Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2020:3378-1)
Summary:The remote host is missing an update for the 'podman' package(s) announced via the SUSE-SU-2020:3378-1 advisory.
The remote host is missing an update for the 'podman' package(s) announced via the SUSE-SU-2020:3378-1 advisory.

Vulnerability Insight:
This update for podman fixes the following issues:

Security issue fixed:

This release resolves CVE-2020-14370, in which environment variables
could be leaked between containers created using the Varlink API

Non-security issues fixed:

add dependency to timezone package or podman fails to build a container

Install new auto-update system units

Update to v2.1.1 (bsc#1178392):
* Changes
- The `podman info` command now includes the cgroup manager Podman is
- The REST API now includes a Server header in all responses.
- Fixed a bug where the Libpod and Compat Attach endpoints could
terminate early, before sending all output from the container.
- Fixed a bug where the Compat Create endpoint for containers did not
properly handle the Interactive parameter.
- Fixed a bug where the Compat Kill endpoint for containers could
continue to run after a fatal error.
- Fixed a bug where the Limit parameter of the Compat List endpoint
for Containers did not properly handle a limit of 0 (returning
nothing, instead of all containers) [#7722].
- The Libpod Stats endpoint for containers is being deprecated and
will be replaced by a similar endpoint with additional features in a
future release.

Changes in v2.1.0
* Features
- A new command, `podman image mount`, has been added. This allows for
an image to be mounted, read-only, to inspect its contents without
creating a container from it [#1433].
- The `podman save` and `podman load` commands can now create and load
archives containing multiple images [#2669].
- Rootless Podman now supports all `podman network` commands, and
rootless containers can now be joined to networks.
- The performance of `podman build` on `ADD` and `COPY` instructions
has been greatly improved, especially when a `.dockerignore` is
- The `podman run` and `podman create` commands now support a new mode
for the `--cgroups` option, `--cgroups=split`. Podman will create
two cgroups under the cgroup it was launched in, one for the
container and one for Conmon. This mode is useful for running Podman
in a systemd unit, as it ensures that all processes are retained in
systemd's cgroup hierarchy [#6400].
- The `podman run` and `podman create` commands can now specify
options to slirp4netns by using the `--network` option as follows:
`--net slirp4netns:opt1,opt2`. This allows for, among other things,
switching the port forwarder used by slirp4netns away from rootlessport.
- The `podman ps` command now features a new option, `--storage`, to
show containers from Buildah, CRI-O and other applications.
- The `podman run` and `podman create` commands now feature a
`--sdnotify` option to control the behavior of systemd's sdnotify
with containers, enabling improved support for Podman in
`Type=notify` units.
- The `podman run` command now features a `--preserve-fds`
opton to pass file desc... [Please see the references for more information on the vulnerabilities]

Affected Software/OS:
'podman' package(s) on SUSE Linux Enterprise Module for Containers 15-SP2, SUSE Linux Enterprise Module for Containers 15-SP1, SUSE Enterprise Storage 7

Please install the updated package(s).

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2020-14370
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.