FEDORA-2019-0937bbf558 created by lsm5 a year ago for Fedora 30
stable

Resolves: #1715668 - CVE-2019-10152

How to install

sudo dnf upgrade --advisory=FEDORA-2019-0937bbf558

This update has been submitted for testing by lsm5.

a year ago

This update test gating status has been changed to 'waiting'.

a year ago

This update test gating status has been changed to 'ignored'.

a year ago
User Icon rishi commented & provided feedback a year ago
karma

Tested with the Silverblue toolbox. This update fixes the regressions in podman-1.3.1.

User Icon santiago commented & provided feedback a year ago
karma

Passes most of docker-autotest; regression on issue #980

I do believe that the addition of %{_libexecdir/crio in 8ee8c09 is a mistake that should be reverted.

This update has been pushed to testing.

a year ago
User Icon jistr commented & provided feedback a year ago
karma

Tested these together:

containernetworking-plugins-0.7.5-1.fc30.x86_64
podman-2:1.4.0-1.fc30.x86_64

WFM, fixes the rootless container issues i've had with podman 1.3.1

This update has been submitted for stable by bodhi.

a year ago

This update has been pushed to stable.

a year ago
User Icon omajid commented & provided feedback a year ago
karma

Can't even install this since it has hit stable:

$ sudo dnf upgrade --advisory=FEDORA-2019-0937bbf558
 Problem 1: cannot install the best update candidate for package podman-2:1.3.1-1.git7210727.fc30.x86_64
  - nothing provides containernetworking-plugins >= 0.7.5-1 needed by podman-2:1.4.0-1.fc30.x86_64
 Problem 2: package podman-docker-2:1.4.0-1.fc30.noarch requires podman = 2:1.4.0-1.fc30, but none of the providers ca
n be installed
  - cannot install the best update candidate for package podman-docker-2:1.3.1-1.git7210727.fc30.noarch
  - nothing provides containernetworking-plugins >= 0.7.5-1 needed by podman-2:1.4.0-1.fc30.x86_64
======================================================================================================================
 Package                       Architecture           Version                           Repository               Size
======================================================================================================================
Skipping packages with broken dependencies:
 podman                        x86_64                 2:1.4.0-1.fc30                    updates                  11 M
 podman-docker                 noarch                 2:1.4.0-1.fc30                    updates                  46 k

Transaction Summary
======================================================================================================================
Skip  2 Packages
Nothing to do.

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
2
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
3
Stable by Time
disabled
Dates
submitted
a year ago
in testing
a year ago
in stable
a year ago
BZ#1715668 CVE-2019-10152 podman: Improper symlink resolution allows access to host files when executing `podman cp` on running containers [fedora-all]
0
0

Automated Test Results