Описание
ELSA-2024-8563: buildah security update (IMPORTANT)
[1.33.10-1.0.1]
- Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117178]
[2:1.33.10-1]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.33 (https://github.com/containers/buildah/commit/bd85c17)
- Resolves: RHEL-61842
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
buildah
1.33.10-1.0.1.el9_4
buildah-tests
1.33.10-1.0.1.el9_4
Oracle Linux x86_64
buildah
1.33.10-1.0.1.el9_4
buildah-tests
1.33.10-1.0.1.el9_4
Связанные CVE
Связанные уязвимости
A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah.
A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah.
A vulnerability was found in Buildah. Cache mounts do not properly validate that user-specified paths for the cache are within our cache directory, allowing a `RUN` instruction in a Container file to mount an arbitrary directory from the host (read/write) into the container as long as those files can be accessed by the user running Buildah.
A vulnerability was found in Buildah. Cache mounts do not properly val ...
