- 发布:
- 2024-10-07
- 已更新:
- 2024-10-07
RHBA-2024:7754 - Bug Fix Advisory
概述
Updated rhel8/flatpak-runtime and rhel8/flatpak-sdk container images update
类型/严重性
Bug Fix Advisory
标题
Updated rhel8/flatpak-runtime and rhel8/flatpak-sdk container images are now available in the Red Hat container registry.
描述
Flatpak is a system for running graphical applications as containers. A Flatpak application has access to content from two container images - the application itself, and the runtime image. To build against a particular runtime image, a corresponding SDK image is used.
flatpak-runtime provides the runtime image and flatpak-sdk provides the SDK image.
解决方案
To install and use Red Hat Enterprise Linux Flatpak content available in the the Red Hat Container Catalog, make sure that you have the latest version of the Flatpak client installed on your system:
yum update flatpak
After updating the Flatpak packages, add the Flatpak remote to your system. This enables the Flatpak client and gnome-software to find RHEL Flatpak content available on the Red Hat Container Catalog:
flatpak remote-add rhel https://flatpaks.redhat.io/rhel.flatpakrepo
Provide the credentials for your Red Hat Enterprise Linux account:
podman login registry.redhat.io
Podman only saves credentials until the user logs out. To save your credentials permanently, run:
cp $XDG_RUNTIME_DIR/containers/auth.json $HOME/.config/flatpak/oci-auth.json
To enable the RHEL Flatpak remote for a set of workstations within an organization, you should use a Registry Service Account. Credentials can be installed system-wide at /etc/flatpak/oci-auth.json.
Then, you can install the runtime and the SDK:
flatpak install rhel com.redhat.Platform//el8
flatpak install rhel com.redhat.Sdk//el8
Generally, you do not need to install the runtime explicitly. It is installed along with an application that uses it.
If you have previously installed the runtime or SDK, you can update to the latest version by running:
flatpak update
The SDK is used by using flatpak-builder with a manifest that includes:
{
[...]
"runtime": "com.redhat.Platform",
"runtime-version": "el8",
"sdk": "com.redhat.Sdk",
}
For more information about the image, search the <image_name> in the Red Hat Ecosystem Catalog: https://catalog.redhat.com/software/containers/search.
受影响的产品
- Red Hat Enterprise Linux for x86_64 8 x86_64
- Red Hat Enterprise Linux for IBM z Systems 8 s390x
- Red Hat Enterprise Linux for Power, little endian 8 ppc64le
- Red Hat Enterprise Linux for ARM 64 8 aarch64
修复
- BZ - 2280296 - CVE-2024-30203 emacs: Gnus treats inline MIME contents as trusted
- BZ - 2280298 - CVE-2024-30205 emacs: Org mode considers contents of remote files to be trusted
- BZ - 2292921 - CVE-2024-4032 python: incorrect IPv4 and IPv6 private ranges
- BZ - 2293942 - CVE-2024-39331 emacs: org-link-expand-abbrev: Do not evaluate arbitrary unsafe Elisp code
- BZ - 2302255 - CVE-2024-6923 cpython: python: email module doesn't properly quotes newlines in email headers, allowing header injection
- BZ - 2308615 - CVE-2024-45490 libexpat: Negative Length Parsing Vulnerability in libexpat
- BZ - 2308616 - CVE-2024-45491 libexpat: Integer Overflow or Wraparound
- BZ - 2308617 - CVE-2024-45492 libexpat: integer overflow
