UbuntuUpdates.org

Package "libpod"

Name: libpod

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • engine to run OCI-based containers in Pods
  • engine to run OCI-based containers in Pods - wrapper for docker
Latest version: 3.4.4+ds1-1ubuntu1.22.04.2
Release: jammy (22.04)
Level: updates
Repository: universe

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "libpod" in Jammy

Repository Area Version
base universe 3.4.4+ds1-1ubuntu1
security universe 3.4.4+ds1-1ubuntu1.22.04.2

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 3.4.4+ds1-1ubuntu1.22.04.2 2023-08-16 20:06:56 UTC

  libpod (3.4.4+ds1-1ubuntu1.22.04.2) jammy-security; urgency=medium

  * SECURITY UPDATE: Incorrect handling of the supplementary groups
    - debian/patches/CVE-2022-2989.patch: Add container GID to additional groups
      in libpod/container_internal_linux.go, pkg/specgen/namespaces.go,
      test/e2e/run_test.go.
    - CVE-2022-2989

 -- Leonidas Da Silva Barbosa <email address hidden> Tue, 15 Aug 2023 12:08:54 -0300
Source diff to previous version
CVE-2022-2989 An incorrect handling of the supplementary groups in the Podman container engine might lead to the sensitive information disclosure or possible data

Version: 3.4.4+ds1-1ubuntu1.22.04.1 2023-06-19 13:07:00 UTC

  libpod (3.4.4+ds1-1ubuntu1.22.04.1) jammy-security; urgency=medium

  * Add d/p/lp-2007972-play-kube-don-t-force-pull-infra-image.patch
    to prevent play kube from unwanted force-pull of infra image
    and with that unwanted (untrusted) k8s pause (LP: #2007972).

 -- Frank Heimes <email address hidden> Wed, 22 Feb 2023 10:46:22 +0100
2007972 [UBUNTU 22.04] Podman play kube: brings in unwanted (untrusted) k8s pause


About   -   Send Feedback to @ubuntu_updates