{"update": {"autokarma": true, "autotime": true, "stable_karma": 3, "stable_days": 7, "unstable_karma": -3, "require_bugs": true, "require_testcases": true, "display_name": "", "notes": "- Update moby-engine to 24.0.5\n- Security fix for CVE-2021-41803\n- Security fix for CVE-2023-28842\n- Security fix for CVE-2023-28841\n- Security fix for CVE-2023-28840\n- Security fix for CVE-2023-0845\n- Security fix for CVE-2023-26054\n- Security fix for CVE-2022-3064\n- Security fix for CVE-2022-40716\n- Security fix for CVE-2023-25173\n\n----\n\nUpdate moby-engine to 23.0.4\n", "type": "security", "status": "stable", "request": null, "severity": "medium", "suggest": "unspecified", "locked": false, "pushed": true, "critpath": false, "critpath_groups": "", "close_bugs": true, "date_submitted": "2023-08-27 18:29:36", "date_modified": null, "date_approved": "2023-08-29 12:02:15", "date_testing": "2023-08-28 00:41:09", "date_stable": "2023-08-30 01:35:03", "alias": "FEDORA-2023-9f5f1ef40a", "test_gating_status": "ignored", "from_tag": null, "date_pushed": "2023-08-30 01:35:03", "meets_testing_requirements": true, "url": "https://bodhi.stg.fedoraproject.org/updates/FEDORA-2023-9f5f1ef40a", "title": "moby-engine-24.0.5-1.fc38", "version_hash": "54e634a371b0170be8eaf87357a116c29067ee73", "release": {"name": "F38", "long_name": "Fedora 38", "version": "38", "id_prefix": "FEDORA", "branch": "f38", "dist_tag": "f38", "stable_tag": "f38-updates", "testing_tag": "f38-updates-testing", "candidate_tag": "f38-updates-candidate", "pending_signing_tag": "f38-signing-pending", "pending_testing_tag": "f38-updates-testing-pending", "pending_stable_tag": "f38-updates-pending", "override_tag": "f38-override", "mail_template": "fedora_errata_template", "state": "archived", "composed_by_bodhi": true, "create_automatic_updates": false, "package_manager": "dnf", "testing_repository": "updates-testing", "released_on": null, "eol": "2024-05-21", "critpath_mandatory_days_in_testing": 14, "mandatory_days_in_testing": 7, "critpath_min_karma": 2, "min_karma": 1, "setting_status": null}, "user": {"name": "sergiomb", "email": "sergio@serjux.com", "id": 271, "avatar": "https://seccdn.libravatar.org/avatar/cb1e1c02b91fca7534374ad3e77409014e4c30c6de47356f36099793f08cc1de?s=24&d=retro", "openid": "sergiomb.id.stg.fedoraproject.org", "groups": [{"name": "nodejs-sig"}, {"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "clamav"}, {"name": "multimedia-sig"}, {"name": "trust admins"}]}, "comments": [{"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by sergiomb. ", "timestamp": "2023-08-27 18:29:36", "update_id": 541877, "user_id": 91, "id": 3174158, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'ignored'.", "timestamp": "2023-08-27 18:29:37", "update_id": 541877, "user_id": 91, "id": 3174159, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has obsoleted [moby-engine-23.0.4-1.fc38](https://bodhi.fedoraproject.org/updates/FEDORA-2023-f0bb213148), and has inherited its bugs and notes.", "timestamp": "2023-08-27 18:29:37", "update_id": 541877, "user_id": 91, "id": 3174161, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-27 19:04:37", "update_id": 541877, "user_id": 3703, "id": 3174171, "bug_feedback": [{"karma": 0, "comment_id": 3174171, "bug_id": 2156860, "bug": {"bug_id": 2156860, "title": "CVE-2022-40716 consul: Consul Service Mesh Intention Bypass with Malicious Certificate Signing Request", "security": true, "parent": true}}, {"karma": 0, "comment_id": 3174171, "bug_id": 2156864, "bug": {"bug_id": 2156864, "title": "CVE-2022-40716 moby-engine: consul: Consul Service Mesh Intention Bypass with Malicious Certificate Signing Request [fedora-37]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 3174171, "bug_id": 2163037, "bug": {"bug_id": 2163037, "title": "CVE-2022-3064 go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents", "security": true, "parent": true}}, {"karma": 0, "comment_id": 3174171, "bug_id": 2163550, "bug": {"bug_id": 2163550, "title": "CVE-2022-3064 moby-engine: go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 3174171, "bug_id": 2174485, "bug": {"bug_id": 2174485, "title": "CVE-2023-25173 containerd: Supplementary groups are not set up properly", "security": true, "parent": true}}, {"karma": 0, "comment_id": 3174171, "bug_id": 2174544, "bug": {"bug_id": 2174544, "title": "moby-engine: containerd: Supplementary groups are not set up properly [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 3174171, "bug_id": 2176447, "bug": {"bug_id": 2176447, "title": "CVE-2023-26054 buildkit: Data disclosure in provenance attestation describing a build", "security": true, "parent": true}}, {"karma": 0, "comment_id": 3174171, "bug_id": 2176448, "bug": {"bug_id": 2176448, "title": "CVE-2023-26054 moby-engine: buildkit: Data disclosure in provenance attestation describing a build [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 3174171, "bug_id": 2177595, "bug": {"bug_id": 2177595, "title": "CVE-2023-0845 hashicorp/consul: Consul Server Panic when Ingress and API Gateways Configured with Peering Connections", "security": true, "parent": true}}, {"karma": 0, "comment_id": 3174171, "bug_id": 2177596, "bug": {"bug_id": 2177596, "title": "CVE-2023-0845 moby-engine: hashicorp/consul: Consul Server Panic when Ingress and API Gateways Configured with Peering Connections [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 3174171, "bug_id": 2184683, "bug": {"bug_id": 2184683, "title": "CVE-2023-28840 moby: Encrypted overlay network may be unauthenticated", "security": true, "parent": true}}, {"karma": 0, "comment_id": 3174171, "bug_id": 2184684, "bug": {"bug_id": 2184684, "title": "CVE-2023-28840 moby-engine: moby: Encrypted overlay network may be unauthenticated [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 3174171, "bug_id": 2184685, "bug": {"bug_id": 2184685, "title": "CVE-2023-28841 moby: Encrypted overlay network