id": "toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox@0.0.8-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=src\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"product": {
"name": "udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.src (container-tools:rhel8)",
"product_id": "udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/udica@0.2.4-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=src\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"product": {
"name": "cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.noarch (container-tools:rhel8)",
"product_id": "cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/cockpit-podman@27.1-3.module%2Bel8.3.1%2B9857%2B68fb1526?arch=noarch\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"product": {
"name": "container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.noarch (container-tools:rhel8)",
"product_id": "container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/container-selinux@2.155.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=noarch\u0026epoch=2\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-docker-0:2.2.1-7.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"product": {
"name": "podman-docker-0:2.2.1-7.module+el8.3.1+9857+68fb1526.noarch (container-tools:rhel8)",
"product_id": "podman-docker-0:2.2.1-7.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-docker@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=noarch\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"product": {
"name": "python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.noarch (container-tools:rhel8)",
"product_id": "python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-podman-api@1.2.0-0.2.gitd0a45fe.module%2Bel8.3.1%2B9857%2B68fb1526?arch=noarch\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"product": {
"name": "toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.noarch (container-tools:rhel8)",
"product_id": "toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/toolbox@0.0.8-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=noarch\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"product": {
"name": "udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.noarch (container-tools:rhel8)",
"product_id": "udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/udica@0.2.4-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=noarch\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debuginfo@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debugsource@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon@2.0.22-3.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026epoch=2\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon-debuginfo@2.0.22-3.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026epoch=2\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon-debugsource@2.0.22-3.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026epoch=2\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@0.9.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debuginfo@0.9.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debugsource@0.9.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containers-common@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026epoch=1\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crit@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/criu@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/criu-debuginfo@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/criu-debugsource@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crun@0.16-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crun-debuginfo@0.16-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crun-debugsource@0.16-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fuse-overlayfs@1.3.0-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fuse-overlayfs-debuginfo@1.3.0-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fuse-overlayfs-debugsource@1.3.0-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le::container-tools:rhel8",
"product": {
"name": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le (container-tools:rhel8)",
"product_id": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le::container-tools:rhel8",
"product": {
"name": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le (container-tools:rhel8)",
"product_id": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp-debuginfo@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le::container-tools:rhel8",
"product": {
"name": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le (container-tools:rhel8)",
"product_id": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp-debugsource@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le::container-tools:rhel8",
"product": {
"name": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le (container-tools:rhel8)",
"product_id": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp-devel@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/oci-seccomp-bpf-hook@1.2.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/oci-seccomp-bpf-hook-debuginfo@1.2.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/oci-seccomp-bpf-hook-debugsource@1.2.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit-debuginfo@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-criu@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.0.0-70.rc92.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.0.0-70.rc92.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debugsource@1.0.0-70.rc92.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026epoch=1\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026epoch=1\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026epoch=1\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026epoch=1\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slirp4netns@1.1.8-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slirp4netns-debuginfo@1.1.8-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product": {
"name": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8)",
"product_id": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slirp4netns-debugsource@1.1.8-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=ppc64le\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debuginfo@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debugsource@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon@2.0.22-3.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026epoch=2\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon-debuginfo@2.0.22-3.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026epoch=2\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon-debugsource@2.0.22-3.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026epoch=2\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@0.9.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debuginfo@0.9.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debugsource@0.9.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containers-common@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026epoch=1\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crit@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/criu@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/criu-debuginfo@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/criu-debugsource@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crun@0.16-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crun-debuginfo@0.16-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crun-debugsource@0.16-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fuse-overlayfs@1.3.0-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fuse-overlayfs-debuginfo@1.3.0-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fuse-overlayfs-debugsource@1.3.0-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x::container-tools:rhel8",
"product": {
"name": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x (container-tools:rhel8)",
"product_id": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x::container-tools:rhel8",
"product": {
"name": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x (container-tools:rhel8)",
"product_id": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp-debuginfo@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x::container-tools:rhel8",
"product": {
"name": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x (container-tools:rhel8)",
"product_id": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp-debugsource@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x::container-tools:rhel8",
"product": {
"name": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x (container-tools:rhel8)",
"product_id": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp-devel@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/oci-seccomp-bpf-hook@1.2.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/oci-seccomp-bpf-hook-debuginfo@1.2.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/oci-seccomp-bpf-hook-debugsource@1.2.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit-debuginfo@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-criu@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.0.0-70.rc92.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.0.0-70.rc92.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debugsource@1.0.0-70.rc92.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026epoch=1\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026epoch=1\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026epoch=1\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026epoch=1\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slirp4netns@1.1.8-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slirp4netns-debuginfo@1.1.8-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product": {
"name": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8)",
"product_id": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slirp4netns-debugsource@1.1.8-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=s390x\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debuginfo@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-debugsource@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/buildah-tests-debuginfo@1.16.7-4.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon@2.0.22-3.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026epoch=2\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon-debuginfo@2.0.22-3.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026epoch=2\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/conmon-debugsource@2.0.22-3.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026epoch=2\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins@0.9.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debuginfo@0.9.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containernetworking-plugins-debugsource@0.9.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/containers-common@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026epoch=1\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crit@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/criu@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/criu-debuginfo@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/criu-debugsource@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crun@0.16-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crun-debuginfo@0.16-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/crun-debugsource@0.16-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fuse-overlayfs@1.3.0-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fuse-overlayfs-debuginfo@1.3.0-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/fuse-overlayfs-debugsource@1.3.0-2.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64::container-tools:rhel8",
"product": {
"name": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64 (container-tools:rhel8)",
"product_id": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64::container-tools:rhel8",
"product": {
"name": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64 (container-tools:rhel8)",
"product_id": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp-debuginfo@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64::container-tools:rhel8",
"product": {
"name": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64 (container-tools:rhel8)",
"product_id": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp-debugsource@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64::container-tools:rhel8",
"product": {
"name": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64 (container-tools:rhel8)",
"product_id": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/libslirp-devel@4.3.1-1.module%2Bel8.3.1%2B9803%2B64eb0fd6?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/oci-seccomp-bpf-hook@1.2.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/oci-seccomp-bpf-hook-debuginfo@1.2.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/oci-seccomp-bpf-hook-debugsource@1.2.0-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-catatonit-debuginfo@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debuginfo@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-debugsource@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-plugins-debuginfo@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-remote-debuginfo@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/podman-tests@2.2.1-7.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python3-criu@3.15-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc@1.0.0-70.rc92.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debuginfo@1.0.0-70.rc92.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/runc-debugsource@1.0.0-70.rc92.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026epoch=1\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debuginfo@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026epoch=1\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-debugsource@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026epoch=1\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/skopeo-tests@1.2.0-9.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026epoch=1\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slirp4netns@1.1.8-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slirp4netns-debuginfo@1.1.8-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
},
{
"category": "product_version",
"name": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product": {
"name": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8)",
"product_id": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/slirp4netns-debugsource@1.1.8-1.module%2Bel8.3.1%2B9857%2B68fb1526?arch=x86_64\u0026rpmmod=container-tools:rhel8:8030120210208205200:c127ee91"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.src (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8"
},
"product_reference": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.noarch (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8"
},
"product_reference": "cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.src (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8"
},
"product_reference": "cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.src (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8"
},
"product_reference": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.noarch (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8"
},
"product_reference": "container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.src (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8"
},
"product_reference": "container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.src (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8"
},
"product_reference": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:crit-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:crit-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:crit-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:crit-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "crit-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.src (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8"
},
"product_reference": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.src (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8"
},
"product_reference": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "crun-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.src (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8"
},
"product_reference": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64::container-tools:rhel8"
},
"product_reference": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le::container-tools:rhel8"
},
"product_reference": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x::container-tools:rhel8"
},
"product_reference": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.src (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.src::container-tools:rhel8"
},
"product_reference": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.src::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64::container-tools:rhel8"
},
"product_reference": "libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64::container-tools:rhel8"
},
"product_reference": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le::container-tools:rhel8"
},
"product_reference": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x::container-tools:rhel8"
},
"product_reference": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64::container-tools:rhel8"
},
"product_reference": "libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64::container-tools:rhel8"
},
"product_reference": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le::container-tools:rhel8"
},
"product_reference": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x::container-tools:rhel8"
},
"product_reference": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64::container-tools:rhel8"
},
"product_reference": "libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64::container-tools:rhel8"
},
"product_reference": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le::container-tools:rhel8"
},
"product_reference": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x::container-tools:rhel8"
},
"product_reference": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64::container-tools:rhel8"
},
"product_reference": "libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.src (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8"
},
"product_reference": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.src (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8"
},
"product_reference": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-0:2.2.1-7.module+el8.3.1+9857+68fb1526.noarch (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-docker-0:2.2.1-7.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8"
},
"product_reference": "podman-docker-0:2.2.1-7.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.noarch (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8"
},
"product_reference": "python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.src (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8"
},
"product_reference": "python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.src (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8"
},
"product_reference": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.src (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8"
},
"product_reference": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.src (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8"
},
"product_reference": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8"
},
"product_reference": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8"
},
"product_reference": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8"
},
"product_reference": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64 (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8"
},
"product_reference": "slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.noarch (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8"
},
"product_reference": "toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.src (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8"
},
"product_reference": "toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.noarch (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8"
},
"product_reference": "udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.src (container-tools:rhel8) as a component of Red Hat Enterprise Linux AppStream (v. 8)",
"product_id": "AppStream-8.3.1.MAIN:udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8"
},
"product_reference": "udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"relates_to_product_reference": "AppStream-8.3.1.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-14370",
"cwe": {
"id": "CWE-212",
"name": "Improper Removal of Sensitive Information Before Storage or Transfer"
},
"discovery_date": "2020-07-30T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1874268"
}
],
"notes": [
{
"category": "description",
"text": "An information disclosure flaw was found in containers/podman. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container leak into subsequent containers. This flaw allows an attacker who controls the subsequent containers to gain access to sensitive information stored in such variables. The highest threat from this vulnerability is to confidentiality.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API",
"title": "Vulnerability summary"
},
{
"category": "other",
"text": "Whilst OpenShift Container Platform (OCP) does include podman, the Varlink API is not enabled by default. However, as it is trivial to activate this feature, OCP has been marked as affected.\n\nOCP 3.11 has previously packaged podman, but instead now relies on the version from rhel-extra.The older version previously packaged is not vulnerable to this CVE and hence has been marked not affected.",
"title": "Statement"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"AppStream-8.3.1.MAIN:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"AppStream-8.3.1.MAIN:cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"AppStream-8.3.1.MAIN:container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crit-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crit-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crit-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crit-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-docker-0:2.2.1-7.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"AppStream-8.3.1.MAIN:python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"AppStream-8.3.1.MAIN:toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"AppStream-8.3.1.MAIN:udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2020-14370"
},
{
"category": "external",
"summary": "RHBZ#1874268",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1874268"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2020-14370",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14370"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2020-14370",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14370"
}
],
"release_date": "2020-09-22T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2021-02-16T14:25:28+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"AppStream-8.3.1.MAIN:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"AppStream-8.3.1.MAIN:cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"AppStream-8.3.1.MAIN:container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crit-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crit-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crit-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crit-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-docker-0:2.2.1-7.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"AppStream-8.3.1.MAIN:python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"AppStream-8.3.1.MAIN:toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"AppStream-8.3.1.MAIN:udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2021:0531"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"AppStream-8.3.1.MAIN:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-debugsource-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-tests-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:buildah-tests-debuginfo-0:1.16.7-4.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"AppStream-8.3.1.MAIN:cockpit-podman-0:27.1-3.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-debuginfo-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:conmon-debugsource-2:2.0.22-3.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"AppStream-8.3.1.MAIN:container-selinux-2:2.155.0-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-debuginfo-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containernetworking-plugins-debugsource-0:0.9.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:containers-common-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crit-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crit-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crit-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crit-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-debuginfo-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:criu-debugsource-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-debuginfo-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:crun-debugsource-0:0.16-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-debuginfo-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:fuse-overlayfs-debugsource-0:1.3.0-2.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-debuginfo-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-debugsource-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:libslirp-devel-0:4.3.1-1.module+el8.3.1+9803+64eb0fd6.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-debuginfo-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:oci-seccomp-bpf-hook-debugsource-0:1.2.0-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-catatonit-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-catatonit-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-debugsource-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-docker-0:2.2.1-7.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-plugins-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-plugins-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-remote-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-remote-debuginfo-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:podman-tests-0:2.2.1-7.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"AppStream-8.3.1.MAIN:python-podman-api-0:1.2.0-0.2.gitd0a45fe.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:python3-criu-0:3.15-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-debuginfo-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:runc-debugsource-0:1.0.0-70.rc92.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-debuginfo-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-debugsource-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:skopeo-tests-1:1.2.0-9.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-debuginfo-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.aarch64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.ppc64le::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.s390x::container-tools:rhel8",
"AppStream-8.3.1.MAIN:slirp4netns-debugsource-0:1.1.8-1.module+el8.3.1+9857+68fb1526.x86_64::container-tools:rhel8",
"AppStream-8.3.1.MAIN:toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"AppStream-8.3.1.MAIN:toolbox-0:0.0.8-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8",
"AppStream-8.3.1.MAIN:udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.noarch::container-tools:rhel8",
"AppStream-8.3.1.MAIN:udica-0:0.2.4-1.module+el8.3.1+9857+68fb1526.src::container-tools:rhel8"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API"
}
]
}
FKIE_CVE-2020-14370
Vulnerability from fkie_nvd - Published: 2020-09-23 13:15 - Updated: 2024-11-21 05:03
Severity ?
Summary
An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| podman_project | podman | * | |
| redhat | openshift_container_platform | 4.6 | |
| redhat | enterprise_linux | 7.0 | |
| redhat | enterprise_linux | 8.0 | |
| fedoraproject | fedora | 31 | |
| fedoraproject | fedora | 32 | |
| fedoraproject | fedora | 33 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:podman_project:podman:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4DABB4A8-CEC4-4DDF-BE1F-DDCDAC501A1E",
"versionEndExcluding": "2.0.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.6:*:*:*:*:*:*:*",
"matchCriteriaId": "6B62E762-2878-455A-93C9-A5DB430D7BB5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"matchCriteriaId": "80F0FA5D-8D3B-4C0E-81E2-87998286AF33",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
"matchCriteriaId": "36D96259-24BD-44E2-96D9-78CE1D41F956",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
"matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en containers/podman en versiones anteriores a 2.0.5.\u0026#xa0;Cuando se usa la API Varlink obsoleta o la API REST compatible con Docker, si son creados varios contenedores en un per\u00edodo corto, las variables de entorno desde el primer contenedor son filtradas hacia los contenedores posteriores.\u0026#xa0;Un atacante que tenga control sobre los contenedores posteriores podr\u00eda usar este fallo para conseguir acceso a informaci\u00f3n confidencial almacenada en tales variables"
}
],
"id": "CVE-2020-14370",
"lastModified": "2024-11-21T05:03:06.747",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-09-23T13:15:15.563",
"references": [
{
"source": "secalert@redhat.com",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1874268"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G6BPCZX4ASKNONL3MSCK564IVXNYSKLP/"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y74V7HGQBNLT6XECCSNZNFZIB7G7XSAR/"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z4Y2FSGQWP4AFT5AZ6UBN6RKHVXUBRFV/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1874268"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/G6BPCZX4ASKNONL3MSCK564IVXNYSKLP/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y74V7HGQBNLT6XECCSNZNFZIB7G7XSAR/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z4Y2FSGQWP4AFT5AZ6UBN6RKHVXUBRFV/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-212"
}
],
"source": "secalert@redhat.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-212"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GSD-2020-14370
Vulnerability from gsd - Updated: 2023-12-13 01:22Details
An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2020-14370",
"description": "An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.",
"id": "GSD-2020-14370",
"references": [
"https://www.suse.com/security/cve/CVE-2020-14370.html",
"https://access.redhat.com/errata/RHSA-2021:0531",
"https://access.redhat.com/errata/RHSA-2020:5056",
"https://access.redhat.com/errata/RHSA-2020:4297",
"https://security.archlinux.org/CVE-2020-14370",
"https://linux.oracle.com/cve/CVE-2020-14370.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2020-14370"
],
"details": "An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.",
"id": "GSD-2020-14370",
"modified": "2023-12-13T01:22:00.060007Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2020-14370",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "podman",
"version": {
"version_data": [
{
"version_value": "podman versions before 2.0.5"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-212"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1874268",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1874268"
},
{
"name": "FEDORA-2020-76fcd0ba34",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G6BPCZX4ASKNONL3MSCK564IVXNYSKLP/"
},
{
"name": "FEDORA-2020-7b6058fec9",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y74V7HGQBNLT6XECCSNZNFZIB7G7XSAR/"
},
{
"name": "FEDORA-2020-3a4b8fca5e",
"refsource": "FEDORA",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z4Y2FSGQWP4AFT5AZ6UBN6RKHVXUBRFV/"
}
]
}
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003cv2.0.5",
"affected_versions": "All versions before 2.0.5",
"cvss_v2": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"cvss_v3": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-212",
"CWE-937"
],
"date": "2021-11-04",
"description": "An information disclosure vulnerability was found in `containers/podman` When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.",
"fixed_versions": [
"v2.0.5"
],
"identifier": "CVE-2020-14370",
"identifiers": [
"CVE-2020-14370"
],
"not_impacted": "All versions starting from 2.0.5",
"package_slug": "go/github.com/containers/podman",
"pubdate": "2020-09-23",
"solution": "Upgrade to version 2.0.5 or above.",
"title": "Information Exposure",
"urls": [
"https://nvd.nist.gov/vuln/detail/CVE-2020-14370",
"https://bugzilla.redhat.com/show_bug.cgi?id=1874268"
],
"uuid": "f5ffe2c6-f737-4ad4-920e-f0489f3ad751",
"versions": [
{
"commit": {
"sha": "d0c3c6b64bd01f6ab189286b4f2d6a0a07d75559",
"tags": [
"v2.0.5"
],
"timestamp": "20200824191809"
},
"number": "v2.0.5"
}
]
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:podman_project:podman:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "2.0.5",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:openshift_container_platform:4.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2020-14370"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-212"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1874268",
"refsource": "MISC",
"tags": [
"Issue Tracking",
"Patch",
"Third Party Advisory"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1874268"
},
{
"name": "FEDORA-2020-76fcd0ba34",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G6BPCZX4ASKNONL3MSCK564IVXNYSKLP/"
},
{
"name": "FEDORA-2020-7b6058fec9",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y74V7HGQBNLT6XECCSNZNFZIB7G7XSAR/"
},
{
"name": "FEDORA-2020-3a4b8fca5e",
"refsource": "FEDORA",
"tags": [
"Mailing List",
"Third Party Advisory"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z4Y2FSGQWP4AFT5AZ6UBN6RKHVXUBRFV/"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 4.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6
}
},
"lastModifiedDate": "2022-11-07T20:15Z",
"publishedDate": "2020-09-23T13:15Z"
}
}
}
OPENSUSE-SU-2020:2039-1
Vulnerability from csaf_opensuse - Published: 2020-11-26 15:28 - Updated: 2020-11-26 15:28Summary
Security update for podman
Notes
Title of the patch
Security update for podman
Description of the patch
This update for podman fixes the following issues:
Security issue fixed:
- This release resolves CVE-2020-14370, in which environment variables could be leaked between containers created using the Varlink API (bsc#1176804).
Non-security issues fixed:
- add dependency to timezone package or podman fails to build a
container (bsc#1178122)
- Install new auto-update system units
- Update to v2.1.1 (bsc#1178392):
* Changes
- The `podman info` command now includes the cgroup manager
Podman is using.
* API
- The REST API now includes a Server header in all responses.
- Fixed a bug where the Libpod and Compat Attach endpoints
could terminate early, before sending all output from the
container.
- Fixed a bug where the Compat Create endpoint for containers
did not properly handle the Interactive parameter.
- Fixed a bug where the Compat Kill endpoint for containers
could continue to run after a fatal error.
- Fixed a bug where the Limit parameter of the Compat List
endpoint for Containers did not properly handle a limit of 0
(returning nothing, instead of all containers) [#7722].
- The Libpod Stats endpoint for containers is being deprecated
and will be replaced by a similar endpoint with additional
features in a future release.
- Changes in v2.1.0
* Features
- A new command, `podman image mount`, has been added. This
allows for an image to be mounted, read-only, to inspect its
contents without creating a container from it [#1433].
- The `podman save` and `podman load` commands can now create
and load archives containing multiple images [#2669].
- Rootless Podman now supports all `podman network` commands,
and rootless containers can now be joined to networks.
- The performance of `podman build` on `ADD` and `COPY`
instructions has been greatly improved, especially when a
`.dockerignore` is present.
- The `podman run` and `podman create` commands now support a
new mode for the `--cgroups` option, `--cgroups=split`.
Podman will create two cgroups under the cgroup it was
launched in, one for the container and one for Conmon. This
mode is useful for running Podman in a systemd unit, as it
ensures that all processes are retained in systemd's cgroup
hierarchy [#6400].
- The `podman run` and `podman create` commands can now specify
options to slirp4netns by using the `--network` option as
follows: `--net slirp4netns:opt1,opt2`. This allows for,
among other things, switching the port forwarder used by
slirp4netns away from rootlessport.
- The `podman ps` command now features a new option,
`--storage`, to show containers from Buildah, CRI-O and other
applications.
- The `podman run` and `podman create` commands now feature a
`--sdnotify` option to control the behavior of systemd's
sdnotify with containers, enabling improved support for
Podman in `Type=notify` units.
- The `podman run` command now features a `--preserve-fds`
opton to pass file descriptors from the host into the
container [#6458].
- The `podman run` and `podman create` commands can now create
overlay volume mounts, by adding the `:O` option to a bind
mount (e.g. `-v /test:/test:O`). Overlay volume mounts will
mount a directory into a container from the host and allow
changes to it, but not write those changes back to the
directory on the host.
- The `podman play kube` command now supports the Socket
HostPath type [#7112].
- The `podman play kube` command now supports read-only mounts.
- The `podman play kube` command now supports setting labels on
pods from Kubernetes metadata labels.
- The `podman play kube` command now supports setting container
restart policy [#7656].
- The `podman play kube` command now properly handles
`HostAlias` entries.
- The `podman generate kube` command now adds entries to
`/etc/hosts` from `--host-add` generated YAML as `HostAlias`
entries.
- The `podman play kube` and `podman generate kube` commands
now properly support `shareProcessNamespace` to share the PID
namespace in pods.
- The `podman volume ls` command now supports the `dangling`
filter to identify volumes that are dangling (not attached to
any container).
- The `podman run` and `podman create` commands now feature a
`--umask` option to set the umask of the created container.
- The `podman create` and `podman run` commands now feature a
`--tz` option to set the timezone within the container [#5128].
- Environment variables for Podman can now be added in the
`containers.conf` configuration file.
- The `--mount` option of `podman run` and `podman create` now
supports a new mount type, `type=devpts`, to add a `devpts`
mount to the container. This is useful for containers that
want to mount `/dev/` from the host into the container, but
still create a terminal.
- The `--security-opt` flag to `podman run` and `podman create`
now supports a new option, `proc-opts`, to specify options
for the container's `/proc` filesystem.
- Podman with the `crun` OCI runtime now supports a new option
to `podman run` and `podman create`, `--cgroup-conf`, which
allows for advanced configuration of cgroups on cgroups v2
systems.
- The `podman create` and `podman run` commands now support a
`--override-variant` option, to override the architecture
variant of the image that will be pulled and ran.
- A new global option has been added to Podman,
`--runtime-flags`, which allows for setting flags to use when
the OCI runtime is called.
- The `podman manifest add` command now supports the
`--cert-dir`, `--auth-file`, `--creds`, and `--tls-verify`
options.
* Security
- This release resolves CVE-2020-14370, in which environment
variables could be leaked between containers created using
the Varlink API.
* Changes
- Podman will now retry pulling an image 3 times if a pull
fails due to network errors.
- The `podman exec` command would previously print error
messages (e.g. `exec session exited with non-zero exit code
-1`) when the command run exited with a non-0 exit code. It
no longer does this. The `podman exec` command will still
exit with the same exit code as the command run in the
container did.
- Error messages when creating a container or pod with a name
that is already in use have been improved.
- For read-only containers running systemd init, Podman creates
a tmpfs filesystem at `/run`. This was previously limited to
65k in size and mounted `noexec`, but is now unlimited size
and mounted `exec`.
- The `podman system reset` command no longer removes
configuration files for rootless Podman.
* API
- The Libpod API version has been bumped to v2.0.0 due to a
breaking change in the Image List API.
- Docker-compatible Volume Endpoints (Create, Inspect, List,
Remove, Prune) are now available!
- Added an endpoint for generating systemd unit files for
containers.
- The `last` parameter to the Libpod container list endpoint
now has an alias, `limit` [#6413].
- The Libpod image list API new returns timestamps in Unix
format, as integer, as opposed to as strings
- The Compat Inspect endpoint for containers now includes port
information in NetworkSettings.
- The Compat List endpoint for images now features limited
support for the (deprecated) `filter` query parameter [#6797].
- Fixed a bug where the Compat Create endpoint for containers
was not correctly handling bind mounts.
- Fixed a bug where the Compat Create endpoint for containers
would not return a 404 when the requested image was not
present.
- Fixed a bug where the Compat Create endpoint for containers
did not properly handle Entrypoint and Command from images.
- Fixed a bug where name history information was not properly
added in the Libpod Image List endpoint.
- Fixed a bug where the Libpod image search endpoint improperly
populated the Description field of responses.
- Added a `noTrunc` option to the Libpod image search endpoint.
- Fixed a bug where the Pod List API would return null, instead
of an empty array, when no pods were present [#7392].
- Fixed a bug where endpoints that hijacked would do perform
the hijack too early, before being ready to send and receive
data [#7195].
- Fixed a bug where Pod endpoints that can operate on multiple
containers at once (e.g. Kill, Pause, Unpause, Stop) would
not forward errors from individual containers that failed.
- The Compat List endpoint for networks now supports filtering
results [#7462].
- Fixed a bug where the Top endpoint for pods would return both
a 500 and 404 when run on a non-existent pod.
- Fixed a bug where Pull endpoints did not stream progress back
to the client.
- The Version endpoints (Libpod and Compat) now provide version
in a format compatible with Docker.
- All non-hijacking responses to API requests should not
include headers with the version of the server.
- Fixed a bug where Libpod and Compat Events endpoints did not
send response headers until the first event occurred [#7263].
- Fixed a bug where the Build endpoints (Compat and Libpod) did
not stream progress to the client.
- Fixed a bug where the Stats endpoints (Compat and Libpod) did
not properly handle clients disconnecting.
- Fixed a bug where the Ignore parameter to the Libpod Stop
endpoint was not performing properly.
- Fixed a bug where the Compat Logs endpoint for containers did
not stream its output in the correct format [#7196].
This update was imported from the SUSE:SLE-15-SP1:Update update project.
Patchnames
openSUSE-2020-2039
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for podman",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for podman fixes the following issues:\n\nSecurity issue fixed:\n\n- This release resolves CVE-2020-14370, in which environment variables could be leaked between containers created using the Varlink API (bsc#1176804).\n\nNon-security issues fixed:\n\n- add dependency to timezone package or podman fails to build a \n container (bsc#1178122)\n\n- Install new auto-update system units\n- Update to v2.1.1 (bsc#1178392):\n * Changes\n - The `podman info` command now includes the cgroup manager\n Podman is using.\n * API\n - The REST API now includes a Server header in all responses.\n - Fixed a bug where the Libpod and Compat Attach endpoints\n could terminate early, before sending all output from the\n container.\n - Fixed a bug where the Compat Create endpoint for containers\n did not properly handle the Interactive parameter.\n - Fixed a bug where the Compat Kill endpoint for containers\n could continue to run after a fatal error.\n - Fixed a bug where the Limit parameter of the Compat List\n endpoint for Containers did not properly handle a limit of 0\n (returning nothing, instead of all containers) [#7722].\n - The Libpod Stats endpoint for containers is being deprecated\n and will be replaced by a similar endpoint with additional\n features in a future release.\n- Changes in v2.1.0\n * Features\n - A new command, `podman image mount`, has been added. This\n allows for an image to be mounted, read-only, to inspect its\n contents without creating a container from it [#1433].\n - The `podman save` and `podman load` commands can now create\n and load archives containing multiple images [#2669].\n - Rootless Podman now supports all `podman network` commands,\n and rootless containers can now be joined to networks.\n - The performance of `podman build` on `ADD` and `COPY`\n instructions has been greatly improved, especially when a\n `.dockerignore` is present.\n - The `podman run` and `podman create` commands now support a\n new mode for the `--cgroups` option, `--cgroups=split`.\n Podman will create two cgroups under the cgroup it was\n launched in, one for the container and one for Conmon. This\n mode is useful for running Podman in a systemd unit, as it\n ensures that all processes are retained in systemd\u0027s cgroup\n hierarchy [#6400].\n - The `podman run` and `podman create` commands can now specify\n options to slirp4netns by using the `--network` option as\n follows: `--net slirp4netns:opt1,opt2`. This allows for,\n among other things, switching the port forwarder used by\n slirp4netns away from rootlessport.\n - The `podman ps` command now features a new option,\n `--storage`, to show containers from Buildah, CRI-O and other\n applications.\n - The `podman run` and `podman create` commands now feature a\n `--sdnotify` option to control the behavior of systemd\u0027s\n sdnotify with containers, enabling improved support for\n Podman in `Type=notify` units.\n - The `podman run` command now features a `--preserve-fds`\n opton to pass file descriptors from the host into the\n container [#6458].\n - The `podman run` and `podman create` commands can now create\n overlay volume mounts, by adding the `:O` option to a bind\n mount (e.g. `-v /test:/test:O`). Overlay volume mounts will\n mount a directory into a container from the host and allow\n changes to it, but not write those changes back to the\n directory on the host.\n - The `podman play kube` command now supports the Socket\n HostPath type [#7112].\n - The `podman play kube` command now supports read-only mounts.\n - The `podman play kube` command now supports setting labels on\n pods from Kubernetes metadata labels.\n - The `podman play kube` command now supports setting container\n restart policy [#7656].\n - The `podman play kube` command now properly handles\n `HostAlias` entries.\n - The `podman generate kube` command now adds entries to\n `/etc/hosts` from `--host-add` generated YAML as `HostAlias`\n entries.\n - The `podman play kube` and `podman generate kube` commands\n now properly support `shareProcessNamespace` to share the PID\n namespace in pods.\n - The `podman volume ls` command now supports the `dangling`\n filter to identify volumes that are dangling (not attached to\n any container).\n - The `podman run` and `podman create` commands now feature a\n `--umask` option to set the umask of the created container.\n - The `podman create` and `podman run` commands now feature a\n `--tz` option to set the timezone within the container [#5128].\n - Environment variables for Podman can now be added in the\n `containers.conf` configuration file.\n - The `--mount` option of `podman run` and `podman create` now\n supports a new mount type, `type=devpts`, to add a `devpts`\n mount to the container. This is useful for containers that\n want to mount `/dev/` from the host into the container, but\n still create a terminal.\n - The `--security-opt` flag to `podman run` and `podman create`\n now supports a new option, `proc-opts`, to specify options\n for the container\u0027s `/proc` filesystem.\n - Podman with the `crun` OCI runtime now supports a new option\n to `podman run` and `podman create`, `--cgroup-conf`, which\n allows for advanced configuration of cgroups on cgroups v2\n systems.\n - The `podman create` and `podman run` commands now support a\n `--override-variant` option, to override the architecture\n variant of the image that will be pulled and ran.\n - A new global option has been added to Podman,\n `--runtime-flags`, which allows for setting flags to use when\n the OCI runtime is called.\n - The `podman manifest add` command now supports the\n `--cert-dir`, `--auth-file`, `--creds`, and `--tls-verify`\n options.\n * Security\n - This release resolves CVE-2020-14370, in which environment\n variables could be leaked between containers created using\n the Varlink API.\n * Changes\n - Podman will now retry pulling an image 3 times if a pull\n fails due to network errors.\n - The `podman exec` command would previously print error\n messages (e.g. `exec session exited with non-zero exit code\n -1`) when the command run exited with a non-0 exit code. It\n no longer does this. The `podman exec` command will still\n exit with the same exit code as the command run in the\n container did.\n - Error messages when creating a container or pod with a name\n that is already in use have been improved.\n - For read-only containers running systemd init, Podman creates\n a tmpfs filesystem at `/run`. This was previously limited to\n 65k in size and mounted `noexec`, but is now unlimited size\n and mounted `exec`.\n - The `podman system reset` command no longer removes\n configuration files for rootless Podman.\n * API\n - The Libpod API version has been bumped to v2.0.0 due to a\n breaking change in the Image List API.\n - Docker-compatible Volume Endpoints (Create, Inspect, List,\n Remove, Prune) are now available!\n - Added an endpoint for generating systemd unit files for\n containers.\n - The `last` parameter to the Libpod container list endpoint\n now has an alias, `limit` [#6413].\n - The Libpod image list API new returns timestamps in Unix\n format, as integer, as opposed to as strings\n - The Compat Inspect endpoint for containers now includes port\n information in NetworkSettings.\n - The Compat List endpoint for images now features limited\n support for the (deprecated) `filter` query parameter [#6797].\n - Fixed a bug where the Compat Create endpoint for containers\n was not correctly handling bind mounts.\n - Fixed a bug where the Compat Create endpoint for containers\n would not return a 404 when the requested image was not\n present.\n - Fixed a bug where the Compat Create endpoint for containers\n did not properly handle Entrypoint and Command from images.\n - Fixed a bug where name history information was not properly\n added in the Libpod Image List endpoint.\n - Fixed a bug where the Libpod image search endpoint improperly\n populated the Description field of responses.\n - Added a `noTrunc` option to the Libpod image search endpoint.\n - Fixed a bug where the Pod List API would return null, instead\n of an empty array, when no pods were present [#7392].\n - Fixed a bug where endpoints that hijacked would do perform\n the hijack too early, before being ready to send and receive\n data [#7195].\n - Fixed a bug where Pod endpoints that can operate on multiple\n containers at once (e.g. Kill, Pause, Unpause, Stop) would\n not forward errors from individual containers that failed.\n - The Compat List endpoint for networks now supports filtering\n results [#7462].\n - Fixed a bug where the Top endpoint for pods would return both\n a 500 and 404 when run on a non-existent pod.\n - Fixed a bug where Pull endpoints did not stream progress back\n to the client.\n - The Version endpoints (Libpod and Compat) now provide version\n in a format compatible with Docker.\n - All non-hijacking responses to API requests should not\n include headers with the version of the server.\n - Fixed a bug where Libpod and Compat Events endpoints did not\n send response headers until the first event occurred [#7263].\n - Fixed a bug where the Build endpoints (Compat and Libpod) did\n not stream progress to the client.\n - Fixed a bug where the Stats endpoints (Compat and Libpod) did\n not properly handle clients disconnecting.\n - Fixed a bug where the Ignore parameter to the Libpod Stop\n endpoint was not performing properly.\n - Fixed a bug where the Compat Logs endpoint for containers did\n not stream its output in the correct format [#7196].\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2020-2039",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_2039-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2020:2039-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4AHS44MM5VJQEFYSAEM4XLRKSPLU53H7/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2020:2039-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/4AHS44MM5VJQEFYSAEM4XLRKSPLU53H7/"
},
{
"category": "self",
"summary": "SUSE Bug 1176804",
"url": "https://bugzilla.suse.com/1176804"
},
{
"category": "self",
"summary": "SUSE Bug 1178122",
"url": "https://bugzilla.suse.com/1178122"
},
{
"category": "self",
"summary": "SUSE Bug 1178392",
"url": "https://bugzilla.suse.com/1178392"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-14370 page",
"url": "https://www.suse.com/security/cve/CVE-2020-14370/"
}
],
"title": "Security update for podman",
"tracking": {
"current_release_date": "2020-11-26T15:28:10Z",
"generator": {
"date": "2020-11-26T15:28:10Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2020:2039-1",
"initial_release_date": "2020-11-26T15:28:10Z",
"revision_history": [
{
"date": "2020-11-26T15:28:10Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "podman-cni-config-2.1.1-lp151.3.25.1.noarch",
"product": {
"name": "podman-cni-config-2.1.1-lp151.3.25.1.noarch",
"product_id": "podman-cni-config-2.1.1-lp151.3.25.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-2.1.1-lp151.3.25.1.x86_64",
"product": {
"name": "podman-2.1.1-lp151.3.25.1.x86_64",
"product_id": "podman-2.1.1-lp151.3.25.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.1",
"product": {
"name": "openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.1"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-2.1.1-lp151.3.25.1.x86_64 as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:podman-2.1.1-lp151.3.25.1.x86_64"
},
"product_reference": "podman-2.1.1-lp151.3.25.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-cni-config-2.1.1-lp151.3.25.1.noarch as component of openSUSE Leap 15.1",
"product_id": "openSUSE Leap 15.1:podman-cni-config-2.1.1-lp151.3.25.1.noarch"
},
"product_reference": "podman-cni-config-2.1.1-lp151.3.25.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.1"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-14370",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-14370"
}
],
"notes": [
{
"category": "general",
"text": "An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.1:podman-2.1.1-lp151.3.25.1.x86_64",
"openSUSE Leap 15.1:podman-cni-config-2.1.1-lp151.3.25.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-14370",
"url": "https://www.suse.com/security/cve/CVE-2020-14370"
},
{
"category": "external",
"summary": "SUSE Bug 1176804 for CVE-2020-14370",
"url": "https://bugzilla.suse.com/1176804"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.1:podman-2.1.1-lp151.3.25.1.x86_64",
"openSUSE Leap 15.1:podman-cni-config-2.1.1-lp151.3.25.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.1:podman-2.1.1-lp151.3.25.1.x86_64",
"openSUSE Leap 15.1:podman-cni-config-2.1.1-lp151.3.25.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-26T15:28:10Z",
"details": "moderate"
}
],
"title": "CVE-2020-14370"
}
]
}
OPENSUSE-SU-2022:23018-1
Vulnerability from csaf_opensuse - Published: 2022-03-04 07:31 - Updated: 2022-03-04 07:31Summary
Security update for conmon, libcontainers-common, libseccomp, podman
Notes
Title of the patch
Security update for conmon, libcontainers-common, libseccomp, podman
Description of the patch
This update for conmon, libcontainers-common, libseccomp, podman fixes the following issues:
podman was updated to 3.4.4.
