{"update": {"autokarma": true, "autotime": true, "stable_karma": 3, "stable_days": 7, "unstable_karma": -3, "require_bugs": true, "require_testcases": true, "display_name": "", "notes": "Resolves: #1919391, #1926796 - Security fix for CVE-2021-20206\n\n----\n\nAutobuilt v1.19.3\n\n----\n\nAutobuilt v1.19.2\n\n----\n\nAutobuilt v1.19.1\n\n----\n\nAutobuilt v1.19.0\n\n----\n\nharden cgo based golang binaries", "type": "security", "status": "obsolete", "request": null, "severity": "medium", "suggest": "unspecified", "locked": false, "pushed": false, "critpath": false, "critpath_groups": null, "close_bugs": true, "date_submitted": "2021-02-09 15:43:39", "date_modified": null, "date_approved": null, "date_testing": "2021-02-10 00:44:09", "date_stable": null, "alias": "FEDORA-2021-9de636eb33", "test_gating_status": "failed", "from_tag": null, "date_pushed": "2021-02-10 00:44:09", "meets_testing_requirements": false, "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2021-9de636eb33", "title": "buildah-1.19.4-1.fc33", "version_hash": "392aebf5f7bb97db315b11213922443c7932d2c3", "release": {"name": "F33", "long_name": "Fedora 33", "version": "33", "id_prefix": "FEDORA", "branch": "f33", "dist_tag": "f33", "stable_tag": "f33-updates", "testing_tag": "f33-updates-testing", "candidate_tag": "f33-updates-candidate", "pending_signing_tag": "f33-signing-pending", "pending_testing_tag": "f33-updates-testing-pending", "pending_stable_tag": "f33-updates-pending", "override_tag": "f33-override", "mail_template": "fedora_errata_template", "state": "archived", "composed_by_bodhi": true, "create_automatic_updates": false, "package_manager": "dnf", "testing_repository": "updates-testing", "released_on": null, "eol": null, "critpath_mandatory_days_in_testing": 14, "mandatory_days_in_testing": 7, "critpath_min_karma": 2, "min_karma": 1, "setting_status": null}, "user": {"name": "lsm5", "email": "lsm5@redhat.com", "id": 228, "avatar": "https://seccdn.libravatar.org/avatar/05bd0d0810e225c716eba3290a5596c557d1ea3e4e2b0cf0de8e62a925927b5c?s=24&d=retro", "openid": "lsm5.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "container-sig"}]}, "comments": [{"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by lsm5. ", "timestamp": "2021-02-09 15:43:40", "update_id": 282501, "user_id": 91, "id": 1878745, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'failed'.", "timestamp": "2021-02-09 15:43:40", "update_id": 282501, "user_id": 91, "id": 1878746, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'waiting'.", "timestamp": "2021-02-09 15:43:40", "update_id": 282501, "user_id": 91, "id": 1878747, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has obsoleted [buildah-1.19.3-1.fc33](https://bodhi.fedoraproject.org/updates/FEDORA-2021-b1b09d0eb2), and has inherited its bugs and notes.", "timestamp": "2021-02-09 15:43:41", "update_id": 282501, "user_id": 91, "id": 1878749, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'failed'.", "timestamp": "2021-02-09 16:10:49", "update_id": 282501, "user_id": 91, "id": 1878773, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2021-02-10 00:44:48", "update_id": 282501, "user_id": 91, "id": 1879261, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been obsoleted by [buildah-1.19.4-2.fc33](https://bodhi.fedoraproject.org/updates/FEDORA-2021-fb466fb623).", "timestamp": "2021-02-12 00:50:07", "update_id": 282501, "user_id": 91, "id": 1883331, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}], "builds": [{"nvr": "buildah-1.19.4-1.fc33", "signed": true, "release_id": 40, "type": "rpm", "epoch": 