traffic may be unencrypted", "security": true, "parent": true}}, {"karma": 0, "comment_id": 3174171, "bug_id": 2184686, "bug": {"bug_id": 2184686, "title": "CVE-2023-28841 moby-engine: moby: Encrypted overlay network traffic may be unencrypted [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 3174171, "bug_id": 2184688, "bug": {"bug_id": 2184688, "title": "CVE-2023-28842 moby: Encrypted overlay network with a single endpoint is unauthenticated", "security": true, "parent": true}}, {"karma": 0, "comment_id": 3174171, "bug_id": 2184689, "bug": {"bug_id": 2184689, "title": "CVE-2023-28842 moby-engine: moby: Encrypted overlay network with a single endpoint is unauthenticated [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 3174171, "bug_id": 2189788, "bug": {"bug_id": 2189788, "title": "CVE-2021-41803 consul: Consul Auto-Config JWT Authorization Missing Input Validation", "security": true, "parent": true}}, {"karma": 0, "comment_id": 3174171, "bug_id": 2189789, "bug": {"bug_id": 2189789, "title": "CVE-2021-41803 moby-engine: consul: Consul Auto-Config JWT Authorization Missing Input Validation [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 3174171, "bug_id": 2190033, "bug": {"bug_id": 2190033, "title": "moby-engine-24.0.5 is available", "security": false, "parent": false}}], "testcase_feedback": [], "user": {"name": "markec", "email": "marko.bevc@gmail.com", "id": 3703, "avatar": "https://seccdn.libravatar.org/avatar/2a3640b3b2df97a062aff29758dd6a2ce98adba2cdd4da3fceb85df19b25200c?s=24&d=retro", "openid": "markec.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2023-08-28 00:42:20", "update_id": 541877, "user_id": 91, "id": 3174352, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 10:13:16", "update_id": 541877, "user_id": 7484, "id": 3175847, "bug_feedback": [{"karma": 0, "comment_id": 3175847, "bug_id": 2177595, "bug": {"bug_id": 2177595, "title": "CVE-2023-0845 hashicorp/consul: Consul Server Panic when Ingress and API Gateways Configured with Peering Connections", "security": true, "parent": true}}, {"karma": 0, "comment_id": 3175847, "bug_id": 2177596, "bug": {"bug_id": 2177596, "title": "CVE-2023-0845 moby-engine: hashicorp/consul: Consul Server Panic when Ingress and API Gateways Configured with Peering Connections [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 3175847, "bug_id": 2184683, "bug": {"bug_id": 2184683, "title": "CVE-2023-28840 moby: Encrypted overlay network may be unauthenticated", "security": true, "parent": true}}, {"karma": 0, "comment_id": 3175847, "bug_id": 2184684, "bug": {"bug_id": 2184684, "title": "CVE-2023-28840 moby-engine: moby: Encrypted overlay network may be unauthenticated [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 3175847, "bug_id": 2184685, "bug": {"bug_id": 2184685, "title": "CVE-2023-28841 moby: Encrypted overlay network traffic may be unencrypted", "security": true, "parent": true}}, {"karma": 0, "comment_id": 3175847, "bug_id": 2184686, "bug": {"bug_id": 2184686, "title": "CVE-2023-28841 moby-engine: moby: Encrypted overlay network traffic may be unencrypted [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 3175847, "bug_id": 2184688, "bug": {"bug_id": 2184688, "title": "CVE-2023-28842 moby: Encrypted overlay network with a single endpoint is unauthenticated", "security": true, "parent": true}}, {"karma": 0, "comment_id": 3175847, "bug_id": 2184689, "bug": {"bug_id": 2184689, "title": "CVE-2023-28842 moby-engine: moby: Encrypted overlay network with a single endpoint is unauthenticated [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 3175847, "bug_id": 2189788, "bug": {"bug_id": 2189788, "title": "CVE-2021-41803 consul: Consul Auto-Config JWT Authorization Missing Input Validation", "security": true, "parent": true}}, {"karma": 0, "comment_id": 3175847, "bug_id": 2189789, "bug": {"bug_id": 2189789, "title": "CVE-2021-41803 moby-engine: consul: Consul Auto-Config JWT Authorization Missing Input Validation [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 3175847, "bug_id": 2190033, "bug": {"bug_id": 2190033, "title": "moby-engine-24.0.5 is available", "security": false, "parent": false}}, {"karma": 0, "comment_id": 3175847, "bug_id": 2156860, "bug": {"bug_id": 2156860, "title": "CVE-2022-40716 consul: Consul Service Mesh Intention Bypass with Malicious Certificate Signing Request", "security": true, "parent": true}}, {"karma": 0, "comment_id": 3175847, "bug_id": 2156864, "bug": {"bug_id": 2156864, "title": "CVE-2022-40716 moby-engine: consul: Consul Service Mesh Intention Bypass with Malicious Certificate Signing Request [fedora-37]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 3175847, "bug_id": 2163037, "bug": {"bug_id": 2163037, "title": "CVE-2022-3064 go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents", "security": true, "parent": true}}, {"karma": 0, "comment_id": 3175847, "bug_id": 2163550, "bug": {"bug_id": 2163550, "title": "CVE-2022-3064 moby-engine: go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 3175847, "bug_id": 2174485, "bug": {"bug_id": 2174485, "title": "CVE-2023-25173 containerd: Supplementary groups are not set up properly", "security": true, "parent": true}}, {"karma": 0, "comment_id": 3175847, "bug_id": 2174544, "bug": {"bug_id": 2174544, "title": "moby-engine: containerd: Supplementary groups are not set up properly [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 3175847, "bug_id": 2176447, "bug": {"bug_id": 2176447, "title": "CVE-2023-26054 buildkit: Data disclosure in provenance attestation describing a build", "security": true, "parent": true}}, {"karma": 0, "comment_id": 3175847, "bug_id": 2176448, "bug": {"bug_id": 2176448, "title": "CVE-2023-26054 moby-engine: buildkit: Data disclosure in provenance attestation describing a build [fedora-all]", "security": true, "parent": false}}], "testcase_feedback": [], "user": {"name": "marok", "email": "mrk@bevc.net", "id": 7484, "avatar": "https://seccdn.libravatar.org/avatar/6516db13e3a8e3b82b18f08b7bff0afe41adbf42a405ab6975ed4579f71b8ddb?s=24&d=retro", "openid": "marok.