Security issues fixed:
- fix CVE-2021-41190 [bsc#1193273], opencontainers: OCI manifest and index parsing confusion
- fix CVE-2021-4024 [bsc#1193166], podman machine spawns gvproxy with port binded to all IPs
- fix CVE-2021-20199 [bsc#1181640], Remote traffic to rootless containers is seen as orginating from localhost
- Add: Provides: podman:/usr/bin/podman-remote subpackage for a clearer upgrade
path from podman < 3.1.2
Update to version 3.4.4:
* Bugfixes
- Fixed a bug where the podman exec command would, under some circumstances,
print a warning message about failing to move conmon to the appropriate cgroup (#12535).
- Fixed a bug where named volumes created as part of container creation
(e.g. podman run --volume avolume:/a/mountpoint or similar) would be
mounted with incorrect permissions (#12523).
- Fixed a bug where the podman-remote create and podman-remote run commands
did not properly handle the --entrypoint='' option (to clear the container's entrypoint) (#12521).
- Update to version 3.4.3:
* Security
- This release addresses CVE-2021-4024, where the podman machine command opened the gvproxy API (used to forward ports to podman machine VMs) to the public internet on port 7777.
- This release addresses CVE-2021-41190, where incomplete specification of behavior regarding image manifests could lead to inconsistent decoding on different clients.
* Features
- The --secret type=mount option to podman create and podman run supports a new option, target=, which specifies where in the container the secret will be mounted (#12287).
* Bugfixes
- Fixed a bug where rootless Podman would occasionally print warning messages about failing to move the pause process to a new cgroup (#12065).
- Fixed a bug where the podman run and podman create commands would, when pulling images, still require TLS even with registries set to Insecure via config file (#11933).
- Fixed a bug where the podman generate systemd command generated units that depended on multi-user.target, which has been removed from some distributions (#12438).
- Fixed a bug where Podman could not run containers with images that had /etc/ as a symlink (#12189).
- Fixed a bug where the podman logs -f command would, when using the journald logs backend, exit immediately if the container had previously been restarted (#12263).
- Fixed a bug where, in containers on VMs created by podman machine, the host.containers.internal name pointed to the VM, not the host system (#11642).
- Fixed a bug where containers and pods created by the podman play kube command in VMs managed by podman machine would not automatically forward ports from the host machine (#12248).
- Fixed a bug where podman machine init would fail on OS X when GNU Coreutils was installed (#12329).
- Fixed a bug where podman machine start would exit before SSH on the started VM was accepting connections (#11532).
- Fixed a bug where the podman run command with signal proxying (--sig-proxy) enabled could print an error if it attempted to send a signal to a container that had just exited (#8086).
- Fixed a bug where the podman stats command would not return correct information for containers running Systemd as PID1 (#12400).
- Fixed a bug where the podman image save command would fail on OS X when writing the image to STDOUT (#12402).
- Fixed a bug where the podman ps command did not properly handle PS arguments which contained whitespace (#12452).
- Fixed a bug where the podman-remote wait command could fail to detect that the container exited and return an error under some circumstances (#12457).
- Fixed a bug where the Windows MSI installer for podman-remote would break the PATH environment variable by adding an extra ' (#11416).
* API
- The Libpod Play Kube endpoint now also accepts ConfigMap YAML as part of its payload, and will use provided any ConfigMap to configure provided pods and services.
- Fixed a bug where the Compat Create endpoint for Containers would not always create the container's working directory if it did not exist (#11842).
- Fixed a bug where the Compat Create endpoint for Containers returned an incorrect error message with 404 errors when the requested image was not found (#12315).
- Fixed a bug where the Compat Create endpoint for Containers did not properly handle the HostConfig.Mounts field (#12419).
- Fixed a bug where the Compat Archive endpoint for Containers did not properly report errors when the operation failed (#12420).
- Fixed a bug where the Compat Build endpoint for Images ignored the layers query parameter (for caching intermediate layers from the build) (#12378).
- Fixed a bug where the Compat Build endpoint for Images did not report errors in a manner compatible with Docker (#12392).
- Fixed a bug where the Compat Build endpoint for Images would fail to build if the context directory was a symlink (#12409).
- Fixed a bug where the Compat List endpoint for Images included manifest lists (and not just images) in returned results (#12453).
- Update to version 3.4.2:
* Fixed a bug where podman tag could not tag manifest lists (#12046).
* Fixed a bug where built-in volumes specified by images would not be
created correctly under some circumstances.
* Fixed a bug where, when using Podman Machine on OS X, containers in pods
did not have working port forwarding from the host (#12207).
* Fixed a bug where the podman network reload command command on containers
using the slirp4netns network mode and the rootlessport port forwarding
driver would make an unnecessary attempt to restart rootlessport
on containers that did not forward ports.
* Fixed a bug where the podman generate kube command would generate YAML
including some unnecessary (set to default) fields (e.g. empty SELinux and
DNS configuration blocks, and the privileged flag when set to false) (#11995).
* Fixed a bug where the podman pod rm command could, if interrupted at the right moment,
leave a reference to an already-removed infra container behind (#12034).
* Fixed a bug where the podman pod rm command would not remove pods with
more than one container if all containers save for the infra container
were stopped unless --force was specified (#11713).
* Fixed a bug where the --memory flag to podman run and podman create did
not accept a limit of 0 (which should specify unlimited memory) (#12002).
* Fixed a bug where the remote Podman client's podman build command could
attempt to build a Dockerfile in the working directory of the podman
system service instance instead of the Dockerfile specified by the user (#12054).
* Fixed a bug where the podman logs --tail command could function improperly
(printing more output than requested) when the journald log driver was used.
* Fixed a bug where containers run using the slirp4netns network mode with
IPv6 enabled would not have IPv6 connectivity until several seconds after they started (#11062).
* Fixed a bug where some Podman commands could cause an extra dbus-daemon
process to be created (#9727).
* Fixed a bug where rootless Podman would sometimes print warnings
about a failure to move the pause process into a given CGroup (#12065).
* Fixed a bug where the checkpointed field in podman inspect on a container
was not set to false after a container was restored.
* Fixed a bug where the podman system service command would print
overly-verbose logs about request IDs (#12181).
* Fixed a bug where Podman could, when creating a new container without a name
explicitly specified by the user, sometimes use an auto-generated name already
in use by another container if multiple containers were being created in parallel (#11735).
Update to version 3.4.1:
* Bugfixes
- Fixed a bug where podman machine init could, under some circumstances,
create invalid machine configurations which could not be started (#11824).
- Fixed a bug where the podman machine list command would not properly
populate some output fields.
- Fixed a bug where podman machine rm could leave dangling sockets from
the removed machine (#11393).
- Fixed a bug where podman run --pids-limit=-1 was not supported (it now
sets the PID limit in the container to unlimited) (#11782).
- Fixed a bug where podman run and podman attach could throw errors about
a closed network connection when STDIN was closed by the client (#11856).
- Fixed a bug where the podman stop command could fail when run on a
container that had another podman stop command run on it previously.
- Fixed a bug where the --sync flag to podman ps was nonfunctional.
- Fixed a bug where the Windows and OS X remote clients' podman stats
command would fail (#11909).
- Fixed a bug where the podman play kube command did not properly handle
environment variables whose values contained an = (#11891).
- Fixed a bug where the podman generate kube command could generate
invalid annotations when run on containers with volumes that use SELinux
relabelling (:z or :Z) (#11929).
- Fixed a bug where the podman generate kube command would generate YAML
including some unnecessary (set to default) fields (e.g. user and group,
entrypoint, default protocol for forwarded ports) (#11914, #11915, and #11965).
- Fixed a bug where the podman generate kube command could, under some
circumstances, generate YAML including an invalid targetPort field for
forwarded ports (#11930).
- Fixed a bug where rootless Podman's podman info command could, under
some circumstances, not read available CGroup controllers (#11931).
- Fixed a bug where podman container checkpoint --export would fail to
checkpoint any container created with --log-driver=none (#11974).
* API
- Fixed a bug where the Compat Create endpoint for Containers could panic
when no options were passed to a bind mount of tmpfs (#11961).
Update to version 3.4.0:
* Features
- Pods now support init containers! Init containers are containers which run before the rest of the pod starts. There are two types of init containers: 'always', which always run before the pod is started, and 'once', which only run the first time the pod starts and are subsequently removed. They can be added using the podman create command's --init-ctr option.
- Support for init containers has also been added to podman play kube and podman generate kube - init containers contained in Kubernetes YAML will be created as Podman init containers, and YAML generated by Podman will include any init containers created.
- The podman play kube command now supports building images. If the --build option is given and a directory with the name of the specified image exists in the current working directory and contains a valid Containerfile or Dockerfile, the image will be built and used for the container.
- The podman play kube command now supports a new option, --teardown, which removes any pods and containers created by the given Kubernetes YAML.
- The podman generate kube command now generates annotations for SELinux mount options on volume (:z and :Z) that are respected by the podman play kube command.
- A new command has been added, podman pod logs, to return logs for all containers in a pod at the same time.
- Two new commands have been added, podman volume export (to export a volume to a tar file) and podman volume import) (to populate a volume from a given tar file).
- The podman auto-update command now supports simple rollbacks. If a container fails to start after an automatic update, it will be rolled back to the previous image and restarted again.
- Pods now share their user namespace by default, and the podman pod create command now supports the --userns option. This allows rootless pods to be created with the --userns=keep-id option.
- The podman pod ps command now supports a new filter with its --filter option, until, which returns pods created before a given timestamp.
- The podman image scp command has been added. This command allows images to be transferred between different hosts.
- The podman stats command supports a new option, --interval, to specify the amount of time before the information is refreshed.
- The podman inspect command now includes ports exposed (but not published) by containers (e.g. ports from --expose when --publish-all is not specified).
- The podman inspect command now has a new boolean value, Checkpointed, which indicates that a container was stopped as a result of a podman container checkpoint operation.
- Volumes created by podman volume create now support setting quotas when run atop XFS. The size and inode options allow the maximum size and maximum number of inodes consumed by a volume to be limited.
- The podman info command now outputs information on what log drivers, network drivers, and volume plugins are available for use (#11265).
- The podman info command now outputs the current log driver in use, and the variant and codename of the distribution in use.
- The parameters of the VM created by podman machine init (amount of disk space, memory, CPUs) can now be set in containers.conf.
- The podman machine ls command now shows additional information (CPUs, memory, disk size) about VMs managed by podman machine.
- The podman ps command now includes healthcheck status in container state for containers that have healthchecks (#11527).
* Changes
- The podman build command has a new alias, podman buildx, to improve compatibility with Docker. We have already added support for many docker buildx flags to podman build and aim to continue to do so.
- Cases where Podman is run without a user session or a writable temporary files directory will now produce better error messages.
- The default log driver has been changed from file to journald. The file driver did not properly support log rotation, so this should lead to a better experience. If journald is not available on the system, Podman will automatically revert to the file.
- Podman no longer depends on ip for removing networks (#11403).
- The deprecated --macvlan flag to podman network create now warns when it is used. It will be removed entirely in the Podman 4.0 release.
- The podman machine start command now prints a message when the VM is successfully started.
- The podman stats command can now be used on containers that are paused.
- The podman unshare command will now return the exit code of the command that was run in the user namespace (assuming the command was successfully run).
- Successful healthchecks will no longer add a healthy line to the system log to reduce log spam.
- As a temporary workaround for a lack of shortname prompts in the Podman remote client, VMs created by podman machine now default to only using the docker.io registry.
* Bugfixes
- Fixed a bug where whitespace in the definition of sysctls (particularly default sysctls specified in containers.conf) would cause them to be parsed incorrectly.
- Fixed a bug where the Windows remote client improperly validated volume paths (#10900).
- Fixed a bug where the first line of logs from a container run with the journald log driver could be skipped.
- Fixed a bug where images created by podman commit did not include ports exposed by the container.
- Fixed a bug where the podman auto-update command would ignore the io.containers.autoupdate.authfile label when pulling images (#11171).
- Fixed a bug where the --workdir option to podman create and podman run could not be set to a directory where a volume was mounted (#11352).
- Fixed a bug where systemd socket-activation did not properly work with systemd-managed Podman containers (#10443).
- Fixed a bug where environment variable secrets added to a container were not available to exec sessions launched in the container.
- Fixed a bug where rootless containers could fail to start the rootlessport port-forwarding service when XDG_RUNTIME_DIR was set to a long path.
- Fixed a bug where arguments to the --systemd option to podman create and podman run were case-sensitive (#11387).
- Fixed a bug where the podman manifest rm command would also remove images referenced by the manifest, not just the manifest itself (#11344).
- Fixed a bug where the Podman remote client on OS X would not function properly if the TMPDIR environment variable was not set (#11418).
- Fixed a bug where the /etc/hosts file was not guaranteed to contain an entry for localhost (this is still not guaranteed if --net=host is used; such containers will exactly match the host's /etc/hosts) (#11411).
- Fixed a bug where the podman machine start command could print warnings about unsupported CPU features (#11421).
- Fixed a bug where the podman info command could segfault when accessing cgroup information.
- Fixed a bug where the podman logs -f command could hang when a container exited (#11461).
- Fixed a bug where the podman generate systemd command could not be used on containers that specified a restart policy (#11438).
- Fixed a bug where the remote Podman client's podman build command would fail to build containers if the UID and GID on the client were higher than 65536 (#11474).
- Fixed a bug where the remote Podman client's podman build command would fail to build containers if the context directory was a symlink (#11732).
- Fixed a bug where the --network flag to podman play kube was not properly parsed when a non-bridge network configuration was specified.
- Fixed a bug where the podman inspect command could error when the container being inspected was removed as it was being inspected (#11392).
- Fixed a bug where the podman play kube command ignored the default pod infra image specified in containers.conf.
- Fixed a bug where the --format option to podman inspect was nonfunctional under some circumstances (#8785).
- Fixed a bug where the remote Podman client's podman run and podman exec commands could skip a byte of output every 8192 bytes (#11496).
- Fixed a bug where the podman stats command would print nonsensical results if the container restarted while it was running (#11469).
- Fixed a bug where the remote Podman client would error when STDOUT was redirected on a Windows client (#11444).
- Fixed a bug where the podman run command could return 0 when the application in the container exited with 125 (#11540).
- Fixed a bug where containers with --restart=always set using the rootlessport port-forwarding service could not be restarted automatically.
- Fixed a bug where the --cgroups=split option to podman create and podman run was silently discarded if the container was part of a pod.
- Fixed a bug where the podman container runlabel command could fail if the image name given included a tag.
- Fixed a bug where Podman could add an extra 127.0.0.1 entry to /etc/hosts under some circumstances (#11596).
- Fixed a bug where the remote Podman client's podman untag command did not properly handle tags including a digest (#11557).
- Fixed a bug where the --format option to podman ps did not properly support the table argument for tabular output.
- Fixed a bug where the --filter option to podman ps did not properly handle filtering by healthcheck status (#11687).
- Fixed a bug where the podman run and podman start --attach commands could race when retrieving the exit code of a container that had already been removed resulting in an error (e.g. by an external podman rm -f) (#11633).
- Fixed a bug where the podman generate kube command would add default environment variables to generated YAML.
- Fixed a bug where the podman generate kube command would add the default CMD from the image to generated YAML (#11672).
- Fixed a bug where the podman rm --storage command could fail to remove containers under some circumstances (#11207).
- Fixed a bug where the podman machine ssh command could fail when run on Linux (#11731).
- Fixed a bug where the podman stop command would error when used on a container that was already stopped (#11740).
- Fixed a bug where renaming a container in a pod using the podman rename command, then removing the pod using podman pod rm, could cause Podman to believe the new name of the container was permanently in use, despite the container being removed (#11750).
* API
- The Libpod Pull endpoint for Images now has a new query parameter, quiet, which (when set to true) suppresses image pull progress reports (#10612).
- The Compat Events endpoint now includes several deprecated fields from the Docker v1.21 API for improved compatibility with older clients.
- The Compat List and Inspect endpoints for Images now prefix image IDs with sha256: for improved Docker compatibility (#11623).
- The Compat Create endpoint for Containers now properly sets defaults for healthcheck-related fields (#11225).
- The Compat Create endpoint for Containers now supports volume options provided by the Mounts field (#10831).
- The Compat List endpoint for Secrets now supports a new query parameter, filter, which allows returned results to be filtered.
- The Compat Auth endpoint now returns the correct response code (500 instead of 400) when logging into a registry fails.
- The Version endpoint now includes information about the OCI runtime and Conmon in use (#11227).
- Fixed a bug where the X-Registry-Config header was not properly handled, leading to errors when pulling images (#11235).
- Fixed a bug where invalid query parameters could cause a null pointer dereference when creating error messages.
- Logging of API requests and responses at trace level has been greatly improved, including the addition of an X-Reference-Id header to correlate requests and responses (#10053).
Update to version 3.3.1:
* Bugfixes
- Fixed a bug where unit files created by podman generate systemd could
not cleanup shut down containers when stopped by systemctl stop (#11304).
- Fixed a bug where podman machine commands would not properly locate
the gvproxy binary in some circumstances.
- Fixed a bug where containers created as part of a pod using the
--pod-id-file option would not join the pod's network namespace (#11303).
- Fixed a bug where Podman, when using the systemd cgroups driver,
could sometimes leak dbus sessions.
- Fixed a bug where the until filter to podman logs and podman events
was improperly handled, requiring input to be negated (#11158).
- Fixed a bug where rootless containers using CNI networking run on
systems using systemd-resolved for DNS would fail to start if resolved
symlinked /etc/resolv.conf to an absolute path (#11358).
* API
- A large number of potential file descriptor leaks from improperly closing
client connections have been fixed.
Update to version 3.3.0:
* Fix network aliases with network id
* machine: compute sha256 as we read the image file
* machine: check for file exists instead of listing directory
* pkg/bindings/images.nTar(): slashify hdr.Name values
* Volumes: Only remove from DB if plugin removal succeeds
* For compatibility, ignore Content-Type
* [v3.3] Bump c/image 5.15.2, buildah v1.22.3
* Implement SD-NOTIFY proxy in conmon
* Fix rootless cni dns without systemd stub resolver
* fix rootlessport flake
* Skip stats test in CGv1 container environments
* Fix AVC denials in tests of volume mounts
* Restore buildah-bud test requiring new images
* Revert '.cirrus.yml: use fresh images for all VMs'
* Fix device tests using ls test files
* Enhance priv. dev. check
* Workaround host availability of /dev/kvm
* Skip cgroup-parent test due to frequent flakes
* Cirrus: Fix not uploading logformatter html
Switch to crun (bsc#1188914)
Update to version 3.2.3:
* Bump to v3.2.3
* Update release notes for v3.2.3
* vendor containers/common@v0.38.16
* vendor containers/buildah@v1.21.3
* Fix race conditions in rootless cni setup
* CNI-in-slirp4netns: fix bind-mount for /run/systemd/resolve/stub-resolv.conf
* Make rootless-cni setup more robust
* Support uid,gid,mode options for secrets
* vendor containers/common@v0.38.15
* [CI:DOCS] podman search: clarify that results depend on implementation
* vendor containers/common@v0.38.14
* vendor containers/common@v0.38.13
* [3.2] vendor containers/common@v0.38.12
* Bump README to v3.2.2
* Bump to v3.2.3-dev
- Update to version 3.2.2:
* Bump to v3.2.2
* fix systemcontext to use correct TMPDIR
* Scrub podman commands to use report package
* Fix volumes with uid and gid options
* Vendor in c/common v0.38.11
* Initial release notes for v3.2.2
* Fix restoring of privileged containers
* Fix handling of podman-remote build --device
* Add support for podman remote build -f - .
* Fix panic condition in cgroups.getAvailableControllers
* Fix permissions on initially created named volumes
* Fix building static podman-remote
* add correct slirp ip to /etc/hosts
* disable tty-size exec checks in system tests
* Fix resize race with podman exec -it
* Fix documentation of the --format option of podman push
* Fix systemd-resolved detection.
* Health Check is not handled in the compat LibpodToContainerJSON
* Do not use inotify for OCICNI
* getContainerNetworkInfo: lock netNsCtr before sync
* [NO TESTS NEEDED] Create /etc/mtab with the correct ownership
* Create the /etc/mtab file if does not exists
* [v3.2] cp: do not allow dir->file copying
* create: support images with invalid platform
* vendor containers/common@v0.38.10
* logs: k8s-file: restore poll sleep
* logs: k8s-file: fix spurious error logs
* utils: move message from warning to debug
* Bump to v3.2.2-dev
- Update to version 3.2.1:
* Bump to v3.2.1
* Updated release notes for v3.2.1
* Fix network connect race with docker-compose
* Revert 'Ensure minimum API version is set correctly in tests'
* Fall back to string for dockerfile parameter
* remote events: fix --stream=false
* [CI:DOCS] fix incorrect network remove api doc
* remote: always send resize before the container starts
* remote events: support labels
* remote pull: cancel pull when connection is closed
* Fix network prune api docs
* Improve systemd-resolved detection
* logs: k8s-file: fix race
* Fix image prune --filter cmd behavior
* Several shell completion fixes
* podman-remote build should handle -f option properly
* System tests: deal with crun 0.20.1
* Fix build tags for pkg/machine...
* Fix pre-checkpointing
* container: ignore named hierarchies
* [v3.2] vendor containers/common@v0.38.9
* rootless: fix fast join userns path
* [v3.2] vendor containers/common@v0.38.7
* [v3.2] vendor containers/common@v0.38.6
* Correct qemu options for Intel macs
* Ensure minimum API version is set correctly in tests
* Bump to v3.2.1-dev
- Update to version 3.2.0:
* Bump to v3.2.0
* Fix network create macvlan with subnet option
* Final release notes updates for v3.2.0
* add ipv6 nameservers only when the container has ipv6 enabled
* Use request context instead of background
* [v.3.2] events: support disjunctive filters
* System tests: add :Z to volume mounts
* generate systemd: make mounts portable
* vendor containers/storage@v1.31.3
* vendor containers/common@v0.38.5
* Bump to v3.2.0-dev
* Bump to v3.2.0-RC3
* Update release notes for v3.2.0-RC3
* Fix race on podman start --all
* Fix race condition in running ls container in a pod
* docs: --cert-dir: point to containers-certs.d(5)
* Handle hard links in different directories
* Improve OCI Runtime error
* Handle hard links in remote builds
* Podman info add support for status of cgroup controllers
* Drop container does not exist on removal to debugf
* Downgrade API service routing table logging
* add libimage events
* docs: generate systemd: XDG_RUNTIME_DIR
* Fix problem copying files when container is in host pid namespace
* Bump to v3.2.0-dev
* Bump to v3.2.0-RC2
* update c/common
* Update Cirrus DEST_BRANCH to v3.2
* Updated vendors of c/image, c/storage, Buildah
* Initial release notes for v3.2.0-RC2
* Add script for identifying commits in release branches
* Add host.containers.internal entry into container's etc/hosts
* image prune: remove unused images only with `--all`
* podman network reload add rootless support
* Use more recent `stale` release...
* network tutorial: update with rootless cni changes
* [CI:DOCS] Update first line in intro page
* Use updated VM images + updated automation tooling
* auto-update service: prune images
* make vendor
* fix system upgrade tests
* Print 'extracting' only on compressed file
* podman image tree: restore previous behavior
* fix network restart always test
* fix incorrect log driver in podman container image
* Add support for cli network prune --filter flag
* Move filter parsing to common utils
* Bump github.com/containers/storage from 1.30.2 to 1.30.3
* Update nix pin with `make nixpkgs`
* [CI:DOCS] hack/bats - new helper for running system tests
* fix restart always with slirp4netns
* Bump github.com/opencontainers/runc from 1.0.0-rc93 to 1.0.0-rc94
* Bump github.com/coreos/go-systemd/v22 from 22.3.1 to 22.3.2
* Add host.serviceIsRemote to podman info results
* Add client disconnect to build handler loop
* Remove obsolete skips
* Fix podman-remote build --rm=false ...
* fix: improved 'containers/{name}/wait' endpoint
* Bump github.com/containers/storage from 1.30.1 to 1.30.2
* Add envars to the generated systemd unit
* fix: use UTC Time Stamps in response JSON
* fix container startup for empty pidfile
* Kube like pods should share ipc,net,uts by default
* fix: compat API 'images/get' for multiple images
* Revert escaped double dash man page flag syntax
* Report Download complete in Compatibility mode
* Add documentation on short-names
* Bump github.com/docker/docker
* Adds support to preserve auto update labels in generate and play kube
* [CI:DOCS] Stop conversion of `--` into en dash
* Revert Patch to relabel if selinux not enabled
* fix per review request
* Add support for environment variable secrets
* fix pre review request
* Fix infinite loop in isPathOnVolume
* Add containers.conf information for changing defaults
* CI: run rootless tests under ubuntu
* Fix wrong macvlan PNG in networking doc.
* Add restart-policy to container filters & --filter to podman start
* Fixes docker-compose cannot set static ip when use ipam
* channel: simplify implementation
* build: improve regex for iidfile
* Bump github.com/onsi/gomega from 1.11.0 to 1.12.0
* cgroup: fix rootless --cgroup-parent with pods
* fix: docker APIv2 `images/get`
* codespell cleanup
* Minor podmanimage docs updates.
* Fix handling of runlabel IMAGE and NAME
* Bump to v3.2.0-dev
* Bump to v3.2.0-rc1
* rootless: improve automatic range split
* podman: set volatile storage flag for --rm containers
* Bump github.com/onsi/ginkgo from 1.16.1 to 1.16.2
* Bump github.com/containers/image/v5 from 5.11.1 to 5.12.0
* migrate Podman to containers/common/libimage
* Add filepath glob support to --security-opt unmask
* Force log_driver to k8s-file for containers in containers
* add --mac-address to podman play kube
* compat api: Networks must be empty instead of null
* System tests: honor $OCI_RUNTIME (for CI)
* is this a bug?
* system test image: add arm64v8 image
* Fix troubleshooting documentation on handling sublemental groups.
* Add --all to podman start
* Fix variable reference typo. in multi-arch image action
* cgroup: always honor --cgroup-parent with cgroupfs
* Bump github.com/uber/jaeger-client-go
* Don't require tests for github-actions & metadata
* Detect if in podman machine virtual vm
* Fix multi-arch image workflow typo
* [CI:DOCS] Add titles to remote docs (windows)
* Remove unused VolumeList* structs
* Cirrus: Update F34beta -> F34
* Update container image docs + fix unstable execution
* Bump github.com/containers/storage from 1.30.0 to 1.30.1
* TODO complete
* Docker returns 'die' status rather then 'died' status
* Check if another VM is running on machine start
* [CI:DOCS] Improve titles of command HTML pages
* system tests: networking: fix another race condition
* Use seccomp_profile as default profile if defined in containers.conf
* Bump github.com/json-iterator/go from 1.1.10 to 1.1.11
* Vendored
* Autoupdate local label functional
* System tests: fix two race conditions
* Add more documentation on conmon
* Allow docker volume create API to pass without name
* Cirrus: Update Ubuntu images to 21.04
* Skip blkio-weight test when no kernel BFQ support
* rootless: Tell the user what was led to the error, not just what it is
* Add troubleshooting advice about the --userns option.
