- Issued:
- 2019-08-06
- Updated:
- 2019-08-06
RHBA-2019:2389 - Bug Fix Advisory
Synopsis
docker, skopeo, runc, buildah, and other packages bug fix and enhancement update
Type/Severity
Bug Fix Advisory
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
Topic
Updated docker, skopeo, runc, buildah, containernetworking-plugins, oci-umount, and container-selinux packages that fix several bugs and add a number of enhancements are now available for Red Hat Enterprise Linux 7 Extras.
Description
Docker is an open-source engine that automates the deployment of any application as a lightweight, portable, self-sufficient container that runs virtually anywhere.
The skopeo command lets you inspect images from container image registries, get images and image layers, and use signatures to create and verify files.
The runc tool is a lightweight, portable implementation of the Open Container Format (OCF) that provides container runtime.
The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to:
- Create a working container, either from scratch or using an image as a starting point.
- Create an image, either from a working container or using the instructions in a Dockerfile.
- Build both Docker and OCI images.
The Container Network Interface (CNI) project consists of a specification and libraries for writing plug-ins for configuring network interfaces in Linux containers, along with a number of supported plug-ins. CNI concerns itself only with network connectivity of containers and removing allocated resources when the container is deleted.
The oci-umount package provides an OCI hook program that unmounts any file systems listed in /etc/oci-umount.conf file before starting a container. The goal of this tool is to help prevent container mount space leaking into other containers.
The container-selinux package provides SELinux policies for container runtimes.
Users of docker, skopeo, runc, buildah, containernetworking-plugins, oci-umount, and container-selinux are advised to upgrade to these updated packages, which fix several bugs and add a number of enhancements.
Solution
Before applying this update, make sure all previously released errata
relevant to your system have been applied.
For details on how to apply this update, refer to:
Affected Products
- Red Hat Enterprise Linux Server 7 x86_64
- Red Hat Enterprise Linux Workstation 7 x86_64
- Red Hat Enterprise Linux for IBM z Systems 7 s390x
- Red Hat Enterprise Linux for Power, little endian 7 ppc64le
Fixes
- BZ - 1693961 - Unable to install packages in non-root podman container
- BZ - 1719452 - rootless fail: container create failed: cannot specify gid= mount options for unmapped gid in rootless containers
CVEs
(none)
References
(none)
Red Hat Enterprise Linux Server 7
SRPM | |
---|---|
buildah-1.9.0-2.el7.src.rpm | SHA-256: 14d2fc66dd44a8544aafbc109dc6b134b4145740f28e55675485ce7d891f89fc |
container-selinux-2.107-3.el7.src.rpm | SHA-256: 0a91e232ce341e58b140351abb6a03af3e5e19f4d9117c78b28c17473d170902 |