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update can be pushed to stable now if the maintainer wishes", "timestamp": "2023-08-29 10:13:31", "update_id": 541877, "user_id": 91, "id": 3175848, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 12:02:15", "update_id": 541877, "user_id": 6505, "id": 3175939, "bug_feedback": [{"karma": 0, "comment_id": 3175939, "bug_id": 2156860, "bug": {"bug_id": 2156860, "title": "CVE-2022-40716 consul: Consul Service Mesh Intention Bypass with Malicious Certificate Signing Request", "security": true, "parent": true}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2156864, "bug": {"bug_id": 2156864, "title": "CVE-2022-40716 moby-engine: consul: Consul Service Mesh Intention Bypass with Malicious Certificate Signing Request [fedora-37]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2163037, "bug": {"bug_id": 2163037, "title": "CVE-2022-3064 go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents", "security": true, "parent": true}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2163550, "bug": {"bug_id": 2163550, "title": "CVE-2022-3064 moby-engine: go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2174485, "bug": {"bug_id": 2174485, "title": "CVE-2023-25173 containerd: Supplementary groups are not set up properly", "security": true, "parent": true}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2174544, "bug": {"bug_id": 2174544, "title": "moby-engine: containerd: Supplementary groups are not set up properly [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2176447, "bug": {"bug_id": 2176447, "title": "CVE-2023-26054 buildkit: Data disclosure in provenance attestation describing a build", "security": true, "parent": true}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2176448, "bug": {"bug_id": 2176448, "title": "CVE-2023-26054 moby-engine: buildkit: Data disclosure in provenance attestation describing a build [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2177595, "bug": {"bug_id": 2177595, "title": "CVE-2023-0845 hashicorp/consul: Consul Server Panic when Ingress and API Gateways Configured with Peering Connections", "security": true, "parent": true}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2177596, "bug": {"bug_id": 2177596, "title": "CVE-2023-0845 moby-engine: hashicorp/consul: Consul Server Panic when Ingress and API Gateways Configured with Peering Connections [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2184683, "bug": {"bug_id": 2184683, "title": "CVE-2023-28840 moby: Encrypted overlay network may be unauthenticated", "security": true, "parent": true}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2184684, "bug": {"bug_id": 2184684, "title": "CVE-2023-28840 moby-engine: moby: Encrypted overlay network may be unauthenticated [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2184685, "bug": {"bug_id": 2184685, "title": "CVE-2023-28841 moby: Encrypted overlay network traffic may be unencrypted", "security": true, "parent": true}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2184686, "bug": {"bug_id": 2184686, "title": "CVE-2023-28841 moby-engine: moby: Encrypted overlay network traffic may be unencrypted [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2184688, "bug": {"bug_id": 2184688, "title": "CVE-2023-28842 moby: Encrypted overlay network with a single endpoint is unauthenticated", "security": true, "parent": true}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2184689, "bug": {"bug_id": 2184689, "title": "CVE-2023-28842 moby-engine: moby: Encrypted overlay network with a single endpoint is unauthenticated [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2189788, "bug": {"bug_id": 2189788, "title": "CVE-2021-41803 consul: Consul Auto-Config JWT Authorization Missing Input Validation", "security": true, "parent": true}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2189789, "bug": {"bug_id": 2189789, "title": "CVE-2021-41803 moby-engine: consul: Consul Auto-Config JWT Authorization Missing Input Validation [fedora-all]", "security": true, "parent": false}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2190033, "bug": {"bug_id": 2190033, "title": "moby-engine-24.0.5 is available", "security": false, "parent": false}}], "testcase_feedback": [], "user": {"name": "okram", "email": "ttt@bevc.net", "id": 6505, "avatar": "https://seccdn.libravatar.org/avatar/19fd9f57f0f2dc762e4a2d20b4a0acc5b372f402d46251c0191b54724cfeb0f1?s=24&d=retro", "openid": "okram.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for stable by bodhi. ", "timestamp": "2023-08-29 12:02:16", "update_id": 541877, "user_id": 91, "id": 3175940, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to stable.", "timestamp": "2023-08-30 01:37:10", "update_id": 541877, "user_id": 91, "id": 3178755, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.stg.fedoraproject.org", "groups": []}}], "builds": [{"nvr": "moby-engine-24.0.5-1.fc38", "signed": true, "release_id": 66, "type": "rpm", "epoch": 0}], "bugs": [{"bug_id": 2156860, "title": "CVE-2022-40716 consul: Consul Service Mesh Intention Bypass with Malicious Certificate Signing Request", "security": true, "parent": true, "feedback": [{"karma": 0, "comment_id": 3174171, "bug_id": 2156860, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-27 19:04:37", "update_id": 541877, "user_id": 3703, "id": 3174171, "testcase_feedback": [], "user": {"name": "markec", "email": "marko.bevc@gmail.com", "id": 3703, "avatar": "https://seccdn.libravatar.org/avatar/2a3640b3b2df97a062aff29758dd6a2ce98adba2cdd4da3fceb85df19b25200c?s=24&d=retro", "openid": "markec.