* Fix images prune filter until
* Fix logic for pushing stable multi-arch images
* Fixes generate kube incorrect when bind-mounting '/' and '/root'
* libpod/image: unit tests: don't use system's registries.conf.d
* runtime: create userns when CAP_SYS_ADMIN is not present
* rootless: attempt to copy current mappings first
* [CI:DOCS] Restore missing content to manpages
* [CI:DOCS] Fix Markdown layout bugs
* Fix podman ps --filter ancestor to match exact ImageName/ImageID
* Add machine-enabled to containers.conf for machine
* Several multi-arch image build/push fixes
* Add podman run --timeout option
* Parse slirp4netns net options with compat api
* Fix rootlesskit port forwarder with custom slirp cidr
* Fix removal race condition in ListContainers
* Add github-action workflow to build/push multi-arch
* rootless: if root is not sub?id raise a debug message
* Bump github.com/containers/common from 0.36.0 to 0.37.0
* Add go template shell completion for --format
* Add --group-add keep-groups: suplimentary groups into container
* Fixes from make codespell
* Typo fix to usage text of --compress option
* corrupt-image test: fix an oops
* Add --noheading flag to all list commands
* Bump github.com/containers/storage from 1.29.0 to 1.30.0
* Bump github.com/containers/image/v5 from 5.11.0 to 5.11.1
* [CI:DOCS] Fix Markdown table layout bugs
* podman-remote should show podman.sock info
* rmi: don't break when the image is missing a manifest
* [CI:DOCS] Rewrite --uidmap doc in podman-create.1.md and podman-run.1.md
* Add support for CDI device configuration
* [CI:DOCS] Add missing dash to verbose option
* Bump github.com/uber/jaeger-client-go
* Remove an advanced layer diff function
* Ensure mount destination is clean, no trailing slash
* add it for inspect pidfile
* [CI:DOCS] Fix introduction page typo
* support pidfile on container restore
* fix start it
* skip pidfile test on remote
* improve document
* set pidfile default value int containerconfig
* add pidfile in inspection
* add pidfile it for container start
* skip pidfile it on remote
* Modify according to comments
* WIP: drop test requirement
* runtime: bump required conmon version
* runtime: return findConmon to libpod
* oci: drop ExecContainerCleanup
* oci: use `--full-path` option for conmon
* use AttachSocketPath when removing conmon files
* hide conmon-pidfile flag on remote mode
* Fix possible panic in libpod/image/prune.go
* add --ip to podman play kube
* add flag autocomplete
* add ut
* add flag '--pidfile' for podman create/run
* Add network bindings tests: remove and list
* Fix build with GO111MODULE=off
* system tests: build --pull-never: deal with flakes
* compose test: diagnose flakes v3
* podman play kube apply correct log driver
* Fixes podman-remote save to directories does not work
* Bump github.com/rootless-containers/rootlesskit from 0.14.1 to 0.14.2
* Update documentation of podman-run to reflect volume 'U' option
* Fix flake on failed podman-remote build : try 2
* compose test: ongoing efforts to diagnose flakes
* Test that we don't error out on advertised --log-level values
* At trace log level, print error text using %+v instead of %v
* pkg/errorhandling.JoinErrors: don't throw away context for lone errors
* Recognize --log-level=trace
* Fix flake on failed podman-remote build
* System tests: fix racy podman-inspect
* Fixes invalid expression in save command
* Bump github.com/containers/common from 0.35.4 to 0.36.0
* Update nix pin with `make nixpkgs`
* compose test: try to get useful data from flakes
* Remove in-memory state implementation
* Fix message about runtime to show only the actual runtime
* System tests: setup: better cleanup of stray images
* Bump github.com/containers/ocicrypt from 1.1.0 to 1.1.1
* Reflect current state of prune implementation in docs
* Do not delete container twice
* [CI:DOCS] Correct status code for /pods/create
* vendor in containers/storage v1.29.0
* cgroup: do not set cgroup parent when rootless and cgroupfs
* Overhaul Makefile binary and release worflows
* Reorganize Makefile with sections and guide
* Simplify Makefile help target
* Don't shell to obtain current directory
* Remove unnecessary/not-needed release.txt target
* Fix incorrect version number output
* Exclude .gitignore from test req.
* Fix handling of $NAME and $IMAGE in runlabel
* Update podman image Dockerfile to support Podman in container
* Bump github.com/containers/image/v5 from 5.10.5 to 5.11.0
* Fix slashes in socket URLs
* Add network prune filters support to bindings
* Add support for play/generate kube volumes
* Update manifest API endpoints
* Fix panic when not giving a machine name for ssh
* cgroups: force 64 bits to ParseUint
* Bump k8s.io/api from 0.20.5 to 0.21.0
* [CI:DOCS] Fix formatting of podman-build man page
* buildah-bud tests: simplify
* Add missing return
* Bump github.com/onsi/ginkgo from 1.16.0 to 1.16.1
* speed up CI handling of images
* Volumes prune endpoint should use only prune filters
* Cirrus: Use Fedora 34beta images
* Bump go.sum + Makefile for golang 1.16
* Exempt Makefile changes from test requirements
* Adjust libpod API Container Wait documentation to the code
* [CI:DOCS] Update swagger definition of inspect manifest
* use updated ubuntu images
* podman unshare: add --rootless-cni to join the ns
* Update swagger-check
* swagger: remove name wildcards
* Update buildah-bud diffs
* Handle podman-remote --arch, --platform, --os
* buildah-bud tests: handle go pseudoversions, plus...
* Fix flaking rootless compose test
* rootless cni add /usr/sbin to PATH if not present
* System tests: special case for RHEL: require runc
* Add --requires flag to podman run/create
* [CI:DOCS] swagger-check: compare operations
* [CI:DOCS] Polish swagger OpertionIDs
* [NO TESTS NEEDED] Update nix pin with `make nixpkgs`
* Ensure that `--userns=keep-id` sets user in config
* [CI:DOCS] Set all operation id to be compatibile
* Move operationIds to swagger:operation line
* swagger: add operationIds that match with docker
* Cirrus: Make use of shared get_ci_vm container
* Don't relabel volumes if running in a privileged container
* Allow users to override default storage opts with --storage-opt
* Add support for podman --context default
* Verify existence of auth file if specified
* fix machine naming conventions
* Initial network bindings tests
* Update release notes to indicate CVE fix
* Move socket activation check into init() and set global condition.
* Bump github.com/onsi/ginkgo from 1.15.2 to 1.16.0
* Http api tests for network prune with until filter
* podman-run.1.md, podman-create.1.md : Adjust Markdown layout for --userns
* Fix typos --uidmapping and --gidmapping
* Add transport and destination info to manifest doc
* Bump github.com/rootless-containers/rootlesskit from 0.14.0 to 0.14.1
* Add default template functions
* Fix missing podman-remote build options
* Bump github.com/coreos/go-systemd/v22 from 22.3.0 to 22.3.1
* Add ssh connection to root user
* Add rootless docker-compose test to the CI
* Use the slrip4netns dns in the rootless cni ns
* Cleanup the rootless cni namespace
* Add new docker-compose test for two networks
* Make the docker-compose test work rootless
* Remove unused rootless-cni-infra container files
* Only use rootless RLK when the container has ports
* Fix dnsname test
* Enable rootless network connect/disconnect
* Move slirp4netns functions into an extra file
* Fix pod infra container cni network setup
* Add rootless support for cni and --uidmap
* rootless cni without infra container
* Recreate until container prune tests for bindings
* Remove --execute from podman machine ssh
* Fixed podman-remote --network flag
* Makefile: introduce install.docker-full
* Makefile: ensure install.docker creates BINDIR
* Fix unmount doc reference in image.rst
* Should send the OCI runtime path not just the name to buildah
* podman machine shell completion
* Fix handling of remove --log-rusage param
* Fix bindings prune containers flaky test
* [CI:DOCS] Add local html build info to docs/README.md
* Add podman machine list
* Trim white space from /top endpoint results
* Remove semantic version suffices from API calls
* podman machine init --ignition-path
* Document --volume from podman-remote run/create client
* Update main branch to reflect the release of v3.1.0
* Silence podman network reload errors with iptables-nft
* Containers prune endpoint should use only prune filters
* resolve proper aarch64 image names
* APIv2 basic test: relax APIVersion check
* Add machine support for qemu-system-aarch64
* podman machine init user input
* manpage xref: helpful diagnostic for unescaped dash-dash
* Bump to v3.2.0-dev
* swagger: update system version response body
* buildah-bud tests: reenable pull-never test
* [NO TESTS NEEDED] Shrink the size of podman-remote
* Add powershell completions
* [NO TESTS NEEDED] Drop Warning to Info, if cgroups not mounted
* Fix long option format on docs.podman.io
* system tests: friendier messages for 2-arg is()
* service: use LISTEN_FDS
* man pages: correct seccomp-policy label
* rootless: use is_fd_inherited
* podman generate systemd --new do not duplicate params
* play kube: add support for env vars defined from secrets
* play kube: support optional/mandatory env var from config map
* play kube: prepare supporting other env source than config maps
* Add machine support for more Linux distros
* [NO TESTS NEEDED] Use same function podman-remote rmi as podman
* Podman machine enhancements
* Add problematic volume name to kube play error messages
* Fix podman build --pull-never
* [NO TESTS NEEDED] Fix for kernel without CONFIG_USER_NS
* [NO TESTS NEEDED] Turn on podman-remote build --isolation
* Fix list pods filter handling in libpod api
* Remove resize race condition
* [NO TESTS NEEDED] Vendor in containers/buildah v1.20.0
* Use TMPDIR when commiting images
* Add RequiresMountsFor= to systemd generate
* Bump github.com/vbauerster/mpb/v6 from 6.0.2 to 6.0.3
* Fix swapped dimensions from terminal.GetSize
* Rename podman machine create to init and clean up
* Correct json field name
* system tests: new interactive tests
* Improvements for machine
* libpod/image: unit tests: use a `registries.conf` for aliases
* libpod/image: unit tests: defer cleanup
* libpod/image: unit tests: use `require.NoError`
* Add --execute flag to podman machine ssh
* introduce podman machine
* Podman machine CLI and interface stub
* Support multi doc yaml for generate/play kube
* Fix filters in image http compat/libpod api endpoints
* Bump github.com/containers/common from 0.35.3 to 0.35.4
* Bump github.com/containers/storage from 1.28.0 to 1.28.1
* Check if stdin is a term in --interactive --tty mode
* [NO TESTS NEEDED] Remove /tmp/containers-users-* files on reboot
* [NO TESTS NEEDED] Fix rootless volume plugins
* Ensure manually-created volumes have correct ownership
* Bump github.com/rootless-containers/rootlesskit
* Unification of until filter across list/prune endpoints
* Unification of label filter across list/prune endpoints
* fixup
* fix: build endpoint for compat API
* [CI:DOCS] Add note to mappings for user/group userns in build
* Bump k8s.io/api from 0.20.1 to 0.20.5
* Validate passed in timezone from tz option
* WIP: run buildah bud tests using podman
* Fix containers list/prune http api filter behaviour
* Generate Kubernetes PersistentVolumeClaims from named volumes
- Update to version 3.1.2:
* Bump to v3.1.2
* Update release notes for v3.1.2
* Ensure mount destination is clean, no trailing slash
* Fixes podman-remote save to directories does not work
* [CI:DOCS] Add missing dash to verbose option
* [CI:DOCS] Fix Markdown table layout bugs
* [CI:DOCS] Rewrite --uidmap doc in podman-create.1.md and podman-run.1.md
* rmi: don't break when the image is missing a manifest
* Bump containers/image to v5.11.1
* Bump github.com/coreos/go-systemd from 22.2.0 to 22.3.1
* Fix lint
* Bump to v3.1.2-dev
- Split podman-remote into a subpackage
- Add missing scriptlets for systemd units
- Escape macros in comments
- Drop some obsolete workarounds, including %{go_nostrip}
- Update to version 3.1.1:
* Bump to v3.1.1
* Update release notes for v3.1.1
* podman play kube apply correct log driver
* Fix build with GO111MODULE=off
* [CI:DOCS] Set all operation id to be compatibile
* Move operationIds to swagger:operation line
* swagger: add operationIds that match with docker
* Fix missing podman-remote build options
* [NO TESTS NEEDED] Shrink the size of podman-remote
* Move socket activation check into init() and set global condition.
* rootless: use is_fd_inherited
* Recreate until container prune tests for bindings
* System tests: special case for RHEL: require runc
* Document --volume from podman-remote run/create client
* Containers prune endpoint should use only prune filters
* Trim white space from /top endpoint results
* Fix unmount doc reference in image.rst
* Fix handling of remove --log-rusage param
* Makefile: introduce install.docker-full
* Makefile: ensure install.docker creates BINDIR
* Should send the OCI runtime path not just the name to buildah
* Fixed podman-remote --network flag
* podman-run.1.md, podman-create.1.md : Adjust Markdown layout for --userns
* Fix typos --uidmapping and --gidmapping
* Add default template functions
* Don't relabel volumes if running in a privileged container
* Allow users to override default storage opts with --storage-opt
* Add transport and destination info to manifest doc
* Verify existence of auth file if specified
* Ensure that `--userns=keep-id` sets user in config
* [CI:DOCS] Update swagger definition of inspect manifest
* Volumes prune endpoint should use only prune filters
* Adjust libpod API Container Wait documentation to the code
* Add missing return
* [CI:DOCS] Fix formatting of podman-build man page
* cgroups: force 64 bits to ParseUint
* Fix slashes in socket URLs
* [CI:DOCS] Correct status code for /pods/create
* cgroup: do not set cgroup parent when rootless and cgroupfs
* Reflect current state of prune implementation in docs
* Do not delete container twice
* Test that we don't error out on advertised --log-level values
* At trace log level, print error text using %+v instead of %v
* pkg/errorhandling.JoinErrors: don't throw away context for lone errors
* Recognize --log-level=trace
* Fix message about runtime to show only the actual runtime
* Fix handling of $NAME and $IMAGE in runlabel
* Fix flake on failed podman-remote build : try 2
* Fix flake on failed podman-remote build
* Update documentation of podman-run to reflect volume 'U' option
* Fixes invalid expression in save command
* Fix possible panic in libpod/image/prune.go
* Update all containers/ project vendors
* Fix tests
* Bump to v3.1.1-dev
- Update to version 3.1.0:
* Bump to v3.1.0
* Fix test failure
* Update release notes for v3.1.0 final release
* [NO TESTS NEEDED] Turn on podman-remote build --isolation
* Fix long option format on docs.podman.io
* Fix containers list/prune http api filter behaviour
* [CI:DOCS] Add note to mappings for user/group userns in build
* Validate passed in timezone from tz option
* Generate Kubernetes PersistentVolumeClaims from named volumes
* libpod/image: unit tests: use a `registries.conf` for aliases
- Require systemd 241 or newer due to podman dependency go-systemd v22,
otherwise build will fail with unknown C name errors
- Create docker subpackage to allow replacing docker with
corresponding aliases to podman.
- Update to v3.0.1
* Changes
- Several frequently-occurring WARN level log messages have been downgraded to INFO or DEBUG to not clutter terminal output.
Bugfixes
- Fixed a bug where the Created field of podman ps --format=json was formatted as a string instead of an Unix timestamp (integer) (#9315).
- Fixed a bug where failing lookups of individual layers during the podman images command would cause the whole command to fail without printing output.
- Fixed a bug where --cgroups=split did not function properly on cgroups v1 systems.
- Fixed a bug where mounting a volume over an directory in the container that existed, but was empty, could fail (#9393).
- Fixed a bug where mounting a volume over a directory in the container that existed could copy the entirety of the container's rootfs, instead of just the directory mounted over, into the volume (#9415).
- Fixed a bug where Podman would treat the --entrypoint=[''] option to podman run and podman create as a literal empty string in the entrypoint, when instead it should have been ignored (#9377).
- Fixed a bug where Podman would set the HOME environment variable to '' when the container ran as a user without an assigned home directory (#9378).
- Fixed a bug where specifying a pod infra image that had no tags (by using its ID) would cause podman pod create to panic (#9374).
- Fixed a bug where the --runtime option was not properly handled by the podman build command (#9365).
- Fixed a bug where Podman would incorrectly print an error message related to the remote API when the remote API was not in use and starting Podman failed.
- Fixed a bug where Podman would change ownership of a container's working directory, even if it already existed (#9387).
- Fixed a bug where the podman generate systemd --new command would incorrectly escape %t when generating the path for the PID file (#9373).
- Fixed a bug where Podman could, when run inside a Podman container with the host's containers/storage directory mounted into the container, erroneously detect a reboot and reset container state if the temporary directory was not also mounted in (#9191).
- Fixed a bug where some options of the podman build command (including but not limited to --jobs) were nonfunctional (#9247).
* API
- Fixed a breaking change to the Libpod Wait API for Containers where the Conditions parameter changed type in Podman v3.0 (#9351).
- Fixed a bug where the Compat Create endpoint for Containers did not properly handle forwarded ports that did not specify a host port.
- Fixed a bug where the Libpod Wait endpoint for Containers could write duplicate headers after an error occurred.
- Fixed a bug where the Compat Create endpoint for Images would not pull images that already had a matching tag present locally, even if a more recent version was available at the registry (#9232).
- The Compat Create endpoint for Images has had its compatibility with Docker improved, allowing its use with the docker-java library.
* Misc
- Updated Buildah to v1.19.4
- Updated the containers/storage library to v1.24.6
- Changes from v3.0.0
* Features
- Podman now features initial support for Docker Compose.
- Added the podman rename command, which allows containers to be renamed after they are created (#1925).
- The Podman remote client now supports the podman copy command.
- A new command, podman network reload, has been added. This command will re-configure the network of all running containers, and can be used to recreate firewall rules lost when the system firewall was reloaded (e.g. via firewall-cmd --reload).
- Podman networks now have IDs. They can be seen in podman network ls and can be used when removing and inspecting networks. Existing networks receive IDs automatically.
- Podman networks now also support labels. They can be added via the --label option to network create, and podman network ls can filter labels based on them.
- The podman network create command now supports setting bridge MTU and VLAN through the --opt option (#8454).
- The podman container checkpoint and podman container restore commands can now checkpoint and restore containers that include volumes.
- The podman container checkpoint command now supports the --with-previous and --pre-checkpoint options, and the podman container restore command now support the --import-previous option. These add support for two-step checkpointing with lowered dump times.
- The podman push command can now push manifest lists. Podman will first attempt to push as an image, then fall back to pushing as a manifest list if that fails.
- The podman generate kube command can now be run on multiple containers at once, and will generate a single pod containing all of them.
- The podman generate kube and podman play kube commands now support Kubernetes DNS configuration, and will preserve custom DNS configuration when exporting or importing YAML (#9132).
- The podman generate kube command now properly supports generating YAML for containers and pods creating using host networking (--net=host) (#9077).
- The podman kill command now supports a --cidfile option to kill containers given a file containing the container's ID (#8443).
- The podman pod create command now supports the --net=none option (#9165).
- The podman volume create command can now specify volume UID and GID as options with the UID and GID fields passed to the the --opt option.
- Initial support has been added for Docker Volume Plugins. Podman can now define available plugins in containers.conf and use them to create volumes with podman volume create --driver.
- The podman run and podman create commands now support a new option, --platform, to specify the platform of the image to be used when creating the container.
- The --security-opt option to podman run and podman create now supports the systempaths=unconfined option to unrestrict access to all paths in the container, as well as mask and unmask options to allow more granular restriction of container paths.
- The podman stats --format command now supports a new format specified, MemUsageBytes, which prints the raw bytes of memory consumed by a container without human-readable formatting #8945.
- The podman ps command can now filter containers based on what pod they are joined to via the pod filter (#8512).
- The podman pod ps command can now filter pods based on what networks they are joined to via the network filter.
The podman pod ps command can now print information on what networks a pod is joined to via the .Networks specifier to the --format option.
- The podman system prune command now supports filtering what containers, pods, images, and volumes will be pruned.
- The podman volume prune commands now supports filtering what volumes will be pruned.
- The podman system prune command now includes information on space reclaimed (#8658).
- The podman info command will now properly print information about packages in use on Gentoo and Arch systems.
- The containers.conf file now contains an option for disabling creation of a new kernel keyring on container creation (#8384).
- The podman image sign command can now sign multi-arch images by producing a signature for each image in a given manifest list.
- The podman image sign command, when run as rootless, now supports per-user registry configuration files in $HOME/.config/containers/registries.d.
- Configuration options for slirp4netns can now be set system-wide via the NetworkCmdOptions configuration option in containers.conf.
- The MTU of slirp4netns can now be configured via the mtu= network command option (e.g. podman run --net slirp4netns:mtu=9000).
* Security
- A fix for CVE-2021-20199 is included. Podman between v1.8.0 and v2.2.1 used 127.0.0.1 as the source address for all traffic forwarded into rootless containers by a forwarded port; this has been changed to address the issue.
* Changes
- Shortname aliasing support has now been turned on by default. All Podman commands that must pull an image will, if a TTY is available, prompt the user about what image to pull.
- The podman load command no longer accepts a NAME[:TAG] argument. The presence of this argument broke CLI compatibility with Docker by making docker load commands unusable with Podman (#7387).
- The Go bindings for the HTTP API have been rewritten with a focus on limiting dependency footprint and improving extensibility. Read more here.
- The legacy Varlink API has been completely removed from Podman.
- The default log level for Podman has been changed from Error to Warn.
- The podman network create command can now create macvlan networks using the --driver macvlan option for Docker compatibility. The existing --macvlan flag has been deprecated and will be removed in Podman 4.0 some time next year.
- The podman inspect command has had the LogPath and LogTag fields moved into the LogConfig structure (from the root of the Inspect structure). The maximum size of the log file is also included.
- The podman generate systemd command no longer generates unit files using the deprecated KillMode=none option (#8615).
- The podman stop command now releases the container lock while waiting for it to stop - as such, commands like podman ps will no longer block until podman stop completes (#8501).
- Networks created with podman network create --internal no longer use the dnsname plugin. This configuration never functioned as expected.
- Error messages for the remote Podman client have been improved when it cannot connect to a Podman service.
- Error messages for podman run when an invalid SELinux is specified have been improved.
- Rootless Podman features improved support for containers with a single user mapped into the rootless user namespace.
- Pod infra containers now respect default sysctls specified in containers.conf allowing for advanced configuration of the namespaces they will share.
- SSH public key handling for remote Podman has been improved.
* Bugfixes
- Fixed a bug where the podman history --no-trunc command would truncate the Created By field (#9120).
- Fixed a bug where root containers that did not explicitly specify a CNI network to join did not generate an entry for the network in use in the Networks field of the output of podman inspect (#6618).
- Fixed a bug where, under some circumstances, container working directories specified by the image (via the WORKDIR instruction) but not present in the image, would not be created (#9040).
- Fixed a bug where the podman generate systemd command would generate invalid unit files if the container was creating using a command line that included doubled braces ({{ and }}), e.g. --log-opt-tag={{.Name}} (#9034).
- Fixed a bug where the podman generate systemd --new command could generate unit files including invalid Podman commands if the container was created using merged short options (e.g. podman run -dt) (#8847).
- Fixed a bug where the podman generate systemd --new command could generate unit files that did not handle Podman commands including some special characters (e.g. $) (#9176
- Fixed a bug where rootless containers joining CNI networks could not set a static IP address (#7842).
- Fixed a bug where rootless containers joining CNI networks could not set network aliases (#8567).
- Fixed a bug where the remote client could, under some circumstances, not include the Containerfile when sending build context to the server (#8374).
- Fixed a bug where rootless Podman did not mount /sys as a new sysfs in some circumstances where it was acceptable.
- Fixed a bug where rootless containers that both joined a user namespace and a CNI networks would cause a segfault. These options are incompatible and now return an error.
- Fixed a bug where the podman play kube command did not properly handle CMD and ARGS from images (#8803).
- Fixed a bug where the podman play kube command did not properly handle environment variables from images (#8608).
- Fixed a bug where the podman play kube command did not properly print errors that occurred when starting containers.
- Fixed a bug where the podman play kube command errored when hostNetwork was used (#8790).
- Fixed a bug where the podman play kube command would always pull images when the :latest tag was specified, even if the image was available locally (#7838).
- Fixed a bug where the podman play kube command did not properly handle SELinux configuration, rending YAML with custom SELinux configuration unusable (#8710).
- Fixed a bug where the podman generate kube command incorrectly populated the args and command fields of generated YAML (#9211).
- Fixed a bug where containers in a pod would create a duplicate entry in the pod's shared /etc/hosts file every time the container restarted (#8921).
- Fixed a bug where the podman search --list-tags command did not support the --format option (#8740).
- Fixed a bug where the http_proxy option in containers.conf was not being respected, and instead was set unconditionally to true (#8843).
- Fixed a bug where rootless Podman could, on systems with a recent Conmon and users with a long username, fail to attach to containers (#8798).
- Fixed a bug where the podman images command would break and fail to display any images if an empty manifest list was present in storage (#8931).
- Fixed a bug where locale environment variables were not properly passed on to Conmon.
- Fixed a bug where Podman would not build on the MIPS architecture (#8782).
- Fixed a bug where rootless Podman could fail to properly configure user namespaces for rootless containers when the user specified a --uidmap option that included a mapping beginning with UID 0.
- Fixed a bug where the podman logs command using the k8s-file backend did not properly handle partial log lines with a length of 1 (#8879).
- Fixed a bug where the podman logs command with the --follow option did not properly handle log rotation (#8733).
- Fixed a bug where user-specified HOSTNAME environment variables were overwritten by Podman (#8886).
- Fixed a bug where Podman would applied default sysctls from containers.conf in too many situations (e.g. applying network sysctls when the container shared its network with a pod).
- Fixed a bug where Podman did not properly handle cases where a secondary image store was in use and an image was present in both the secondary and primary stores (#8176).
- Fixed a bug where systemd-managed rootless Podman containers where the user in the container was not root could fail as the container's PID file was not accessible to systemd on the host (#8506).
- Fixed a bug where the --privileged option to podman run and podman create would, under some circumstances, not disable Seccomp (#8849).
- Fixed a bug where the podman exec command did not properly add capabilities when the container or exec session were run with --privileged.
- Fixed a bug where rootless Podman would use the --enable-sandbox option to slirp4netns unconditionally, even when pivot_root was disabled, rendering slirp4netns unusable when pivot_root was disabled (#8846).
- Fixed a bug where podman build --logfile did not actually write the build's log to the logfile.
- Fixed a bug where the podman system service command did not close STDIN, and could display user-interactive prompts (#8700).
- Fixed a bug where the podman system reset command could, under some circumstances, remove all the contents of the XDG_RUNTIME_DIR directory (#8680).
- Fixed a bug where the podman network create command created CNI configurations that did not include a default gateway (#8748).
- Fixed a bug where the podman.service systemd unit provided by default used the wrong service type, and would cause systemd to not correctly register the service as started (#8751).
- Fixed a bug where, if the TMPDIR environment variable was set for the container engine in containers.conf, it was being ignored.
- Fixed a bug where the podman events command did not properly handle future times given to the --until option (#8694).
- Fixed a bug where the podman logs command wrote container STDERR logs to STDOUT instead of STDERR (#8683).
- Fixed a bug where containers created from an image with multiple tags would report that they were created from the wrong tag (#8547).
- Fixed a bug where container capabilities were not set properly when the --cap-add=all and --user options to podman create and podman run were combined.
- Fixed a bug where the --layers option to podman build was nonfunctional (#8643).
- Fixed a bug where the podman system prune command did not act recursively, and thus would leave images, containers, pods, and volumes present that would be removed by a subsequent call to podman system prune (#7990).
- Fixed a bug where the --publish option to podman run and podman create did not properly handle ports specified as a range of ports with no host port specified (#8650).
- Fixed a bug where --format did not support JSON output for individual fields (#8444).
- Fixed a bug where the podman stats command would fail when run on root containers using the slirp4netns network mode (#7883).
- Fixed a bug where the Podman remote client would ask for a password even if the server's SSH daemon did not support password authentication (#8498).
- Fixed a bug where the podman stats command would fail if the system did not support one or more of the cgroup controllers Podman supports (#8588).
- Fixed a bug where the --mount option to podman create and podman run did not ignore the consistency mount option.
- Fixed a bug where failures during the resizing of a container's TTY would print the wrong error.
- Fixed a bug where the podman network disconnect command could cause the podman inspect command to fail for a container until it was restarted (#9234).
- Fixed a bug where containers created from a read-only rootfs (using the --rootfs option to podman create and podman run) would fail (#9230).
- Fixed a bug where specifying Go templates to the --format option to multiple Podman commands did not support the join function (#8773).
- Fixed a bug where the podman rmi command could, when run in parallel on multiple images, return layer not known errors (#6510).
- Fixed a bug where the podman inspect command on containers displayed unlimited ulimits incorrectly (#9303).
- Fixed a bug where Podman would fail to start when a volume was mounted over a directory in a container that contained symlinks that terminated outside the directory and its subdirectories (#6003).
API
- Libpod API version has been bumped to v3.0.0.
- All Libpod Pod APIs have been modified to properly report errors with individual containers. Cases where the operation as a whole succeeded but individual containers failed now report an HTTP 409 error (#8865).
- The Compat API for Containers now supports the Rename and Copy APIs.
- Fixed a bug where the Compat Prune APIs (for volumes, containers, and images) did not return the amount of space reclaimed in their responses.
- Fixed a bug where the Compat and Libpod Exec APIs for Containers would drop errors that occurred prior to the exec session successfully starting (e.g. a 'no such file' error if an invalid executable was passed) (#8281)
- Fixed a bug where the Volumes field in the Compat Create API for Containers was being ignored (#8649).
- Fixed a bug where the NetworkMode field in the Compat Create API for Containers was not handling some values, e.g. container:, correctly.
- Fixed a bug where the Compat Create API for Containers did not set container name properly.
- Fixed a bug where containers created using the Compat Create API unconditionally used Kubernetes file logging (the default specified in containers.conf is now used).
- Fixed a bug where the Compat Inspect API for Containers could include container states not recognized by Docker.
- Fixed a bug where Podman did not properly clean up after calls to the Events API when the journald backend was in use, resulting in a leak of file descriptors (#8864).
- Fixed a bug where the Libpod Pull endpoint for Images could fail with an index out of range error under certain circumstances (#8870).
- Fixed a bug where the Libpod Exists endpoint for Images could panic.
- Fixed a bug where the Compat List API for Containers did not support all filters (#8860).
- Fixed a bug where the Compat List API for Containers did not properly populate the Status field.
- Fixed a bug where the Compat and Libpod Resize APIs for Containers ignored the height and width parameters (#7102).
- Fixed a bug where the Compat Search API for Images returned an incorrectly-formatted JSON response (#8758).
- Fixed a bug where the Compat Load API for Images did not properly clean up temporary files.
- Fixed a bug where the Compat Create API for Networks could panic when an empty IPAM configuration was specified.
- Fixed a bug where the Compat Inspect and List APIs for Networks did not include Scope.
- Fixed a bug where the Compat Wait endpoint for Containers did not support the same wait conditions that Docker did.
* Misc
- Updated Buildah to v1.19.2
- Updated the containers/storage library to v1.24.5
- Updated the containers/image library to v5.10.2
- Updated the containers/common library to v0.33.4
- Update to v2.2.1
* Changes
- Due to a conflict with a previously-removed field, we were forced to
modify the way image volumes (mounting images into containers using
--mount type=image) were handled in the database.
As a result, containers created in Podman 2.2.0 with image volume
will not have them in v2.2.1, and these containers will need to be re-created.
* Bugfixes
- Fixed a bug where rootless Podman would, on systems without the
XDG_RUNTIME_DIR environment variable defined, use an incorrect path
for the PID file of the Podman pause process, causing Podman to fail
to start (#8539).
- Fixed a bug where containers created using Podman v1.7 and earlier were
unusable in Podman due to JSON decode errors (#8613).
- Fixed a bug where Podman could retrieve invalid cgroup paths, instead
of erroring, for containers that were not running.
- Fixed a bug where the podman system reset command would print a warning
about a duplicate shutdown handler being registered.
- Fixed a bug where rootless Podman would attempt to mount sysfs in
circumstances where it was not allowed; some OCI runtimes (notably
crun) would fall back to alternatives and not fail, but others
(notably runc) would fail to run containers.
- Fixed a bug where the podman run and podman create commands would fail
to create containers from untagged images (#8558).
- Fixed a bug where remote Podman would prompt for a password even when
the server did not support password authentication (#8498).
- Fixed a bug where the podman exec command did not move the Conmon
process for the exec session into the correct cgroup.
- Fixed a bug where shell completion for the ancestor option to
podman ps --filter did not work correctly.
- Fixed a bug where detached containers would not properly clean themselves
up (or remove themselves if --rm was set) if the Podman command that
created them was invoked with --log-level=debug.
* API
- Fixed a bug where the Compat Create endpoint for Containers did not
properly handle the Binds and Mounts parameters in HostConfig.
- Fixed a bug where the Compat Create endpoint for Containers
ignored the Name query parameter.
- Fixed a bug where the Compat Create endpoint for Containers did not
properly handle the 'default' value for NetworkMode (this value is
used extensively by docker-compose) (#8544).
- Fixed a bug where the Compat Build endpoint for Images would sometimes
incorrectly use the target query parameter as the image's tag.
* Misc
- Podman v2.2.0 vendored a non-released, custom version of the
github.com/spf13/cobra package; this has been reverted to the latest
upstream release to aid in packaging.
