{"id":"ALSA-2020:4694","summary":"Moderate: container-tools:rhel8 security, bug fix, and enhancement update","details":"The container-tools module contains tools for working with containers, notably podman, buildah, skopeo, and runc.\n\nSecurity Fix(es):\n\n* containernetworking/plugins: IPv6 router advertisements allow for MitM attacks on IPv4 clusters (CVE-2020-10749)\n\n* QEMU: slirp: networking out-of-bounds read information disclosure vulnerability (CVE-2020-10756)\n\n* golang.org/x/text: possibility to trigger an infinite loop in encoding/unicode could lead to crash (CVE-2020-14040)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.","modified":"2026-01-30T01:43:06.605273Z","published":"2020-11-03T12:27:37Z","related":["CVE-2020-10749","CVE-2020-10756","CVE-2020-14040"],"references":[{"type":"ADVISORY","url":"https://errata.almalinux.org/8/ALSA-2020-4694.html"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2020-10749"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2020-10756"},{"type":"REPORT","url":"https://vulners.com/cve/CVE-2020-14040"}],"affected":[{"package":{"name":"libslirp","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/libslirp"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.3.1-1.module_el8.6.0+2876+9ed4eae2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2020:4694.json"}},{"package":{"name":"libslirp-devel","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/libslirp-devel"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"4.3.1-1.module_el8.6.0+2876+9ed4eae2"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2020:4694.json"}},{"package":{"name":"python-podman-api","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python-podman-api"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.2.0-0.2.gitd0a45fe.module_el8.5.0+2635+e4386a39"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2020:4694.json"}},{"package":{"name":"python-podman-api","ecosystem":"AlmaLinux:8","purl":"pkg:rpm/almalinux/python-podman-api"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"1.2.0-0.2.gitd0a45fe.module_el8.5.0+108+00865455"}]}],"database_specific":{"source":"https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux8/ALSA-2020:4694.json"}}],"schema_version":"1.7.3"}