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2156860, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 12:02:15", "update_id": 541877, "user_id": 6505, "id": 3175939, "testcase_feedback": [], "user": {"name": "okram", "email": "ttt@bevc.net", "id": 6505, "avatar": "https://seccdn.libravatar.org/avatar/19fd9f57f0f2dc762e4a2d20b4a0acc5b372f402d46251c0191b54724cfeb0f1?s=24&d=retro", "openid": "okram.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3175847, "bug_id": 2156860, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 10:13:16", "update_id": 541877, "user_id": 7484, "id": 3175847, "testcase_feedback": [], "user": {"name": "marok", "email": "mrk@bevc.net", "id": 7484, "avatar": "https://seccdn.libravatar.org/avatar/6516db13e3a8e3b82b18f08b7bff0afe41adbf42a405ab6975ed4579f71b8ddb?s=24&d=retro", "openid": "marok.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}]}, {"bug_id": 2156864, "title": "CVE-2022-40716 moby-engine: consul: Consul Service Mesh Intention Bypass with Malicious Certificate Signing Request [fedora-37]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 3174171, "bug_id": 2156864, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-27 19:04:37", "update_id": 541877, "user_id": 3703, "id": 3174171, "testcase_feedback": [], "user": {"name": "markec", "email": "marko.bevc@gmail.com", "id": 3703, "avatar": "https://seccdn.libravatar.org/avatar/2a3640b3b2df97a062aff29758dd6a2ce98adba2cdd4da3fceb85df19b25200c?s=24&d=retro", "openid": "markec.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2156864, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 12:02:15", "update_id": 541877, "user_id": 6505, "id": 3175939, "testcase_feedback": [], "user": {"name": "okram", "email": "ttt@bevc.net", "id": 6505, "avatar": "https://seccdn.libravatar.org/avatar/19fd9f57f0f2dc762e4a2d20b4a0acc5b372f402d46251c0191b54724cfeb0f1?s=24&d=retro", "openid": "okram.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3175847, "bug_id": 2156864, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 10:13:16", "update_id": 541877, "user_id": 7484, "id": 3175847, "testcase_feedback": [], "user": {"name": "marok", "email": "mrk@bevc.net", "id": 7484, "avatar": "https://seccdn.libravatar.org/avatar/6516db13e3a8e3b82b18f08b7bff0afe41adbf42a405ab6975ed4579f71b8ddb?s=24&d=retro", "openid": "marok.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}]}, {"bug_id": 2163037, "title": "CVE-2022-3064 go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents", "security": true, "parent": true, "feedback": [{"karma": 0, "comment_id": 3174171, "bug_id": 2163037, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-27 19:04:37", "update_id": 541877, "user_id": 3703, "id": 3174171, "testcase_feedback": [], "user": {"name": "markec", "email": "marko.bevc@gmail.com", "id": 3703, "avatar": "https://seccdn.libravatar.org/avatar/2a3640b3b2df97a062aff29758dd6a2ce98adba2cdd4da3fceb85df19b25200c?s=24&d=retro", "openid": "markec.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2163037, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 12:02:15", "update_id": 541877, "user_id": 6505, "id": 3175939, "testcase_feedback": [], "user": {"name": "okram", "email": "ttt@bevc.net", "id": 6505, "avatar": "https://seccdn.libravatar.org/avatar/19fd9f57f0f2dc762e4a2d20b4a0acc5b372f402d46251c0191b54724cfeb0f1?s=24&d=retro", "openid": "okram.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3175847, "bug_id": 2163037, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 10:13:16", "update_id": 541877, "user_id": 7484, "id": 3175847, "testcase_feedback": [], "user": {"name": "marok", "email": "mrk@bevc.net", "id": 7484, "avatar": "https://seccdn.libravatar.org/avatar/6516db13e3a8e3b82b18f08b7bff0afe41adbf42a405ab6975ed4579f71b8ddb?s=24&d=retro", "openid": "marok.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}]}, {"bug_id": 2163550, "title": "CVE-2022-3064 moby-engine: go-yaml: Improve heuristics preventing CPU/memory abuse by parsing malicious or large YAML documents [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 3174171, "bug_id": 2163550, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-27 19:04:37", "update_id": 541877, "user_id": 3703, "id": 3174171, "testcase_feedback": [], "user": {"name": "markec", "email": "marko.bevc@gmail.com", "id": 3703, "avatar": "https://seccdn.libravatar.org/avatar/2a3640b3b2df97a062aff29758dd6a2ce98adba2cdd4da3fceb85df19b25200c?s=24&d=retro", "openid": "markec.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2163550, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 12:02:15", "update_id": 541877, "user_id": 6505, "id": 3175939, "testcase_feedback": [], "user": {"name": "okram", "email": "ttt@bevc.net", "id": 6505, "avatar": "https://seccdn.libravatar.org/avatar/19fd9f57f0f2dc762e4a2d20b4a0acc5b372f402d46251c0191b54724cfeb0f1?s=24&d=retro", "openid": "okram.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3175847, "bug_id": 2163550, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 10:13:16", "update_id": 541877, "user_id": 7484, "id": 3175847, "testcase_feedback": [], "user": {"name": "marok", "email": "mrk@bevc.net", "id": 7484, "avatar": "https://seccdn.libravatar.org/avatar/6516db13e3a8e3b82b18f08b7bff0afe41adbf42a405ab6975ed4579f71b8ddb?s=24&d=retro", "openid": "marok.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}]}, {"bug_id": 2174485, "title": "CVE-2023-25173 containerd: Supplementary groups are not set up properly", "security": true, "parent": true, "feedback": [{"karma": 0, "comment_id": 3181435, "bug_id": 2174485, "comment": {"karma": 0, "karma_critpath": 0, "text": "can you check if contained 1.7.0 from https://copr.fedorainfracloud.org/coprs/sergiomb/docker2/builds/ works for you ? \n\nwe have a lot of stuff to update ... ", "timestamp": "2023-09-01 00:57:32", "update_id": 541878, "user_id": 271, "id": 3181435, "testcase_feedback": [], "user": {"name": "sergiomb", "email": "sergio@serjux.com", "id": 271, "avatar": "https://seccdn.libravatar.org/avatar/cb1e1c02b91fca7534374ad3e77409014e4c30c6de47356f36099793f08cc1de?s=24&d=retro", "openid": "sergiomb.id.stg.fedoraproject.org", "groups": [{"name": "nodejs-sig"}, {"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "clamav"}, {"name": "multimedia-sig"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3182065, "bug_id": 2174485, "comment": {"karma": 0, "karma_critpath": 0, "text": "yes it does.", "timestamp": "2023-09-01 08:59:37", "update_id": 541878, "user_id": 1152, "id": 3182065, "testcase_feedback": [], "user": {"name": "bellet", "email": "fabrice@bellet.info", "id": 1152, "avatar": "https://seccdn.libravatar.org/avatar/fd52ab010391a75b96c3540f78c2997013e97d12fb78be9919c43509f89a566a?s=24&d=retro", "openid": "bellet.