containernetworking-plugins-0.8.1-2.el7.src.rpm | SHA-256: 1e5aeedd9234ca2f0a8d21d2bddfedb106036fa826a702c4eeea35db752f32ba |
docker-1.13.1-103.git7f2769b.el7.src.rpm | SHA-256: 2e8d3469058677fa9ad9f38e5b59c20f06c5829b5dce77edeb40cdea60bab2d4 |
oci-umount-2.5-3.el7.src.rpm | SHA-256: 7d3a92b0b396b71849c56f52d0143ff17e8d490b50e3b174608eb49ca62891b6 |
runc-1.0.0-65.rc8.el7.src.rpm | SHA-256: eeac6032a98fa0b0cf09fd7ab33c5e8c585752bc07d20d77d0fa5532eb70f784 |
skopeo-0.1.37-3.el7.src.rpm | SHA-256: 42a3597b5d4629ee0d27da211647c7b55311ddab03fb2c5793dcf4a5baba6eb8 |
x86_64 | |
buildah-1.9.0-2.el7.x86_64.rpm | SHA-256: 77e98d4e277d2ea967c5ae772c755aeca29a8075c3eae90652077dc44757b7f2 |
buildah-debuginfo-1.9.0-2.el7.x86_64.rpm | SHA-256: 118bc1c18a910735e24afee5500b803a1186dca97011d1fbbea31a958d5c5c84 |
container-selinux-2.107-3.el7.noarch.rpm | SHA-256: c34daf34f69463ce86b6bab6ee3e8443f10fe0053ec2a7f861c7e9262b4ce49b |
containernetworking-plugins-0.8.1-2.el7.x86_64.rpm | SHA-256: 76f2230f8d31724ebb62c0bf2377904ae3c03fdd9509d315c5a064038b06f7df |
containernetworking-plugins-debuginfo-0.8.1-2.el7.x86_64.rpm | SHA-256: 46f0ca02023dde8829060898d6da4565638586a524c869c5fa3c523c0cb1443f |
containers-common-0.1.37-3.el7.x86_64.rpm | SHA-256: 0d119e3f1897a82cc80c4b70fefc92b183a1f5b3e52133ad94922d81cc3af7c0 |
docker-1.13.1-103.git7f2769b.el7.x86_64.rpm | SHA-256: e3dba63a281a2c03bf8da4528dfa096083a0b8b1454a2c263385baff9567cb2c |
docker-client-1.13.1-103.git7f2769b.el7.x86_64.rpm | SHA-256: 5b9d0f2403cc3e549aab0f5a5015e2b7bb61671d25ebfcd18d455152a0b33db9 |
docker-common-1.13.1-103.git7f2769b.el7.x86_64.rpm | SHA-256: bfaebfe76e1b40ef89c56dc1c411083395813ddc22f3a9f78c4c81bc106ad5ef |
docker-debuginfo-1.13.1-103.git7f2769b.el7.x86_64.rpm | SHA-256: 726168498c625d3f2eed917fd62e062a653bed9dfd7681702155becd74048c95 |
docker-logrotate-1.13.1-103.git7f2769b.el7.x86_64.rpm | SHA-256: 96357d3042b88dc1e926bc57e1c5c8252d4a18116ef74fb41d7ec0691e57be49 |
docker-lvm-plugin-1.13.1-103.git7f2769b.el7.x86_64.rpm | SHA-256: 2aeae6357ba69deb2bdd516fa778ab03c5a706aad817fdd288d92100a9aff517 |
docker-novolume-plugin-1.13.1-103.git7f2769b.el7.x86_64.rpm | SHA-256: 97638a6ad75c5999073ba6e0bf9ce0798f7978cc2a829676dc0366a9477ef9ce |
docker-rhel-push-plugin-1.13.1-103.git7f2769b.el7.x86_64.rpm | SHA-256: fca0debb18cbc27fff97e1dee635fc9d5d6e9b362cf81f5c02bcd635e5fc5f0c |
docker-v1.10-migrator-1.13.1-103.git7f2769b.el7.x86_64.rpm | SHA-256: 43a7d341d32810e2d472758fd2091ec81fe58c372fdc972c51131f2a9b62a0ac |
oci-umount-2.5-3.el7.x86_64.rpm | SHA-256: 2d901eb1b48c54e9962a1146be694cdaee420a9bf3a800d5407c6a75959e9dd4 |
oci-umount-debuginfo-2.5-3.el7.x86_64.rpm | SHA-256: d6e6a2a8d4d9a21e4eb8ebd820ac84aea1049d2bcdb47447da86ac59a2739f01 |
runc-1.0.0-65.rc8.el7.x86_64.rpm | SHA-256: 0e12626483f065611996db7c0c7de447185d6bd3d6773e7e53b15fc693220d52 |
runc-debuginfo-1.0.0-65.rc8.el7.x86_64.rpm | SHA-256: 6bb1c60ea9bddd5212b6391340d67a749910709d46e1b3846e691eb5b2d84009 |
