Endpoint Vulnerability

RHSA-2020:4694: container-tools:rhel8 security, bug fix, and enhancement update (Moderate)

Description

The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc. Security Fix(es): * containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters (CVE-2020-10749) * QEMU: slirp: networking out-of-bounds read information disclosure vulnerability (CVE-2020-10756) * golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Additional Changes: For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.

Affected Products

container-tools