Búsqueda de    
Vulnerabilidad   
    Buscar 211766 Descripciones CVE y
97459 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.1.4.2020.3423.1
Categoría:SuSE Local Security Checks
Título:SUSE: Security Advisory (SUSE-SU-2020:3423-1)
Resumen:The remote host is missing an update for the 'buildah' package(s) announced via the SUSE-SU-2020:3423-1 advisory.
Descripción:Summary:
The remote host is missing an update for the 'buildah' package(s) announced via the SUSE-SU-2020:3423-1 advisory.

Vulnerability Insight:
This update for buildah fixes the following issues:

buildah was updated to v1.17.0 (bsc#1165184):

Handle cases where other tools mount/unmount containers

overlay.MountReadOnly: support RO overlay mounts

overlay: use fusermount for rootless umounts

overlay: fix umount

Switch default log level of Buildah to Warn. Users need to see these
messages

Drop error messages about OCI/Docker format to Warning level

build(deps): bump github.com/containers/common from 0.26.0 to 0.26.2

tests/testreport: adjust for API break in storage v1.23.6

build(deps): bump github.com/containers/storage from 1.23.5 to 1.23.7

build(deps): bump github.com/fsouza/go-dockerclient from 1.6.5 to 1.6.6

copier: put: ignore Typeflag='g'

Use curl to get repo file (fix #2714)

build(deps): bump github.com/containers/common from 0.25.0 to 0.26.0

build(deps): bump github.com/spf13/cobra from 1.0.0 to 1.1.1

Remove docs that refer to bors, since we're not using it

Buildah bud should not use stdin by default

bump containerd, docker, and golang.org/x/sys

Makefile: cross: remove windows.386 target

copier.copierHandlerPut: don't check length when there are errors

Stop excessive wrapping

CI: require that conformance tests pass

bump(github.com/openshift/imagebuilder) to v1.1.8

Skip tlsVerify insecure BUILD_REGISTRY_SOURCES

Fix build path wrong containers/podman#7993

refactor pullpolicy to avoid deps

build(deps): bump github.com/containers/common from 0.24.0 to 0.25.0

CI: run gating tasks with a lot more memory

ADD and COPY: descend into excluded directories, sometimes

copier: add more context to a couple of error messages

copier: check an error earlier

copier: log stderr output as debug on success

Update nix pin with make nixpkgs

Set directory ownership when copied with ID mapping

build(deps): bump github.com/sirupsen/logrus from 1.6.0 to 1.7.0

build(deps): bump github.com/containers/common from 0.23.0 to 0.24.0

Cirrus: Remove bors artifacts

Sort build flag definitions alphabetically

ADD: only expand archives at the right time

Remove configuration for bors

Shell Completion for podman build flags

Bump c/common to v0.24.0

New CI check: xref --help vs man pages

CI: re-enable several linters

Move --userns-uid-map/--userns-gid-map description into buildah man page

add: preserve ownerships and permissions on ADDed archives

Makefile: tweak the cross-compile target

Bump containers/common to v0.23.0

chroot: create bind mount targets 0755 instead of 0700

Change call to Split() to safer SplitN()

chroot: fix handling of errno seccomp rules

build(deps): bump github.com/containers/image/v5 from 5.5.2 to 5.6.0

Add In Progress section to contributing

integration tests: make sure tests run in ${topdir}/tests

Run(): ignore containers.conf's environment configuration

Warn when setting healthcheck in OCI format

Cirrus: Skip git-validate on branches

tools: update git-validation to the ... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'buildah' package(s) on SUSE Linux Enterprise Module for Containers 15-SP2, SUSE Linux Enterprise Module for Containers 15-SP1

Solution:
Please install the updated package(s).

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2019-10214
Common Vulnerability Exposure (CVE) ID: CVE-2020-10696
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

Esta es sólo una de 97459 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.




© 1998-2021 E-Soft Inc. Todos los derechos reservados.