• crun and runc both Provides: oci-runtime.
  • containers-common now has Requires: oci-runtime.
  • dnf install oci-runtime will install crun by default unless runc is already installed.

buildah: Security fix for CVE-2021-20291 Autobuilt v1.20.1

How to install

sudo dnf upgrade --advisory=FEDORA-2021-ec00da7faa

This update has been submitted for testing by lsm5.

4 months ago

This update's test gating status has been changed to 'ignored'.

4 months ago

This update's test gating status has been changed to 'waiting'.

4 months ago

lsm5 edited this update.

New build(s):

  • podman-3.1.1-2.fc33

Karma has been reset.

4 months ago

This update's test gating status has been changed to 'failed'.

4 months ago

This update has been pushed to testing.

4 months ago

This update's test gating status has been changed to 'passed'.

4 months ago

This update's test gating status has been changed to 'passed'.

4 months ago

lsm5 edited this update.

New build(s):

  • buildah-1.20.1-3.fc33

Karma has been reset.

4 months ago

This update has been submitted for testing by lsm5.

4 months ago

This update's test gating status has been changed to 'failed'.

4 months ago

This update has obsoleted buildah-1.20.1-2.fc33, and has inherited its bugs and notes.

4 months ago

lsm5 edited this update.

4 months ago

lsm5 edited this update.

New build(s):

  • containers-common-1-15.fc33

Removed build(s):

  • containers-common-1-11.fc33

Karma has been reset.

4 months ago

This update has been pushed to testing.

4 months ago

lsm5 edited this update.

New build(s):

  • runc-1.0.0-377.rc93.fc33

Removed build(s):

  • runc-1.0.0-376.dev.git12644e6.fc33

Karma has been reset.

4 months ago

This update has been submitted for testing by lsm5.

4 months ago

This update has been pushed to testing.

4 months ago

lsm5 edited this update.

New build(s):

  • buildah-1.20.1-4.fc33

Removed build(s):

  • buildah-1.20.1-3.fc33

Karma has been reset.

4 months ago

This update has been submitted for testing by lsm5.

4 months ago

lsm5 edited this update.

New build(s):

  • podman-3.1.2-1.fc33

Removed build(s):

  • podman-3.1.1-2.fc33

Karma has been reset.

4 months ago

lsm5 edited this update.

New build(s):

  • crun-0.19.1-2.fc33

Removed build(s):

  • crun-0.19-2.fc33

Karma has been reset.

4 months ago

This update has been pushed to testing.

4 months ago

This update's test gating status has been changed to 'passed'.

4 months ago

This update's test gating status has been changed to 'passed'.

4 months ago
User Icon santiago commented & provided feedback 4 months ago
karma

LGTM. A few test flakes, all of them related to apk. Probably a server outage somewhere.

User Icon faultline commented & provided feedback 4 months ago
karma

I'm having the same issue with this podman version like I have with every 3.1.* version: Rootless podman doesn't work at all anymore:

A simple command, like podman ps doesn't work - it uses plenty of CPU resources indefinitely and doesn't return a result :(

sudo podman ps works fine. There's no container running on the system.

After downgrading podman and podman-plugins back to 3.0.1 it works fine again.

Bodhi is disabling automatic push to stable due to negative karma. The maintainer may push manually if they determine that the issue is not severe.

4 months ago
User Icon dwalsh commented & provided feedback 4 months ago
karma

They are all working for me.

User Icon cevich commented & provided feedback 4 months ago

Hit some podman integration test failures with these. Mostly networking-related tests. Running against, and investigating.

User Icon cevich commented & provided feedback 4 months ago
karma

I was able to reproduce the same dnsname plugin failures on master w/o these package updates, therefore they must not be involved.

This update can be pushed to stable now if the maintainer wishes

4 months ago

This update has been submitted for stable by lsm5.

4 months ago

This update has been pushed to stable.

4 months ago

Please login to add feedback.

Metadata
Type
security
Severity
medium
Karma
2
Signed
Content Type
RPM
Test Gating
Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
4 months ago
in testing
4 months ago
in stable
4 months ago
modified
4 months ago
BZ#1939485 CVE-2021-20291 containers/storage: DoS via malicious image
0
0
BZ#1947288 CVE-2021-20291 buildah: containers/storage: DoS via malicious image [fedora-all]
0
0

Automated Test Results