ELSA-2025-0922

Опубликовано: 04 фев. 2025

Источник: oracle-oval

Платформа: Oracle Linux 9

Описание

ELSA-2025-0922: podman security update (IMPORTANT)

[5.2.2-13.0.1]

podman: do not set rlimits to the default value [Orabug: 37310981]
Add devices on container startup, not on creation
overlay: Put should ignore ENINVAL for Unmount [Orabug: 36234694]
Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117404]

[4:5.2.2-13]

update to the latest content of https://github.com/containers/podman/tree/v5.2-rhel (https://github.com/containers/podman/commit/173b20b)
Resolves: RHEL-67606

[4:5.2.2-12]

update to the latest content of https://github.com/containers/podman/tree/v5.2-rhel (https://github.com/containers/podman/commit/76d1690)
Resolves: RHEL-73592

Обновленные пакеты

Oracle Linux 9

Oracle Linux aarch64

podman

5.2.2-13.0.1.el9_5

podman-docker

5.2.2-13.0.1.el9_5

podman-plugins

5.2.2-13.0.1.el9_5

podman-remote

5.2.2-13.0.1.el9_5

podman-tests

5.2.2-13.0.1.el9_5

Oracle Linux x86_64

podman

5.2.2-13.0.1.el9_5

podman-docker

5.2.2-13.0.1.el9_5

podman-plugins

5.2.2-13.0.1.el9_5

podman-remote

5.2.2-13.0.1.el9_5

podman-tests

5.2.2-13.0.1.el9_5

Связанные CVE

CVE-2024-11218

Ссылки на источники

Связанные уязвимости

CVE-2024-11218

CVSS3: 8.6

ubuntu

5 месяцев назад

A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host.