skopeo-0.1.37-3.el7.x86_64.rpm | SHA-256: 582bce7fc65fa9e2ad06d3bf93763b9ff1897fa37b90555bc144225dcdf19384 |
skopeo-debuginfo-0.1.37-3.el7.x86_64.rpm | SHA-256: b1c1828057a57109ae960605b2e2550e9c257f2f06d53267ce4e7fe21ac9e142 |
Red Hat Enterprise Linux Workstation 7
SRPM | |
---|---|
buildah-1.9.0-2.el7.src.rpm | SHA-256: 14d2fc66dd44a8544aafbc109dc6b134b4145740f28e55675485ce7d891f89fc |
container-selinux-2.107-3.el7.src.rpm | SHA-256: 0a91e232ce341e58b140351abb6a03af3e5e19f4d9117c78b28c17473d170902 |
containernetworking-plugins-0.8.1-2.el7.src.rpm | SHA-256: 1e5aeedd9234ca2f0a8d21d2bddfedb106036fa826a702c4eeea35db752f32ba |
runc-1.0.0-65.rc8.el7.src.rpm | SHA-256: eeac6032a98fa0b0cf09fd7ab33c5e8c585752bc07d20d77d0fa5532eb70f784 |
skopeo-0.1.37-3.el7.src.rpm | SHA-256: 42a3597b5d4629ee0d27da211647c7b55311ddab03fb2c5793dcf4a5baba6eb8 |
x86_64 | |
buildah-1.9.0-2.el7.x86_64.rpm | SHA-256: 77e98d4e277d2ea967c5ae772c755aeca29a8075c3eae90652077dc44757b7f2 |
buildah-debuginfo-1.9.0-2.el7.x86_64.rpm | SHA-256: 118bc1c18a910735e24afee5500b803a1186dca97011d1fbbea31a958d5c5c84 |
container-selinux-2.107-3.el7.noarch.rpm | SHA-256: c34daf34f69463ce86b6bab6ee3e8443f10fe0053ec2a7f861c7e9262b4ce49b |
containernetworking-plugins-0.8.1-2.el7.x86_64.rpm | SHA-256: 76f2230f8d31724ebb62c0bf2377904ae3c03fdd9509d315c5a064038b06f7df |
containernetworking-plugins-debuginfo-0.8.1-2.el7.x86_64.rpm | SHA-256: 46f0ca02023dde8829060898d6da4565638586a524c869c5fa3c523c0cb1443f |
containers-common-0.1.37-3.el7.x86_64.rpm | SHA-256: 0d119e3f1897a82cc80c4b70fefc92b183a1f5b3e52133ad94922d81cc3af7c0 |
runc-1.0.0-65.rc8.el7.x86_64.rpm | SHA-256: 0e12626483f065611996db7c0c7de447185d6bd3d6773e7e53b15fc693220d52 |
runc-debuginfo-1.0.0-65.rc8.el7.x86_64.rpm | SHA-256: 6bb1c60ea9bddd5212b6391340d67a749910709d46e1b3846e691eb5b2d84009 |
skopeo-0.1.37-3.el7.x86_64.rpm | SHA-256: 582bce7fc65fa9e2ad06d3bf93763b9ff1897fa37b90555bc144225dcdf19384 |
skopeo-debuginfo-0.1.37-3.el7.x86_64.rpm | SHA-256: b1c1828057a57109ae960605b2e2550e9c257f2f06d53267ce4e7fe21ac9e142 |
Red Hat Enterprise Linux for IBM z Systems 7
SRPM | |
---|---|
buildah-1.9.0-2.el7.src.rpm | SHA-256: 14d2fc66dd44a8544aafbc109dc6b134b4145740f28e55675485ce7d891f89fc |
container-selinux-2.107-3.el7.src.rpm | SHA-256: 0a91e232ce341e58b140351abb6a03af3e5e19f4d9117c78b28c17473d170902 |
containernetworking-plugins-0.8.1-2.el7.src.rpm | SHA-256: 1e5aeedd9234ca2f0a8d21d2bddfedb106036fa826a702c4eeea35db752f32ba |
docker-1.13.1-103.git7f2769b.el7.src.rpm | SHA-256: 2e8d3469058677fa9ad9f38e5b59c20f06c5829b5dce77edeb40cdea60bab2d4 |
oci-umount-2.5-3.el7.src.rpm | SHA-256: 7d3a92b0b396b71849c56f52d0143ff17e8d490b50e3b174608eb49ca62891b6 |
runc-1.0.0-65.rc8.el7.src.rpm | SHA-256: eeac6032a98fa0b0cf09fd7ab33c5e8c585752bc07d20d77d0fa5532eb70f784 |
skopeo-0.1.37-3.el7.src.rpm | SHA-256: 42a3597b5d4629ee0d27da211647c7b55311ddab03fb2c5793dcf4a5baba6eb8 |
s390x | |
buildah-1.9.0-2.el7.s390x.rpm | SHA-256: 4d85bc790000d1e1ace508e8145aec8802c4d8ab79e8cc5dd78748febb9c731f |
