Summary: | <app-containers/containerd-{1.4.8,1.5.4}: host permission mangling via malicious container (CVE-2021-32760) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | ajak, gyakovlev, williamh |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://github.com/containerd/containerd/security/advisories/GHSA-c72p-9xmj-rx3w | ||
Whiteboard: | B4 [glsa+] | ||
Package list: |
app-emulation/containerd-1.4.8
app-emulation/runc-1.0.0
|
Runtime testing required: | --- |
Description
John Helmert III
2021-07-19 23:42:11 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=3844230e77f39931083e7dfa33452666d6fd7452 commit 3844230e77f39931083e7dfa33452666d6fd7452 Author: Georgy Yakovlev <gyakovlev@gentoo.org> AuthorDate: 2021-07-20 02:41:18 +0000 Commit: Georgy Yakovlev <gyakovlev@gentoo.org> CommitDate: 2021-07-20 02:43:54 +0000 app-emulation/containerd: add 1.5.4 Bug: https://bugs.gentoo.org/802948 Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org> app-emulation/containerd/Manifest | 1 + app-emulation/containerd/containerd-1.5.4.ebuild | 84 ++++++++++++++++++++++++ 2 files changed, 85 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d7ca7f4aa67809d4817c384e744bc9653278b815 commit d7ca7f4aa67809d4817c384e744bc9653278b815 Author: Georgy Yakovlev <gyakovlev@gentoo.org> AuthorDate: 2021-07-20 02:06:38 +0000 Commit: Georgy Yakovlev <gyakovlev@gentoo.org> CommitDate: 2021-07-20 02:43:53 +0000 app-emulation/containerd: add 1.4.8 Bug: https://bugs.gentoo.org/802948 Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org> app-emulation/containerd/Manifest | 1 + app-emulation/containerd/containerd-1.4.8.ebuild | 84 ++++++++++++++++++++++++ 2 files changed, 85 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=71495d17b60621fe86d64ab649085e6f51fc597b commit 71495d17b60621fe86d64ab649085e6f51fc597b Author: Georgy Yakovlev <gyakovlev@gentoo.org> AuthorDate: 2021-07-20 02:04:57 +0000 Commit: Georgy Yakovlev <gyakovlev@gentoo.org> CommitDate: 2021-07-20 02:43:53 +0000 app-emulation/runc: add 1.0.0 Bug: https://bugs.gentoo.org/802948 Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org> app-emulation/runc/Manifest | 1 + app-emulation/runc/runc-1.0.0.ebuild | 78 ++++++++++++++++++++++++++++++++++++ 2 files changed, 79 insertions(+) Thanks! Please stabilize. Sanity check failed:
> app-emulation/containerd-1.4.8
> bdepend amd64 dev profile default/linux/amd64/17.0/x32 (2 total)
> ~app-emulation/runc-1.0.0
> bdepend amd64 stable profile default/linux/amd64/17.1 (43 total)
> ~app-emulation/runc-1.0.0
> rdepend amd64 dev profile default/linux/amd64/17.0/x32 (2 total)
> ~app-emulation/runc-1.0.0
> rdepend amd64 stable profile default/linux/amd64/17.1 (43 total)
> ~app-emulation/runc-1.0.0
All sanity-check issues have been resolved amd64 done arm64 done ppc64 done all arches done Please cleanup, thanks! The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=f4718c79bb481de1743dfbe88d8df78dc467e914 commit f4718c79bb481de1743dfbe88d8df78dc467e914 Author: Georgy Yakovlev <gyakovlev@gentoo.org> AuthorDate: 2021-07-26 21:24:27 +0000 Commit: Georgy Yakovlev <gyakovlev@gentoo.org> CommitDate: 2021-07-26 21:24:41 +0000 app-emulation/runc: drop 1.0.0_rc95 Bug: https://bugs.gentoo.org/802948 Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org> app-emulation/runc/Manifest | 1 - app-emulation/runc/runc-1.0.0_rc95.ebuild | 78 ------------------------------- 2 files changed, 79 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=682e0ab4966d624d99be7e9a954e476e950be926 commit 682e0ab4966d624d99be7e9a954e476e950be926 Author: Georgy Yakovlev <gyakovlev@gentoo.org> AuthorDate: 2021-07-26 21:24:13 +0000 Commit: Georgy Yakovlev <gyakovlev@gentoo.org> CommitDate: 2021-07-26 21:24:41 +0000 app-emulation/containerd: drop 1.4.6 Bug: https://bugs.gentoo.org/802948 Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org> app-emulation/containerd/Manifest | 1 - app-emulation/containerd/containerd-1.4.6.ebuild | 84 ------------------------ 2 files changed, 85 deletions(-) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=62af75d4a618ab35ca0d6d9ef057535f86f0ce0c commit 62af75d4a618ab35ca0d6d9ef057535f86f0ce0c Author: Georgy Yakovlev <gyakovlev@gentoo.org> AuthorDate: 2021-07-26 21:23:54 +0000 Commit: Georgy Yakovlev <gyakovlev@gentoo.org> CommitDate: 2021-07-26 21:24:40 +0000 app-emulation/containerd: drop 1.5.2 Bug: https://bugs.gentoo.org/802948 Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org> app-emulation/containerd/Manifest | 2 - app-emulation/containerd/containerd-1.5.2.ebuild | 82 ------------------------ 2 files changed, 84 deletions(-) cleanup done. security, please do your thing =) Unable to check for sanity:
> no match for package: app-emulation/containerd-1.4.8
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=f9feb611eaa9a3e053e61253ddab0e4d85b21cd9 commit f9feb611eaa9a3e053e61253ddab0e4d85b21cd9 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2024-01-31 12:30:06 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2024-01-31 12:31:16 +0000 [ GLSA 202401-31 ] containerd: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/802948 Bug: https://bugs.gentoo.org/816315 Bug: https://bugs.gentoo.org/834689 Bug: https://bugs.gentoo.org/835917 Bug: https://bugs.gentoo.org/850124 Bug: https://bugs.gentoo.org/884803 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202401-31.xml | 52 ++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 52 insertions(+) |