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 3174171, "bug_id": 2174485, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-27 19:04:37", "update_id": 541877, "user_id": 3703, "id": 3174171, "testcase_feedback": [], "user": {"name": "markec", "email": "marko.bevc@gmail.com", "id": 3703, "avatar": "https://seccdn.libravatar.org/avatar/2a3640b3b2df97a062aff29758dd6a2ce98adba2cdd4da3fceb85df19b25200c?s=24&d=retro", "openid": "markec.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2174485, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 12:02:15", "update_id": 541877, "user_id": 6505, "id": 3175939, "testcase_feedback": [], "user": {"name": "okram", "email": "ttt@bevc.net", "id": 6505, "avatar": "https://seccdn.libravatar.org/avatar/19fd9f57f0f2dc762e4a2d20b4a0acc5b372f402d46251c0191b54724cfeb0f1?s=24&d=retro", "openid": "okram.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3179401, "bug_id": 2174485, "comment": {"karma": -1, "karma_critpath": 0, "text": "With this update (from 1.6.19-1-fc38.x86_64), I have this error:\n\ndocker: Error response from daemon: failed to create task for container: failed to create shim task: ttrpc: cannot marshal unknown type: *task.CreateTaskRequest: unknown.\nERRO[0002] error waiting for container:                 \n", "timestamp": "2023-08-30 16:26:03", "update_id": 541878, "user_id": 1152, "id": 3179401, "testcase_feedback": [], "user": {"name": "bellet", "email": "fabrice@bellet.info", "id": 1152, "avatar": "https://seccdn.libravatar.org/avatar/fd52ab010391a75b96c3540f78c2997013e97d12fb78be9919c43509f89a566a?s=24&d=retro", "openid": "bellet.id.stg.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}]}}}, {"karma": 0, "comment_id": 3175847, "bug_id": 2174485, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 10:13:16", "update_id": 541877, "user_id": 7484, "id": 3175847, "testcase_feedback": [], "user": {"name": "marok", "email": "mrk@bevc.net", "id": 7484, "avatar": "https://seccdn.libravatar.org/avatar/6516db13e3a8e3b82b18f08b7bff0afe41adbf42a405ab6975ed4579f71b8ddb?s=24&d=retro", "openid": "marok.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}]}, {"bug_id": 2174544, "title": "moby-engine: containerd: Supplementary groups are not set up properly [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 3174171, "bug_id": 2174544, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-27 19:04:37", "update_id": 541877, "user_id": 3703, "id": 3174171, "testcase_feedback": [], "user": {"name": "markec", "email": "marko.bevc@gmail.com", "id": 3703, "avatar": "https://seccdn.libravatar.org/avatar/2a3640b3b2df97a062aff29758dd6a2ce98adba2cdd4da3fceb85df19b25200c?s=24&d=retro", "openid": "markec.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2174544, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 12:02:15", "update_id": 541877, "user_id": 6505, "id": 3175939, "testcase_feedback": [], "user": {"name": "okram", "email": "ttt@bevc.net", "id": 6505, "avatar": "https://seccdn.libravatar.org/avatar/19fd9f57f0f2dc762e4a2d20b4a0acc5b372f402d46251c0191b54724cfeb0f1?s=24&d=retro", "openid": "okram.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3175847, "bug_id": 2174544, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 10:13:16", "update_id": 541877, "user_id": 7484, "id": 3175847, "testcase_feedback": [], "user": {"name": "marok", "email": "mrk@bevc.net", "id": 7484, "avatar": "https://seccdn.libravatar.org/avatar/6516db13e3a8e3b82b18f08b7bff0afe41adbf42a405ab6975ed4579f71b8ddb?s=24&d=retro", "openid": "marok.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}]}, {"bug_id": 2176447, "title": "CVE-2023-26054 buildkit: Data disclosure in provenance attestation describing a build", "security": true, "parent": true, "feedback": [{"karma": 0, "comment_id": 3174171, "bug_id": 2176447, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-27 19:04:37", "update_id": 541877, "user_id": 3703, "id": 3174171, "testcase_feedback": [], "user": {"name": "markec", "email": "marko.bevc@gmail.com", "id": 3703, "avatar": "https://seccdn.libravatar.org/avatar/2a3640b3b2df97a062aff29758dd6a2ce98adba2cdd4da3fceb85df19b25200c?s=24&d=retro", "openid": "markec.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2176447, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 12:02:15", "update_id": 541877, "user_id": 6505, "id": 3175939, "testcase_feedback": [], "user": {"name": "okram", "email": "ttt@bevc.net", "id": 6505, "avatar": "https://seccdn.libravatar.org/avatar/19fd9f57f0f2dc762e4a2d20b4a0acc5b372f402d46251c0191b54724cfeb0f1?s=24&d=retro", "openid": "okram.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3175847, "bug_id": 2176447, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 10:13:16", "update_id": 541877, "user_id": 7484, "id": 3175847, "testcase_feedback": [], "user": {"name": "marok", "email": "mrk@bevc.net", "id": 7484, "avatar": "https://seccdn.libravatar.org/avatar/6516db13e3a8e3b82b18f08b7bff0afe41adbf42a405ab6975ed4579f71b8ddb?s=24&d=retro", "openid": "marok.