Описание
ELSA-2025-23295: podman security update (MODERATE)
[5.6.0-8.0.1]
- Add devices on container startup, not on creation
- overlay: Put should ignore ENINVAL for Unmount [Orabug: 36234694]
- Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117404]
[7:5.6.0-8]
- update to the latest content of https://github.com/containers/podman/tree/v5.6-rhel (https://github.com/containers/podman/commit/3bf5313)
- fixes 'run 1.2.x upgrade throws error while using nocopy volume mount filesystem option - [RHEL 10.1]'
- Resolves: RHEL-132532
[7:5.6.0-7]
- rebuild for CVE-2025-58183
- Resolves: RHEL-125640
Обновленные пакеты
Oracle Linux 10
Oracle Linux aarch64
podman
5.6.0-8.0.1.el10_1
podman-docker
5.6.0-8.0.1.el10_1
podman-remote
5.6.0-8.0.1.el10_1
podman-tests
5.6.0-8.0.1.el10_1
Oracle Linux x86_64
podman
5.6.0-8.0.1.el10_1
podman-docker
5.6.0-8.0.1.el10_1
podman-remote
5.6.0-8.0.1.el10_1
podman-tests
5.6.0-8.0.1.el10_1
Связанные CVE
Связанные уязвимости
tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a compressed source, a small compressed input can result in large allocations.
tar.Reader does not set a maximum size on the number of sparse region data blocks in GNU tar pax 1.0 sparse files. A maliciously-crafted archive containing a large number of sparse regions can cause a Reader to read an unbounded amount of data from the archive into memory. When reading from a compressed source, a small compressed input can result in large allocations.
Unbounded allocation when parsing GNU sparse map in archive/tar
tar.Reader does not set a maximum size on the number of sparse region ...
