File _patchinfo of Package patchinfo.14521
<patchinfo incident="14521">
<issue tracker="bnc" id="1167850">L3: Podman Dependency Issue</issue>
<packager>rhafer</packager>
<rating>moderate</rating>
<category>recommended</category>
<summary>Recommended update for podman, slirp4netns</summary>
<description>This update for podman, slirp4netns fixes the following issues:
slirp4netns was updated to 0.4.4 (bsc#1167850):
* libslirp: Update to v4.2.0:
* New API function slirp_add_unix: add a forward rule to a Unix
socket.
* New API function slirp_remove_guestfwd: remove a forward rule
previously added by slirp_add_exec, slirp_add_unix or
slirp_add_guestfwd
* New SlirpConfig.outbound_addr{,6} fields to bind output
socket to a specific address
* socket: do not fallback on host loopback if get_dns_addr()
failed or the address is in slirp network
* ncsi: fix checksum OOB memory access
* tcp_emu(): fix OOB accesses
* tftp: restrict relative path access
* state: fix loading of guestfwd state
Update to 0.4.3:
* api: raise an error if the socket path is too long
* libslirp: update to v4.1.0: Including the fix for libslirp
sends RST to app in response to arriving FIN when containerized
socket is shutdown() with SHUT_WR
* Fix create_sandbox error
Update to 0.4.2:
* Do not propagate mounts to the parent ns in sandbox
Update to 0.4.1:
* Support specifying netns path (slirp4netns --netns-type=path PATH
TAPNAME)
* Support specifying --userns-path
* Vendor https://gitlab.freedesktop.org/slirp/libslirp (QEMU v4.1+)
* Bring up loopback device when --configure is specified
* Support sandboxing by creating a mount namespace
(--enable-sandbox)
* Support seccomp (--enable-seccomp)
- Add new build dependencies libcap-devel and libseccomp-devel
Update to 0.3.3:
* Fix use-after-free in libslirp
Update to 0.3.2:
* Fix heap overflow in `ip_reass` on big packet input
Update to 0.3.1:
* Fix use-after-free
Changes in podman:
- Fixed dependency on slirp4netns. We need at least 0.4.0 now (bsc#1167850)
</description>
</patchinfo>