0}], "bugs": [{"bug_id": 1919391, "title": "CVE-2021-20206 containernetworking-cni: Arbitrary path injection via type field in CNI configuration", "security": true, "parent": true, "feedback": [{"karma": 0, "comment_id": 1905703, "bug_id": 1919391, "comment": {"karma": 1, "karma_critpath": 0, "text": "verified to work and ran through the core-os testing CI.", "timestamp": "2021-02-24 22:32:10", "update_id": 283234, "user_id": 666, "id": 1905703, "testcase_feedback": [], "user": {"name": "baude", "email": "bbaude@redhat.com", "id": 666, "avatar": "https://seccdn.libravatar.org/avatar/8a610e630eb3cdc1910947684f7f5d2ffb62cdd4abff91c5d45dc5faf2bba1fb?s=24&d=retro", "openid": "baude.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "container-sig"}, {"name": "cla_ibm"}, {"name": "sysadmin-ppc"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 1905865, "bug_id": 1919391, "comment": {"karma": 1, "karma_critpath": 0, "text": "LGTM. Tested podman, buildah, skopeo. There's one persistent buildah failure, in combination-namespaces, but that's a [longstanding bug](https://github.com/containers/buildah/issues/2628)", "timestamp": "2021-02-25 02:32:55", "update_id": 283234, "user_id": 3407, "id": 1905865, "testcase_feedback": [], "user": {"name": "santiago", "email": "santiago@redhat.com", "id": 3407, "avatar": "https://seccdn.libravatar.org/avatar/ea76e06d92bea441997ae5b01983859fcee775de243c13c2efb1731b6f444328?s=24&d=retro", "openid": "santiago.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "container-sig"}, {"name": "gitrpmgrill"}, {"name": "trust admins"}]}}}, {"karma": 1, "comment_id": 1906439, "bug_id": 1919391, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works here", "timestamp": "2021-02-25 14:58:01", "update_id": 283234, "user_id": 4160, "id": 1906439, "testcase_feedback": [], "user": {"name": "mheon", "email": "mheon@redhat.com", "id": 4160, "avatar": "https://seccdn.libravatar.org/avatar/4d72456c0f8486ad75135502a29ca4a4cfb8b8faa26ef14f372e8f408fc4824f?s=24&d=retro", "openid": "mheon.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 1887960, "bug_id": 1919391, "comment": {"karma": -1, "karma_critpath": 0, "text": "I'm experiencing regression https://bugzilla.redhat.com/show_bug.cgi?id=1928643.", "timestamp": "2021-02-15 17:05:18", "update_id": 283234, "user_id": 470, "id": 1887960, "testcase_feedback": [], "user": {"name": "adelton", "email": "jpx-fas@adelton.com", "id": 470, "avatar": "https://seccdn.libravatar.org/avatar/93c909e46fda202012da1b940fe9c66dc7496ff77f034d1e74f26aaa9ad59aef?s=24&d=retro", "openid": "adelton.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "cla_redhat"}, {"name": "gitmod_intercept_form_submit"}, {"name": "gitmod_authnz_pam"}, {"name": "gitwebauthinfra"}, {"name": "gitmod_lookup_identity"}]}}}, {"karma": 0, "comment_id": 1884472, "bug_id": 1919391, "comment": {"karma": 1, "karma_critpath": 0, "text": "verified to work and ran through the core-os testing CI.", "timestamp": "2021-02-12 19:39:56", "update_id": 283234, "user_id": 666, "id": 1884472, "testcase_feedback": [], "user": {"name": "baude", "email": "bbaude@redhat.com", "id": 666, "avatar": "https://seccdn.libravatar.org/avatar/8a610e630eb3cdc1910947684f7f5d2ffb62cdd4abff91c5d45dc5faf2bba1fb?s=24&d=retro", "openid": "baude.