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}]}, {"bug_id": 2176448, "title": "CVE-2023-26054 moby-engine: buildkit: Data disclosure in provenance attestation describing a build [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 3174171, "bug_id": 2176448, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-27 19:04:37", "update_id": 541877, "user_id": 3703, "id": 3174171, "testcase_feedback": [], "user": {"name": "markec", "email": "marko.bevc@gmail.com", "id": 3703, "avatar": "https://seccdn.libravatar.org/avatar/2a3640b3b2df97a062aff29758dd6a2ce98adba2cdd4da3fceb85df19b25200c?s=24&d=retro", "openid": "markec.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2176448, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 12:02:15", "update_id": 541877, "user_id": 6505, "id": 3175939, "testcase_feedback": [], "user": {"name": "okram", "email": "ttt@bevc.net", "id": 6505, "avatar": "https://seccdn.libravatar.org/avatar/19fd9f57f0f2dc762e4a2d20b4a0acc5b372f402d46251c0191b54724cfeb0f1?s=24&d=retro", "openid": "okram.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3175847, "bug_id": 2176448, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 10:13:16", "update_id": 541877, "user_id": 7484, "id": 3175847, "testcase_feedback": [], "user": {"name": "marok", "email": "mrk@bevc.net", "id": 7484, "avatar": "https://seccdn.libravatar.org/avatar/6516db13e3a8e3b82b18f08b7bff0afe41adbf42a405ab6975ed4579f71b8ddb?s=24&d=retro", "openid": "marok.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}]}, {"bug_id": 2177595, "title": "CVE-2023-0845 hashicorp/consul: Consul Server Panic when Ingress and API Gateways Configured with Peering Connections", "security": true, "parent": true, "feedback": [{"karma": 0, "comment_id": 3175847, "bug_id": 2177595, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 10:13:16", "update_id": 541877, "user_id": 7484, "id": 3175847, "testcase_feedback": [], "user": {"name": "marok", "email": "mrk@bevc.net", "id": 7484, "avatar": "https://seccdn.libravatar.org/avatar/6516db13e3a8e3b82b18f08b7bff0afe41adbf42a405ab6975ed4579f71b8ddb?s=24&d=retro", "openid": "marok.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3174171, "bug_id": 2177595, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-27 19:04:37", "update_id": 541877, "user_id": 3703, "id": 3174171, "testcase_feedback": [], "user": {"name": "markec", "email": "marko.bevc@gmail.com", "id": 3703, "avatar": "https://seccdn.libravatar.org/avatar/2a3640b3b2df97a062aff29758dd6a2ce98adba2cdd4da3fceb85df19b25200c?s=24&d=retro", "openid": "markec.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2177595, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 12:02:15", "update_id": 541877, "user_id": 6505, "id": 3175939, "testcase_feedback": [], "user": {"name": "okram", "email": "ttt@bevc.net", "id": 6505, "avatar": "https://seccdn.libravatar.org/avatar/19fd9f57f0f2dc762e4a2d20b4a0acc5b372f402d46251c0191b54724cfeb0f1?s=24&d=retro", "openid": "okram.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}]}, {"bug_id": 2177596, "title": "CVE-2023-0845 moby-engine: hashicorp/consul: Consul Server Panic when Ingress and API Gateways Configured with Peering Connections [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 3175847, "bug_id": 2177596, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 10:13:16", "update_id": 541877, "user_id": 7484, "id": 3175847, "testcase_feedback": [], "user": {"name": "marok", "email": "mrk@bevc.net", "id": 7484, "avatar": "https://seccdn.libravatar.org/avatar/6516db13e3a8e3b82b18f08b7bff0afe41adbf42a405ab6975ed4579f71b8ddb?s=24&d=retro", "openid": "marok.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3174171, "bug_id": 2177596, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-27 19:04:37", "update_id": 541877, "user_id": 3703, "id": 3174171, "testcase_feedback": [], "user": {"name": "markec", "email": "marko.bevc@gmail.com", "id": 3703, "avatar": "https://seccdn.libravatar.org/avatar/2a3640b3b2df97a062aff29758dd6a2ce98adba2cdd4da3fceb85df19b25200c?s=24&d=retro", "openid": "markec.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2177596, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 12:02:15", "update_id": 541877, "user_id": 6505, "id": 3175939, "testcase_feedback": [], "user": {"name": "okram", "email": "ttt@bevc.net", "id": 6505, "avatar": "https://seccdn.libravatar.org/avatar/19fd9f57f0f2dc762e4a2d20b4a0acc5b372f402d46251c0191b54724cfeb0f1?s=24&d=retro", "openid": "okram.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}]}, {"bug_id": 2184683, "title": "CVE-2023-28840 moby: Encrypted overlay network may be unauthenticated", "security": true, "parent": true, "feedback": [{"karma": 0, "comment_id": 3175847, "bug_id": 2184683, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 10:13:16", "update_id": 541877, "user_id": 7484, "id": 3175847, "testcase_feedback": [], "user": {"name": "marok", "email": "mrk@bevc.net", "id": 7484, "avatar": "https://seccdn.libravatar.org/avatar/6516db13e3a8e3b82b18f08b7bff0afe41adbf42a405ab6975ed4579f71b8ddb?s=24&d=retro", "openid": "marok.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3174171, "bug_id": 2184683, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-27 19:04:37", "update_id": 541877, "user_id": 3703, "id": 3174171, "testcase_feedback": [], "user": {"name": "markec", "email": "marko.bevc@gmail.com", "id": 3703, "avatar": "https://seccdn.libravatar.org/avatar/2a3640b3b2df97a062aff29758dd6a2ce98adba2cdd4da3fceb85df19b25200c?s=24&d=retro", "openid": "markec.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2184683, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 12:02:15", "update_id": 541877, "user_id": 6505, "id": 3175939, "testcase_feedback": [], "user": {"name": "okram", "email": "ttt@bevc.net", "id": 6505, "avatar": "https://seccdn.libravatar.org/avatar/19fd9f57f0f2dc762e4a2d20b4a0acc5b372f402d46251c0191b54724cfeb0f1?s=24&d=retro", "openid": "okram.