buildah-debuginfo-1.9.0-2.el7.s390x.rpm | SHA-256: 7a422a42e4acbe2933629b26865a80320014c9189b27a65db9122e283dfd1aee |
container-selinux-2.107-3.el7.noarch.rpm | SHA-256: c34daf34f69463ce86b6bab6ee3e8443f10fe0053ec2a7f861c7e9262b4ce49b |
containernetworking-plugins-0.8.1-2.el7.s390x.rpm | SHA-256: d90e7dfd8d4bf88b0ec9af5fac9d0b969ba1356811693d329ff621e35da042b4 |
containernetworking-plugins-debuginfo-0.8.1-2.el7.s390x.rpm | SHA-256: 5e2c1b2e78204e7b0cbd2df49cd8dc70f34d84e2141e6fe7a2d5db5d79bf2651 |
containers-common-0.1.37-3.el7.s390x.rpm | SHA-256: 4ba24332e40f276cb44732adbaf2d6e6d2f6bd696f3d385f24e6624f70669519 |
docker-1.13.1-103.git7f2769b.el7.s390x.rpm | SHA-256: 1a17269f11b134675f5d34b28315b21df581c12b6ba0ce05faf8343962f634d5 |
docker-client-1.13.1-103.git7f2769b.el7.s390x.rpm | SHA-256: 894320346452a434c056ed2cbb7f052336167da3097cfe565cbbbc639ef50f59 |
docker-common-1.13.1-103.git7f2769b.el7.s390x.rpm | SHA-256: e6bd17ade6a27c000fe77168395afb21f2d2f8a45d69cfbfbb4212a20ad3afbe |
docker-debuginfo-1.13.1-103.git7f2769b.el7.s390x.rpm | SHA-256: b08afd776c70a1691fe54640a684d0aa95ebe9622466c18c3d57c5bc63725a84 |
docker-logrotate-1.13.1-103.git7f2769b.el7.s390x.rpm | SHA-256: 338a88cff9699bf4ad0c3ac01eae7e8c751ce591bc69ddf3428e1a1389687ca9 |
docker-lvm-plugin-1.13.1-103.git7f2769b.el7.s390x.rpm | SHA-256: f0a70cc7381aa5f795fd2e9d5cd3c8b7ae58f37148b583ac94e17960ad7a97af |
docker-novolume-plugin-1.13.1-103.git7f2769b.el7.s390x.rpm | SHA-256: cec8395f835927ed4e52e387098f927e4a00160b4fdd05b8066901c01ebd6ea5 |
docker-rhel-push-plugin-1.13.1-103.git7f2769b.el7.s390x.rpm | SHA-256: a1d92f8ffb947696dcd82e257023cd786923ab47501d6fbe0de64f632d33a92b |
docker-v1.10-migrator-1.13.1-103.git7f2769b.el7.s390x.rpm | SHA-256: 6c286032e574a7330f74ede2d873d1d2235b331d0e3ca78f6700b796a1d7161a |
oci-umount-2.5-3.el7.s390x.rpm | SHA-256: 9afdd9730fab4a5a5d2fa4f62fcad976be332debb1051c099a0f8f1a5c83a2d1 |
oci-umount-debuginfo-2.5-3.el7.s390x.rpm | SHA-256: 1b587b89672cb00748e5768b4bd502cb3350bc380e7a23988fbe674d61054199 |
runc-1.0.0-65.rc8.el7.s390x.rpm | SHA-256: bb6dd5886c87033baeeaee64ea592e80ef071148b55ca5df4a24f394e232b25e |
runc-debuginfo-1.0.0-65.rc8.el7.s390x.rpm | SHA-256: eaf1f976896c4d52ebe824f49c71f5b82e07f98b53fa1fa06e0a2dcc90caf0b5 |
skopeo-0.1.37-3.el7.s390x.rpm | SHA-256: f3857ce497bb235eba879b4170cec1a7d04d2beea9e6cfcc9ae60d479c6cf154 |
skopeo-debuginfo-0.1.37-3.el7.s390x.rpm | SHA-256: 95830ab2234aa942f541c1d8723d5a7fc502136f218fce1f09a2239d9e1fc77b |
Red Hat Enterprise Linux for Power, little endian 7
SRPM | |
---|---|
buildah-1.9.0-2.el7.src.rpm | SHA-256: 14d2fc66dd44a8544aafbc109dc6b134b4145740f28e55675485ce7d891f89fc |
container-selinux-2.107-3.el7.src.rpm | SHA-256: 0a91e232ce341e58b140351abb6a03af3e5e19f4d9117c78b28c17473d170902 |
containernetworking-plugins-0.8.1-2.el7.src.rpm | SHA-256: 1e5aeedd9234ca2f0a8d21d2bddfedb106036fa826a702c4eeea35db752f32ba |
docker-1.13.1-103.git7f2769b.el7.src.rpm | SHA-256: 2e8d3469058677fa9ad9f38e5b59c20f06c5829b5dce77edeb40cdea60bab2d4 |