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "container-sig"}, {"name": "cla_ibm"}, {"name": "sysadmin-ppc"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 1901445, "bug_id": 1919391, "comment": {"karma": 1, "karma_critpath": 0, "text": "LGTM so far.", "timestamp": "2021-02-23 01:53:33", "update_id": 283234, "user_id": 4120, "id": 1901445, "testcase_feedback": [], "user": {"name": "atim", "email": "ego.cordatus@gmail.com", "id": 4120, "avatar": "https://seccdn.libravatar.org/avatar/8c3a317a13d88ca7421098b94cce0501c97ca2283e7139c4992df34f6218fb3b?s=24&d=retro", "openid": "atim.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "rust-sig"}]}}}, {"karma": 0, "comment_id": 1890586, "bug_id": 1919391, "comment": {"karma": 1, "karma_critpath": 0, "text": "wfm", "timestamp": "2021-02-17 01:05:49", "update_id": 283234, "user_id": 4555, "id": 1890586, "testcase_feedback": [], "user": {"name": "t3rm1n4l", "email": "stealthcipher@gmail.com", "id": 4555, "avatar": "https://seccdn.libravatar.org/avatar/cb6c19faf9628e1df86e8566dea353017cb4d032ca56ef353fdb860693df9fef?s=24&d=retro", "openid": "t3rm1n4l.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 1912949, "bug_id": 1919391, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2021-03-02 15:38:56", "update_id": 281524, "user_id": 5881, "id": 1912949, "testcase_feedback": [], "user": {"name": "geraldosimiao", "email": "geraldo.simiao.kutz@gmail.com", "id": 5881, "avatar": "https://seccdn.libravatar.org/avatar/03fa5b58e8ac78544bf41ad8ecf9ee1920f2ebedb86542c2f4cdf7ef15813168?s=24&d=retro", "openid": "geraldosimiao.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "fedora-br"}, {"name": "advocates"}, {"name": "respins-sig"}]}}}, {"karma": 0, "comment_id": 2021315, "bug_id": 1919391, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2021-05-10 01:46:50", "update_id": 282505, "user_id": 5881, "id": 2021315, "testcase_feedback": [], "user": {"name": "geraldosimiao", "email": "geraldo.simiao.kutz@gmail.com", "id": 5881, "avatar": "https://seccdn.libravatar.org/avatar/03fa5b58e8ac78544bf41ad8ecf9ee1920f2ebedb86542c2f4cdf7ef15813168?s=24&d=retro", "openid": "geraldosimiao.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "fedora-br"}, {"name": "advocates"}, {"name": "respins-sig"}]}}}]}, {"bug_id": 1926796, "title": "CVE-2021-20206 buildah: containernetworking-cni: Arbitrary path injection via type field in CNI configuration [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 1905703, "bug_id": 1926796, "comment": {"karma": 1, "karma_critpath": 0, "text": "verified to work and ran through the core-os testing CI.", "timestamp": "2021-02-24 22:32:10", "update_id": 283234, "user_id": 666, "id": 1905703, "testcase_feedback": [], "user": {"name": "baude", "email": "bbaude@redhat.com", "id": 666, "avatar": "https://seccdn.libravatar.org/avatar/8a610e630eb3cdc1910947684f7f5d2ffb62cdd4abff91c5d45dc5faf2bba1fb?s=24&d=retro", "openid": "baude.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "container-sig"}, {"name": "cla_ibm"}, {"name": "sysadmin-ppc"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 1905865, "bug_id": 1926796, "comment": {"karma": 1, "karma_critpath": 0, "text": "LGTM. Tested podman, buildah, skopeo. There's one persistent buildah failure, in combination-namespaces, but that's a [longstanding bug](https://github.com/containers/buildah/issues/2628)", "timestamp": "2021-02-25 02:32:55", "update_id": 283234, "user_id": 3407, "id": 1905865, "testcase_feedback": [], "user": {"name": "santiago", "email": "santiago@redhat.com", "id": 3407, "avatar": "https://seccdn.libravatar.org/avatar/ea76e06d92bea441997ae5b01983859fcee775de243c13c2efb1731b6f444328?s=24&d=retro", "openid": "santiago.