- Updated the containers/image library to v5.9.0
- Update to v2.2.0
* Features
- Experimental support for shortname aliasing has been added. This is not enabled by default, but can be turned on by setting the environment variable CONTAINERS_SHORT_NAME_ALIASING to on. Documentation is available here and here.
- Initial support has been added for the podman network connect and podman network disconnect commands, which allow existing containers to modify what networks they are connected to. At present, these commands can only be used on running containers that did not specify --network=none when they were created.
- The podman run command now supports the --network-alias option to set network aliases (additional names the container can be accessed at from other containers via DNS if the dnsname CNI plugin is in use). Aliases can also be added and removed using the new podman network connect and podman network disconnect commands. Please note that this requires a new release (v1.1.0) of the dnsname plugin, and will only work on newly-created CNI networks.
- The podman generate kube command now features support for exporting container's memory and CPU limits (#7855).
- The podman play kube command now features support for setting CPU and Memory limits for containers (#7742).
- The podman play kube command now supports persistent volumes claims using Podman named volumes.
- The podman play kube command now supports Kubernetes configmaps via the --configmap option (#7567).
- The podman play kube command now supports a --log-driver option to set the log driver for created containers.
- The podman play kube command now supports a --start option, enabled by default, to start the pod after creating it. This allows for podman play kube to be more easily used in systemd unitfiles.
- The podman network create command now supports the --ipv6 option to enable dual-stack IPv6 networking for created networks (#7302).
- The podman inspect command can now inspect pods, networks, and volumes, in addition to containers and images (#6757).
- The --mount option for podman run and podman create now supports a new type, image, to mount the contents of an image into the container at a given location.
- The Bash and ZSH completions have been completely reworked and have received significant enhancements! Additionally, support for Fish completions and completions for the podman-remote executable have been added.
- The --log-opt option for podman create and podman run now supports the max-size option to set the maximum size for a container's logs (#7434).
- The --network option to the podman pod create command now allows pods to be configured to use slirp4netns networking, even when run as root (#6097).
- The podman pod stop, podman pod pause, podman pod unpause, and podman pod kill commands now work on multiple containers in parallel and should be significantly faster.
- The podman search command now supports a --list-tags option to list all available tags for a single image in a single repository.
- The podman search command can now output JSON using the --format=json option.
- The podman diff and podman mount commands now work with all containers in the storage library, including those not created by Podman. This allows them to be used with Buildah and CRI-O containers.
- The podman container exists command now features a --external option to check if a container exists not just in Podman, but also in the storage library. This will allow Podman to identify Buildah and CRI-O containers.
- The --tls-verify and --authfile options have been enabled for use with remote Podman.
- The /etc/hosts file now includes the container's name and hostname (both pointing to localhost) when the container is run with --net=none (#8095).
- The podman events command now supports filtering events based on the labels of the container they occurred on using the --filter label=key=value option.
- The podman volume ls command now supports filtering volumes based on their labels using the --filter label=key=value option.
- The --volume and --mount options to podman run and podman create now support two new mount propagation options, unbindable and runbindable.
- The name and id filters for podman pod ps now match based on a regular expression, instead of requiring an exact match.
- The podman pod ps command now supports a new filter status, that matches pods in a certain state.
* Changes
- The podman network rm --force command will now also remove pods that are using the network (#7791).
- The podman volume rm, podman network rm, and podman pod rm commands now return exit code 1 if the object specified for removal does not exist, and exit code 2 if the object is in use and the --force option was not given.
- If /dev/fuse is passed into Podman containers as a device, Podman will open it before starting the container to ensure that the kernel module is loaded on the host and the device is usable in the container.
- Global Podman options that were not supported with remote operation have been removed from podman-remote (e.g. --cgroup-manager, --storage-driver).
- Many errors have been changed to remove repetition and be more clear as to what has gone wrong.
- The --storage option to podman rm is now enabled by default, with slightly changed semantics. If the given container does not exist in Podman but does exist in the storage library, it will be removed even without the --storage option. If the container exists in Podman it will be removed normally. The --storage option for podman rm is now deprecated and will be removed in a future release.
- The --storage option to podman ps has been renamed to --external. An alias has been added so the old form of the option will continue to work.
- Podman now delays the SIGTERM and SIGINT signals during container creation to ensure that Podman is not stopped midway through creating a container resulting in potential resource leakage (#7941).
- The podman save command now strips signatures from images it is exporting, as the formats we export to do not support signatures (#7659).
- A new Degraded state has been added to pods. Pods that have some, but not all, of their containers running are now considered to be Degraded instead of Running.
- Podman will now print a warning when conflicting network options related to port forwarding (e.g. --publish and --net=host) are specified when creating a container.
- The --restart on-failure and --rm options for containers no longer conflict. When both are specified, the container will be restarted if it exits with a non-zero error code, and removed if it exits cleanly (#7906).
- Remote Podman will no longer use settings from the client's containers.conf; defaults will instead be provided by the server's containers.conf (#7657).
- The podman network rm command now has a new alias, podman network remove (#8402).
* Bugfixes
- Fixed a bug where podman load on the remote client did not error when attempting to load a directory, which is not yet supported for remote use.
- Fixed a bug where rootless Podman could hang when the newuidmap binary was not installed (#7776).
- Fixed a bug where the --pull option to podman run, podman create, and podman build did not match Docker's behavior.
- Fixed a bug where sysctl settings from the containers.conf configuration file were applied, even if the container did not join the namespace associated with a sysctl.
- Fixed a bug where Podman would not return the text of errors encounted when trying to run a healthcheck for a container.
- Fixed a bug where Podman was accidentally setting the containers environment variable in addition to the expected container environment variable.
- Fixed a bug where rootless Podman using CNI networking did not properly clean up DNS entries for removed containers (#7789).
- Fixed a bug where the podman untag --all command was not supported with remote Podman.
- Fixed a bug where the podman system service command could time out even if active attach connections were present (#7826).
- Fixed a bug where the podman system service command would sometimes never time out despite no active connections being present.
- Fixed a bug where Podman's handling of capabilities, specifically inheritable, did not match Docker's.
- Fixed a bug where podman run would fail if the image specified was a manifest list and had already been pulled (#7798).
- Fixed a bug where Podman did not take search registries into account when looking up images locally (#6381).
- Fixed a bug where the podman manifest inspect command would fail for images that had already been pulled (#7726).
- Fixed a bug where rootless Podman would not add supplemental GIDs to containers when when a user, but not a group, was set via the --user option to podman create and podman run and sufficient GIDs were available to add the groups (#7782).
- Fixed a bug where remote Podman commands did not properly handle cases where the user gave a name that could also be a short ID for a pod or container (#7837).
- Fixed a bug where podman image prune could leave images ready to be pruned after podman image prune was run (#7872).
- Fixed a bug where the podman logs command with the journald log driver would not read all available logs (#7476).
- Fixed a bug where the --rm and --restart options to podman create and podman run did not conflict when a restart policy that is not on-failure was chosen (#7878).
- Fixed a bug where the --format 'table {{ .Field }}' option to numerous Podman commands ceased to function on Podman v2.0 and up.
- Fixed a bug where pods did not properly share an SELinux label between their containers, resulting in containers being unable to see the processes of other containers when the pod shared a PID namespace (#7886).
- Fixed a bug where the --namespace option to podman ps did not work with the remote client (#7903).
- Fixed a bug where rootless Podman incorrectly calculated the number of UIDs available in the container if multiple different ranges of UIDs were specified.
- Fixed a bug where the /etc/hosts file would not be correctly populated for containers in a user namespace (#7490).
- Fixed a bug where the podman network create and podman network remove commands could race when run in parallel, with unpredictable results (#7807).
- Fixed a bug where the -p option to podman run, podman create, and podman pod create would, when given only a single number (e.g. -p 80), assign the same port for both host and container, instead of generating a random host port (#7947).
- Fixed a bug where Podman containers did not properly store the cgroup manager they were created with, causing them to stop functioning after the cgroup manager was changed in containers.conf or with the --cgroup-manager option (#7830).
- Fixed a bug where the podman inspect command did not include information on the CNI networks a container was connected to if it was not running.
- Fixed a bug where the podman attach command would not print a newline after detaching from the container (#7751).
- Fixed a bug where the HOME environment variable was not set properly in containers when the --userns=keep-id option was set (#8004).
- Fixed a bug where the podman container restore command could panic when the container in question was in a pod (#8026).
- Fixed a bug where the output of the podman image trust show --raw command was not properly formatted.
- Fixed a bug where the podman runlabel command could panic if a label to run was not given (#8038).
- Fixed a bug where the podman run and podman start --attach commands would exit with an error when the user detached manually using the detach keys on remote Podman (#7979).
- Fixed a bug where rootless CNI networking did not use the dnsname CNI plugin if it was not available on the host, despite it always being available in the container used for rootless networking (#8040).
- Fixed a bug where Podman did not properly handle cases where an OCI runtime is specified by its full path, and could revert to using another OCI runtime with the same binary path that existed in the system $PATH on subsequent invocations.
- Fixed a bug where the --net=host option to podman create and podman run would cause the /etc/hosts file to be incorrectly populated (#8054).
- Fixed a bug where the podman inspect command did not include container network information when the container shared its network namespace (IE, joined a pod or another container's network namespace via --net=container:...) (#8073).
- Fixed a bug where the podman ps command did not include information on all ports a container was publishing.
- Fixed a bug where the podman build command incorrectly forwarded STDIN into build containers from RUN instructions.
- Fixed a bug where the podman wait command's --interval option did not work when units were not specified for the duration (#8088).
- Fixed a bug where the --detach-keys and --detach options could be passed to podman create despite having no effect (and not making sense in that context).
- Fixed a bug where Podman could not start containers if running on a system without a /etc/resolv.conf file (which occurs on some WSL2 images) (#8089).
- Fixed a bug where the --extract option to podman cp was nonfunctional.
- Fixed a bug where the --cidfile option to podman run would, when the container was not run with --detach, only create the file after the container exited (#8091).
- Fixed a bug where the podman images and podman images -a commands could panic and not list any images when certain improperly-formatted images were present in storage (#8148).
- Fixed a bug where the podman events command could, when the journald events backend was in use, become nonfunctional when a badly-formatted event or a log message that container certain string was present in the journal (#8125).
- Fixed a bug where remote Podman would, when using SSH transport, not authenticate to the server using hostkeys when connecting on a port other than 22 (#8139).
- Fixed a bug where the podman attach command would not exit when containers stopped (#8154).
- Fixed a bug where Podman did not properly clean paths before verifying them, resulting in Podman refusing to start if the root or temporary directories were specified with extra trailing / characters (#8160).
- Fixed a bug where remote Podman did not support hashed hostnames in the known_hosts file on the host for establishing connections (#8159).
- Fixed a bug where the podman image exists command would return non-zero (false) when multiple potential matches for the given name existed.
- Fixed a bug where the podman manifest inspect command on images that are not manifest lists would error instead of inspecting the image (#8023).
- Fixed a bug where the podman system service command would fail if the directory the Unix socket was to be created inside did not exist (#8184).
- Fixed a bug where pods that shared the IPC namespace (which is done by default) did not share a /dev/shm filesystem between all containers in the pod (#8181).
- Fixed a bug where filters passed to podman volume list were not inclusive (#6765).
- Fixed a bug where the podman volume create command would fail when the volume's data directory already existed (as might occur when a volume was not completely removed) (#8253).
- Fixed a bug where the podman run and podman create commands would deadlock when trying to create a container that mounted the same named volume at multiple locations (e.g. podman run -v testvol:/test1 -v testvol:/test2) (#8221).
- Fixed a bug where the parsing of the --net option to podman build was incorrect (#8322).
- Fixed a bug where the podman build command would print the ID of the built image twice when using remote Podman (#8332).
- Fixed a bug where the podman stats command did not show memory limits for containers (#8265).
- Fixed a bug where the podman pod inspect command printed the static MAC address of the pod in a non-human-readable format (#8386).
- Fixed a bug where the --tls-verify option of the podman play kube command had its logic inverted (false would enforce the use of TLS, true would disable it).
- Fixed a bug where the podman network rm command would error when trying to remove macvlan networks and rootless CNI networks (#8491).
- Fixed a bug where Podman was not setting sane defaults for missing XDG_ environment variables.
- Fixed a bug where remote Podman would check if volume paths to be mounted in the container existed on the host, not the server (#8473).
- Fixed a bug where the podman manifest create and podman manifest add commands on local images would drop any images in the manifest not pulled by the host.
- Fixed a bug where networks made by podman network create did not include the tuning plugin, and as such did not support setting custom MAC addresses (#8385).
- Fixed a bug where container healthchecks did not use $PATH when searching for the Podman executable to run the healthcheck.
- Fixed a bug where the --ip-range option to podman network create did not properly handle non-classful subnets when calculating the last usable IP for DHCP assignment (#8448).
- Fixed a bug where the podman container ps alias for podman ps was missing (#8445).
* API
- The Compat Create endpoint for Container has received a major refactor to share more code with the Libpod Create endpoint, and should be significantly more stable.
- A Compat endpoint for exporting multiple images at once, GET /images/get, has been added (#7950).
- The Compat Network Connect and Network Disconnect endpoints have been added.
- Endpoints that deal with image registries now support a X-Registry-Config header to specify registry authentication configuration.
- The Compat Create endpoint for images now properly supports specifying images by digest.
- The Libpod Build endpoint for images now supports an httpproxy query parameter which, if set to true, will forward the server's HTTP proxy settings into the build container for RUN instructions.
- The Libpod Untag endpoint for images will now remove all tags for the given image if no repository and tag are specified for removal.
- Fixed a bug where the Ping endpoint misspelled a header name (Libpod-Buildha-Version instead of Libpod-Buildah-Version).
- Fixed a bug where the Ping endpoint sent an extra newline at the end of its response where Docker did not.
- Fixed a bug where the Compat Logs endpoint for containers did not send a newline character after each log line.
- Fixed a bug where the Compat Logs endpoint for containers would mangle line endings to change newline characters to add a preceding carriage return (#7942).
- Fixed a bug where the Compat Inspect endpoint for Containers did not properly list the container's stop signal (#7917).
- Fixed a bug where the Compat Inspect endpoint for Containers formatted the container's create time incorrectly (#7860).
- Fixed a bug where the Compat Inspect endpoint for Containers did not include the container's Path, Args, and Restart Count.
- Fixed a bug where the Compat Inspect endpoint for Containers prefixed added and dropped capabilities with CAP_ (Docker does not do so).
- Fixed a bug where the Compat Info endpoint for the Engine did not include configured registries.
- Fixed a bug where the server could panic if a client closed a connection midway through an image pull (#7896).
- Fixed a bug where the Compat Create endpoint for volumes returned an error when a volume with the same name already existed, instead of succeeding with a 201 code (#7740).
- Fixed a bug where a client disconnecting from the Libpod or Compat events endpoints could result in the server using 100% CPU (#7946).
- Fixed a bug where the 'no such image' error message sent by the Compat Inspect endpoint for Images returned a 404 status code with an error that was improperly formatted for Docker compatibility.
- Fixed a bug where the Compat Create endpoint for networks did not properly set a default for the driver parameter if it was not provided by the client.
- Fixed a bug where the Compat Inspect endpoint for images did not populate the RootFS field of the response.
- Fixed a bug where the Compat Inspect endpoint for images would omit the ParentId field if the image had no parent, and the Created field if the image did not have a creation time.
- Fixed a bug where the Compat Remove endpoint for Networks did not support the Force query parameter.
- add dependency to timezone package or podman fails to build a
- Correct invalid use of %{_libexecdir} to ensure files should be in /usr/lib
SELinux support [jsc#SMO-15]
libseccomp was updated to release 2.5.3:
* Update the syscall table for Linux v5.15
* Fix issues with multiplexed syscalls on mipsel introduced in v2.5.2
* Document that seccomp_rule_add() may return -EACCES
Update to release 2.5.2
* Update the syscall table for Linux v5.14-rc7
* Add a function, get_notify_fd(), to the Python bindings to
get the nofication file descriptor.
* Consolidate multiplexed syscall handling for all
architectures into one location.
* Add multiplexed syscall support to PPC and MIPS
* The meaning of SECCOMP_IOCTL_NOTIF_ID_VALID changed within
the kernel. libseccomp's fd notification logic was modified
to support the kernel's previous and new usage of
SECCOMP_IOCTL_NOTIF_ID_VALID.
update to 2.5.1:
* Fix a bug where seccomp_load() could only be called once
* Change the notification fd handling to only request a notification fd if
* the filter has a _NOTIFY action
* Add documentation about SCMP_ACT_NOTIFY to the seccomp_add_rule(3) manpage
* Clarify the maintainers' GPG keys
Update to release 2.5.0
* Add support for the seccomp user notifications, see the
seccomp_notify_alloc(3), seccomp_notify_receive(3),
seccomp_notify_respond(3) manpages for more information
* Add support for new filter optimization approaches, including a balanced
tree optimization, see the SCMP_FLTATR_CTL_OPTIMIZE filter attribute for
more information
* Add support for the 64-bit RISC-V architecture
* Performance improvements when adding new rules to a filter thanks to the
use of internal shadow transactions and improved syscall lookup tables
* Properly document the libseccomp API return values and include them in the
stable API promise
* Improvements to the s390 and s390x multiplexed syscall handling
* Multiple fixes and improvements to the libseccomp manpages
* Moved from manually maintained syscall tables to an automatically generated
syscall table in CSV format
* Update the syscall tables to Linux v5.8.0-rc5
* Python bindings and build now default to Python 3.x
* Improvements to the tests have boosted code coverage to over 93%
Update to release 2.4.3
* Add list of authorized release signatures to README.md
* Fix multiplexing issue with s390/s390x shm* syscalls
* Remove the static flag from libseccomp tools compilation
* Add define for __SNR_ppoll
* Fix potential memory leak identified by clang in the
scmp_bpf_sim tool
Update to release 2.4.2
* Add support for io-uring related system calls
conmon was updated to version 2.0.30:
* Remove unreachable code path
* exit: report if the exit command was killed
* exit: fix race zombie reaper
* conn_sock: allow watchdog messages through the notify socket proxy
* seccomp: add support for seccomp notify
Update to version 2.0.29:
* Reset OOM score back to 0 for container runtime
* call functions registered with atexit on SIGTERM
* conn_sock: fix potential segfault
Update to version 2.0.27:
* Add CRI-O integration test GitHub action
* exec: don't fail on EBADFD
* close_fds: fix close of external fds
* Add arm64 static build binary
Update to version 2.0.26:
* conn_sock: do not fail on EAGAIN
* fix segfault from a double freed pointer
* Fix a bug where conmon could never spawn a container, because
a disagreement between the caller and itself on where the attach
socket was.
* improve --full-attach to ignore the socket-dir directly. that
means callers don't need to specify a socket dir at all (and
can remove it)
* add full-attach option to allow callers to not truncate a very
long path for the attach socket
* close only opened FDs
* set locale to inherit environment
Update to version 2.0.22:
* added man page
* attach: always chdir
* conn_sock: Explicitly free a heap-allocated string
* refactor I/O and add SD_NOTIFY proxy support
Update to version 2.0.21:
* protect against kill(-1)
* Makefile: enable debuginfo generation
* Remove go.sum file and add go.mod
* Fail if conmon config could not be written
* nix: remove double definition for e2fsprogs
* Speedup static build by utilizing CI cache on `/nix` folder
* Fix nix build for failing e2fsprogs tests
* test: fix CI
* Use Podman for building
libcontainers-common was updated to include:
- common 0.44.0
- image 5.16.0
- podman 3.3.1
- storage 1.36.0
(changes too long to list)
CVEs fixed: CVE-2020-14370,CVE-2020-15157,CVE-2021-20199,CVE-2021-20291,CVE-2021-3602
Patchnames
openSUSE-SLE-15.3-2022-23018
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for conmon, libcontainers-common, libseccomp, podman",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for conmon, libcontainers-common, libseccomp, podman fixes the following issues:\n\npodman was updated to 3.4.4.\n\nSecurity issues fixed:\n\n\n- fix CVE-2021-41190 [bsc#1193273], opencontainers: OCI manifest and index parsing confusion\n- fix CVE-2021-4024 [bsc#1193166], podman machine spawns gvproxy with port binded to all IPs\n- fix CVE-2021-20199 [bsc#1181640], Remote traffic to rootless containers is seen as orginating from localhost\n\n- Add: Provides: podman:/usr/bin/podman-remote subpackage for a clearer upgrade\n path from podman \u003c 3.1.2\n\nUpdate to version 3.4.4:\n\n * Bugfixes\n\n - Fixed a bug where the podman exec command would, under some circumstances,\n print a warning message about failing to move conmon to the appropriate cgroup (#12535).\n - Fixed a bug where named volumes created as part of container creation\n (e.g. podman run --volume avolume:/a/mountpoint or similar) would be\n mounted with incorrect permissions (#12523).\n - Fixed a bug where the podman-remote create and podman-remote run commands\n did not properly handle the --entrypoint=\u0027\u0027 option (to clear the container\u0027s entrypoint) (#12521).\n\n- Update to version 3.4.3:\n\n * Security\n\n - This release addresses CVE-2021-4024, where the podman machine command opened the gvproxy API (used to forward ports to podman machine VMs) to the public internet on port 7777.\n - This release addresses CVE-2021-41190, where incomplete specification of behavior regarding image manifests could lead to inconsistent decoding on different clients.\n\n * Features\n\n - The --secret type=mount option to podman create and podman run supports a new option, target=, which specifies where in the container the secret will be mounted (#12287).\n\n * Bugfixes\n\n - Fixed a bug where rootless Podman would occasionally print warning messages about failing to move the pause process to a new cgroup (#12065).\n - Fixed a bug where the podman run and podman create commands would, when pulling images, still require TLS even with registries set to Insecure via config file (#11933).\n - Fixed a bug where the podman generate systemd command generated units that depended on multi-user.target, which has been removed from some distributions (#12438).\n - Fixed a bug where Podman could not run containers with images that had /etc/ as a symlink (#12189).\n - Fixed a bug where the podman logs -f command would, when using the journald logs backend, exit immediately if the container had previously been restarted (#12263).\n - Fixed a bug where, in containers on VMs created by podman machine, the host.containers.internal name pointed to the VM, not the host system (#11642).\n - Fixed a bug where containers and pods created by the podman play kube command in VMs managed by podman machine would not automatically forward ports from the host machine (#12248).\n - Fixed a bug where podman machine init would fail on OS X when GNU Coreutils was installed (#12329).\n - Fixed a bug where podman machine start would exit before SSH on the started VM was accepting connections (#11532).\n - Fixed a bug where the podman run command with signal proxying (--sig-proxy) enabled could print an error if it attempted to send a signal to a container that had just exited (#8086).\n - Fixed a bug where the podman stats command would not return correct information for containers running Systemd as PID1 (#12400).\n - Fixed a bug where the podman image save command would fail on OS X when writing the image to STDOUT (#12402).\n - Fixed a bug where the podman ps command did not properly handle PS arguments which contained whitespace (#12452).\n - Fixed a bug where the podman-remote wait command could fail to detect that the container exited and return an error under some circumstances (#12457).\n - Fixed a bug where the Windows MSI installer for podman-remote would break the PATH environment variable by adding an extra \u0027 (#11416).\n\n * API\n\n - The Libpod Play Kube endpoint now also accepts ConfigMap YAML as part of its payload, and will use provided any ConfigMap to configure provided pods and services.\n - Fixed a bug where the Compat Create endpoint for Containers would not always create the container\u0027s working directory if it did not exist (#11842).\n - Fixed a bug where the Compat Create endpoint for Containers returned an incorrect error message with 404 errors when the requested image was not found (#12315).\n - Fixed a bug where the Compat Create endpoint for Containers did not properly handle the HostConfig.Mounts field (#12419).\n - Fixed a bug where the Compat Archive endpoint for Containers did not properly report errors when the operation failed (#12420).\n - Fixed a bug where the Compat Build endpoint for Images ignored the layers query parameter (for caching intermediate layers from the build) (#12378).\n - Fixed a bug where the Compat Build endpoint for Images did not report errors in a manner compatible with Docker (#12392).\n - Fixed a bug where the Compat Build endpoint for Images would fail to build if the context directory was a symlink (#12409).\n - Fixed a bug where the Compat List endpoint for Images included manifest lists (and not just images) in returned results (#12453).\n\n- Update to version 3.4.2:\n\n * Fixed a bug where podman tag could not tag manifest lists (#12046).\n * Fixed a bug where built-in volumes specified by images would not be\n created correctly under some circumstances.\n * Fixed a bug where, when using Podman Machine on OS X, containers in pods\n did not have working port forwarding from the host (#12207).\n * Fixed a bug where the podman network reload command command on containers\n using the slirp4netns network mode and the rootlessport port forwarding\n driver would make an unnecessary attempt to restart rootlessport\n on containers that did not forward ports.\n * Fixed a bug where the podman generate kube command would generate YAML\n including some unnecessary (set to default) fields (e.g. empty SELinux and\n DNS configuration blocks, and the privileged flag when set to false) (#11995).\n * Fixed a bug where the podman pod rm command could, if interrupted at the right moment,\n leave a reference to an already-removed infra container behind (#12034).\n * Fixed a bug where the podman pod rm command would not remove pods with\n more than one container if all containers save for the infra container\n were stopped unless --force was specified (#11713).\n * Fixed a bug where the --memory flag to podman run and podman create did\n not accept a limit of 0 (which should specify unlimited memory) (#12002).\n * Fixed a bug where the remote Podman client\u0027s podman build command could\n attempt to build a Dockerfile in the working directory of the podman\n system service instance instead of the Dockerfile specified by the user (#12054).\n * Fixed a bug where the podman logs --tail command could function improperly\n (printing more output than requested) when the journald log driver was used.\n * Fixed a bug where containers run using the slirp4netns network mode with\n IPv6 enabled would not have IPv6 connectivity until several seconds after they started (#11062).\n * Fixed a bug where some Podman commands could cause an extra dbus-daemon\n process to be created (#9727).\n * Fixed a bug where rootless Podman would sometimes print warnings\n about a failure to move the pause process into a given CGroup (#12065).\n * Fixed a bug where the checkpointed field in podman inspect on a container\n was not set to false after a container was restored.\n * Fixed a bug where the podman system service command would print\n overly-verbose logs about request IDs (#12181).\n * Fixed a bug where Podman could, when creating a new container without a name\n explicitly specified by the user, sometimes use an auto-generated name already\n in use by another container if multiple containers were being created in parallel (#11735).\n\nUpdate to version 3.4.1:\n\n * Bugfixes\n\n - Fixed a bug where podman machine init could, under some circumstances,\n create invalid machine configurations which could not be started (#11824).\n - Fixed a bug where the podman machine list command would not properly\n populate some output fields.\n - Fixed a bug where podman machine rm could leave dangling sockets from\n the removed machine (#11393).\n - Fixed a bug where podman run --pids-limit=-1 was not supported (it now\n sets the PID limit in the container to unlimited) (#11782).\n - Fixed a bug where podman run and podman attach could throw errors about\n a closed network connection when STDIN was closed by the client (#11856).\n - Fixed a bug where the podman stop command could fail when run on a\n container that had another podman stop command run on it previously.\n - Fixed a bug where the --sync flag to podman ps was nonfunctional.\n - Fixed a bug where the Windows and OS X remote clients\u0027 podman stats\n command would fail (#11909).\n - Fixed a bug where the podman play kube command did not properly handle\n environment variables whose values contained an = (#11891).\n - Fixed a bug where the podman generate kube command could generate\n invalid annotations when run on containers with volumes that use SELinux\n relabelling (:z or :Z) (#11929).\n - Fixed a bug where the podman generate kube command would generate YAML\n including some unnecessary (set to default) fields (e.g. user and group,\n entrypoint, default protocol for forwarded ports) (#11914, #11915, and #11965).\n - Fixed a bug where the podman generate kube command could, under some\n circumstances, generate YAML including an invalid targetPort field for\n forwarded ports (#11930).\n - Fixed a bug where rootless Podman\u0027s podman info command could, under\n some circumstances, not read available CGroup controllers (#11931).\n - Fixed a bug where podman container checkpoint --export would fail to\n checkpoint any container created with --log-driver=none (#11974).\n\n * API\n\n - Fixed a bug where the Compat Create endpoint for Containers could panic\n when no options were passed to a bind mount of tmpfs (#11961).\n\nUpdate to version 3.4.0:\n\n * Features\n\n - Pods now support init containers! Init containers are containers which run before the rest of the pod starts. There are two types of init containers: \u0027always\u0027, which always run before the pod is started, and \u0027once\u0027, which only run the first time the pod starts and are subsequently removed. They can be added using the podman create command\u0027s --init-ctr option.\n - Support for init containers has also been added to podman play kube and podman generate kube - init containers contained in Kubernetes YAML will be created as Podman init containers, and YAML generated by Podman will include any init containers created.\n - The podman play kube command now supports building images. If the --build option is given and a directory with the name of the specified image exists in the current working directory and contains a valid Containerfile or Dockerfile, the image will be built and used for the container.\n - The podman play kube command now supports a new option, --teardown, which removes any pods and containers created by the given Kubernetes YAML.\n - The podman generate kube command now generates annotations for SELinux mount options on volume (:z and :Z) that are respected by the podman play kube command.\n - A new command has been added, podman pod logs, to return logs for all containers in a pod at the same time.\n - Two new commands have been added, podman volume export (to export a volume to a tar file) and podman volume import) (to populate a volume from a given tar file).\n - The podman auto-update command now supports simple rollbacks. If a container fails to start after an automatic update, it will be rolled back to the previous image and restarted again.\n - Pods now share their user namespace by default, and the podman pod create command now supports the --userns option. This allows rootless pods to be created with the --userns=keep-id option.\n - The podman pod ps command now supports a new filter with its --filter option, until, which returns pods created before a given timestamp.\n - The podman image scp command has been added. This command allows images to be transferred between different hosts.\n - The podman stats command supports a new option, --interval, to specify the amount of time before the information is refreshed.\n - The podman inspect command now includes ports exposed (but not published) by containers (e.g. ports from --expose when --publish-all is not specified).\n - The podman inspect command now has a new boolean value, Checkpointed, which indicates that a container was stopped as a result of a podman container checkpoint operation.\n - Volumes created by podman volume create now support setting quotas when run atop XFS. The size and inode options allow the maximum size and maximum number of inodes consumed by a volume to be limited.\n - The podman info command now outputs information on what log drivers, network drivers, and volume plugins are available for use (#11265).\n - The podman info command now outputs the current log driver in use, and the variant and codename of the distribution in use.\n - The parameters of the VM created by podman machine init (amount of disk space, memory, CPUs) can now be set in containers.conf.\n - The podman machine ls command now shows additional information (CPUs, memory, disk size) about VMs managed by podman machine.\n - The podman ps command now includes healthcheck status in container state for containers that have healthchecks (#11527).\n\n * Changes\n\n - The podman build command has a new alias, podman buildx, to improve compatibility with Docker. We have already added support for many docker buildx flags to podman build and aim to continue to do so.\n - Cases where Podman is run without a user session or a writable temporary files directory will now produce better error messages.\n - The default log driver has been changed from file to journald. The file driver did not properly support log rotation, so this should lead to a better experience. If journald is not available on the system, Podman will automatically revert to the file.\n - Podman no longer depends on ip for removing networks (#11403).\n - The deprecated --macvlan flag to podman network create now warns when it is used. It will be removed entirely in the Podman 4.0 release.\n - The podman machine start command now prints a message when the VM is successfully started.\n - The podman stats command can now be used on containers that are paused.\n - The podman unshare command will now return the exit code of the command that was run in the user namespace (assuming the command was successfully run).\n - Successful healthchecks will no longer add a healthy line to the system log to reduce log spam.\n - As a temporary workaround for a lack of shortname prompts in the Podman remote client, VMs created by podman machine now default to only using the docker.io registry.\n\n * Bugfixes\n\n - Fixed a bug where whitespace in the definition of sysctls (particularly default sysctls specified in containers.conf) would cause them to be parsed incorrectly.\n - Fixed a bug where the Windows remote client improperly validated volume paths (#10900).\n - Fixed a bug where the first line of logs from a container run with the journald log driver could be skipped.\n - Fixed a bug where images created by podman commit did not include ports exposed by the container.\n - Fixed a bug where the podman auto-update command would ignore the io.containers.autoupdate.authfile label when pulling images (#11171).\n - Fixed a bug where the --workdir option to podman create and podman run could not be set to a directory where a volume was mounted (#11352).\n - Fixed a bug where systemd socket-activation did not properly work with systemd-managed Podman containers (#10443).\n - Fixed a bug where environment variable secrets added to a container were not available to exec sessions launched in the container.\n - Fixed a bug where rootless containers could fail to start the rootlessport port-forwarding service when XDG_RUNTIME_DIR was set to a long path.\n - Fixed a bug where arguments to the --systemd option to podman create and podman run were case-sensitive (#11387).