oci-umount-2.5-3.el7.src.rpm | SHA-256: 7d3a92b0b396b71849c56f52d0143ff17e8d490b50e3b174608eb49ca62891b6 |
runc-1.0.0-65.rc8.el7.src.rpm | SHA-256: eeac6032a98fa0b0cf09fd7ab33c5e8c585752bc07d20d77d0fa5532eb70f784 |
skopeo-0.1.37-3.el7.src.rpm | SHA-256: 42a3597b5d4629ee0d27da211647c7b55311ddab03fb2c5793dcf4a5baba6eb8 |
ppc64le | |
buildah-1.9.0-2.el7.ppc64le.rpm | SHA-256: 73434cc4cca2d5b2a81e9c82df8767635fc415ebf51c3ddc48269250e8fcd5fe |
buildah-debuginfo-1.9.0-2.el7.ppc64le.rpm | SHA-256: 0bf3279dcaeb77d434ce98a16be7eeebfc5ff29d8996fb74f692e5c382ef6d16 |
container-selinux-2.107-3.el7.noarch.rpm | SHA-256: c34daf34f69463ce86b6bab6ee3e8443f10fe0053ec2a7f861c7e9262b4ce49b |
containernetworking-plugins-0.8.1-2.el7.ppc64le.rpm | SHA-256: 0cfd45a665d15247e85f2be92a50d2f7c15928eb09d2bee1e96bad4b5365b41b |
containernetworking-plugins-debuginfo-0.8.1-2.el7.ppc64le.rpm | SHA-256: b545db33827fcb521e7448f121dc6062eb89013eb3341e71b6a9842179ff3353 |
containers-common-0.1.37-3.el7.ppc64le.rpm | SHA-256: 034427393a0e95c408f845f1deea31839625d7c190279e21eb0dec5165a8e5aa |
docker-1.13.1-103.git7f2769b.el7.ppc64le.rpm | SHA-256: cb57d79166af6284127053b944ab352e1c24a49ca7827cb13f4f5d01295a7387 |
docker-client-1.13.1-103.git7f2769b.el7.ppc64le.rpm | SHA-256: 646d13f0eff44a5ec906daedb319634cfea5e686a425d386a470ccb261f9c712 |
docker-common-1.13.1-103.git7f2769b.el7.ppc64le.rpm | SHA-256: 545fee7ccf8c25e7c7e38db0f8b6a016eba321f19fa438cc1ce1cbdc3bc2ea87 |
docker-debuginfo-1.13.1-103.git7f2769b.el7.ppc64le.rpm | SHA-256: fc393c2e87eddc73ccac10d6a5e4a83e6a1d0c83fd256a98063f4a0844911a75 |
docker-logrotate-1.13.1-103.git7f2769b.el7.ppc64le.rpm | SHA-256: fc02280454248926901bb86ca4b2d3955c269c4d97d73df15d9bca19b9122c2a |
docker-lvm-plugin-1.13.1-103.git7f2769b.el7.ppc64le.rpm | SHA-256: a3dd64fd6e714d0d85e8e0e36899b8ce20ac45a811f6a2fdd1d4e530025571b3 |
docker-novolume-plugin-1.13.1-103.git7f2769b.el7.ppc64le.rpm | SHA-256: 0561484226f4b0ab5b9a2366bb6f940c3d195d759db3b44aee77db1ddd63526a |
docker-rhel-push-plugin-1.13.1-103.git7f2769b.el7.ppc64le.rpm | SHA-256: 2755d46560829431fdaba4be9115499d0b790fee8abfd4266a199746626d2085 |
docker-v1.10-migrator-1.13.1-103.git7f2769b.el7.ppc64le.rpm | SHA-256: c110acef8ebc7f093b91078aea66d9bce359c4469b0e65e13aa8d94ae91dff69 |
oci-umount-2.5-3.el7.ppc64le.rpm | SHA-256: e46146d88e37e772857692ce7d48ef27fead354fc3c7411f50e82b926052bfef |
oci-umount-debuginfo-2.5-3.el7.ppc64le.rpm | SHA-256: 822a16cf95cf4c8fb2346f957324337d9e51ff293597aadf6c96fb8f59ea47b5 |
runc-1.0.0-65.rc8.el7.ppc64le.rpm | SHA-256: a7afc42207b6c03e0d0531b67b4b3c16d55867e085d9212e9fb99fdc3a513b25 |
runc-debuginfo-1.0.0-65.rc8.el7.ppc64le.rpm | SHA-256: df73ee3981aff5682f99ae4a120fcf00849b7742f8f539004c7a5c16a34badfb |
skopeo-0.1.37-3.el7.ppc64le.rpm | SHA-256: 5102362874c20a8a10da322cef8b213aa07be8b93ec01d83057c0f8130bd413e |
skopeo-debuginfo-0.1.37-3.el7.ppc64le.rpm | SHA-256: be32ebb8e56880c82bb5cc0d05bc82cd331223aa7cede434c6316a4ddd2dddde |
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.