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "container-sig"}, {"name": "gitrpmgrill"}, {"name": "trust admins"}]}}}, {"karma": 1, "comment_id": 1906439, "bug_id": 1926796, "comment": {"karma": 1, "karma_critpath": 0, "text": "Works here", "timestamp": "2021-02-25 14:58:01", "update_id": 283234, "user_id": 4160, "id": 1906439, "testcase_feedback": [], "user": {"name": "mheon", "email": "mheon@redhat.com", "id": 4160, "avatar": "https://seccdn.libravatar.org/avatar/4d72456c0f8486ad75135502a29ca4a4cfb8b8faa26ef14f372e8f408fc4824f?s=24&d=retro", "openid": "mheon.id.fedoraproject.org", "groups": [{"name": "packager"}]}}}, {"karma": 0, "comment_id": 1887960, "bug_id": 1926796, "comment": {"karma": -1, "karma_critpath": 0, "text": "I'm experiencing regression https://bugzilla.redhat.com/show_bug.cgi?id=1928643.", "timestamp": "2021-02-15 17:05:18", "update_id": 283234, "user_id": 470, "id": 1887960, "testcase_feedback": [], "user": {"name": "adelton", "email": "jpx-fas@adelton.com", "id": 470, "avatar": "https://seccdn.libravatar.org/avatar/93c909e46fda202012da1b940fe9c66dc7496ff77f034d1e74f26aaa9ad59aef?s=24&d=retro", "openid": "adelton.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "cla_redhat"}, {"name": "gitmod_intercept_form_submit"}, {"name": "gitmod_authnz_pam"}, {"name": "gitwebauthinfra"}, {"name": "gitmod_lookup_identity"}]}}}, {"karma": 0, "comment_id": 1884472, "bug_id": 1926796, "comment": {"karma": 1, "karma_critpath": 0, "text": "verified to work and ran through the core-os testing CI.", "timestamp": "2021-02-12 19:39:56", "update_id": 283234, "user_id": 666, "id": 1884472, "testcase_feedback": [], "user": {"name": "baude", "email": "bbaude@redhat.com", "id": 666, "avatar": "https://seccdn.libravatar.org/avatar/8a610e630eb3cdc1910947684f7f5d2ffb62cdd4abff91c5d45dc5faf2bba1fb?s=24&d=retro", "openid": "baude.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "container-sig"}, {"name": "cla_ibm"}, {"name": "sysadmin-ppc"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 1901445, "bug_id": 1926796, "comment": {"karma": 1, "karma_critpath": 0, "text": "LGTM so far.", "timestamp": "2021-02-23 01:53:33", "update_id": 283234, "user_id": 4120, "id": 1901445, "testcase_feedback": [], "user": {"name": "atim", "email": "ego.cordatus@gmail.com", "id": 4120, "avatar": "https://seccdn.libravatar.org/avatar/8c3a317a13d88ca7421098b94cce0501c97ca2283e7139c4992df34f6218fb3b?s=24&d=retro", "openid": "atim.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "rust-sig"}]}}}, {"karma": 0, "comment_id": 1890586, "bug_id": 1926796, "comment": {"karma": 1, "karma_critpath": 0, "text": "wfm", "timestamp": "2021-02-17 01:05:49", "update_id": 283234, "user_id": 4555, "id": 1890586, "testcase_feedback": [], "user": {"name": "t3rm1n4l", "email": "stealthcipher@gmail.com", "id": 4555, "avatar": "https://seccdn.libravatar.org/avatar/cb6c19faf9628e1df86e8566dea353017cb4d032ca56ef353fdb860693df9fef?s=24&d=retro", "openid": "t3rm1n4l.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 2021315, "bug_id": 1926796, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2021-05-10 01:46:50", "update_id": 282505, "user_id": 5881, "id": 2021315, "testcase_feedback": [], "user": {"name": "geraldosimiao", "email": "geraldo.simiao.kutz@gmail.com", "id": 5881, "avatar": "https://seccdn.libravatar.org/avatar/03fa5b58e8ac78544bf41ad8ecf9ee1920f2ebedb86542c2f4cdf7ef15813168?s=24&d=retro", "openid": "geraldosimiao.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "fedora-br"}, {"name": "advocates"}, {"name": "respins-sig"}]}}}]}], "updateid": "FEDORA-2021-9de636eb33", "karma": 0, "content_type": "rpm", "test_cases": []}, "can_edit": false, "ci_allowed": false}