Bug 1784267
Summary: | Remove quay.io from the default search list | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 8 | Reporter: | Jason Shepherd <jshepherd> |
Component: | container-tools-rhel8-module | Assignee: | Jindrich Novy <jnovy> |
Status: | CLOSED ERRATA | QA Contact: | atomic-bugs <atomic-bugs> |
Severity: | unspecified | Docs Contact: | Gabriela Nečasová <gnecasov> |
Priority: | unspecified | ||
Version: | 8.1 | CC: | dmoppert, dornelas, dwalsh, jligon, jnovy, lmanasko, lsm5, pthomas, tsweeney, yujiang |
Target Milestone: | rc | ||
Target Release: | 8.2 | ||
Hardware: | Unspecified | ||
OS: | Unspecified | ||
Whiteboard: | |||
Fixed In Version: | skopeo-0.1.40-8.el8 | Doc Type: | Bug Fix |
Doc Text: |
.Pulling images from the quay.io registry no longer leads to unintended images
Previously, having the quay.io container image registry listed in the default registries search list provided in `/etc/containers/registries.conf` could allow a user to pull a spoofed image when using a short name. To fix this issue, the quay.io container image registry has been removed from the default registries search list in `/etc/containers/registries.conf`. As a result, pulling images from the `quay.io` registry now requires users to specify the full repository name, such as `quay.io/myorg/myimage`. The quay.io registry can be added back to the default registries search list in `/etc/containers/registries.conf` to reenable pulling container images using short names, however, this is not recommended as it could create a security risk.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2020-04-28 15:52:09 UTC | Type: | Bug |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | |||
Bug Blocks: | 1186913, 1734579 |
Description
Jason Shepherd
2019-12-17 06:38:25 UTC
Also docker.io should be moved to the end of the list. Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://access.redhat.com/errata/RHSA-2020:1650 |