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}]}, {"bug_id": 2184684, "title": "CVE-2023-28840 moby-engine: moby: Encrypted overlay network may be unauthenticated [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 3175847, "bug_id": 2184684, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 10:13:16", "update_id": 541877, "user_id": 7484, "id": 3175847, "testcase_feedback": [], "user": {"name": "marok", "email": "mrk@bevc.net", "id": 7484, "avatar": "https://seccdn.libravatar.org/avatar/6516db13e3a8e3b82b18f08b7bff0afe41adbf42a405ab6975ed4579f71b8ddb?s=24&d=retro", "openid": "marok.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3174171, "bug_id": 2184684, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-27 19:04:37", "update_id": 541877, "user_id": 3703, "id": 3174171, "testcase_feedback": [], "user": {"name": "markec", "email": "marko.bevc@gmail.com", "id": 3703, "avatar": "https://seccdn.libravatar.org/avatar/2a3640b3b2df97a062aff29758dd6a2ce98adba2cdd4da3fceb85df19b25200c?s=24&d=retro", "openid": "markec.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2184684, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 12:02:15", "update_id": 541877, "user_id": 6505, "id": 3175939, "testcase_feedback": [], "user": {"name": "okram", "email": "ttt@bevc.net", "id": 6505, "avatar": "https://seccdn.libravatar.org/avatar/19fd9f57f0f2dc762e4a2d20b4a0acc5b372f402d46251c0191b54724cfeb0f1?s=24&d=retro", "openid": "okram.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}]}, {"bug_id": 2184685, "title": "CVE-2023-28841 moby: Encrypted overlay network traffic may be unencrypted", "security": true, "parent": true, "feedback": [{"karma": 0, "comment_id": 3175847, "bug_id": 2184685, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 10:13:16", "update_id": 541877, "user_id": 7484, "id": 3175847, "testcase_feedback": [], "user": {"name": "marok", "email": "mrk@bevc.net", "id": 7484, "avatar": "https://seccdn.libravatar.org/avatar/6516db13e3a8e3b82b18f08b7bff0afe41adbf42a405ab6975ed4579f71b8ddb?s=24&d=retro", "openid": "marok.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3174171, "bug_id": 2184685, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-27 19:04:37", "update_id": 541877, "user_id": 3703, "id": 3174171, "testcase_feedback": [], "user": {"name": "markec", "email": "marko.bevc@gmail.com", "id": 3703, "avatar": "https://seccdn.libravatar.org/avatar/2a3640b3b2df97a062aff29758dd6a2ce98adba2cdd4da3fceb85df19b25200c?s=24&d=retro", "openid": "markec.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2184685, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 12:02:15", "update_id": 541877, "user_id": 6505, "id": 3175939, "testcase_feedback": [], "user": {"name": "okram", "email": "ttt@bevc.net", "id": 6505, "avatar": "https://seccdn.libravatar.org/avatar/19fd9f57f0f2dc762e4a2d20b4a0acc5b372f402d46251c0191b54724cfeb0f1?s=24&d=retro", "openid": "okram.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}]}, {"bug_id": 2184686, "title": "CVE-2023-28841 moby-engine: moby: Encrypted overlay network traffic may be unencrypted [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 3175847, "bug_id": 2184686, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 10:13:16", "update_id": 541877, "user_id": 7484, "id": 3175847, "testcase_feedback": [], "user": {"name": "marok", "email": "mrk@bevc.net", "id": 7484, "avatar": "https://seccdn.libravatar.org/avatar/6516db13e3a8e3b82b18f08b7bff0afe41adbf42a405ab6975ed4579f71b8ddb?s=24&d=retro", "openid": "marok.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3174171, "bug_id": 2184686, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-27 19:04:37", "update_id": 541877, "user_id": 3703, "id": 3174171, "testcase_feedback": [], "user": {"name": "markec", "email": "marko.bevc@gmail.com", "id": 3703, "avatar": "https://seccdn.libravatar.org/avatar/2a3640b3b2df97a062aff29758dd6a2ce98adba2cdd4da3fceb85df19b25200c?s=24&d=retro", "openid": "markec.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2184686, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 12:02:15", "update_id": 541877, "user_id": 6505, "id": 3175939, "testcase_feedback": [], "user": {"name": "okram", "email": "ttt@bevc.net", "id": 6505, "avatar": "https://seccdn.libravatar.org/avatar/19fd9f57f0f2dc762e4a2d20b4a0acc5b372f402d46251c0191b54724cfeb0f1?s=24&d=retro", "openid": "okram.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}]}, {"bug_id": 2184688, "title": "CVE-2023-28842 moby: Encrypted overlay network with a single endpoint is unauthenticated", "security": true, "parent": true, "feedback": [{"karma": 0, "comment_id": 3175847, "bug_id": 2184688, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 10:13:16", "update_id": 541877, "user_id": 7484, "id": 3175847, "testcase_feedback": [], "user": {"name": "marok", "email": "mrk@bevc.net", "id": 7484, "avatar": "https://seccdn.libravatar.org/avatar/6516db13e3a8e3b82b18f08b7bff0afe41adbf42a405ab6975ed4579f71b8ddb?s=24&d=retro", "openid": "marok.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3174171, "bug_id": 2184688, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-27 19:04:37", "update_id": 541877, "user_id": 3703, "id": 3174171, "testcase_feedback": [], "user": {"name": "markec", "email": "marko.bevc@gmail.com", "id": 3703, "avatar": "https://seccdn.libravatar.org/avatar/2a3640b3b2df97a062aff29758dd6a2ce98adba2cdd4da3fceb85df19b25200c?s=24&d=retro", "openid": "markec.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2184688, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 12:02:15", "update_id": 541877, "user_id": 6505, "id": 3175939, "testcase_feedback": [], "user": {"name": "okram", "email": "ttt@bevc.net", "id": 6505, "avatar": "https://seccdn.libravatar.org/avatar/19fd9f57f0f2dc762e4a2d20b4a0acc5b372f402d46251c0191b54724cfeb0f1?s=24&d=retro", "openid": "okram.