\n - Fixed a bug where the podman manifest rm command would also remove images referenced by the manifest, not just the manifest itself (#11344).\n - Fixed a bug where the Podman remote client on OS X would not function properly if the TMPDIR environment variable was not set (#11418).\n - Fixed a bug where the /etc/hosts file was not guaranteed to contain an entry for localhost (this is still not guaranteed if --net=host is used; such containers will exactly match the host\u0027s /etc/hosts) (#11411).\n - Fixed a bug where the podman machine start command could print warnings about unsupported CPU features (#11421).\n - Fixed a bug where the podman info command could segfault when accessing cgroup information.\n - Fixed a bug where the podman logs -f command could hang when a container exited (#11461).\n - Fixed a bug where the podman generate systemd command could not be used on containers that specified a restart policy (#11438).\n - Fixed a bug where the remote Podman client\u0027s podman build command would fail to build containers if the UID and GID on the client were higher than 65536 (#11474).\n - Fixed a bug where the remote Podman client\u0027s podman build command would fail to build containers if the context directory was a symlink (#11732).\n - Fixed a bug where the --network flag to podman play kube was not properly parsed when a non-bridge network configuration was specified.\n - Fixed a bug where the podman inspect command could error when the container being inspected was removed as it was being inspected (#11392).\n - Fixed a bug where the podman play kube command ignored the default pod infra image specified in containers.conf.\n - Fixed a bug where the --format option to podman inspect was nonfunctional under some circumstances (#8785).\n - Fixed a bug where the remote Podman client\u0027s podman run and podman exec commands could skip a byte of output every 8192 bytes (#11496).\n - Fixed a bug where the podman stats command would print nonsensical results if the container restarted while it was running (#11469).\n - Fixed a bug where the remote Podman client would error when STDOUT was redirected on a Windows client (#11444).\n - Fixed a bug where the podman run command could return 0 when the application in the container exited with 125 (#11540).\n - Fixed a bug where containers with --restart=always set using the rootlessport port-forwarding service could not be restarted automatically.\n - Fixed a bug where the --cgroups=split option to podman create and podman run was silently discarded if the container was part of a pod.\n - Fixed a bug where the podman container runlabel command could fail if the image name given included a tag.\n - Fixed a bug where Podman could add an extra 127.0.0.1 entry to /etc/hosts under some circumstances (#11596).\n - Fixed a bug where the remote Podman client\u0027s podman untag command did not properly handle tags including a digest (#11557).\n - Fixed a bug where the --format option to podman ps did not properly support the table argument for tabular output.\n - Fixed a bug where the --filter option to podman ps did not properly handle filtering by healthcheck status (#11687).\n - Fixed a bug where the podman run and podman start --attach commands could race when retrieving the exit code of a container that had already been removed resulting in an error (e.g. by an external podman rm -f) (#11633).\n - Fixed a bug where the podman generate kube command would add default environment variables to generated YAML.\n - Fixed a bug where the podman generate kube command would add the default CMD from the image to generated YAML (#11672).\n - Fixed a bug where the podman rm --storage command could fail to remove containers under some circumstances (#11207).\n - Fixed a bug where the podman machine ssh command could fail when run on Linux (#11731).\n - Fixed a bug where the podman stop command would error when used on a container that was already stopped (#11740).\n - Fixed a bug where renaming a container in a pod using the podman rename command, then removing the pod using podman pod rm, could cause Podman to believe the new name of the container was permanently in use, despite the container being removed (#11750).\n\n * API\n\n - The Libpod Pull endpoint for Images now has a new query parameter, quiet, which (when set to true) suppresses image pull progress reports (#10612).\n - The Compat Events endpoint now includes several deprecated fields from the Docker v1.21 API for improved compatibility with older clients.\n - The Compat List and Inspect endpoints for Images now prefix image IDs with sha256: for improved Docker compatibility (#11623).\n - The Compat Create endpoint for Containers now properly sets defaults for healthcheck-related fields (#11225).\n - The Compat Create endpoint for Containers now supports volume options provided by the Mounts field (#10831).\n - The Compat List endpoint for Secrets now supports a new query parameter, filter, which allows returned results to be filtered.\n - The Compat Auth endpoint now returns the correct response code (500 instead of 400) when logging into a registry fails.\n - The Version endpoint now includes information about the OCI runtime and Conmon in use (#11227).\n - Fixed a bug where the X-Registry-Config header was not properly handled, leading to errors when pulling images (#11235).\n - Fixed a bug where invalid query parameters could cause a null pointer dereference when creating error messages.\n - Logging of API requests and responses at trace level has been greatly improved, including the addition of an X-Reference-Id header to correlate requests and responses (#10053).\n\nUpdate to version 3.3.1:\n\n * Bugfixes\n\n - Fixed a bug where unit files created by podman generate systemd could\n not cleanup shut down containers when stopped by systemctl stop (#11304).\n - Fixed a bug where podman machine commands would not properly locate\n the gvproxy binary in some circumstances.\n - Fixed a bug where containers created as part of a pod using the\n --pod-id-file option would not join the pod\u0027s network namespace (#11303).\n - Fixed a bug where Podman, when using the systemd cgroups driver,\n could sometimes leak dbus sessions.\n - Fixed a bug where the until filter to podman logs and podman events\n was improperly handled, requiring input to be negated (#11158).\n - Fixed a bug where rootless containers using CNI networking run on\n systems using systemd-resolved for DNS would fail to start if resolved\n symlinked /etc/resolv.conf to an absolute path (#11358).\n\n * API\n\n - A large number of potential file descriptor leaks from improperly closing\n client connections have been fixed.\n\nUpdate to version 3.3.0:\n\n * Fix network aliases with network id\n * machine: compute sha256 as we read the image file\n * machine: check for file exists instead of listing directory\n * pkg/bindings/images.nTar(): slashify hdr.Name values\n * Volumes: Only remove from DB if plugin removal succeeds\n * For compatibility, ignore Content-Type\n * [v3.3] Bump c/image 5.15.2, buildah v1.22.3\n * Implement SD-NOTIFY proxy in conmon\n * Fix rootless cni dns without systemd stub resolver\n * fix rootlessport flake\n * Skip stats test in CGv1 container environments\n * Fix AVC denials in tests of volume mounts\n * Restore buildah-bud test requiring new images\n * Revert \u0027.cirrus.yml: use fresh images for all VMs\u0027\n * Fix device tests using ls test files\n * Enhance priv. dev. check\n * Workaround host availability of /dev/kvm\n * Skip cgroup-parent test due to frequent flakes\n * Cirrus: Fix not uploading logformatter html\n\nSwitch to crun (bsc#1188914)\n\nUpdate to version 3.2.3:\n\n * Bump to v3.2.3\n * Update release notes for v3.2.3\n * vendor containers/common@v0.38.16\n * vendor containers/buildah@v1.21.3\n * Fix race conditions in rootless cni setup\n * CNI-in-slirp4netns: fix bind-mount for /run/systemd/resolve/stub-resolv.conf\n * Make rootless-cni setup more robust\n * Support uid,gid,mode options for secrets\n * vendor containers/common@v0.38.15\n * [CI:DOCS] podman search: clarify that results depend on implementation\n * vendor containers/common@v0.38.14\n * vendor containers/common@v0.38.13\n * [3.2] vendor containers/common@v0.38.12\n * Bump README to v3.2.2\n * Bump to v3.2.3-dev\n\n- Update to version 3.2.2:\n * Bump to v3.2.2\n * fix systemcontext to use correct TMPDIR\n * Scrub podman commands to use report package\n * Fix volumes with uid and gid options\n * Vendor in c/common v0.38.11\n * Initial release notes for v3.2.2\n * Fix restoring of privileged containers\n * Fix handling of podman-remote build --device\n * Add support for podman remote build -f - .\n * Fix panic condition in cgroups.getAvailableControllers\n * Fix permissions on initially created named volumes\n * Fix building static podman-remote\n * add correct slirp ip to /etc/hosts\n * disable tty-size exec checks in system tests\n * Fix resize race with podman exec -it\n * Fix documentation of the --format option of podman push\n * Fix systemd-resolved detection.\n * Health Check is not handled in the compat LibpodToContainerJSON\n * Do not use inotify for OCICNI\n * getContainerNetworkInfo: lock netNsCtr before sync\n * [NO TESTS NEEDED] Create /etc/mtab with the correct ownership\n * Create the /etc/mtab file if does not exists\n * [v3.2] cp: do not allow dir-\u003efile copying\n * create: support images with invalid platform\n * vendor containers/common@v0.38.10\n * logs: k8s-file: restore poll sleep\n * logs: k8s-file: fix spurious error logs\n * utils: move message from warning to debug\n * Bump to v3.2.2-dev\n\n- Update to version 3.2.1:\n * Bump to v3.2.1\n * Updated release notes for v3.2.1\n * Fix network connect race with docker-compose\n * Revert \u0027Ensure minimum API version is set correctly in tests\u0027\n * Fall back to string for dockerfile parameter\n * remote events: fix --stream=false\n * [CI:DOCS] fix incorrect network remove api doc\n * remote: always send resize before the container starts\n * remote events: support labels\n * remote pull: cancel pull when connection is closed\n * Fix network prune api docs\n * Improve systemd-resolved detection\n * logs: k8s-file: fix race\n * Fix image prune --filter cmd behavior\n * Several shell completion fixes\n * podman-remote build should handle -f option properly\n * System tests: deal with crun 0.20.1\n * Fix build tags for pkg/machine...\n * Fix pre-checkpointing\n * container: ignore named hierarchies\n * [v3.2] vendor containers/common@v0.38.9\n * rootless: fix fast join userns path\n * [v3.2] vendor containers/common@v0.38.7\n * [v3.2] vendor containers/common@v0.38.6\n * Correct qemu options for Intel macs\n * Ensure minimum API version is set correctly in tests\n * Bump to v3.2.1-dev\n\n- Update to version 3.2.0:\n * Bump to v3.2.0\n * Fix network create macvlan with subnet option\n * Final release notes updates for v3.2.0\n * add ipv6 nameservers only when the container has ipv6 enabled\n * Use request context instead of background\n * [v.3.2] events: support disjunctive filters\n * System tests: add :Z to volume mounts\n * generate systemd: make mounts portable\n * vendor containers/storage@v1.31.3\n * vendor containers/common@v0.38.5\n * Bump to v3.2.0-dev\n * Bump to v3.2.0-RC3\n * Update release notes for v3.2.0-RC3\n * Fix race on podman start --all\n * Fix race condition in running ls container in a pod\n * docs: --cert-dir: point to containers-certs.d(5)\n * Handle hard links in different directories\n * Improve OCI Runtime error\n * Handle hard links in remote builds\n * Podman info add support for status of cgroup controllers\n * Drop container does not exist on removal to debugf\n * Downgrade API service routing table logging\n * add libimage events\n * docs: generate systemd: XDG_RUNTIME_DIR\n * Fix problem copying files when container is in host pid namespace\n * Bump to v3.2.0-dev\n * Bump to v3.2.0-RC2\n * update c/common\n * Update Cirrus DEST_BRANCH to v3.2\n * Updated vendors of c/image, c/storage, Buildah\n * Initial release notes for v3.2.0-RC2\n * Add script for identifying commits in release branches\n * Add host.containers.internal entry into container\u0027s etc/hosts\n * image prune: remove unused images only with `--all`\n * podman network reload add rootless support\n * Use more recent `stale` release...\n * network tutorial: update with rootless cni changes\n * [CI:DOCS] Update first line in intro page\n * Use updated VM images + updated automation tooling\n * auto-update service: prune images\n * make vendor\n * fix system upgrade tests\n * Print \u0027extracting\u0027 only on compressed file\n * podman image tree: restore previous behavior\n * fix network restart always test\n * fix incorrect log driver in podman container image\n * Add support for cli network prune --filter flag\n * Move filter parsing to common utils\n * Bump github.com/containers/storage from 1.30.2 to 1.30.3\n * Update nix pin with `make nixpkgs`\n * [CI:DOCS] hack/bats - new helper for running system tests\n * fix restart always with slirp4netns\n * Bump github.com/opencontainers/runc from 1.0.0-rc93 to 1.0.0-rc94\n * Bump github.com/coreos/go-systemd/v22 from 22.3.1 to 22.3.2\n * Add host.serviceIsRemote to podman info results\n * Add client disconnect to build handler loop\n * Remove obsolete skips\n * Fix podman-remote build --rm=false ...\n * fix: improved \u0027containers/{name}/wait\u0027 endpoint\n * Bump github.com/containers/storage from 1.30.1 to 1.30.2\n * Add envars to the generated systemd unit\n * fix: use UTC Time Stamps in response JSON\n * fix container startup for empty pidfile\n * Kube like pods should share ipc,net,uts by default\n * fix: compat API \u0027images/get\u0027 for multiple images\n * Revert escaped double dash man page flag syntax\n * Report Download complete in Compatibility mode\n * Add documentation on short-names\n * Bump github.com/docker/docker\n * Adds support to preserve auto update labels in generate and play kube\n * [CI:DOCS] Stop conversion of `--` into en dash\n * Revert Patch to relabel if selinux not enabled\n * fix per review request\n * Add support for environment variable secrets\n * fix pre review request\n * Fix infinite loop in isPathOnVolume\n * Add containers.conf information for changing defaults\n * CI: run rootless tests under ubuntu\n * Fix wrong macvlan PNG in networking doc.\n * Add restart-policy to container filters \u0026 --filter to podman start\n * Fixes docker-compose cannot set static ip when use ipam\n * channel: simplify implementation\n * build: improve regex for iidfile\n * Bump github.com/onsi/gomega from 1.11.0 to 1.12.0\n * cgroup: fix rootless --cgroup-parent with pods\n * fix: docker APIv2 `images/get`\n * codespell cleanup\n * Minor podmanimage docs updates.\n * Fix handling of runlabel IMAGE and NAME\n * Bump to v3.2.0-dev\n * Bump to v3.2.0-rc1\n * rootless: improve automatic range split\n * podman: set volatile storage flag for --rm containers\n * Bump github.com/onsi/ginkgo from 1.16.1 to 1.16.2\n * Bump github.com/containers/image/v5 from 5.11.1 to 5.12.0\n * migrate Podman to containers/common/libimage\n * Add filepath glob support to --security-opt unmask\n * Force log_driver to k8s-file for containers in containers\n * add --mac-address to podman play kube\n * compat api: Networks must be empty instead of null\n * System tests: honor $OCI_RUNTIME (for CI)\n * is this a bug?\n * system test image: add arm64v8 image\n * Fix troubleshooting documentation on handling sublemental groups.\n * Add --all to podman start\n * Fix variable reference typo. in multi-arch image action\n * cgroup: always honor --cgroup-parent with cgroupfs\n * Bump github.com/uber/jaeger-client-go\n * Don\u0027t require tests for github-actions \u0026 metadata\n * Detect if in podman machine virtual vm\n * Fix multi-arch image workflow typo\n * [CI:DOCS] Add titles to remote docs (windows)\n * Remove unused VolumeList* structs\n * Cirrus: Update F34beta -\u003e F34\n * Update container image docs + fix unstable execution\n * Bump github.com/containers/storage from 1.30.0 to 1.30.1\n * TODO complete\n * Docker returns \u0027die\u0027 status rather then \u0027died\u0027 status\n * Check if another VM is running on machine start\n * [CI:DOCS] Improve titles of command HTML pages\n * system tests: networking: fix another race condition\n * Use seccomp_profile as default profile if defined in containers.conf\n * Bump github.com/json-iterator/go from 1.1.10 to 1.1.11\n * Vendored\n * Autoupdate local label functional\n * System tests: fix two race conditions\n * Add more documentation on conmon\n * Allow docker volume create API to pass without name\n * Cirrus: Update Ubuntu images to 21.04\n * Skip blkio-weight test when no kernel BFQ support\n * rootless: Tell the user what was led to the error, not just what it is\n * Add troubleshooting advice about the --userns option.\n * Fix images prune filter until\n * Fix logic for pushing stable multi-arch images\n * Fixes generate kube incorrect when bind-mounting \u0027/\u0027 and \u0027/root\u0027\n * libpod/image: unit tests: don\u0027t use system\u0027s registries.conf.d\n * runtime: create userns when CAP_SYS_ADMIN is not present\n * rootless: attempt to copy current mappings first\n * [CI:DOCS] Restore missing content to manpages\n * [CI:DOCS] Fix Markdown layout bugs\n * Fix podman ps --filter ancestor to match exact ImageName/ImageID\n * Add machine-enabled to containers.conf for machine\n * Several multi-arch image build/push fixes\n * Add podman run --timeout option\n * Parse slirp4netns net options with compat api\n * Fix rootlesskit port forwarder with custom slirp cidr\n * Fix removal race condition in ListContainers\n * Add github-action workflow to build/push multi-arch\n * rootless: if root is not sub?id raise a debug message\n * Bump github.com/containers/common from 0.36.0 to 0.37.0\n * Add go template shell completion for --format\n * Add --group-add keep-groups: suplimentary groups into container\n * Fixes from make codespell\n * Typo fix to usage text of --compress option\n * corrupt-image test: fix an oops\n * Add --noheading flag to all list commands\n * Bump github.com/containers/storage from 1.29.0 to 1.30.0\n * Bump github.com/containers/image/v5 from 5.11.0 to 5.11.1\n * [CI:DOCS] Fix Markdown table layout bugs\n * podman-remote should show podman.sock info\n * rmi: don\u0027t break when the image is missing a manifest\n * [CI:DOCS] Rewrite --uidmap doc in podman-create.1.md and podman-run.1.md\n * Add support for CDI device configuration\n * [CI:DOCS] Add missing dash to verbose option\n * Bump github.com/uber/jaeger-client-go\n * Remove an advanced layer diff function\n * Ensure mount destination is clean, no trailing slash\n * add it for inspect pidfile\n * [CI:DOCS] Fix introduction page typo\n * support pidfile on container restore\n * fix start it\n * skip pidfile test on remote\n * improve document\n * set pidfile default value int containerconfig\n * add pidfile in inspection\n * add pidfile it for container start\n * skip pidfile it on remote\n * Modify according to comments\n * WIP: drop test requirement\n * runtime: bump required conmon version\n * runtime: return findConmon to libpod\n * oci: drop ExecContainerCleanup\n * oci: use `--full-path` option for conmon\n * use AttachSocketPath when removing conmon files\n * hide conmon-pidfile flag on remote mode\n * Fix possible panic in libpod/image/prune.go\n * add --ip to podman play kube\n * add flag autocomplete\n * add ut\n * add flag \u0027--pidfile\u0027 for podman create/run\n * Add network bindings tests: remove and list\n * Fix build with GO111MODULE=off\n * system tests: build --pull-never: deal with flakes\n * compose test: diagnose flakes v3\n * podman play kube apply correct log driver\n * Fixes podman-remote save to directories does not work\n * Bump github.com/rootless-containers/rootlesskit from 0.14.1 to 0.14.2\n * Update documentation of podman-run to reflect volume \u0027U\u0027 option\n * Fix flake on failed podman-remote build : try 2\n * compose test: ongoing efforts to diagnose flakes\n * Test that we don\u0027t error out on advertised --log-level values\n * At trace log level, print error text using %+v instead of %v\n * pkg/errorhandling.JoinErrors: don\u0027t throw away context for lone errors\n * Recognize --log-level=trace\n * Fix flake on failed podman-remote build\n * System tests: fix racy podman-inspect\n * Fixes invalid expression in save command\n * Bump github.com/containers/common from 0.35.4 to 0.36.0\n * Update nix pin with `make nixpkgs`\n * compose test: try to get useful data from flakes\n * Remove in-memory state implementation\n * Fix message about runtime to show only the actual runtime\n * System tests: setup: better cleanup of stray images\n * Bump github.com/containers/ocicrypt from 1.1.0 to 1.1.1\n * Reflect current state of prune implementation in docs\n * Do not delete container twice\n * [CI:DOCS] Correct status code for /pods/create\n * vendor in containers/storage v1.29.0\n * cgroup: do not set cgroup parent when rootless and cgroupfs\n * Overhaul Makefile binary and release worflows\n * Reorganize Makefile with sections and guide\n * Simplify Makefile help target\n * Don\u0027t shell to obtain current directory\n * Remove unnecessary/not-needed release.txt target\n * Fix incorrect version number output\n * Exclude .gitignore from test req.\n * Fix handling of $NAME and $IMAGE in runlabel\n * Update podman image Dockerfile to support Podman in container\n * Bump github.com/containers/image/v5 from 5.10.5 to 5.11.0\n * Fix slashes in socket URLs\n * Add network prune filters support to bindings\n * Add support for play/generate kube volumes\n * Update manifest API endpoints\n * Fix panic when not giving a machine name for ssh\n * cgroups: force 64 bits to ParseUint\n * Bump k8s.io/api from 0.20.5 to 0.21.0\n * [CI:DOCS] Fix formatting of podman-build man page\n * buildah-bud tests: simplify\n * Add missing return\n * Bump github.com/onsi/ginkgo from 1.16.0 to 1.16.1\n * speed up CI handling of images\n * Volumes prune endpoint should use only prune filters\n * Cirrus: Use Fedora 34beta images\n * Bump go.sum + Makefile for golang 1.16\n * Exempt Makefile changes from test requirements\n * Adjust libpod API Container Wait documentation to the code\n * [CI:DOCS] Update swagger definition of inspect manifest\n * use updated ubuntu images\n * podman unshare: add --rootless-cni to join the ns\n * Update swagger-check\n * swagger: remove name wildcards\n * Update buildah-bud diffs\n * Handle podman-remote --arch, --platform, --os\n * buildah-bud tests: handle go pseudoversions, plus...\n * Fix flaking rootless compose test\n * rootless cni add /usr/sbin to PATH if not present\n * System tests: special case for RHEL: require runc\n * Add --requires flag to podman run/create\n * [CI:DOCS] swagger-check: compare operations\n * [CI:DOCS] Polish swagger OpertionIDs\n * [NO TESTS NEEDED] Update nix pin with `make nixpkgs`\n * Ensure that `--userns=keep-id` sets user in config\n * [CI:DOCS] Set all operation id to be compatibile\n * Move operationIds to swagger:operation line\n * swagger: add operationIds that match with docker\n * Cirrus: Make use of shared get_ci_vm container\n * Don\u0027t relabel volumes if running in a privileged container\n * Allow users to override default storage opts with --storage-opt\n * Add support for podman --context default\n * Verify existence of auth file if specified\n * fix machine naming conventions\n * Initial network bindings tests\n * Update release notes to indicate CVE fix\n * Move socket activation check into init() and set global condition.\n * Bump github.com/onsi/ginkgo from 1.15.2 to 1.16.0\n * Http api tests for network prune with until filter\n * podman-run.1.md, podman-create.1.md : Adjust Markdown layout for --userns\n * Fix typos --uidmapping and --gidmapping\n * Add transport and destination info to manifest doc\n * Bump github.com/rootless-containers/rootlesskit from 0.14.0 to 0.14.1\n * Add default template functions\n * Fix missing podman-remote build options\n * Bump github.com/coreos/go-systemd/v22 from 22.3.0 to 22.3.1\n * Add ssh connection to root user\n * Add rootless docker-compose test to the CI\n * Use the slrip4netns dns in the rootless cni ns\n * Cleanup the rootless cni namespace\n * Add new docker-compose test for two networks\n * Make the docker-compose test work rootless\n * Remove unused rootless-cni-infra container files\n * Only use rootless RLK when the container has ports\n * Fix dnsname test\n * Enable rootless network connect/disconnect\n * Move slirp4netns functions into an extra file\n * Fix pod infra container cni network setup\n * Add rootless support for cni and --uidmap\n * rootless cni without infra container\n * Recreate until container prune tests for bindings\n * Remove --execute from podman machine ssh\n * Fixed podman-remote --network flag\n * Makefile: introduce install.docker-full\n * Makefile: ensure install.docker creates BINDIR\n * Fix unmount doc reference in image.rst\n * Should send the OCI runtime path not just the name to buildah\n * podman machine shell completion\n * Fix handling of remove --log-rusage param\n * Fix bindings prune containers flaky test\n * [CI:DOCS] Add local html build info to docs/README.md\n * Add podman machine list\n * Trim white space from /top endpoint results\n * Remove semantic version suffices from API calls\n * podman machine init --ignition-path\n * Document --volume from podman-remote run/create client\n * Update main branch to reflect the release of v3.1.0\n * Silence podman network reload errors with iptables-nft\n * Containers prune endpoint should use only prune filters\n * resolve proper aarch64 image names\n * APIv2 basic test: relax APIVersion check\n * Add machine support for qemu-system-aarch64\n * podman machine init user input\n * manpage xref: helpful diagnostic for unescaped dash-dash\n * Bump to v3.2.0-dev\n * swagger: update system version response body\n * buildah-bud tests: reenable pull-never test\n * [NO TESTS NEEDED] Shrink the size of podman-remote\n * Add powershell completions\n * [NO TESTS NEEDED] Drop Warning to Info, if cgroups not mounted\n * Fix long option format on docs.podman.io\n * system tests: friendier messages for 2-arg is()\n * service: use LISTEN_FDS\n * man pages: correct seccomp-policy label\n * rootless: use is_fd_inherited\n * podman generate systemd --new do not duplicate params\n * play kube: add support for env vars defined from secrets\n * play kube: support optional/mandatory env var from config map\n * play kube: prepare supporting other env source than config maps\n * Add machine support for more Linux distros\n * [NO TESTS NEEDED] Use same function podman-remote rmi as podman\n * Podman machine enhancements\n * Add problematic volume name to kube play error messages\n * Fix podman build --pull-never\n * [NO TESTS NEEDED] Fix for kernel without CONFIG_USER_NS\n * [NO TESTS NEEDED] Turn on podman-remote build --isolation\n * Fix list pods filter handling in libpod api\n * Remove resize race condition\n * [NO TESTS NEEDED] Vendor in containers/buildah v1.20.0\n * Use TMPDIR when commiting images\n * Add RequiresMountsFor= to systemd generate\n * Bump github.com/vbauerster/mpb/v6 from 6.0.2 to 6.0.3\n * Fix swapped dimensions from terminal.GetSize\n * Rename podman machine create to init and clean up\n * Correct json field name\n * system tests: new interactive tests\n * Improvements for machine\n * libpod/image: unit tests: use a `registries.conf` for aliases\n * libpod/image: unit tests: defer cleanup\n * libpod/image: unit tests: use `require.NoError`\n * Add --execute flag to podman machine ssh\n * introduce podman machine\n * Podman machine CLI and interface stub\n * Support multi doc yaml for generate/play kube\n * Fix filters in image http compat/libpod api endpoints\n * Bump github.com/containers/common from 0.35.3 to 0.35.4\n * Bump github.com/containers/storage from 1.28.0 to 1.28.1\n * Check if stdin is a term in --interactive --tty mode\n * [NO TESTS NEEDED] Remove /tmp/containers-users-* files on reboot\n * [NO TESTS NEEDED] Fix rootless volume plugins\n * Ensure manually-created volumes have correct ownership\n * Bump github.com/rootless-containers/rootlesskit\n * Unification of until filter across list/prune endpoints\n * Unification of label filter across list/prune endpoints\n * fixup\n * fix: build endpoint for compat API\n * [CI:DOCS] Add note to mappings for user/group userns in build\n * Bump k8s.io/api from 0.20.1 to 0.20.5\n * Validate passed in timezone from tz option\n * WIP: run buildah bud tests using podman\n * Fix containers list/prune http api filter behaviour\n * Generate Kubernetes PersistentVolumeClaims from named volumes\n\n- Update to version 3.1.2:\n * Bump to v3.1.2\n * Update release notes for v3.1.2\n * Ensure mount destination is clean, no trailing slash\n * Fixes podman-remote save to directories does not work\n * [CI:DOCS] Add missing dash to verbose option\n * [CI:DOCS] Fix Markdown table layout bugs\n * [CI:DOCS] Rewrite --uidmap doc in podman-create.1.md and podman-run.1.md\n * rmi: don\u0027t break when the image is missing a manifest\n * Bump containers/image to v5.11.1\n * Bump github.com/coreos/go-systemd from 22.2.0 to 22.3.1\n * Fix lint\n * Bump to v3.1.2-dev\n- Split podman-remote into a subpackage\n- Add missing scriptlets for systemd units\n- Escape macros in comments\n- Drop some obsolete workarounds, including %{go_nostrip}\n\n- Update to version 3.1.1:\n * Bump to v3.1.1\n * Update release notes for v3.1.1\n * podman play kube apply correct log driver\n * Fix build with GO111MODULE=off\n * [CI:DOCS] Set all operation id to be compatibile\n * Move operationIds to swagger:operation line\n * swagger: add operationIds that match with docker\n * Fix missing podman-remote build options\n * [NO TESTS NEEDED] Shrink the size of podman-remote\n * Move socket activation check into init() and set global condition.\n * rootless: use is_fd_inherited\n * Recreate until container prune tests for bindings\n * System tests: special case for RHEL: require runc\n * Document --volume from podman-remote run/create client\n * Containers prune endpoint should use only prune filters\n * Trim white space from /top endpoint results\n * Fix unmount doc reference in image.rst\n * Fix handling of remove --log-rusage param\n * Makefile: introduce install.docker-full\n * Makefile: ensure install.docker creates BINDIR\n * Should send the OCI runtime path not just the name to buildah\n * Fixed podman-remote --network flag\n * podman-run.1.md, podman-create.1.md : Adjust Markdown layout for --userns\n * Fix typos --uidmapping and --gidmapping\n * Add default template functions\n * Don\u0027t relabel volumes if running in a privileged container\n * Allow users to override default storage opts with --storage-opt\n * Add transport and destination info to manifest doc\n * Verify existence of auth file if specified\n * Ensure that `--userns=keep-id` sets user in config\n * [CI:DOCS] Update swagger definition of inspect manifest\n * Volumes prune endpoint should use only prune filters\n * Adjust libpod API Container Wait documentation to the code\n * Add missing return\n * [CI:DOCS] Fix formatting of podman-build man page\n * cgroups: force 64 bits to ParseUint\n * Fix slashes in socket URLs\n * [CI:DOCS] Correct status code for /pods/create\n * cgroup: do not set cgroup parent when rootless and cgroupfs\n * Reflect current state of prune implementation in docs\n * Do not delete container twice\n * Test that we don\u0027t error out on advertised --log-level values\n * At trace log level, print error text using %+v instead of %v\n * pkg/errorhandling.JoinErrors: don\u0027t throw away context for lone errors\n * Recognize --log-level=trace\n * Fix message about runtime to show only the actual runtime\n * Fix handling of $NAME and $IMAGE in runlabel\n * Fix flake on failed podman-remote build : try 2\n * Fix flake on failed podman-remote build\n * Update documentation of podman-run to reflect volume \u0027U\u0027 option\n * Fixes invalid expression in save command\n * Fix possible panic in libpod/image/prune.go\n * Update all containers/ project vendors\n * Fix tests\n * Bump to v3.1.1-dev\n\n- Update to version 3.1.0:\n * Bump to v3.1.0\n * Fix test failure\n * Update release notes for v3.1.0 final release\n * [NO TESTS NEEDED] Turn on podman-remote build --isolation\n * Fix long option format on docs.podman.io\n * Fix containers list/prune http api filter behaviour\n * [CI:DOCS] Add note to mappings for user/group userns in build\n * Validate passed in timezone from tz option\n * Generate Kubernetes PersistentVolumeClaims from named volumes\n * libpod/image: unit tests: use a `registries.conf` for aliases\n- Require systemd 241 or newer due to podman dependency go-systemd v22,\n otherwise build will fail with unknown C name errors\n\n- Create docker subpackage to allow replacing docker with\n corresponding aliases to podman.\n\n- Update to v3.0.1\n * Changes\n - Several frequently-occurring WARN level log messages have been downgraded to INFO or DEBUG to not clutter terminal output.\nBugfixes\n - Fixed a bug where the Created field of podman ps --format=json was formatted as a string instead of an Unix timestamp (integer) (#9315).\n - Fixed a bug where failing lookups of individual layers during the podman images command would cause the whole command to fail without printing output.\n - Fixed a bug where --cgroups=split did not function properly on cgroups v1 systems.\n - Fixed a bug where mounting a volume over an directory in the container that existed, but was empty, could fail (#9393).\n - Fixed a bug where mounting a volume over a directory in the container that existed could copy the entirety of the container\u0027s rootfs, instead of just the directory mounted over, into the volume (#9415).\n - Fixed a bug where Podman would treat the --entrypoint=[\u0027\u0027] option to podman run and podman create as a literal empty string in the entrypoint, when instead it should have been ignored (#9377).\n - Fixed a bug where Podman would set the HOME environment variable to \u0027\u0027 when the container ran as a user without an assigned home directory (#9378).\n - Fixed a bug where specifying a pod infra image that had no tags (by using its ID) would cause podman pod create to panic (#9374).\n - Fixed a bug where the --runtime option was not properly handled by the podman build command (#9365).\n - Fixed a bug where Podman would incorrectly print an error message related to the remote API when the remote API was not in use and starting Podman failed.\n - Fixed a bug where Podman would change ownership of a container\u0027s working directory, even if it already existed (#9387).\n - Fixed a bug where the podman generate systemd --new command would incorrectly escape %t when generating the path for the PID file (#9373).\n - Fixed a bug where Podman could, when run inside a Podman container with the host\u0027s containers/storage directory mounted into the container, erroneously detect a reboot and reset container state if the temporary directory was not also mounted in (#9191).\n - Fixed a bug where some options of the podman build command (including but not limited to --jobs) were nonfunctional (#9247).\n * API\n - Fixed a breaking change to the Libpod Wait API for Containers where the Conditions parameter changed type in Podman v3.0 (#9351).\n - Fixed a bug where the Compat Create endpoint for Containers did not properly handle forwarded ports that did not specify a host port.\n - Fixed a bug where the Libpod Wait endpoint for Containers could write duplicate headers after an error occurred.\n - Fixed a bug where the Compat Create endpoint for Images would not pull images that already had a matching tag present locally, even if a more recent version was available at the registry (#9232).\n - The Compat Create endpoint for Images has had its compatibility with Docker improved, allowing its use with the docker-java library.\n * Misc\n - Updated Buildah to v1.19.4\n - Updated the containers/storage library to v1.24.6\n- Changes from v3.0.0\n * Features\n - Podman now features initial support for Docker Compose.\n - Added the podman rename command, which allows containers to be renamed after they are created (#1925).\n - The Podman remote client now supports the podman copy command.\n - A new command, podman network reload, has been added. This command will re-configure the network of all running containers, and can be used to recreate firewall rules lost when the system firewall was reloaded (e.g. via firewall-cmd --reload).\n - Podman networks now have IDs. They can be seen in podman network ls and can be used when removing and inspecting networks. Existing networks receive IDs automatically.\n - Podman networks now also support labels. They can be added via the --label option to network create, and podman network ls can filter labels based on them.\n - The podman network create command now supports setting bridge MTU and VLAN through the --opt option (#8454).\n - The podman container checkpoint and podman container restore commands can now checkpoint and restore containers that include volumes.\n - The podman container checkpoint command now supports the --with-previous and --pre-checkpoint options, and the podman container restore command now support the --import-previous option. These add support for two-step checkpointing with lowered dump times.\n - The podman push command can now push manifest lists. Podman will first attempt to push as an image, then fall back to pushing as a manifest list if that fails.\n - The podman generate kube command can now be run on multiple containers at once, and will generate a single pod containing all of them.\n - The podman generate kube and podman play kube commands now support Kubernetes DNS configuration, and will preserve custom DNS configuration when exporting or importing YAML (#9132).\n - The podman generate kube command now properly supports generating YAML for containers and pods creating using host networking (--net=host) (#9077).\n - The podman kill command now supports a --cidfile option to kill containers given a file containing the container\u0027s ID (#8443).\n - The podman pod create command now supports the --net=none option (#9165).\n - The podman volume create command can now specify volume UID and GID as options with the UID and GID fields passed to the the --opt option.\n - Initial support has been added for Docker Volume Plugins. Podman can now define available plugins in containers.conf and use them to create volumes with podman volume create --driver.\n - The podman run and podman create commands now support a new option, --platform, to specify the platform of the image to be used when creating the container.\n - The --security-opt option to podman run and podman create now supports the systempaths=unconfined option to unrestrict access to all paths in the container, as well as mask and unmask options to allow more granular restriction of container paths.\n - The podman stats --format command now supports a new format specified, MemUsageBytes, which prints the raw bytes of memory consumed by a container without human-readable formatting #8945.\n - The podman ps command can now filter containers based on what pod they are joined to via the pod filter (#8512).\n - The podman pod ps command can now filter pods based on what networks they are joined to via the network filter.\n The podman pod ps command can now print information on what networks a pod is joined to via the .Networks specifier to the --format option.\n - The podman system prune command now supports filtering what containers, pods, images, and volumes will be pruned.\n - The podman volume prune commands now supports filtering what volumes will be pruned.\n - The podman system prune command now includes information on space reclaimed (#8658).\n - The podman info command will now properly print information about packages in use on Gentoo and Arch systems.\n - The containers.conf file now contains an option for disabling creation of a new kernel keyring on container creation (#8384).\n - The podman image sign command can now sign multi-arch images by producing a signature for each image in a given manifest list.\n - The podman image sign command, when run as rootless, now supports per-user registry configuration files in $HOME/.config/containers/registries.d.\n - Configuration options for slirp4netns can now be set system-wide via the NetworkCmdOptions configuration option in containers.conf.\n - The MTU of slirp4netns can now be configured via the mtu= network command option (e.g. podman run --net slirp4netns:mtu=9000).\n * Security\n - A fix for CVE-2021-20199 is included. Podman between v1.8.0 and v2.2.1 used 127.0.0.1 as the source address for all traffic forwarded into rootless containers by a forwarded port; this has been changed to address the issue.