Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 836609 (CVE-2022-27649) - <app-containers/podman-4.0.3: containers inherit excess capabilities
Summary: <app-containers/podman-4.0.3: containers inherit excess capabilities
Status: RESOLVED FIXED
Alias: CVE-2022-27649
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://github.com/containers/podman/...
Whiteboard: B4 [noglsa]
Keywords:
Depends on: 836675
Blocks:
  Show dependency tree
 
Reported: 2022-04-01 18:10 UTC by John Helmert III
Modified: 2022-04-11 02:19 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-04-01 18:10:59 UTC 
From URL,

"This release fixes CVE-2022-27649, where containers run by Podman would have excess inheritable capabilities set."

Please bump to 4.0.3.
Comment 1 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-04-09 23:38:50 UTC 
Please cleanup
Comment 2 Larry the Git Cow gentoo-dev 2022-04-10 17:09:00 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ba22331b31470b29482e3d202466c7682c8bb307

commit ba22331b31470b29482e3d202466c7682c8bb307
Author:     Zac Medico <zmedico@gentoo.org>
AuthorDate: 2022-04-10 17:07:54 +0000
Commit:     Zac Medico <zmedico@gentoo.org>
CommitDate: 2022-04-10 17:08:56 +0000

    app-containers/podman: drop vulnerable version
    
    Bug: https://bugs.gentoo.org/836609
    Signed-off-by: Zac Medico <zmedico@gentoo.org>

 app-containers/podman/Manifest            |   2 -
 app-containers/podman/podman-3.4.4.ebuild | 165 ------------------------------
 app-containers/podman/podman-4.0.2.ebuild | 163 -----------------------------
 3 files changed, 330 deletions(-)
Comment 3 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-04-11 02:19:31 UTC 
Thanks! Low impact, no GLSA. All done!