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}]}, {"bug_id": 2184689, "title": "CVE-2023-28842 moby-engine: moby: Encrypted overlay network with a single endpoint is unauthenticated [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 3175847, "bug_id": 2184689, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 10:13:16", "update_id": 541877, "user_id": 7484, "id": 3175847, "testcase_feedback": [], "user": {"name": "marok", "email": "mrk@bevc.net", "id": 7484, "avatar": "https://seccdn.libravatar.org/avatar/6516db13e3a8e3b82b18f08b7bff0afe41adbf42a405ab6975ed4579f71b8ddb?s=24&d=retro", "openid": "marok.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3174171, "bug_id": 2184689, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-27 19:04:37", "update_id": 541877, "user_id": 3703, "id": 3174171, "testcase_feedback": [], "user": {"name": "markec", "email": "marko.bevc@gmail.com", "id": 3703, "avatar": "https://seccdn.libravatar.org/avatar/2a3640b3b2df97a062aff29758dd6a2ce98adba2cdd4da3fceb85df19b25200c?s=24&d=retro", "openid": "markec.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2184689, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 12:02:15", "update_id": 541877, "user_id": 6505, "id": 3175939, "testcase_feedback": [], "user": {"name": "okram", "email": "ttt@bevc.net", "id": 6505, "avatar": "https://seccdn.libravatar.org/avatar/19fd9f57f0f2dc762e4a2d20b4a0acc5b372f402d46251c0191b54724cfeb0f1?s=24&d=retro", "openid": "okram.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}]}, {"bug_id": 2189788, "title": "CVE-2021-41803 consul: Consul Auto-Config JWT Authorization Missing Input Validation", "security": true, "parent": true, "feedback": [{"karma": 0, "comment_id": 3175847, "bug_id": 2189788, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 10:13:16", "update_id": 541877, "user_id": 7484, "id": 3175847, "testcase_feedback": [], "user": {"name": "marok", "email": "mrk@bevc.net", "id": 7484, "avatar": "https://seccdn.libravatar.org/avatar/6516db13e3a8e3b82b18f08b7bff0afe41adbf42a405ab6975ed4579f71b8ddb?s=24&d=retro", "openid": "marok.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3174171, "bug_id": 2189788, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-27 19:04:37", "update_id": 541877, "user_id": 3703, "id": 3174171, "testcase_feedback": [], "user": {"name": "markec", "email": "marko.bevc@gmail.com", "id": 3703, "avatar": "https://seccdn.libravatar.org/avatar/2a3640b3b2df97a062aff29758dd6a2ce98adba2cdd4da3fceb85df19b25200c?s=24&d=retro", "openid": "markec.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2189788, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 12:02:15", "update_id": 541877, "user_id": 6505, "id": 3175939, "testcase_feedback": [], "user": {"name": "okram", "email": "ttt@bevc.net", "id": 6505, "avatar": "https://seccdn.libravatar.org/avatar/19fd9f57f0f2dc762e4a2d20b4a0acc5b372f402d46251c0191b54724cfeb0f1?s=24&d=retro", "openid": "okram.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}]}, {"bug_id": 2189789, "title": "CVE-2021-41803 moby-engine: consul: Consul Auto-Config JWT Authorization Missing Input Validation [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 3175847, "bug_id": 2189789, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 10:13:16", "update_id": 541877, "user_id": 7484, "id": 3175847, "testcase_feedback": [], "user": {"name": "marok", "email": "mrk@bevc.net", "id": 7484, "avatar": "https://seccdn.libravatar.org/avatar/6516db13e3a8e3b82b18f08b7bff0afe41adbf42a405ab6975ed4579f71b8ddb?s=24&d=retro", "openid": "marok.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3174171, "bug_id": 2189789, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-27 19:04:37", "update_id": 541877, "user_id": 3703, "id": 3174171, "testcase_feedback": [], "user": {"name": "markec", "email": "marko.bevc@gmail.com", "id": 3703, "avatar": "https://seccdn.libravatar.org/avatar/2a3640b3b2df97a062aff29758dd6a2ce98adba2cdd4da3fceb85df19b25200c?s=24&d=retro", "openid": "markec.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2189789, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 12:02:15", "update_id": 541877, "user_id": 6505, "id": 3175939, "testcase_feedback": [], "user": {"name": "okram", "email": "ttt@bevc.net", "id": 6505, "avatar": "https://seccdn.libravatar.org/avatar/19fd9f57f0f2dc762e4a2d20b4a0acc5b372f402d46251c0191b54724cfeb0f1?s=24&d=retro", "openid": "okram.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}]}, {"bug_id": 2190033, "title": "moby-engine-24.0.5 is available", "security": false, "parent": false, "feedback": [{"karma": 0, "comment_id": 3175847, "bug_id": 2190033, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 10:13:16", "update_id": 541877, "user_id": 7484, "id": 3175847, "testcase_feedback": [], "user": {"name": "marok", "email": "mrk@bevc.net", "id": 7484, "avatar": "https://seccdn.libravatar.org/avatar/6516db13e3a8e3b82b18f08b7bff0afe41adbf42a405ab6975ed4579f71b8ddb?s=24&d=retro", "openid": "marok.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3174171, "bug_id": 2190033, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-27 19:04:37", "update_id": 541877, "user_id": 3703, "id": 3174171, "testcase_feedback": [], "user": {"name": "markec", "email": "marko.bevc@gmail.com", "id": 3703, "avatar": "https://seccdn.libravatar.org/avatar/2a3640b3b2df97a062aff29758dd6a2ce98adba2cdd4da3fceb85df19b25200c?s=24&d=retro", "openid": "markec.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}, {"name": "trust admins"}]}}}, {"karma": 0, "comment_id": 3175939, "bug_id": 2190033, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2023-08-29 12:02:15", "update_id": 541877, "user_id": 6505, "id": 3175939, "testcase_feedback": [], "user": {"name": "okram", "email": "ttt@bevc.net", "id": 6505, "avatar": "https://seccdn.libravatar.org/avatar/19fd9f57f0f2dc762e4a2d20b4a0acc5b372f402d46251c0191b54724cfeb0f1?s=24&d=retro", "openid": "okram.id.stg.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "trust admins"}]}}}]}], "updateid": "FEDORA-2023-9f5f1ef40a", "karma": 3, "content_type": "rpm", "test_cases": []}, "can_edit": false, "ci_allowed": false}