\n * Changes\n - Shortname aliasing support has now been turned on by default. All Podman commands that must pull an image will, if a TTY is available, prompt the user about what image to pull.\n - The podman load command no longer accepts a NAME[:TAG] argument. The presence of this argument broke CLI compatibility with Docker by making docker load commands unusable with Podman (#7387).\n - The Go bindings for the HTTP API have been rewritten with a focus on limiting dependency footprint and improving extensibility. Read more here.\n - The legacy Varlink API has been completely removed from Podman.\n - The default log level for Podman has been changed from Error to Warn.\n - The podman network create command can now create macvlan networks using the --driver macvlan option for Docker compatibility. The existing --macvlan flag has been deprecated and will be removed in Podman 4.0 some time next year.\n - The podman inspect command has had the LogPath and LogTag fields moved into the LogConfig structure (from the root of the Inspect structure). The maximum size of the log file is also included.\n - The podman generate systemd command no longer generates unit files using the deprecated KillMode=none option (#8615).\n - The podman stop command now releases the container lock while waiting for it to stop - as such, commands like podman ps will no longer block until podman stop completes (#8501).\n - Networks created with podman network create --internal no longer use the dnsname plugin. This configuration never functioned as expected.\n - Error messages for the remote Podman client have been improved when it cannot connect to a Podman service.\n - Error messages for podman run when an invalid SELinux is specified have been improved.\n - Rootless Podman features improved support for containers with a single user mapped into the rootless user namespace.\n - Pod infra containers now respect default sysctls specified in containers.conf allowing for advanced configuration of the namespaces they will share.\n - SSH public key handling for remote Podman has been improved.\n * Bugfixes\n - Fixed a bug where the podman history --no-trunc command would truncate the Created By field (#9120).\n - Fixed a bug where root containers that did not explicitly specify a CNI network to join did not generate an entry for the network in use in the Networks field of the output of podman inspect (#6618).\n - Fixed a bug where, under some circumstances, container working directories specified by the image (via the WORKDIR instruction) but not present in the image, would not be created (#9040).\n - Fixed a bug where the podman generate systemd command would generate invalid unit files if the container was creating using a command line that included doubled braces ({{ and }}), e.g. --log-opt-tag={{.Name}} (#9034).\n - Fixed a bug where the podman generate systemd --new command could generate unit files including invalid Podman commands if the container was created using merged short options (e.g. podman run -dt) (#8847).\n - Fixed a bug where the podman generate systemd --new command could generate unit files that did not handle Podman commands including some special characters (e.g. $) (#9176\n - Fixed a bug where rootless containers joining CNI networks could not set a static IP address (#7842).\n - Fixed a bug where rootless containers joining CNI networks could not set network aliases (#8567).\n - Fixed a bug where the remote client could, under some circumstances, not include the Containerfile when sending build context to the server (#8374).\n - Fixed a bug where rootless Podman did not mount /sys as a new sysfs in some circumstances where it was acceptable.\n - Fixed a bug where rootless containers that both joined a user namespace and a CNI networks would cause a segfault. These options are incompatible and now return an error.\n - Fixed a bug where the podman play kube command did not properly handle CMD and ARGS from images (#8803).\n - Fixed a bug where the podman play kube command did not properly handle environment variables from images (#8608).\n - Fixed a bug where the podman play kube command did not properly print errors that occurred when starting containers.\n - Fixed a bug where the podman play kube command errored when hostNetwork was used (#8790).\n - Fixed a bug where the podman play kube command would always pull images when the :latest tag was specified, even if the image was available locally (#7838).\n - Fixed a bug where the podman play kube command did not properly handle SELinux configuration, rending YAML with custom SELinux configuration unusable (#8710).\n - Fixed a bug where the podman generate kube command incorrectly populated the args and command fields of generated YAML (#9211).\n - Fixed a bug where containers in a pod would create a duplicate entry in the pod\u0027s shared /etc/hosts file every time the container restarted (#8921).\n - Fixed a bug where the podman search --list-tags command did not support the --format option (#8740).\n - Fixed a bug where the http_proxy option in containers.conf was not being respected, and instead was set unconditionally to true (#8843).\n - Fixed a bug where rootless Podman could, on systems with a recent Conmon and users with a long username, fail to attach to containers (#8798).\n - Fixed a bug where the podman images command would break and fail to display any images if an empty manifest list was present in storage (#8931).\n - Fixed a bug where locale environment variables were not properly passed on to Conmon.\n - Fixed a bug where Podman would not build on the MIPS architecture (#8782).\n - Fixed a bug where rootless Podman could fail to properly configure user namespaces for rootless containers when the user specified a --uidmap option that included a mapping beginning with UID 0.\n - Fixed a bug where the podman logs command using the k8s-file backend did not properly handle partial log lines with a length of 1 (#8879).\n - Fixed a bug where the podman logs command with the --follow option did not properly handle log rotation (#8733).\n - Fixed a bug where user-specified HOSTNAME environment variables were overwritten by Podman (#8886).\n - Fixed a bug where Podman would applied default sysctls from containers.conf in too many situations (e.g. applying network sysctls when the container shared its network with a pod).\n - Fixed a bug where Podman did not properly handle cases where a secondary image store was in use and an image was present in both the secondary and primary stores (#8176).\n - Fixed a bug where systemd-managed rootless Podman containers where the user in the container was not root could fail as the container\u0027s PID file was not accessible to systemd on the host (#8506).\n - Fixed a bug where the --privileged option to podman run and podman create would, under some circumstances, not disable Seccomp (#8849).\n - Fixed a bug where the podman exec command did not properly add capabilities when the container or exec session were run with --privileged.\n - Fixed a bug where rootless Podman would use the --enable-sandbox option to slirp4netns unconditionally, even when pivot_root was disabled, rendering slirp4netns unusable when pivot_root was disabled (#8846).\n - Fixed a bug where podman build --logfile did not actually write the build\u0027s log to the logfile.\n - Fixed a bug where the podman system service command did not close STDIN, and could display user-interactive prompts (#8700).\n - Fixed a bug where the podman system reset command could, under some circumstances, remove all the contents of the XDG_RUNTIME_DIR directory (#8680).\n - Fixed a bug where the podman network create command created CNI configurations that did not include a default gateway (#8748).\n - Fixed a bug where the podman.service systemd unit provided by default used the wrong service type, and would cause systemd to not correctly register the service as started (#8751).\n - Fixed a bug where, if the TMPDIR environment variable was set for the container engine in containers.conf, it was being ignored.\n - Fixed a bug where the podman events command did not properly handle future times given to the --until option (#8694).\n - Fixed a bug where the podman logs command wrote container STDERR logs to STDOUT instead of STDERR (#8683).\n - Fixed a bug where containers created from an image with multiple tags would report that they were created from the wrong tag (#8547).\n - Fixed a bug where container capabilities were not set properly when the --cap-add=all and --user options to podman create and podman run were combined.\n - Fixed a bug where the --layers option to podman build was nonfunctional (#8643).\n - Fixed a bug where the podman system prune command did not act recursively, and thus would leave images, containers, pods, and volumes present that would be removed by a subsequent call to podman system prune (#7990).\n - Fixed a bug where the --publish option to podman run and podman create did not properly handle ports specified as a range of ports with no host port specified (#8650).\n - Fixed a bug where --format did not support JSON output for individual fields (#8444).\n - Fixed a bug where the podman stats command would fail when run on root containers using the slirp4netns network mode (#7883).\n - Fixed a bug where the Podman remote client would ask for a password even if the server\u0027s SSH daemon did not support password authentication (#8498).\n - Fixed a bug where the podman stats command would fail if the system did not support one or more of the cgroup controllers Podman supports (#8588).\n - Fixed a bug where the --mount option to podman create and podman run did not ignore the consistency mount option.\n - Fixed a bug where failures during the resizing of a container\u0027s TTY would print the wrong error.\n - Fixed a bug where the podman network disconnect command could cause the podman inspect command to fail for a container until it was restarted (#9234).\n - Fixed a bug where containers created from a read-only rootfs (using the --rootfs option to podman create and podman run) would fail (#9230).\n - Fixed a bug where specifying Go templates to the --format option to multiple Podman commands did not support the join function (#8773).\n - Fixed a bug where the podman rmi command could, when run in parallel on multiple images, return layer not known errors (#6510).\n - Fixed a bug where the podman inspect command on containers displayed unlimited ulimits incorrectly (#9303).\n - Fixed a bug where Podman would fail to start when a volume was mounted over a directory in a container that contained symlinks that terminated outside the directory and its subdirectories (#6003).\nAPI\n - Libpod API version has been bumped to v3.0.0.\n - All Libpod Pod APIs have been modified to properly report errors with individual containers. Cases where the operation as a whole succeeded but individual containers failed now report an HTTP 409 error (#8865).\n - The Compat API for Containers now supports the Rename and Copy APIs.\n - Fixed a bug where the Compat Prune APIs (for volumes, containers, and images) did not return the amount of space reclaimed in their responses.\n - Fixed a bug where the Compat and Libpod Exec APIs for Containers would drop errors that occurred prior to the exec session successfully starting (e.g. a \u0027no such file\u0027 error if an invalid executable was passed) (#8281)\n - Fixed a bug where the Volumes field in the Compat Create API for Containers was being ignored (#8649).\n - Fixed a bug where the NetworkMode field in the Compat Create API for Containers was not handling some values, e.g. container:, correctly.\n - Fixed a bug where the Compat Create API for Containers did not set container name properly.\n - Fixed a bug where containers created using the Compat Create API unconditionally used Kubernetes file logging (the default specified in containers.conf is now used).\n - Fixed a bug where the Compat Inspect API for Containers could include container states not recognized by Docker.\n - Fixed a bug where Podman did not properly clean up after calls to the Events API when the journald backend was in use, resulting in a leak of file descriptors (#8864).\n - Fixed a bug where the Libpod Pull endpoint for Images could fail with an index out of range error under certain circumstances (#8870).\n - Fixed a bug where the Libpod Exists endpoint for Images could panic.\n - Fixed a bug where the Compat List API for Containers did not support all filters (#8860).\n - Fixed a bug where the Compat List API for Containers did not properly populate the Status field.\n - Fixed a bug where the Compat and Libpod Resize APIs for Containers ignored the height and width parameters (#7102).\n - Fixed a bug where the Compat Search API for Images returned an incorrectly-formatted JSON response (#8758).\n - Fixed a bug where the Compat Load API for Images did not properly clean up temporary files.\n - Fixed a bug where the Compat Create API for Networks could panic when an empty IPAM configuration was specified.\n - Fixed a bug where the Compat Inspect and List APIs for Networks did not include Scope.\n - Fixed a bug where the Compat Wait endpoint for Containers did not support the same wait conditions that Docker did.\n * Misc\n - Updated Buildah to v1.19.2\n - Updated the containers/storage library to v1.24.5\n - Updated the containers/image library to v5.10.2\n - Updated the containers/common library to v0.33.4\n\n- Update to v2.2.1\n * Changes\n - Due to a conflict with a previously-removed field, we were forced to\n modify the way image volumes (mounting images into containers using\n --mount type=image) were handled in the database.\n As a result, containers created in Podman 2.2.0 with image volume\n will not have them in v2.2.1, and these containers will need to be re-created.\n * Bugfixes\n - Fixed a bug where rootless Podman would, on systems without the\n XDG_RUNTIME_DIR environment variable defined, use an incorrect path\n for the PID file of the Podman pause process, causing Podman to fail\n to start (#8539).\n - Fixed a bug where containers created using Podman v1.7 and earlier were\n unusable in Podman due to JSON decode errors (#8613).\n - Fixed a bug where Podman could retrieve invalid cgroup paths, instead\n of erroring, for containers that were not running.\n - Fixed a bug where the podman system reset command would print a warning\n about a duplicate shutdown handler being registered.\n - Fixed a bug where rootless Podman would attempt to mount sysfs in\n circumstances where it was not allowed; some OCI runtimes (notably\n crun) would fall back to alternatives and not fail, but others\n (notably runc) would fail to run containers.\n - Fixed a bug where the podman run and podman create commands would fail\n to create containers from untagged images (#8558).\n - Fixed a bug where remote Podman would prompt for a password even when\n the server did not support password authentication (#8498).\n - Fixed a bug where the podman exec command did not move the Conmon\n process for the exec session into the correct cgroup.\n - Fixed a bug where shell completion for the ancestor option to\n podman ps --filter did not work correctly.\n - Fixed a bug where detached containers would not properly clean themselves\n up (or remove themselves if --rm was set) if the Podman command that\n created them was invoked with --log-level=debug.\n * API\n - Fixed a bug where the Compat Create endpoint for Containers did not\n properly handle the Binds and Mounts parameters in HostConfig.\n - Fixed a bug where the Compat Create endpoint for Containers\n ignored the Name query parameter.\n - Fixed a bug where the Compat Create endpoint for Containers did not\n properly handle the \u0027default\u0027 value for NetworkMode (this value is\n used extensively by docker-compose) (#8544).\n - Fixed a bug where the Compat Build endpoint for Images would sometimes\n incorrectly use the target query parameter as the image\u0027s tag.\n * Misc\n - Podman v2.2.0 vendored a non-released, custom version of the\n github.com/spf13/cobra package; this has been reverted to the latest\n upstream release to aid in packaging.\n - Updated the containers/image library to v5.9.0\n\n- Update to v2.2.0\n * Features\n - Experimental support for shortname aliasing has been added. This is not enabled by default, but can be turned on by setting the environment variable CONTAINERS_SHORT_NAME_ALIASING to on. Documentation is available here and here.\n - Initial support has been added for the podman network connect and podman network disconnect commands, which allow existing containers to modify what networks they are connected to. At present, these commands can only be used on running containers that did not specify --network=none when they were created.\n - The podman run command now supports the --network-alias option to set network aliases (additional names the container can be accessed at from other containers via DNS if the dnsname CNI plugin is in use). Aliases can also be added and removed using the new podman network connect and podman network disconnect commands. Please note that this requires a new release (v1.1.0) of the dnsname plugin, and will only work on newly-created CNI networks.\n - The podman generate kube command now features support for exporting container\u0027s memory and CPU limits (#7855).\n - The podman play kube command now features support for setting CPU and Memory limits for containers (#7742).\n - The podman play kube command now supports persistent volumes claims using Podman named volumes.\n - The podman play kube command now supports Kubernetes configmaps via the --configmap option (#7567).\n - The podman play kube command now supports a --log-driver option to set the log driver for created containers.\n - The podman play kube command now supports a --start option, enabled by default, to start the pod after creating it. This allows for podman play kube to be more easily used in systemd unitfiles.\n - The podman network create command now supports the --ipv6 option to enable dual-stack IPv6 networking for created networks (#7302).\n - The podman inspect command can now inspect pods, networks, and volumes, in addition to containers and images (#6757).\n - The --mount option for podman run and podman create now supports a new type, image, to mount the contents of an image into the container at a given location.\n - The Bash and ZSH completions have been completely reworked and have received significant enhancements! Additionally, support for Fish completions and completions for the podman-remote executable have been added.\n - The --log-opt option for podman create and podman run now supports the max-size option to set the maximum size for a container\u0027s logs (#7434).\n - The --network option to the podman pod create command now allows pods to be configured to use slirp4netns networking, even when run as root (#6097).\n - The podman pod stop, podman pod pause, podman pod unpause, and podman pod kill commands now work on multiple containers in parallel and should be significantly faster.\n - The podman search command now supports a --list-tags option to list all available tags for a single image in a single repository.\n - The podman search command can now output JSON using the --format=json option.\n - The podman diff and podman mount commands now work with all containers in the storage library, including those not created by Podman. This allows them to be used with Buildah and CRI-O containers.\n - The podman container exists command now features a --external option to check if a container exists not just in Podman, but also in the storage library. This will allow Podman to identify Buildah and CRI-O containers.\n - The --tls-verify and --authfile options have been enabled for use with remote Podman.\n - The /etc/hosts file now includes the container\u0027s name and hostname (both pointing to localhost) when the container is run with --net=none (#8095).\n - The podman events command now supports filtering events based on the labels of the container they occurred on using the --filter label=key=value option.\n - The podman volume ls command now supports filtering volumes based on their labels using the --filter label=key=value option.\n - The --volume and --mount options to podman run and podman create now support two new mount propagation options, unbindable and runbindable.\n - The name and id filters for podman pod ps now match based on a regular expression, instead of requiring an exact match.\n - The podman pod ps command now supports a new filter status, that matches pods in a certain state.\n * Changes\n - The podman network rm --force command will now also remove pods that are using the network (#7791).\n - The podman volume rm, podman network rm, and podman pod rm commands now return exit code 1 if the object specified for removal does not exist, and exit code 2 if the object is in use and the --force option was not given.\n - If /dev/fuse is passed into Podman containers as a device, Podman will open it before starting the container to ensure that the kernel module is loaded on the host and the device is usable in the container.\n - Global Podman options that were not supported with remote operation have been removed from podman-remote (e.g. --cgroup-manager, --storage-driver).\n - Many errors have been changed to remove repetition and be more clear as to what has gone wrong.\n - The --storage option to podman rm is now enabled by default, with slightly changed semantics. If the given container does not exist in Podman but does exist in the storage library, it will be removed even without the --storage option. If the container exists in Podman it will be removed normally. The --storage option for podman rm is now deprecated and will be removed in a future release.\n - The --storage option to podman ps has been renamed to --external. An alias has been added so the old form of the option will continue to work.\n - Podman now delays the SIGTERM and SIGINT signals during container creation to ensure that Podman is not stopped midway through creating a container resulting in potential resource leakage (#7941).\n - The podman save command now strips signatures from images it is exporting, as the formats we export to do not support signatures (#7659).\n - A new Degraded state has been added to pods. Pods that have some, but not all, of their containers running are now considered to be Degraded instead of Running.\n - Podman will now print a warning when conflicting network options related to port forwarding (e.g. --publish and --net=host) are specified when creating a container.\n - The --restart on-failure and --rm options for containers no longer conflict. When both are specified, the container will be restarted if it exits with a non-zero error code, and removed if it exits cleanly (#7906).\n - Remote Podman will no longer use settings from the client\u0027s containers.conf; defaults will instead be provided by the server\u0027s containers.conf (#7657).\n - The podman network rm command now has a new alias, podman network remove (#8402).\n * Bugfixes\n - Fixed a bug where podman load on the remote client did not error when attempting to load a directory, which is not yet supported for remote use.\n - Fixed a bug where rootless Podman could hang when the newuidmap binary was not installed (#7776).\n - Fixed a bug where the --pull option to podman run, podman create, and podman build did not match Docker\u0027s behavior.\n - Fixed a bug where sysctl settings from the containers.conf configuration file were applied, even if the container did not join the namespace associated with a sysctl.\n - Fixed a bug where Podman would not return the text of errors encounted when trying to run a healthcheck for a container.\n - Fixed a bug where Podman was accidentally setting the containers environment variable in addition to the expected container environment variable.\n - Fixed a bug where rootless Podman using CNI networking did not properly clean up DNS entries for removed containers (#7789).\n - Fixed a bug where the podman untag --all command was not supported with remote Podman.\n - Fixed a bug where the podman system service command could time out even if active attach connections were present (#7826).\n - Fixed a bug where the podman system service command would sometimes never time out despite no active connections being present.\n - Fixed a bug where Podman\u0027s handling of capabilities, specifically inheritable, did not match Docker\u0027s.\n - Fixed a bug where podman run would fail if the image specified was a manifest list and had already been pulled (#7798).\n - Fixed a bug where Podman did not take search registries into account when looking up images locally (#6381).\n - Fixed a bug where the podman manifest inspect command would fail for images that had already been pulled (#7726).\n - Fixed a bug where rootless Podman would not add supplemental GIDs to containers when when a user, but not a group, was set via the --user option to podman create and podman run and sufficient GIDs were available to add the groups (#7782).\n - Fixed a bug where remote Podman commands did not properly handle cases where the user gave a name that could also be a short ID for a pod or container (#7837).\n - Fixed a bug where podman image prune could leave images ready to be pruned after podman image prune was run (#7872).\n - Fixed a bug where the podman logs command with the journald log driver would not read all available logs (#7476).\n - Fixed a bug where the --rm and --restart options to podman create and podman run did not conflict when a restart policy that is not on-failure was chosen (#7878).\n - Fixed a bug where the --format \u0027table {{ .Field }}\u0027 option to numerous Podman commands ceased to function on Podman v2.0 and up.\n - Fixed a bug where pods did not properly share an SELinux label between their containers, resulting in containers being unable to see the processes of other containers when the pod shared a PID namespace (#7886).\n - Fixed a bug where the --namespace option to podman ps did not work with the remote client (#7903).\n - Fixed a bug where rootless Podman incorrectly calculated the number of UIDs available in the container if multiple different ranges of UIDs were specified.\n - Fixed a bug where the /etc/hosts file would not be correctly populated for containers in a user namespace (#7490).\n - Fixed a bug where the podman network create and podman network remove commands could race when run in parallel, with unpredictable results (#7807).\n - Fixed a bug where the -p option to podman run, podman create, and podman pod create would, when given only a single number (e.g. -p 80), assign the same port for both host and container, instead of generating a random host port (#7947).\n - Fixed a bug where Podman containers did not properly store the cgroup manager they were created with, causing them to stop functioning after the cgroup manager was changed in containers.conf or with the --cgroup-manager option (#7830).\n - Fixed a bug where the podman inspect command did not include information on the CNI networks a container was connected to if it was not running.\n - Fixed a bug where the podman attach command would not print a newline after detaching from the container (#7751).\n - Fixed a bug where the HOME environment variable was not set properly in containers when the --userns=keep-id option was set (#8004).\n - Fixed a bug where the podman container restore command could panic when the container in question was in a pod (#8026).\n - Fixed a bug where the output of the podman image trust show --raw command was not properly formatted.\n - Fixed a bug where the podman runlabel command could panic if a label to run was not given (#8038).\n - Fixed a bug where the podman run and podman start --attach commands would exit with an error when the user detached manually using the detach keys on remote Podman (#7979).\n - Fixed a bug where rootless CNI networking did not use the dnsname CNI plugin if it was not available on the host, despite it always being available in the container used for rootless networking (#8040).\n - Fixed a bug where Podman did not properly handle cases where an OCI runtime is specified by its full path, and could revert to using another OCI runtime with the same binary path that existed in the system $PATH on subsequent invocations.\n - Fixed a bug where the --net=host option to podman create and podman run would cause the /etc/hosts file to be incorrectly populated (#8054).\n - Fixed a bug where the podman inspect command did not include container network information when the container shared its network namespace (IE, joined a pod or another container\u0027s network namespace via --net=container:...) (#8073).\n - Fixed a bug where the podman ps command did not include information on all ports a container was publishing.\n - Fixed a bug where the podman build command incorrectly forwarded STDIN into build containers from RUN instructions.\n - Fixed a bug where the podman wait command\u0027s --interval option did not work when units were not specified for the duration (#8088).\n - Fixed a bug where the --detach-keys and --detach options could be passed to podman create despite having no effect (and not making sense in that context).\n - Fixed a bug where Podman could not start containers if running on a system without a /etc/resolv.conf file (which occurs on some WSL2 images) (#8089).\n - Fixed a bug where the --extract option to podman cp was nonfunctional.\n - Fixed a bug where the --cidfile option to podman run would, when the container was not run with --detach, only create the file after the container exited (#8091).\n - Fixed a bug where the podman images and podman images -a commands could panic and not list any images when certain improperly-formatted images were present in storage (#8148).\n - Fixed a bug where the podman events command could, when the journald events backend was in use, become nonfunctional when a badly-formatted event or a log message that container certain string was present in the journal (#8125).\n - Fixed a bug where remote Podman would, when using SSH transport, not authenticate to the server using hostkeys when connecting on a port other than 22 (#8139).\n - Fixed a bug where the podman attach command would not exit when containers stopped (#8154).\n - Fixed a bug where Podman did not properly clean paths before verifying them, resulting in Podman refusing to start if the root or temporary directories were specified with extra trailing / characters (#8160).\n - Fixed a bug where remote Podman did not support hashed hostnames in the known_hosts file on the host for establishing connections (#8159).\n - Fixed a bug where the podman image exists command would return non-zero (false) when multiple potential matches for the given name existed.\n - Fixed a bug where the podman manifest inspect command on images that are not manifest lists would error instead of inspecting the image (#8023).\n - Fixed a bug where the podman system service command would fail if the directory the Unix socket was to be created inside did not exist (#8184).\n - Fixed a bug where pods that shared the IPC namespace (which is done by default) did not share a /dev/shm filesystem between all containers in the pod (#8181).\n - Fixed a bug where filters passed to podman volume list were not inclusive (#6765).\n - Fixed a bug where the podman volume create command would fail when the volume\u0027s data directory already existed (as might occur when a volume was not completely removed) (#8253).\n - Fixed a bug where the podman run and podman create commands would deadlock when trying to create a container that mounted the same named volume at multiple locations (e.g. podman run -v testvol:/test1 -v testvol:/test2) (#8221).\n - Fixed a bug where the parsing of the --net option to podman build was incorrect (#8322).\n - Fixed a bug where the podman build command would print the ID of the built image twice when using remote Podman (#8332).\n - Fixed a bug where the podman stats command did not show memory limits for containers (#8265).\n - Fixed a bug where the podman pod inspect command printed the static MAC address of the pod in a non-human-readable format (#8386).\n - Fixed a bug where the --tls-verify option of the podman play kube command had its logic inverted (false would enforce the use of TLS, true would disable it).\n - Fixed a bug where the podman network rm command would error when trying to remove macvlan networks and rootless CNI networks (#8491).\n - Fixed a bug where Podman was not setting sane defaults for missing XDG_ environment variables.\n - Fixed a bug where remote Podman would check if volume paths to be mounted in the container existed on the host, not the server (#8473).\n - Fixed a bug where the podman manifest create and podman manifest add commands on local images would drop any images in the manifest not pulled by the host.\n - Fixed a bug where networks made by podman network create did not include the tuning plugin, and as such did not support setting custom MAC addresses (#8385).\n - Fixed a bug where container healthchecks did not use $PATH when searching for the Podman executable to run the healthcheck.\n - Fixed a bug where the --ip-range option to podman network create did not properly handle non-classful subnets when calculating the last usable IP for DHCP assignment (#8448).\n - Fixed a bug where the podman container ps alias for podman ps was missing (#8445).\n * API\n - The Compat Create endpoint for Container has received a major refactor to share more code with the Libpod Create endpoint, and should be significantly more stable.\n - A Compat endpoint for exporting multiple images at once, GET /images/get, has been added (#7950).\n - The Compat Network Connect and Network Disconnect endpoints have been added.\n - Endpoints that deal with image registries now support a X-Registry-Config header to specify registry authentication configuration.\n - The Compat Create endpoint for images now properly supports specifying images by digest.\n - The Libpod Build endpoint for images now supports an httpproxy query parameter which, if set to true, will forward the server\u0027s HTTP proxy settings into the build container for RUN instructions.\n - The Libpod Untag endpoint for images will now remove all tags for the given image if no repository and tag are specified for removal.\n - Fixed a bug where the Ping endpoint misspelled a header name (Libpod-Buildha-Version instead of Libpod-Buildah-Version).\n - Fixed a bug where the Ping endpoint sent an extra newline at the end of its response where Docker did not.\n - Fixed a bug where the Compat Logs endpoint for containers did not send a newline character after each log line.\n - Fixed a bug where the Compat Logs endpoint for containers would mangle line endings to change newline characters to add a preceding carriage return (#7942).\n - Fixed a bug where the Compat Inspect endpoint for Containers did not properly list the container\u0027s stop signal (#7917).\n - Fixed a bug where the Compat Inspect endpoint for Containers formatted the container\u0027s create time incorrectly (#7860).\n - Fixed a bug where the Compat Inspect endpoint for Containers did not include the container\u0027s Path, Args, and Restart Count.\n - Fixed a bug where the Compat Inspect endpoint for Containers prefixed added and dropped capabilities with CAP_ (Docker does not do so).\n - Fixed a bug where the Compat Info endpoint for the Engine did not include configured registries.\n - Fixed a bug where the server could panic if a client closed a connection midway through an image pull (#7896).\n - Fixed a bug where the Compat Create endpoint for volumes returned an error when a volume with the same name already existed, instead of succeeding with a 201 code (#7740).\n - Fixed a bug where a client disconnecting from the Libpod or Compat events endpoints could result in the server using 100% CPU (#7946).\n - Fixed a bug where the \u0027no such image\u0027 error message sent by the Compat Inspect endpoint for Images returned a 404 status code with an error that was improperly formatted for Docker compatibility.\n - Fixed a bug where the Compat Create endpoint for networks did not properly set a default for the driver parameter if it was not provided by the client.\n - Fixed a bug where the Compat Inspect endpoint for images did not populate the RootFS field of the response.\n - Fixed a bug where the Compat Inspect endpoint for images would omit the ParentId field if the image had no parent, and the Created field if the image did not have a creation time.\n - Fixed a bug where the Compat Remove endpoint for Networks did not support the Force query parameter.\n\n- add dependency to timezone package or podman fails to build a\n- Correct invalid use of %{_libexecdir} to ensure files should be in /usr/lib\nSELinux support [jsc#SMO-15]\n\n\nlibseccomp was updated to release 2.5.3:\n\n* Update the syscall table for Linux v5.15\n* Fix issues with multiplexed syscalls on mipsel introduced in v2.5.2\n* Document that seccomp_rule_add() may return -EACCES\n\nUpdate to release 2.5.2\n\n* Update the syscall table for Linux v5.14-rc7 \n* Add a function, get_notify_fd(), to the Python bindings to\n get the nofication file descriptor.\n* Consolidate multiplexed syscall handling for all\n architectures into one location.\n* Add multiplexed syscall support to PPC and MIPS\n* The meaning of SECCOMP_IOCTL_NOTIF_ID_VALID changed within\n the kernel. libseccomp\u0027s fd notification logic was modified\n to support the kernel\u0027s previous and new usage of\n SECCOMP_IOCTL_NOTIF_ID_VALID.\n\nupdate to 2.5.1:\n\n* Fix a bug where seccomp_load() could only be called once\n* Change the notification fd handling to only request a notification fd if\n* the filter has a _NOTIFY action\n* Add documentation about SCMP_ACT_NOTIFY to the seccomp_add_rule(3) manpage\n* Clarify the maintainers\u0027 GPG keys\n\nUpdate to release 2.5.0\n\n* Add support for the seccomp user notifications, see the\n seccomp_notify_alloc(3), seccomp_notify_receive(3),\n seccomp_notify_respond(3) manpages for more information\n* Add support for new filter optimization approaches, including a balanced\n tree optimization, see the SCMP_FLTATR_CTL_OPTIMIZE filter attribute for\n more information\n* Add support for the 64-bit RISC-V architecture\n* Performance improvements when adding new rules to a filter thanks to the\n use of internal shadow transactions and improved syscall lookup tables\n* Properly document the libseccomp API return values and include them in the\n stable API promise\n* Improvements to the s390 and s390x multiplexed syscall handling\n* Multiple fixes and improvements to the libseccomp manpages\n* Moved from manually maintained syscall tables to an automatically generated\n syscall table in CSV format\n* Update the syscall tables to Linux v5.8.0-rc5\n* Python bindings and build now default to Python 3.x\n* Improvements to the tests have boosted code coverage to over 93%\n\nUpdate to release 2.4.3\n\n* Add list of authorized release signatures to README.md\n* Fix multiplexing issue with s390/s390x shm* syscalls\n* Remove the static flag from libseccomp tools compilation\n* Add define for __SNR_ppoll\n* Fix potential memory leak identified by clang in the\n scmp_bpf_sim tool\n\nUpdate to release 2.4.2\n\n* Add support for io-uring related system calls\n\n\nconmon was updated to version 2.0.30:\n\n * Remove unreachable code path\n * exit: report if the exit command was killed\n * exit: fix race zombie reaper\n * conn_sock: allow watchdog messages through the notify socket proxy\n * seccomp: add support for seccomp notify\n\nUpdate to version 2.0.29:\n\n * Reset OOM score back to 0 for container runtime\n * call functions registered with atexit on SIGTERM\n * conn_sock: fix potential segfault\n\nUpdate to version 2.0.27:\n\n * Add CRI-O integration test GitHub action\n * exec: don\u0027t fail on EBADFD\n * close_fds: fix close of external fds\n * Add arm64 static build binary\n\nUpdate to version 2.0.26:\n\n * conn_sock: do not fail on EAGAIN\n * fix segfault from a double freed pointer\n * Fix a bug where conmon could never spawn a container, because\n a disagreement between the caller and itself on where the attach\n socket was.\n * improve --full-attach to ignore the socket-dir directly. that\n means callers don\u0027t need to specify a socket dir at all (and\n can remove it)\n * add full-attach option to allow callers to not truncate a very\n long path for the attach socket\n * close only opened FDs\n * set locale to inherit environment\n\nUpdate to version 2.0.22:\n\n * added man page\n * attach: always chdir\n * conn_sock: Explicitly free a heap-allocated string\n * refactor I/O and add SD_NOTIFY proxy support\n\nUpdate to version 2.0.21:\n\n * protect against kill(-1)\n * Makefile: enable debuginfo generation\n * Remove go.sum file and add go.mod\n * Fail if conmon config could not be written\n * nix: remove double definition for e2fsprogs\n * Speedup static build by utilizing CI cache on `/nix` folder\n * Fix nix build for failing e2fsprogs tests\n * test: fix CI\n * Use Podman for building\n\nlibcontainers-common was updated to include:\n\n- common 0.44.0\n- image 5.16.0\n- podman 3.3.1\n- storage 1.36.0\n(changes too long to list)\n\nCVEs fixed: CVE-2020-14370,CVE-2020-15157,CVE-2021-20199,CVE-2021-20291,CVE-2021-3602\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-SLE-15.3-2022-23018",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2022_23018-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2022:23018-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5BA2TLW7O5ZURGQUAQUH4HD5SQYNDDZ6/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2022:23018-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/5BA2TLW7O5ZURGQUAQUH4HD5SQYNDDZ6/"
