Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.1.4.2020.3378.1
Kategorie:SuSE Local Security Checks
Titel:SUSE: Security Advisory (SUSE-SU-2020:3378-1)
Zusammenfassung:The remote host is missing an update for the 'podman' package(s) announced via the SUSE-SU-2020:3378-1 advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'podman' package(s) announced via the SUSE-SU-2020:3378-1 advisory.

Vulnerability Insight:
This update for podman fixes the following issues:

Security issue fixed:

This release resolves CVE-2020-14370, in which environment variables
could be leaked between containers created using the Varlink API
(bsc#1176804).

Non-security issues fixed:

add dependency to timezone package or podman fails to build a container
(bsc#1178122)

Install new auto-update system units

Update to v2.1.1 (bsc#1178392):
* Changes
- The `podman info` command now includes the cgroup manager Podman is
using.
* API
- The REST API now includes a Server header in all responses.
- Fixed a bug where the Libpod and Compat Attach endpoints could
terminate early, before sending all output from the container.
- Fixed a bug where the Compat Create endpoint for containers did not
properly handle the Interactive parameter.
- Fixed a bug where the Compat Kill endpoint for containers could
continue to run after a fatal error.
- Fixed a bug where the Limit parameter of the Compat List endpoint
for Containers did not properly handle a limit of 0 (returning
nothing, instead of all containers) [#7722].
- The Libpod Stats endpoint for containers is being deprecated and
will be replaced by a similar endpoint with additional features in a
future release.

Changes in v2.1.0
* Features
- A new command, `podman image mount`, has been added. This allows for
an image to be mounted, read-only, to inspect its contents without
creating a container from it [#1433].
- The `podman save` and `podman load` commands can now create and load
archives containing multiple images [#2669].
- Rootless Podman now supports all `podman network` commands, and
rootless containers can now be joined to networks.
- The performance of `podman build` on `ADD` and `COPY` instructions
has been greatly improved, especially when a `.dockerignore` is
present.
- The `podman run` and `podman create` commands now support a new mode
for the `--cgroups` option, `--cgroups=split`. Podman will create
two cgroups under the cgroup it was launched in, one for the
container and one for Conmon. This mode is useful for running Podman
in a systemd unit, as it ensures that all processes are retained in
systemd's cgroup hierarchy [#6400].
- The `podman run` and `podman create` commands can now specify
options to slirp4netns by using the `--network` option as follows:
`--net slirp4netns:opt1,opt2`. This allows for, among other things,
switching the port forwarder used by slirp4netns away from rootlessport.
- The `podman ps` command now features a new option, `--storage`, to
show containers from Buildah, CRI-O and other applications.
- The `podman run` and `podman create` commands now feature a
`--sdnotify` option to control the behavior of systemd's sdnotify
with containers, enabling improved support for Podman in
`Type=notify` units.
- The `podman run` command now features a `--preserve-fds`
opton to pass file ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'podman' package(s) on SUSE Enterprise Storage 7, SUSE Linux Enterprise Module for Containers 15-SP1, SUSE Linux Enterprise Module for Containers 15-SP2.

Solution:
Please install the updated package(s).

CVSS Score:
4.0

CVSS Vector:
AV:N/AC:L/Au:S/C:P/I:N/A:N

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2020-14370
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.