You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa crun

Sigurnosni nedostatak programskog paketa crun

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LFE

Fedora Update Notification
2020-10-06 00:14:55.971279

Name : crun
Product : Fedora 33
Version : 0.15
Release : 5.fc33
Summary : OCI runtime written in C
Description :
crun is a runtime for running OCI containers

Update Information:

autobuilt v2.1.0, Security fix for CVE-2020-14370 —- correct release tag
on account of prior faulty build_tag macro —- Add back in capability
SYS_CHROOT. —- Remove fchmodat2 from seccomp filters, since it is not in
upstream kernel yet. —- Remove dangerous capabilities by default. —-
Autobuilt v1.1.1

* Wed Sep 30 2020 Lokesh Mandvekar <> – 0.15-5
– rebuild to bump release tag ahead of older fedoras
* Wed Sep 30 2020 Giuseppe Scrivano <> – 0.15-4
– backport “exec: check read bytes from sync”

[ 1 ] Bug #1874268 – CVE-2020-14370 podman: environment variables leak between containers when started via Varlink or Docker-compatible REST API

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2020-7b6058fec9’ at the command
line. For more information, refer to the dnf documentation available at

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
package-announce mailing list —
To unsubscribe send an email to
Fedora Code of Conduct:
List Guidelines:
List Archives:

AutorToni Vugdelija
Cert idNCERT-REF-2020-10-0001-ADV
More in Preporuke
Sigurnosni nedostatak programske biblioteke libproxy

Otkriven je sigurnosni nedostatak programske biblioteke libproxy za operacijski sustav Fedora. Otkriveni nedostatak potencijalnim napadačima omogućuje izazivanje DoS stanja. Savjetuje...