},
{
"category": "self",
"summary": "SUSE Bug 1176804",
"url": "https://bugzilla.suse.com/1176804"
},
{
"category": "self",
"summary": "SUSE Bug 1177598",
"url": "https://bugzilla.suse.com/1177598"
},
{
"category": "self",
"summary": "SUSE Bug 1181640",
"url": "https://bugzilla.suse.com/1181640"
},
{
"category": "self",
"summary": "SUSE Bug 1182998",
"url": "https://bugzilla.suse.com/1182998"
},
{
"category": "self",
"summary": "SUSE Bug 1188520",
"url": "https://bugzilla.suse.com/1188520"
},
{
"category": "self",
"summary": "SUSE Bug 1188914",
"url": "https://bugzilla.suse.com/1188914"
},
{
"category": "self",
"summary": "SUSE Bug 1193166",
"url": "https://bugzilla.suse.com/1193166"
},
{
"category": "self",
"summary": "SUSE Bug 1193273",
"url": "https://bugzilla.suse.com/1193273"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-14370 page",
"url": "https://www.suse.com/security/cve/CVE-2020-14370/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15157 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15157/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-20199 page",
"url": "https://www.suse.com/security/cve/CVE-2021-20199/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-20291 page",
"url": "https://www.suse.com/security/cve/CVE-2021-20291/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3602 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3602/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-4024 page",
"url": "https://www.suse.com/security/cve/CVE-2021-4024/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-41190 page",
"url": "https://www.suse.com/security/cve/CVE-2021-41190/"
}
],
"title": "Security update for conmon, libcontainers-common, libseccomp, podman",
"tracking": {
"current_release_date": "2022-03-04T07:31:54Z",
"generator": {
"date": "2022-03-04T07:31:54Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2022:23018-1",
"initial_release_date": "2022-03-04T07:31:54Z",
"revision_history": [
{
"date": "2022-03-04T07:31:54Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "conmon-2.0.30-150300.8.3.1.aarch64",
"product": {
"name": "conmon-2.0.30-150300.8.3.1.aarch64",
"product_id": "conmon-2.0.30-150300.8.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"product": {
"name": "libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"product_id": "libseccomp-devel-2.5.3-150300.10.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "libseccomp-tools-2.5.3-150300.10.5.1.aarch64",
"product": {
"name": "libseccomp-tools-2.5.3-150300.10.5.1.aarch64",
"product_id": "libseccomp-tools-2.5.3-150300.10.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "libseccomp2-2.5.3-150300.10.5.1.aarch64",
"product": {
"name": "libseccomp2-2.5.3-150300.10.5.1.aarch64",
"product_id": "libseccomp2-2.5.3-150300.10.5.1.aarch64"
}
},
{
"category": "product_version",
"name": "podman-3.4.4-150300.9.3.2.aarch64",
"product": {
"name": "podman-3.4.4-150300.9.3.2.aarch64",
"product_id": "podman-3.4.4-150300.9.3.2.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libcontainers-common-20210626-150300.8.3.1.noarch",
"product": {
"name": "libcontainers-common-20210626-150300.8.3.1.noarch",
"product_id": "libcontainers-common-20210626-150300.8.3.1.noarch"
}
},
{
"category": "product_version",
"name": "podman-cni-config-3.4.4-150300.9.3.2.noarch",
"product": {
"name": "podman-cni-config-3.4.4-150300.9.3.2.noarch",
"product_id": "podman-cni-config-3.4.4-150300.9.3.2.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "conmon-2.0.30-150300.8.3.1.ppc64le",
"product": {
"name": "conmon-2.0.30-150300.8.3.1.ppc64le",
"product_id": "conmon-2.0.30-150300.8.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"product": {
"name": "libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"product_id": "libseccomp-devel-2.5.3-150300.10.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libseccomp-tools-2.5.3-150300.10.5.1.ppc64le",
"product": {
"name": "libseccomp-tools-2.5.3-150300.10.5.1.ppc64le",
"product_id": "libseccomp-tools-2.5.3-150300.10.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"product": {
"name": "libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"product_id": "libseccomp2-2.5.3-150300.10.5.1.ppc64le"
}
},
{
"category": "product_version",
"name": "podman-3.4.4-150300.9.3.2.ppc64le",
"product": {
"name": "podman-3.4.4-150300.9.3.2.ppc64le",
"product_id": "podman-3.4.4-150300.9.3.2.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "conmon-2.0.30-150300.8.3.1.s390x",
"product": {
"name": "conmon-2.0.30-150300.8.3.1.s390x",
"product_id": "conmon-2.0.30-150300.8.3.1.s390x"
}
},
{
"category": "product_version",
"name": "libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"product": {
"name": "libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"product_id": "libseccomp-devel-2.5.3-150300.10.5.1.s390x"
}
},
{
"category": "product_version",
"name": "libseccomp-tools-2.5.3-150300.10.5.1.s390x",
"product": {
"name": "libseccomp-tools-2.5.3-150300.10.5.1.s390x",
"product_id": "libseccomp-tools-2.5.3-150300.10.5.1.s390x"
}
},
{
"category": "product_version",
"name": "libseccomp2-2.5.3-150300.10.5.1.s390x",
"product": {
"name": "libseccomp2-2.5.3-150300.10.5.1.s390x",
"product_id": "libseccomp2-2.5.3-150300.10.5.1.s390x"
}
},
{
"category": "product_version",
"name": "podman-3.4.4-150300.9.3.2.s390x",
"product": {
"name": "podman-3.4.4-150300.9.3.2.s390x",
"product_id": "podman-3.4.4-150300.9.3.2.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "conmon-2.0.30-150300.8.3.1.x86_64",
"product": {
"name": "conmon-2.0.30-150300.8.3.1.x86_64",
"product_id": "conmon-2.0.30-150300.8.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"product": {
"name": "libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"product_id": "libseccomp-devel-2.5.3-150300.10.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "libseccomp-tools-2.5.3-150300.10.5.1.x86_64",
"product": {
"name": "libseccomp-tools-2.5.3-150300.10.5.1.x86_64",
"product_id": "libseccomp-tools-2.5.3-150300.10.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "libseccomp2-2.5.3-150300.10.5.1.x86_64",
"product": {
"name": "libseccomp2-2.5.3-150300.10.5.1.x86_64",
"product_id": "libseccomp2-2.5.3-150300.10.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "libseccomp2-32bit-2.5.3-150300.10.5.1.x86_64",
"product": {
"name": "libseccomp2-32bit-2.5.3-150300.10.5.1.x86_64",
"product_id": "libseccomp2-32bit-2.5.3-150300.10.5.1.x86_64"
}
},
{
"category": "product_version",
"name": "podman-3.4.4-150300.9.3.2.x86_64",
"product": {
"name": "podman-3.4.4-150300.9.3.2.x86_64",
"product_id": "podman-3.4.4-150300.9.3.2.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.3",
"product": {
"name": "openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.3"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2.0.30-150300.8.3.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.aarch64"
},
"product_reference": "conmon-2.0.30-150300.8.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2.0.30-150300.8.3.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.ppc64le"
},
"product_reference": "conmon-2.0.30-150300.8.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2.0.30-150300.8.3.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.s390x"
},
"product_reference": "conmon-2.0.30-150300.8.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "conmon-2.0.30-150300.8.3.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.x86_64"
},
"product_reference": "conmon-2.0.30-150300.8.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcontainers-common-20210626-150300.8.3.1.noarch as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:libcontainers-common-20210626-150300.8.3.1.noarch"
},
"product_reference": "libcontainers-common-20210626-150300.8.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libseccomp-devel-2.5.3-150300.10.5.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64"
},
"product_reference": "libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libseccomp-devel-2.5.3-150300.10.5.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le"
},
"product_reference": "libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libseccomp-devel-2.5.3-150300.10.5.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.s390x"
},
"product_reference": "libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libseccomp-devel-2.5.3-150300.10.5.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64"
},
"product_reference": "libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libseccomp-tools-2.5.3-150300.10.5.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.aarch64"
},
"product_reference": "libseccomp-tools-2.5.3-150300.10.5.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libseccomp-tools-2.5.3-150300.10.5.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.ppc64le"
},
"product_reference": "libseccomp-tools-2.5.3-150300.10.5.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libseccomp-tools-2.5.3-150300.10.5.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.s390x"
},
"product_reference": "libseccomp-tools-2.5.3-150300.10.5.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libseccomp-tools-2.5.3-150300.10.5.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.x86_64"
},
"product_reference": "libseccomp-tools-2.5.3-150300.10.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libseccomp2-2.5.3-150300.10.5.1.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.aarch64"
},
"product_reference": "libseccomp2-2.5.3-150300.10.5.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libseccomp2-2.5.3-150300.10.5.1.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.ppc64le"
},
"product_reference": "libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libseccomp2-2.5.3-150300.10.5.1.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.s390x"
},
"product_reference": "libseccomp2-2.5.3-150300.10.5.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libseccomp2-2.5.3-150300.10.5.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.x86_64"
},
"product_reference": "libseccomp2-2.5.3-150300.10.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libseccomp2-32bit-2.5.3-150300.10.5.1.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:libseccomp2-32bit-2.5.3-150300.10.5.1.x86_64"
},
"product_reference": "libseccomp2-32bit-2.5.3-150300.10.5.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-3.4.4-150300.9.3.2.aarch64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.aarch64"
},
"product_reference": "podman-3.4.4-150300.9.3.2.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-3.4.4-150300.9.3.2.ppc64le as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.ppc64le"
},
"product_reference": "podman-3.4.4-150300.9.3.2.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-3.4.4-150300.9.3.2.s390x as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.s390x"
},
"product_reference": "podman-3.4.4-150300.9.3.2.s390x",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-3.4.4-150300.9.3.2.x86_64 as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.x86_64"
},
"product_reference": "podman-3.4.4-150300.9.3.2.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-cni-config-3.4.4-150300.9.3.2.noarch as component of openSUSE Leap 15.3",
"product_id": "openSUSE Leap 15.3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
},
"product_reference": "podman-cni-config-3.4.4-150300.9.3.2.noarch",
"relates_to_product_reference": "openSUSE Leap 15.3"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-14370",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-14370"
}
],
"notes": [
{
"category": "general",
"text": "An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.aarch64",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.ppc64le",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.s390x",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.x86_64",
"openSUSE Leap 15.3:libcontainers-common-20210626-150300.8.3.1.noarch",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-32bit-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.aarch64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.ppc64le",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.s390x",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.x86_64",
"openSUSE Leap 15.3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-14370",
"url": "https://www.suse.com/security/cve/CVE-2020-14370"
},
{
"category": "external",
"summary": "SUSE Bug 1176804 for CVE-2020-14370",
"url": "https://bugzilla.suse.com/1176804"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.aarch64",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.ppc64le",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.s390x",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.x86_64",
"openSUSE Leap 15.3:libcontainers-common-20210626-150300.8.3.1.noarch",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-32bit-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.aarch64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.ppc64le",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.s390x",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.x86_64",
"openSUSE Leap 15.3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.aarch64",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.ppc64le",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.s390x",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.x86_64",
"openSUSE Leap 15.3:libcontainers-common-20210626-150300.8.3.1.noarch",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-32bit-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.aarch64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.ppc64le",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.s390x",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.x86_64",
"openSUSE Leap 15.3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-04T07:31:54Z",
"details": "moderate"
}
],
"title": "CVE-2020-14370"
},
{
"cve": "CVE-2020-15157",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15157"
}
],
"notes": [
{
"category": "general",
"text": "In containerd (an industry-standard container runtime) before version 1.2.14 there is a credential leaking vulnerability. If a container image manifest in the OCI Image format or Docker Image V2 Schema 2 format includes a URL for the location of a specific image layer (otherwise known as a \"foreign layer\"), the default containerd resolver will follow that URL to attempt to download it. In v1.2.x but not 1.3.0 or later, the default containerd resolver will provide its authentication credentials if the server where the URL is located presents an HTTP 401 status code along with registry-specific HTTP headers. If an attacker publishes a public image with a manifest that directs one of the layers to be fetched from a web server they control and they trick a user or system into pulling the image, they can obtain the credentials used for pulling that image. In some cases, this may be the user\u0027s username and password for the registry. In other cases, this may be the credentials attached to the cloud virtual instance which can grant access to other cloud resources in the account. The default containerd resolver is used by the cri-containerd plugin (which can be used by Kubernetes), the ctr development tool, and other client programs that have explicitly linked against it. This vulnerability has been fixed in containerd 1.2.14. containerd 1.3 and later are not affected. If you are using containerd 1.3 or later, you are not affected. If you are using cri-containerd in the 1.2 series or prior, you should ensure you only pull images from trusted sources. Other container runtimes built on top of containerd but not using the default resolver (such as Docker) are not affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.aarch64",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.ppc64le",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.s390x",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.x86_64",
"openSUSE Leap 15.3:libcontainers-common-20210626-150300.8.3.1.noarch",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-32bit-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.aarch64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.ppc64le",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.s390x",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.x86_64",
"openSUSE Leap 15.3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15157",
"url": "https://www.suse.com/security/cve/CVE-2020-15157"
},
{
"category": "external",
"summary": "SUSE Bug 1177598 for CVE-2020-15157",
"url": "https://bugzilla.suse.com/1177598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.aarch64",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.ppc64le",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.s390x",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.x86_64",
"openSUSE Leap 15.3:libcontainers-common-20210626-150300.8.3.1.noarch",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-32bit-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.aarch64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.ppc64le",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.s390x",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.x86_64",
"openSUSE Leap 15.3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.aarch64",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.ppc64le",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.s390x",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.x86_64",
"openSUSE Leap 15.3:libcontainers-common-20210626-150300.8.3.1.noarch",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-32bit-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.aarch64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.ppc64le",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.s390x",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.x86_64",
"openSUSE Leap 15.3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-04T07:31:54Z",
"details": "moderate"
}
],
"title": "CVE-2020-15157"
},
{
"cve": "CVE-2021-20199",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-20199"
}
],
"notes": [
{
"category": "general",
"text": "Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 (including from remote hosts). This impacts containerized applications that trust localhost (127.0.01) connections by default and do not require authentication. This issue affects Podman 1.8.0 onwards.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.aarch64",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.ppc64le",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.s390x",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.x86_64",
"openSUSE Leap 15.3:libcontainers-common-20210626-150300.8.3.1.noarch",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-32bit-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.aarch64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.ppc64le",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.s390x",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.x86_64",
"openSUSE Leap 15.3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-20199",
"url": "https://www.suse.com/security/cve/CVE-2021-20199"
},
{
"category": "external",
"summary": "SUSE Bug 1181640 for CVE-2021-20199",
"url": "https://bugzilla.suse.com/1181640"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.aarch64",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.ppc64le",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.s390x",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.x86_64",
"openSUSE Leap 15.3:libcontainers-common-20210626-150300.8.3.1.noarch",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-32bit-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.aarch64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.ppc64le",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.s390x",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.x86_64",
"openSUSE Leap 15.3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.aarch64",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.ppc64le",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.s390x",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.x86_64",
"openSUSE Leap 15.3:libcontainers-common-20210626-150300.8.3.1.noarch",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-32bit-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.aarch64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.ppc64le",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.s390x",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.x86_64",
"openSUSE Leap 15.3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-04T07:31:54Z",
"details": "low"
}
],
"title": "CVE-2021-20199"
},
{
"cve": "CVE-2021-20291",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-20291"
}
],
"notes": [
{
"category": "general",
"text": "A deadlock vulnerability was found in \u0027github.com/containers/storage\u0027 in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.aarch64",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.ppc64le",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.s390x",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.x86_64",
"openSUSE Leap 15.3:libcontainers-common-20210626-150300.8.3.1.noarch",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-32bit-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.aarch64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.ppc64le",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.s390x",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.x86_64",
"openSUSE Leap 15.3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-20291",
"url": "https://www.suse.com/security/cve/CVE-2021-20291"
},
{
"category": "external",
"summary": "SUSE Bug 1196497 for CVE-2021-20291",
"url": "https://bugzilla.suse.com/1196497"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.aarch64",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.ppc64le",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.s390x",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.x86_64",
"openSUSE Leap 15.3:libcontainers-common-20210626-150300.8.3.1.noarch",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-32bit-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.aarch64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.ppc64le",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.s390x",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.x86_64",
"openSUSE Leap 15.3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.aarch64",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.ppc64le",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.s390x",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.x86_64",
"openSUSE Leap 15.3:libcontainers-common-20210626-150300.8.3.1.noarch",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-32bit-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.aarch64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.ppc64le",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.s390x",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.x86_64",
"openSUSE Leap 15.3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-04T07:31:54Z",
"details": "moderate"
}
],
"title": "CVE-2021-20291"
},
{
"cve": "CVE-2021-3602",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3602"
}
],
"notes": [
{
"category": "general",
"text": "An information disclosure flaw was found in Buildah, when building containers using chroot isolation. Running processes in container builds (e.g. Dockerfile RUN commands) can access environment variables from parent and grandparent processes. When run in a container in a CI/CD environment, environment variables may include sensitive information that was shared with the container in order to be used only by Buildah itself (e.g. container registry credentials).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.aarch64",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.ppc64le",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.s390x",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.x86_64",
"openSUSE Leap 15.3:libcontainers-common-20210626-150300.8.3.1.noarch",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-32bit-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.aarch64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.ppc64le",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.s390x",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.x86_64",
"openSUSE Leap 15.3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3602",
"url": "https://www.suse.com/security/cve/CVE-2021-3602"
},
{
"category": "external",
"summary": "SUSE Bug 1188520 for CVE-2021-3602",
"url": "https://bugzilla.suse.com/1188520"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.aarch64",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.ppc64le",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.s390x",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.x86_64",
"openSUSE Leap 15.3:libcontainers-common-20210626-150300.8.3.1.noarch",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-32bit-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.aarch64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.ppc64le",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.s390x",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.x86_64",
"openSUSE Leap 15.3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.aarch64",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.ppc64le",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.s390x",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.x86_64",
"openSUSE Leap 15.3:libcontainers-common-20210626-150300.8.3.1.noarch",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-32bit-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.aarch64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.ppc64le",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.s390x",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.x86_64",
"openSUSE Leap 15.3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-04T07:31:54Z",
"details": "moderate"
}
],
"title": "CVE-2021-3602"
},
{
"cve": "CVE-2021-4024",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-4024"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was found in podman. The `podman machine` function (used to create and manage Podman virtual machine containing a Podman process) spawns a `gvproxy` process on the host system. The `gvproxy` API is accessible on port 7777 on all IP addresses on the host. If that port is open on the host\u0027s firewall, an attacker can potentially use the `gvproxy` API to forward ports on the host to ports in the VM, making private services on the VM accessible to the network. This issue could be also used to interrupt the host\u0027s services by forwarding all ports to the VM.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.aarch64",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.ppc64le",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.s390x",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.x86_64",
"openSUSE Leap 15.3:libcontainers-common-20210626-150300.8.3.1.noarch",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-32bit-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.aarch64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.ppc64le",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.s390x",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.x86_64",
"openSUSE Leap 15.3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-4024",
"url": "https://www.suse.com/security/cve/CVE-2021-4024"
},
{
"category": "external",
"summary": "SUSE Bug 1193166 for CVE-2021-4024",
"url": "https://bugzilla.suse.com/1193166"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.aarch64",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.ppc64le",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.s390x",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.x86_64",
"openSUSE Leap 15.3:libcontainers-common-20210626-150300.8.3.1.noarch",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-32bit-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.aarch64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.ppc64le",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.s390x",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.x86_64",
"openSUSE Leap 15.3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.aarch64",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.ppc64le",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.s390x",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.x86_64",
"openSUSE Leap 15.3:libcontainers-common-20210626-150300.8.3.1.noarch",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-32bit-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.aarch64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.ppc64le",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.s390x",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.x86_64",
"openSUSE Leap 15.3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-04T07:31:54Z",
"details": "moderate"
}
],
"title": "CVE-2021-4024"
},
{
"cve": "CVE-2021-41190",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-41190"
}
],
"notes": [
{
"category": "general",
"text": "The OCI Distribution Spec project defines an API protocol to facilitate and standardize the distribution of content. In the OCI Distribution Specification version 1.0.0 and prior, the Content-Type header alone was used to determine the type of document during push and pull operations. Documents that contain both \"manifests\" and \"layers\" fields could be interpreted as either a manifest or an index in the absence of an accompanying Content-Type header. If a Content-Type header changed between two pulls of the same digest, a client may interpret the resulting content differently. The OCI Distribution Specification has been updated to require that a mediaType value present in a manifest or index match the Content-Type header used during the push and pull operations. Clients pulling from a registry may distrust the Content-Type header and reject an ambiguous document that contains both \"manifests\" and \"layers\" fields or \"manifests\" and \"config\" fields if they are unable to update to version 1.0.1 of the spec.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.aarch64",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.ppc64le",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.s390x",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.x86_64",
"openSUSE Leap 15.3:libcontainers-common-20210626-150300.8.3.1.noarch",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-32bit-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.aarch64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.ppc64le",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.s390x",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.x86_64",
"openSUSE Leap 15.3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-41190",
"url": "https://www.suse.com/security/cve/CVE-2021-41190"
},
{
"category": "external",
"summary": "SUSE Bug 1193273 for CVE-2021-41190",
"url": "https://bugzilla.suse.com/1193273"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.aarch64",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.ppc64le",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.s390x",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.x86_64",
"openSUSE Leap 15.3:libcontainers-common-20210626-150300.8.3.1.noarch",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-32bit-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.aarch64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.ppc64le",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.s390x",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.x86_64",
"openSUSE Leap 15.3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.aarch64",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.ppc64le",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.s390x",
"openSUSE Leap 15.3:conmon-2.0.30-150300.8.3.1.x86_64",
"openSUSE Leap 15.3:libcontainers-common-20210626-150300.8.3.1.noarch",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-devel-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp-tools-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.aarch64",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.ppc64le",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.s390x",
"openSUSE Leap 15.3:libseccomp2-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:libseccomp2-32bit-2.5.3-150300.10.5.1.x86_64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.aarch64",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.ppc64le",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.s390x",
"openSUSE Leap 15.3:podman-3.4.4-150300.9.3.2.x86_64",
"openSUSE Leap 15.3:podman-cni-config-3.4.4-150300.9.3.2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2022-03-04T07:31:54Z",
"details": "moderate"
}
],
"title": "CVE-2021-41190"
}
]
}
OPENSUSE-SU-2024:11177-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
podman-3.3.1-2.1 on GA media
Notes
Title of the patch
podman-3.3.1-2.1 on GA media
Description of the patch
These are all security issues fixed in the podman-3.3.1-2.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-11177
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "podman-3.3.1-2.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the podman-3.3.1-2.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-11177",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11177-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2018-10856 page",
"url": "https://www.suse.com/security/cve/CVE-2018-10856/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10152 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10152/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2019-10214 page",
"url": "https://www.suse.com/security/cve/CVE-2019-10214/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-14370 page",
"url": "https://www.suse.com/security/cve/CVE-2020-14370/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-1726 page",
"url": "https://www.suse.com/security/cve/CVE-2020-1726/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-20199 page",
"url": "https://www.suse.com/security/cve/CVE-2021-20199/"
}
],
"title": "podman-3.3.1-2.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:11177-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "podman-3.3.1-2.1.aarch64",
"product": {
"name": "podman-3.3.1-2.1.aarch64",
"product_id": "podman-3.3.1-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "podman-cni-config-3.3.1-2.1.aarch64",
"product": {
"name": "podman-cni-config-3.3.1-2.1.aarch64",
"product_id": "podman-cni-config-3.3.1-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "podman-docker-3.3.1-2.1.aarch64",
"product": {
"name": "podman-docker-3.3.1-2.1.aarch64",
"product_id": "podman-docker-3.3.1-2.1.aarch64"
}
},
{
"category": "product_version",
"name": "podman-remote-3.3.1-2.1.aarch64",
"product": {
"name": "podman-remote-3.3.1-2.1.aarch64",
"product_id": "podman-remote-3.3.1-2.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-3.3.1-2.1.ppc64le",
"product": {
"name": "podman-3.3.1-2.1.ppc64le",
"product_id": "podman-3.3.1-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "podman-cni-config-3.3.1-2.1.ppc64le",
"product": {
"name": "podman-cni-config-3.3.1-2.1.ppc64le",
"product_id": "podman-cni-config-3.3.1-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "podman-docker-3.3.1-2.1.ppc64le",
"product": {
"name": "podman-docker-3.3.1-2.1.ppc64le",
"product_id": "podman-docker-3.3.1-2.1.ppc64le"
}
},
{
"category": "product_version",
"name": "podman-remote-3.3.1-2.1.ppc64le",
"product": {
"name": "podman-remote-3.3.1-2.1.ppc64le",
"product_id": "podman-remote-3.3.1-2.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-3.3.1-2.1.s390x",
"product": {
"name": "podman-3.3.1-2.1.s390x",
"product_id": "podman-3.3.1-2.1.s390x"
}
},
{
"category": "product_version",
"name": "podman-cni-config-3.3.1-2.1.s390x",
"product": {
"name": "podman-cni-config-3.3.1-2.1.s390x",
"product_id": "podman-cni-config-3.3.1-2.1.s390x"
}
},
{
"category": "product_version",
"name": "podman-docker-3.3.1-2.1.s390x",
"product": {
"name": "podman-docker-3.3.1-2.1.s390x",
"product_id": "podman-docker-3.3.1-2.1.s390x"
}
},
{
"category": "product_version",
"name": "podman-remote-3.3.1-2.1.s390x",
"product": {
"name": "podman-remote-3.3.1-2.1.s390x",
"product_id": "podman-remote-3.3.1-2.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-3.3.1-2.1.x86_64",
"product": {
"name": "podman-3.3.1-2.1.x86_64",
"product_id": "podman-3.3.1-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "podman-cni-config-3.3.1-2.1.x86_64",
"product": {
"name": "podman-cni-config-3.3.1-2.1.x86_64",
"product_id": "podman-cni-config-3.3.1-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "podman-docker-3.3.1-2.1.x86_64",
"product": {
"name": "podman-docker-3.3.1-2.1.x86_64",
"product_id": "podman-docker-3.3.1-2.1.x86_64"
}
},
{
"category": "product_version",
"name": "podman-remote-3.3.1-2.1.x86_64",
"product": {
"name": "podman-remote-3.3.1-2.1.x86_64",
"product_id": "podman-remote-3.3.1-2.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-3.3.1-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:podman-3.3.1-2.1.aarch64"
},
"product_reference": "podman-3.3.1-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-3.3.1-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:podman-3.3.1-2.1.ppc64le"
},
"product_reference": "podman-3.3.1-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-3.3.1-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:podman-3.3.1-2.1.s390x"
},
"product_reference": "podman-3.3.1-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-3.3.1-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:podman-3.3.1-2.1.x86_64"
},
"product_reference": "podman-3.3.1-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-cni-config-3.3.1-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.aarch64"
},
"product_reference": "podman-cni-config-3.3.1-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-cni-config-3.3.1-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.ppc64le"
},
"product_reference": "podman-cni-config-3.3.1-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-cni-config-3.3.1-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.s390x"
},
"product_reference": "podman-cni-config-3.3.1-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-cni-config-3.3.1-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.x86_64"
},
"product_reference": "podman-cni-config-3.3.1-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-3.3.1-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:podman-docker-3.3.1-2.1.aarch64"
},
"product_reference": "podman-docker-3.3.1-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-3.3.1-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:podman-docker-3.3.1-2.1.ppc64le"
},
"product_reference": "podman-docker-3.3.1-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-3.3.1-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:podman-docker-3.3.1-2.1.s390x"
},
"product_reference": "podman-docker-3.3.1-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-docker-3.3.1-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:podman-docker-3.3.1-2.1.x86_64"
},
"product_reference": "podman-docker-3.3.1-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-3.3.1-2.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:podman-remote-3.3.1-2.1.aarch64"
},
"product_reference": "podman-remote-3.3.1-2.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-3.3.1-2.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:podman-remote-3.3.1-2.1.ppc64le"
},
"product_reference": "podman-remote-3.3.1-2.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-3.3.1-2.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:podman-remote-3.3.1-2.1.s390x"
},
"product_reference": "podman-remote-3.3.1-2.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-remote-3.3.1-2.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:podman-remote-3.3.1-2.1.x86_64"
},
"product_reference": "podman-remote-3.3.1-2.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-10856",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2018-10856"
}
],
"notes": [
{
"category": "general",
"text": "It has been discovered that podman before version 0.6.1 does not drop capabilities when executing a container as a non-root user. This results in unnecessary privileges being granted to the container.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:podman-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2018-10856",