- BZ - 2309426 - CVE-2024-6232 python: cpython: tarfile: ReDos via excessive backtracking while parsing header values
- RHEL-48605 - Fedora 40+ mock cannot bootstrap RHEL 8 chroots: nothing provides /usr/libexec/platform-python needed by python3-dnf
CVE
- CVE-2021-46984
- CVE-2021-47097
- CVE-2021-47101
- CVE-2021-47287
- CVE-2021-47289
- CVE-2021-47321
- CVE-2021-47338
- CVE-2021-47352
- CVE-2021-47383
- CVE-2021-47384
- CVE-2021-47385
- CVE-2021-47386
- CVE-2021-47393
- CVE-2021-47412
- CVE-2021-47432
- CVE-2021-47441
- CVE-2021-47455
- CVE-2021-47466
- CVE-2021-47497
- CVE-2021-47527
- CVE-2021-47560
- CVE-2021-47582
- CVE-2021-47609
- CVE-2022-48619
- CVE-2022-48754
- CVE-2022-48760
- CVE-2022-48804
- CVE-2022-48836
- CVE-2022-48866
- CVE-2023-6040
- CVE-2023-52470
- CVE-2023-52476
- CVE-2023-52478
- CVE-2023-52522
- CVE-2023-52605
- CVE-2023-52683
- CVE-2023-52798
- CVE-2023-52800
- CVE-2023-52809
- CVE-2023-52817
- CVE-2023-52840
- CVE-2024-4032
- CVE-2024-5742
- CVE-2024-6232
- CVE-2024-6655
- CVE-2024-6923
- CVE-2024-8088
- CVE-2024-23848
- CVE-2024-26595
- CVE-2024-26600
- CVE-2024-26638
- CVE-2024-26645
- CVE-2024-26649
- CVE-2024-26665
- CVE-2024-26717
- CVE-2024-26720
- CVE-2024-26769
- CVE-2024-26846
- CVE-2024-26855
- CVE-2024-26880
- CVE-2024-26894
- CVE-2024-26923
- CVE-2024-26939
- CVE-2024-27013
- CVE-2024-27042
- CVE-2024-30203
- CVE-2024-30205
- CVE-2024-35809
- CVE-2024-35877
- CVE-2024-35884
- CVE-2024-35944
- CVE-2024-35989
- CVE-2024-36883
- CVE-2024-36901
- CVE-2024-36902
- CVE-2024-36919
- CVE-2024-36920
- CVE-2024-36922
- CVE-2024-36939
- CVE-2024-36953
- CVE-2024-37356
- CVE-2024-38558
- CVE-2024-38559
- CVE-2024-38570
- CVE-2024-38579
- CVE-2024-38581
- CVE-2024-38619
- CVE-2024-39331
- CVE-2024-39471
- CVE-2024-39499
- CVE-2024-39501
- CVE-2024-39506
- CVE-2024-40901
- CVE-2024-40904
- CVE-2024-40911
- CVE-2024-40912
- CVE-2024-40929
- CVE-2024-40931
- CVE-2024-40941
- CVE-2024-40954
- CVE-2024-40958
- CVE-2024-40959
- CVE-2024-40960
- CVE-2024-40972
- CVE-2024-40977
- CVE-2024-40978
- CVE-2024-40988
- CVE-2024-40989
- CVE-2024-40995
- CVE-2024-40997
- CVE-2024-40998
- CVE-2024-41005
- CVE-2024-41007
- CVE-2024-41008
- CVE-2024-41012
- CVE-2024-41013
- CVE-2024-41014
- CVE-2024-41023
- CVE-2024-41035
- CVE-2024-41038
- CVE-2024-41039
- CVE-2024-41040
- CVE-2024-41041
- CVE-2024-41044
- CVE-2024-41055
- CVE-2024-41056
- CVE-2024-41060
- CVE-2024-41064
- CVE-2024-41065
- CVE-2024-41071
- CVE-2024-41076
- CVE-2024-41090
- CVE-2024-41091
- CVE-2024-41097
- CVE-2024-42084
- CVE-2024-42090
- CVE-2024-42094
- CVE-2024-42096
- CVE-2024-42114
- CVE-2024-42124
- CVE-2024-42131
- CVE-2024-42152
- CVE-2024-42154
- CVE-2024-42225
- CVE-2024-42226
- CVE-2024-42228
- CVE-2024-42237
- CVE-2024-42238
- CVE-2024-42240
- CVE-2024-42246
- CVE-2024-42265
- CVE-2024-42322
- CVE-2024-43830
- CVE-2024-43871
- CVE-2024-45490
- CVE-2024-45491
- CVE-2024-45492
x86_64
rhel8/flatpak-runtime@sha256:17a112da9bc3f2144590ff92cf9b0ff41880856b83e632c643097cc3b4054f74 |
rhel8/flatpak-sdk@sha256:fe063766963faa6b0741d0bd063695d4df4cd16c9779638e7e3cf5424962aa5d |
Red Hat 安全团队联络方式为 secalert@redhat.com。 更多联络细节请参考 https://access.redhat.com/security/team/contact/。