Summary: | <app-emulation/podman-3.0.1: insufficient network isolation between pods (CVE-2021-20199) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | trivial | CC: | zmedico |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/containers/podman/pull/9052 | ||
Whiteboard: | ~4 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
John Helmert III
2021-02-03 22:36:55 UTC
There is https://github.com/containers/podman/pull/9221 which seems to be the backport to 2.2.1, but then again 3.0.0 was just released. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=a18840200a21a31f189ca330a3061791c0ed53c2 commit a18840200a21a31f189ca330a3061791c0ed53c2 Author: Zac Medico <zmedico@gentoo.org> AuthorDate: 2021-02-25 21:45:15 +0000 Commit: Zac Medico <zmedico@gentoo.org> CommitDate: 2021-02-25 22:09:29 +0000 app-emulation/podman: Bump to version 3.0.1 Bug: https://bugs.gentoo.org/768597 Closes: https://bugs.gentoo.org/770505 Package-Manager: Portage-3.0.15, Repoman-3.0.2 Signed-off-by: Zac Medico <zmedico@gentoo.org> app-emulation/podman/Manifest | 1 + app-emulation/podman/podman-3.0.1.ebuild | 165 +++++++++++++++++++++++++++++++ 2 files changed, 166 insertions(+) Please cleanup. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d9f0cfadb9f345905a350a9389c1f0034ff22754 commit d9f0cfadb9f345905a350a9389c1f0034ff22754 Author: Zac Medico <zmedico@gentoo.org> AuthorDate: 2021-02-26 00:26:27 +0000 Commit: Zac Medico <zmedico@gentoo.org> CommitDate: 2021-02-26 00:26:51 +0000 app-emulation/podman: Remove vulnerable version 2.2.1 Bug: https://bugs.gentoo.org/768597 Package-Manager: Portage-3.0.15, Repoman-3.0.2 Signed-off-by: Zac Medico <zmedico@gentoo.org> app-emulation/podman/Manifest | 1 - app-emulation/podman/podman-2.2.1.ebuild | 161 ------------------------------- 2 files changed, 162 deletions(-) Thank you! No GLSA, closing. |