"url": "https://www.suse.com/security/cve/CVE-2018-10856"
},
{
"category": "external",
"summary": "SUSE Bug 1097970 for CVE-2018-10856",
"url": "https://bugzilla.suse.com/1097970"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:podman-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:podman-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2018-10856"
},
{
"cve": "CVE-2019-10152",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10152"
}
],
"notes": [
{
"category": "general",
"text": "A path traversal vulnerability has been discovered in podman before version 1.4.0 in the way it handles symlinks inside containers. An attacker who has compromised an existing container can cause arbitrary files on the host filesystem to be read/written when an administrator tries to copy a file from/to the container.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:podman-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10152",
"url": "https://www.suse.com/security/cve/CVE-2019-10152"
},
{
"category": "external",
"summary": "SUSE Bug 1136974 for CVE-2019-10152",
"url": "https://bugzilla.suse.com/1136974"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:podman-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:podman-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2019-10152"
},
{
"cve": "CVE-2019-10214",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2019-10214"
}
],
"notes": [
{
"category": "general",
"text": "The containers/image library used by the container tools Podman, Buildah, and Skopeo in Red Hat Enterprise Linux version 8 and CRI-O in OpenShift Container Platform, does not enforce TLS connections to the container registry authorization service. An attacker could use this vulnerability to launch a MiTM attack and steal login credentials or bearer tokens.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:podman-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2019-10214",
"url": "https://www.suse.com/security/cve/CVE-2019-10214"
},
{
"category": "external",
"summary": "SUSE Bug 1144065 for CVE-2019-10214",
"url": "https://bugzilla.suse.com/1144065"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:podman-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 9,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"openSUSE Tumbleweed:podman-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "important"
}
],
"title": "CVE-2019-10214"
},
{
"cve": "CVE-2020-14370",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-14370"
}
],
"notes": [
{
"category": "general",
"text": "An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:podman-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-14370",
"url": "https://www.suse.com/security/cve/CVE-2020-14370"
},
{
"category": "external",
"summary": "SUSE Bug 1176804 for CVE-2020-14370",
"url": "https://bugzilla.suse.com/1176804"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:podman-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:podman-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-14370"
},
{
"cve": "CVE-2020-1726",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-1726"
}
],
"notes": [
{
"category": "general",
"text": "A flaw was discovered in Podman where it incorrectly allows containers when created to overwrite existing files in volumes, even if they are mounted as read-only. When a user runs a malicious container or a container based on a malicious image with an attached volume that is used for the first time, it is possible to trigger the flaw and overwrite files in the volume.This issue was introduced in version 1.6.0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:podman-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-1726",
"url": "https://www.suse.com/security/cve/CVE-2020-1726"
},
{
"category": "external",
"summary": "SUSE Bug 1164090 for CVE-2020-1726",
"url": "https://bugzilla.suse.com/1164090"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:podman-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:podman-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-1726"
},
{
"cve": "CVE-2021-20199",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-20199"
}
],
"notes": [
{
"category": "general",
"text": "Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 (including from remote hosts). This impacts containerized applications that trust localhost (127.0.01) connections by default and do not require authentication. This issue affects Podman 1.8.0 onwards.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:podman-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-20199",
"url": "https://www.suse.com/security/cve/CVE-2021-20199"
},
{
"category": "external",
"summary": "SUSE Bug 1181640 for CVE-2021-20199",
"url": "https://bugzilla.suse.com/1181640"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:podman-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:podman-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-cni-config-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-docker-3.3.1-2.1.x86_64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.aarch64",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.ppc64le",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.s390x",
"openSUSE Tumbleweed:podman-remote-3.3.1-2.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2021-20199"
}
]
}
OPENSUSE-SU-2024:11757-1
Vulnerability from csaf_opensuse - Published: 2024-06-15 00:00 - Updated: 2024-06-15 00:00Summary
libcontainers-common-20210626-7.1 on GA media
Notes
Title of the patch
libcontainers-common-20210626-7.1 on GA media
Description of the patch
These are all security issues fixed in the libcontainers-common-20210626-7.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-11757
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "libcontainers-common-20210626-7.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the libcontainers-common-20210626-7.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-11757",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_11757-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-14370 page",
"url": "https://www.suse.com/security/cve/CVE-2020-14370/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-15157 page",
"url": "https://www.suse.com/security/cve/CVE-2020-15157/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-20199 page",
"url": "https://www.suse.com/security/cve/CVE-2021-20199/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-20291 page",
"url": "https://www.suse.com/security/cve/CVE-2021-20291/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-3602 page",
"url": "https://www.suse.com/security/cve/CVE-2021-3602/"
}
],
"title": "libcontainers-common-20210626-7.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:11757-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "libcontainers-common-20210626-7.1.aarch64",
"product": {
"name": "libcontainers-common-20210626-7.1.aarch64",
"product_id": "libcontainers-common-20210626-7.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "libcontainers-common-20210626-7.1.ppc64le",
"product": {
"name": "libcontainers-common-20210626-7.1.ppc64le",
"product_id": "libcontainers-common-20210626-7.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "libcontainers-common-20210626-7.1.s390x",
"product": {
"name": "libcontainers-common-20210626-7.1.s390x",
"product_id": "libcontainers-common-20210626-7.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "libcontainers-common-20210626-7.1.x86_64",
"product": {
"name": "libcontainers-common-20210626-7.1.x86_64",
"product_id": "libcontainers-common-20210626-7.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "libcontainers-common-20210626-7.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libcontainers-common-20210626-7.1.aarch64"
},
"product_reference": "libcontainers-common-20210626-7.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcontainers-common-20210626-7.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libcontainers-common-20210626-7.1.ppc64le"
},
"product_reference": "libcontainers-common-20210626-7.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcontainers-common-20210626-7.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libcontainers-common-20210626-7.1.s390x"
},
"product_reference": "libcontainers-common-20210626-7.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "libcontainers-common-20210626-7.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:libcontainers-common-20210626-7.1.x86_64"
},
"product_reference": "libcontainers-common-20210626-7.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-14370",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-14370"
}
],
"notes": [
{
"category": "general",
"text": "An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.aarch64",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.ppc64le",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.s390x",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-14370",
"url": "https://www.suse.com/security/cve/CVE-2020-14370"
},
{
"category": "external",
"summary": "SUSE Bug 1176804 for CVE-2020-14370",
"url": "https://bugzilla.suse.com/1176804"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.aarch64",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.ppc64le",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.s390x",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.aarch64",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.ppc64le",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.s390x",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-14370"
},
{
"cve": "CVE-2020-15157",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-15157"
}
],
"notes": [
{
"category": "general",
"text": "In containerd (an industry-standard container runtime) before version 1.2.14 there is a credential leaking vulnerability. If a container image manifest in the OCI Image format or Docker Image V2 Schema 2 format includes a URL for the location of a specific image layer (otherwise known as a \"foreign layer\"), the default containerd resolver will follow that URL to attempt to download it. In v1.2.x but not 1.3.0 or later, the default containerd resolver will provide its authentication credentials if the server where the URL is located presents an HTTP 401 status code along with registry-specific HTTP headers. If an attacker publishes a public image with a manifest that directs one of the layers to be fetched from a web server they control and they trick a user or system into pulling the image, they can obtain the credentials used for pulling that image. In some cases, this may be the user\u0027s username and password for the registry. In other cases, this may be the credentials attached to the cloud virtual instance which can grant access to other cloud resources in the account. The default containerd resolver is used by the cri-containerd plugin (which can be used by Kubernetes), the ctr development tool, and other client programs that have explicitly linked against it. This vulnerability has been fixed in containerd 1.2.14. containerd 1.3 and later are not affected. If you are using containerd 1.3 or later, you are not affected. If you are using cri-containerd in the 1.2 series or prior, you should ensure you only pull images from trusted sources. Other container runtimes built on top of containerd but not using the default resolver (such as Docker) are not affected.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.aarch64",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.ppc64le",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.s390x",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-15157",
"url": "https://www.suse.com/security/cve/CVE-2020-15157"
},
{
"category": "external",
"summary": "SUSE Bug 1177598 for CVE-2020-15157",
"url": "https://bugzilla.suse.com/1177598"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.aarch64",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.ppc64le",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.s390x",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.aarch64",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.ppc64le",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.s390x",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2020-15157"
},
{
"cve": "CVE-2021-20199",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-20199"
}
],
"notes": [
{
"category": "general",
"text": "Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 (including from remote hosts). This impacts containerized applications that trust localhost (127.0.01) connections by default and do not require authentication. This issue affects Podman 1.8.0 onwards.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.aarch64",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.ppc64le",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.s390x",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-20199",
"url": "https://www.suse.com/security/cve/CVE-2021-20199"
},
{
"category": "external",
"summary": "SUSE Bug 1181640 for CVE-2021-20199",
"url": "https://bugzilla.suse.com/1181640"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.aarch64",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.ppc64le",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.s390x",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.aarch64",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.ppc64le",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.s390x",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "low"
}
],
"title": "CVE-2021-20199"
},
{
"cve": "CVE-2021-20291",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-20291"
}
],
"notes": [
{
"category": "general",
"text": "A deadlock vulnerability was found in \u0027github.com/containers/storage\u0027 in versions before 1.28.1. When a container image is processed, each layer is unpacked using `tar`. If one of those layers is not a valid `tar` archive this causes an error leading to an unexpected situation where the code indefinitely waits for the tar unpacked stream, which never finishes. An attacker could use this vulnerability to craft a malicious image, which when downloaded and stored by an application using containers/storage, would then cause a deadlock leading to a Denial of Service (DoS).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.aarch64",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.ppc64le",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.s390x",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-20291",
"url": "https://www.suse.com/security/cve/CVE-2021-20291"
},
{
"category": "external",
"summary": "SUSE Bug 1196497 for CVE-2021-20291",
"url": "https://bugzilla.suse.com/1196497"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.aarch64",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.ppc64le",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.s390x",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.aarch64",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.ppc64le",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.s390x",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-20291"
},
{
"cve": "CVE-2021-3602",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-3602"
}
],
"notes": [
{
"category": "general",
"text": "An information disclosure flaw was found in Buildah, when building containers using chroot isolation. Running processes in container builds (e.g. Dockerfile RUN commands) can access environment variables from parent and grandparent processes. When run in a container in a CI/CD environment, environment variables may include sensitive information that was shared with the container in order to be used only by Buildah itself (e.g. container registry credentials).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.aarch64",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.ppc64le",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.s390x",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-3602",
"url": "https://www.suse.com/security/cve/CVE-2021-3602"
},
{
"category": "external",
"summary": "SUSE Bug 1188520 for CVE-2021-3602",
"url": "https://bugzilla.suse.com/1188520"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.aarch64",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.ppc64le",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.s390x",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.aarch64",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.ppc64le",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.s390x",
"openSUSE Tumbleweed:libcontainers-common-20210626-7.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2021-3602"
}
]
}
OPENSUSE-SU-2020:2063-1
Vulnerability from csaf_opensuse - Published: 2020-11-27 05:23 - Updated: 2020-11-27 05:23Summary
Security update for podman
Notes
Title of the patch
Security update for podman
Description of the patch
This update for podman fixes the following issues:
Security issue fixed:
- This release resolves CVE-2020-14370, in which environment variables could be leaked between containers created using the Varlink API (bsc#1176804).
Non-security issues fixed:
- add dependency to timezone package or podman fails to build a
container (bsc#1178122)
- Install new auto-update system units
- Update to v2.1.1 (bsc#1178392):
* Changes
- The `podman info` command now includes the cgroup manager
Podman is using.
* API
- The REST API now includes a Server header in all responses.
- Fixed a bug where the Libpod and Compat Attach endpoints
could terminate early, before sending all output from the
container.
- Fixed a bug where the Compat Create endpoint for containers
did not properly handle the Interactive parameter.
- Fixed a bug where the Compat Kill endpoint for containers
could continue to run after a fatal error.
- Fixed a bug where the Limit parameter of the Compat List
endpoint for Containers did not properly handle a limit of 0
(returning nothing, instead of all containers) [#7722].
- The Libpod Stats endpoint for containers is being deprecated
and will be replaced by a similar endpoint with additional
features in a future release.
- Changes in v2.1.0
* Features
- A new command, `podman image mount`, has been added. This
allows for an image to be mounted, read-only, to inspect its
contents without creating a container from it [#1433].
- The `podman save` and `podman load` commands can now create
and load archives containing multiple images [#2669].
- Rootless Podman now supports all `podman network` commands,
and rootless containers can now be joined to networks.
- The performance of `podman build` on `ADD` and `COPY`
instructions has been greatly improved, especially when a
`.dockerignore` is present.
- The `podman run` and `podman create` commands now support a
new mode for the `--cgroups` option, `--cgroups=split`.
Podman will create two cgroups under the cgroup it was
launched in, one for the container and one for Conmon. This
mode is useful for running Podman in a systemd unit, as it
ensures that all processes are retained in systemd's cgroup
hierarchy [#6400].
- The `podman run` and `podman create` commands can now specify
options to slirp4netns by using the `--network` option as
follows: `--net slirp4netns:opt1,opt2`. This allows for,
among other things, switching the port forwarder used by
slirp4netns away from rootlessport.
- The `podman ps` command now features a new option,
`--storage`, to show containers from Buildah, CRI-O and other
applications.
- The `podman run` and `podman create` commands now feature a
`--sdnotify` option to control the behavior of systemd's
sdnotify with containers, enabling improved support for
Podman in `Type=notify` units.
- The `podman run` command now features a `--preserve-fds`
opton to pass file descriptors from the host into the
container [#6458].
- The `podman run` and `podman create` commands can now create
overlay volume mounts, by adding the `:O` option to a bind
mount (e.g. `-v /test:/test:O`). Overlay volume mounts will
mount a directory into a container from the host and allow
changes to it, but not write those changes back to the
directory on the host.
- The `podman play kube` command now supports the Socket
HostPath type [#7112].
- The `podman play kube` command now supports read-only mounts.
- The `podman play kube` command now supports setting labels on
pods from Kubernetes metadata labels.
- The `podman play kube` command now supports setting container
restart policy [#7656].
- The `podman play kube` command now properly handles
`HostAlias` entries.
- The `podman generate kube` command now adds entries to
`/etc/hosts` from `--host-add` generated YAML as `HostAlias`
entries.
- The `podman play kube` and `podman generate kube` commands
now properly support `shareProcessNamespace` to share the PID
namespace in pods.
- The `podman volume ls` command now supports the `dangling`
filter to identify volumes that are dangling (not attached to
any container).
- The `podman run` and `podman create` commands now feature a
`--umask` option to set the umask of the created container.
- The `podman create` and `podman run` commands now feature a
`--tz` option to set the timezone within the container [#5128].
- Environment variables for Podman can now be added in the
`containers.conf` configuration file.
- The `--mount` option of `podman run` and `podman create` now
supports a new mount type, `type=devpts`, to add a `devpts`
mount to the container. This is useful for containers that
want to mount `/dev/` from the host into the container, but
still create a terminal.
- The `--security-opt` flag to `podman run` and `podman create`
now supports a new option, `proc-opts`, to specify options
for the container's `/proc` filesystem.
- Podman with the `crun` OCI runtime now supports a new option
to `podman run` and `podman create`, `--cgroup-conf`, which
allows for advanced configuration of cgroups on cgroups v2
systems.
- The `podman create` and `podman run` commands now support a
`--override-variant` option, to override the architecture
variant of the image that will be pulled and ran.
- A new global option has been added to Podman,
`--runtime-flags`, which allows for setting flags to use when
the OCI runtime is called.
- The `podman manifest add` command now supports the
`--cert-dir`, `--auth-file`, `--creds`, and `--tls-verify`
options.
* Security
- This release resolves CVE-2020-14370, in which environment
variables could be leaked between containers created using
the Varlink API.
* Changes
- Podman will now retry pulling an image 3 times if a pull
fails due to network errors.
- The `podman exec` command would previously print error
messages (e.g. `exec session exited with non-zero exit code
-1`) when the command run exited with a non-0 exit code. It
no longer does this. The `podman exec` command will still
exit with the same exit code as the command run in the
container did.
- Error messages when creating a container or pod with a name
that is already in use have been improved.
- For read-only containers running systemd init, Podman creates
a tmpfs filesystem at `/run`. This was previously limited to
65k in size and mounted `noexec`, but is now unlimited size
and mounted `exec`.
- The `podman system reset` command no longer removes
configuration files for rootless Podman.
* API
- The Libpod API version has been bumped to v2.0.0 due to a
breaking change in the Image List API.
- Docker-compatible Volume Endpoints (Create, Inspect, List,
Remove, Prune) are now available!
- Added an endpoint for generating systemd unit files for
containers.
- The `last` parameter to the Libpod container list endpoint
now has an alias, `limit` [#6413].
- The Libpod image list API new returns timestamps in Unix
format, as integer, as opposed to as strings
- The Compat Inspect endpoint for containers now includes port
information in NetworkSettings.
- The Compat List endpoint for images now features limited
support for the (deprecated) `filter` query parameter [#6797].
- Fixed a bug where the Compat Create endpoint for containers
was not correctly handling bind mounts.
- Fixed a bug where the Compat Create endpoint for containers
would not return a 404 when the requested image was not
present.
- Fixed a bug where the Compat Create endpoint for containers
did not properly handle Entrypoint and Command from images.
- Fixed a bug where name history information was not properly
added in the Libpod Image List endpoint.
- Fixed a bug where the Libpod image search endpoint improperly
populated the Description field of responses.
- Added a `noTrunc` option to the Libpod image search endpoint.
- Fixed a bug where the Pod List API would return null, instead
of an empty array, when no pods were present [#7392].
- Fixed a bug where endpoints that hijacked would do perform
the hijack too early, before being ready to send and receive
data [#7195].
- Fixed a bug where Pod endpoints that can operate on multiple
containers at once (e.g. Kill, Pause, Unpause, Stop) would
not forward errors from individual containers that failed.
- The Compat List endpoint for networks now supports filtering
results [#7462].
- Fixed a bug where the Top endpoint for pods would return both
a 500 and 404 when run on a non-existent pod.
- Fixed a bug where Pull endpoints did not stream progress back
to the client.
- The Version endpoints (Libpod and Compat) now provide version
in a format compatible with Docker.
- All non-hijacking responses to API requests should not
include headers with the version of the server.
- Fixed a bug where Libpod and Compat Events endpoints did not
send response headers until the first event occurred [#7263].
- Fixed a bug where the Build endpoints (Compat and Libpod) did
not stream progress to the client.
- Fixed a bug where the Stats endpoints (Compat and Libpod) did
not properly handle clients disconnecting.
- Fixed a bug where the Ignore parameter to the Libpod Stop
endpoint was not performing properly.
- Fixed a bug where the Compat Logs endpoint for containers did
not stream its output in the correct format [#7196].
This update was imported from the SUSE:SLE-15-SP1:Update update project.
Patchnames
openSUSE-2020-2063
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for podman",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for podman fixes the following issues:\n\nSecurity issue fixed:\n\n- This release resolves CVE-2020-14370, in which environment variables could be leaked between containers created using the Varlink API (bsc#1176804).\n\nNon-security issues fixed:\n\n- add dependency to timezone package or podman fails to build a \n container (bsc#1178122)\n\n- Install new auto-update system units\n- Update to v2.1.1 (bsc#1178392):\n * Changes\n - The `podman info` command now includes the cgroup manager\n Podman is using.\n * API\n - The REST API now includes a Server header in all responses.\n - Fixed a bug where the Libpod and Compat Attach endpoints\n could terminate early, before sending all output from the\n container.\n - Fixed a bug where the Compat Create endpoint for containers\n did not properly handle the Interactive parameter.\n - Fixed a bug where the Compat Kill endpoint for containers\n could continue to run after a fatal error.\n - Fixed a bug where the Limit parameter of the Compat List\n endpoint for Containers did not properly handle a limit of 0\n (returning nothing, instead of all containers) [#7722].\n - The Libpod Stats endpoint for containers is being deprecated\n and will be replaced by a similar endpoint with additional\n features in a future release.\n- Changes in v2.1.0\n * Features\n - A new command, `podman image mount`, has been added. This\n allows for an image to be mounted, read-only, to inspect its\n contents without creating a container from it [#1433].\n - The `podman save` and `podman load` commands can now create\n and load archives containing multiple images [#2669].\n - Rootless Podman now supports all `podman network` commands,\n and rootless containers can now be joined to networks.\n - The performance of `podman build` on `ADD` and `COPY`\n instructions has been greatly improved, especially when a\n `.dockerignore` is present.\n - The `podman run` and `podman create` commands now support a\n new mode for the `--cgroups` option, `--cgroups=split`.\n Podman will create two cgroups under the cgroup it was\n launched in, one for the container and one for Conmon. This\n mode is useful for running Podman in a systemd unit, as it\n ensures that all processes are retained in systemd\u0027s cgroup\n hierarchy [#6400].\n - The `podman run` and `podman create` commands can now specify\n options to slirp4netns by using the `--network` option as\n follows: `--net slirp4netns:opt1,opt2`. This allows for,\n among other things, switching the port forwarder used by\n slirp4netns away from rootlessport.\n - The `podman ps` command now features a new option,\n `--storage`, to show containers from Buildah, CRI-O and other\n applications.\n - The `podman run` and `podman create` commands now feature a\n `--sdnotify` option to control the behavior of systemd\u0027s\n sdnotify with containers, enabling improved support for\n Podman in `Type=notify` units.\n - The `podman run` command now features a `--preserve-fds`\n opton to pass file descriptors from the host into the\n container [#6458].\n - The `podman run` and `podman create` commands can now create\n overlay volume mounts, by adding the `:O` option to a bind\n mount (e.g. `-v /test:/test:O`). Overlay volume mounts will\n mount a directory into a container from the host and allow\n changes to it, but not write those changes back to the\n directory on the host.\n - The `podman play kube` command now supports the Socket\n HostPath type [#7112].\n - The `podman play kube` command now supports read-only mounts.\n - The `podman play kube` command now supports setting labels on\n pods from Kubernetes metadata labels.\n - The `podman play kube` command now supports setting container\n restart policy [#7656].\n - The `podman play kube` command now properly handles\n `HostAlias` entries.\n - The `podman generate kube` command now adds entries to\n `/etc/hosts` from `--host-add` generated YAML as `HostAlias`\n entries.\n - The `podman play kube` and `podman generate kube` commands\n now properly support `shareProcessNamespace` to share the PID\n namespace in pods.\n - The `podman volume ls` command now supports the `dangling`\n filter to identify volumes that are dangling (not attached to\n any container).\n - The `podman run` and `podman create` commands now feature a\n `--umask` option to set the umask of the created container.\n - The `podman create` and `podman run` commands now feature a\n `--tz` option to set the timezone within the container [#5128].\n - Environment variables for Podman can now be added in the\n `containers.conf` configuration file.\n - The `--mount` option of `podman run` and `podman create` now\n supports a new mount type, `type=devpts`, to add a `devpts`\n mount to the container. This is useful for containers that\n want to mount `/dev/` from the host into the container, but\n still create a terminal.\n - The `--security-opt` flag to `podman run` and `podman create`\n now supports a new option, `proc-opts`, to specify options\n for the container\u0027s `/proc` filesystem.\n - Podman with the `crun` OCI runtime now supports a new option\n to `podman run` and `podman create`, `--cgroup-conf`, which\n allows for advanced configuration of cgroups on cgroups v2\n systems.\n - The `podman create` and `podman run` commands now support a\n `--override-variant` option, to override the architecture\n variant of the image that will be pulled and ran.\n - A new global option has been added to Podman,\n `--runtime-flags`, which allows for setting flags to use when\n the OCI runtime is called.\n - The `podman manifest add` command now supports the\n `--cert-dir`, `--auth-file`, `--creds`, and `--tls-verify`\n options.\n * Security\n - This release resolves CVE-2020-14370, in which environment\n variables could be leaked between containers created using\n the Varlink API.\n * Changes\n - Podman will now retry pulling an image 3 times if a pull\n fails due to network errors.\n - The `podman exec` command would previously print error\n messages (e.g. `exec session exited with non-zero exit code\n -1`) when the command run exited with a non-0 exit code. It\n no longer does this. The `podman exec` command will still\n exit with the same exit code as the command run in the\n container did.\n - Error messages when creating a container or pod with a name\n that is already in use have been improved.\n - For read-only containers running systemd init, Podman creates\n a tmpfs filesystem at `/run`. This was previously limited to\n 65k in size and mounted `noexec`, but is now unlimited size\n and mounted `exec`.\n - The `podman system reset` command no longer removes\n configuration files for rootless Podman.\n * API\n - The Libpod API version has been bumped to v2.0.0 due to a\n breaking change in the Image List API.\n - Docker-compatible Volume Endpoints (Create, Inspect, List,\n Remove, Prune) are now available!\n - Added an endpoint for generating systemd unit files for\n containers.\n - The `last` parameter to the Libpod container list endpoint\n now has an alias, `limit` [#6413].\n - The Libpod image list API new returns timestamps in Unix\n format, as integer, as opposed to as strings\n - The Compat Inspect endpoint for containers now includes port\n information in NetworkSettings.\n - The Compat List endpoint for images now features limited\n support for the (deprecated) `filter` query parameter [#6797].\n - Fixed a bug where the Compat Create endpoint for containers\n was not correctly handling bind mounts.\n - Fixed a bug where the Compat Create endpoint for containers\n would not return a 404 when the requested image was not\n present.\n - Fixed a bug where the Compat Create endpoint for containers\n did not properly handle Entrypoint and Command from images.\n - Fixed a bug where name history information was not properly\n added in the Libpod Image List endpoint.\n - Fixed a bug where the Libpod image search endpoint improperly\n populated the Description field of responses.\n - Added a `noTrunc` option to the Libpod image search endpoint.\n - Fixed a bug where the Pod List API would return null, instead\n of an empty array, when no pods were present [#7392].\n - Fixed a bug where endpoints that hijacked would do perform\n the hijack too early, before being ready to send and receive\n data [#7195].\n - Fixed a bug where Pod endpoints that can operate on multiple\n containers at once (e.g. Kill, Pause, Unpause, Stop) would\n not forward errors from individual containers that failed.\n - The Compat List endpoint for networks now supports filtering\n results [#7462].\n - Fixed a bug where the Top endpoint for pods would return both\n a 500 and 404 when run on a non-existent pod.\n - Fixed a bug where Pull endpoints did not stream progress back\n to the client.\n - The Version endpoints (Libpod and Compat) now provide version\n in a format compatible with Docker.\n - All non-hijacking responses to API requests should not\n include headers with the version of the server.\n - Fixed a bug where Libpod and Compat Events endpoints did not\n send response headers until the first event occurred [#7263].\n - Fixed a bug where the Build endpoints (Compat and Libpod) did\n not stream progress to the client.\n - Fixed a bug where the Stats endpoints (Compat and Libpod) did\n not properly handle clients disconnecting.\n - Fixed a bug where the Ignore parameter to the Libpod Stop\n endpoint was not performing properly.\n - Fixed a bug where the Compat Logs endpoint for containers did\n not stream its output in the correct format [#7196].\n\nThis update was imported from the SUSE:SLE-15-SP1:Update update project.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2020-2063",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2020_2063-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2020:2063-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WEYG3UZ6PAJGRLA4U75IIT2HGWDPPZWR/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2020:2063-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/WEYG3UZ6PAJGRLA4U75IIT2HGWDPPZWR/"
},
{
"category": "self",
"summary": "SUSE Bug 1176804",
"url": "https://bugzilla.suse.com/1176804"
},
{
"category": "self",
"summary": "SUSE Bug 1178122",
"url": "https://bugzilla.suse.com/1178122"
},
{
"category": "self",
"summary": "SUSE Bug 1178392",
"url": "https://bugzilla.suse.com/1178392"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-14370 page",
"url": "https://www.suse.com/security/cve/CVE-2020-14370/"
}
],
"title": "Security update for podman",
"tracking": {
"current_release_date": "2020-11-27T05:23:48Z",
"generator": {
"date": "2020-11-27T05:23:48Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2020:2063-1",
"initial_release_date": "2020-11-27T05:23:48Z",
"revision_history": [
{
"date": "2020-11-27T05:23:48Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "podman-cni-config-2.1.1-lp152.4.6.1.noarch",
"product": {
"name": "podman-cni-config-2.1.1-lp152.4.6.1.noarch",
"product_id": "podman-cni-config-2.1.1-lp152.4.6.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "podman-2.1.1-lp152.4.6.1.x86_64",
"product": {
"name": "podman-2.1.1-lp152.4.6.1.x86_64",
"product_id": "podman-2.1.1-lp152.4.6.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Leap 15.2",
"product": {
"name": "openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.2"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-2.1.1-lp152.4.6.1.x86_64 as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:podman-2.1.1-lp152.4.6.1.x86_64"
},
"product_reference": "podman-2.1.1-lp152.4.6.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "podman-cni-config-2.1.1-lp152.4.6.1.noarch as component of openSUSE Leap 15.2",
"product_id": "openSUSE Leap 15.2:podman-cni-config-2.1.1-lp152.4.6.1.noarch"
},
"product_reference": "podman-cni-config-2.1.1-lp152.4.6.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.2"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-14370",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-14370"
}
],
"notes": [
{
"category": "general",
"text": "An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Leap 15.2:podman-2.1.1-lp152.4.6.1.x86_64",
"openSUSE Leap 15.2:podman-cni-config-2.1.1-lp152.4.6.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-14370",
"url": "https://www.suse.com/security/cve/CVE-2020-14370"
},
{
"category": "external",
"summary": "SUSE Bug 1176804 for CVE-2020-14370",
"url": "https://bugzilla.suse.com/1176804"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Leap 15.2:podman-2.1.1-lp152.4.6.1.x86_64",
"openSUSE Leap 15.2:podman-cni-config-2.1.1-lp152.4.6.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"openSUSE Leap 15.2:podman-2.1.1-lp152.4.6.1.x86_64",
"openSUSE Leap 15.2:podman-cni-config-2.1.1-lp152.4.6.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2020-11-27T05:23:48Z",
"details": "moderate"
}
],
"title": "CVE-2020-14370"
}
]
}
GHSA-C3WV-QMJJ-45R6
Vulnerability from github – Published: 2024-04-24 21:42 – Updated: 2024-04-24 21:42
VLAI?
Summary
Information disclosure in podman
Details
An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.
Severity ?
5.3 (Medium)
{
"affected": [
{
"package": {
"ecosystem": "Go",
"name": "github.com/containers/podman/v2"
},
"ranges": [
{
"events": [
{
"introduced": "0"
},
{
"fixed": "2.0.5"
}
],
"type": "ECOSYSTEM"
}
]
}
],
"aliases": [
"CVE-2020-14370"
],
"database_specific": {
"cwe_ids": [
"CWE-200",
"CWE-212"
],
"github_reviewed": true,
"github_reviewed_at": "2024-04-24T21:42:22Z",
"nvd_published_at": "2020-09-23T13:15:00Z",
"severity": "MODERATE"
},
"details": "An information disclosure vulnerability was found in containers/podman in versions before 2.0.5. When using the deprecated Varlink API or the Docker-compatible REST API, if multiple containers are created in a short duration, the environment variables from the first container will get leaked into subsequent containers. An attacker who has control over the subsequent containers could use this flaw to gain access to sensitive information stored in such variables.",
"id": "GHSA-c3wv-qmjj-45r6",
"modified": "2024-04-24T21:42:22Z",
"published": "2024-04-24T21:42:22Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2020-14370"
},
{
"type": "WEB",
"url": "https://github.com/containers/podman/commit/a7e864e6e7de894d4edde4fff00e53dc6a0b5074"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1874268"
},
{
"type": "PACKAGE",
"url": "https://github.com/containers/podman"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/G6BPCZX4ASKNONL3MSCK564IVXNYSKLP"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y74V7HGQBNLT6XECCSNZNFZIB7G7XSAR"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z4Y2FSGQWP4AFT5AZ6UBN6RKHVXUBRFV"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"type": "CVSS_V3"
}
],
"summary": "Information disclosure in podman"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…