ELSA-2025-7391

Опубликовано: 21 мая 2025

Источник: oracle-oval

Платформа: Oracle Linux 9

Описание

ELSA-2025-7391: podman security update (IMPORTANT)

[5.4.0-9.0.1]

Add devices on container startup, not on creation
overlay: Put should ignore ENINVAL for Unmount [Orabug: 36234694]
Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117404]

[5:5.4.0-9]

update to the latest content of https://github.com/containers/podman/tree/v5.4-rhel (https://github.com/containers/podman/commit/0ee1d49)
fixes 'Rootless container libpod/tmp/persist directories not cleaned up, fill up tmpfs - [RHEL 9.6] 0day'
Resolves: RHEL-86544

[5:5.4.0-8]

update to the latest content of https://github.com/containers/podman/tree/v5.4-rhel (https://github.com/containers/podman/commit/a994a04)
fixes 'podman tests are failing - [RHEL 9.6] 0day'
Resolves: RHEL-86092

[5:5.4.0-7]

update to the latest content of https://github.com/containers/podman/tree/v5.4-rhel (https://github.com/containers/podman/commit/f7bf65c)
fixes 'Importing a tar.xz archive as a container fails with error 'layer 0 <...> does not match config's DiffID' - [RHEL 9.6] 0day'
Resolves: RHEL-85218

[5:5.4.0-6]

update to the latest content of https://github.com/containers/podman/tree/v5.4-rhel (https://github.com/containers/podman/commit/9ad4842)
fixes 'CVE-2025-22869 podman: Potential denial of service in golang.org/x/crypto [rhel-9.6]'
Resolves: RHEL-81319

[5:5.4.0-5]

update to the latest content of https://github.com/containers/podman/tree/v5.4-rhel (https://github.com/containers/podman/commit/9d2e54f)
fixes 'Excessive memory leak due to uncontrolled accumulation of health.log entries in Podman 5.x - [RHEL - 9.6] ZeroDay'
Resolves: RHEL-83557

[5:5.4.0-4]

update to the latest content of https://github.com/containers/podman/tree/v5.4-rhel (https://github.com/containers/podman/commit/45c2d1f)
Resolves: RHEL-82970

[5:5.4.0-3]

update to the latest content of https://github.com/containers/podman/tree/v5.4-rhel (https://github.com/containers/podman/commit/e48006b)
Resolves: RHEL-82198

[5:5.4.0-2]

update to the latest content of https://github.com/containers/podman/tree/v5.4-rhel (https://github.com/containers/podman/commit/2adbe89)
Resolves: RHEL-79694

Обновленные пакеты

Oracle Linux 9

Oracle Linux aarch64

podman

5.4.0-9.0.1.el9_6

podman-docker

5.4.0-9.0.1.el9_6

podman-plugins

5.4.0-9.0.1.el9_6

podman-remote

5.4.0-9.0.1.el9_6

podman-tests

5.4.0-9.0.1.el9_6

Oracle Linux x86_64

podman

5.4.0-9.0.1.el9_6

podman-docker

5.4.0-9.0.1.el9_6

podman-plugins

5.4.0-9.0.1.el9_6

podman-remote

5.4.0-9.0.1.el9_6

podman-tests

5.4.0-9.0.1.el9_6

Связанные CVE

CVE-2025-22869

CVE-2025-27144

Ссылки на источники

Связанные уязвимости

SUSE-SU-2025:1018-1

suse-cvrf

7 месяцев назад

Security update for buildah

SUSE-SU-2025:1017-1

suse-cvrf

7 месяцев назад

Security update for buildah

SUSE-SU-2025:1014-1

suse-cvrf

7 месяцев назад

Security update for buildah

RLSA-2025:7462

rocky

около 1 месяца назад

Important: podman security update

ELSA-2025-7462

oracle-oval

4 месяца назад

ELSA-2025-7462: podman security update (IMPORTANT)