Overview

File _patchinfo of Package patchinfo.36417

<patchinfo incident="36417">
  <category>security</category>
  <rating>important</rating>
  <packager>msmeissn</packager>
  <summary>Security update for buildah</summary>
  <description>
This update for buildah fixes the following issues:

- CVE-2024-9676: Fixed github.com/containers/storage: symlink traversal vulnerability in the containers/storage library can cause Denial of Service (DoS) (bsc#1231698):
- CVE-2024-9675: VUL-0: CVE-2024-9675: buildah,podman: buildah: cache arbitrary directory mount (bsc#1231499):
- CVE-2024-9407: Fixed improper input validation in bind-propagation Option of Dockerfile RUN --mount Instruction (bsc#1231208)
- CVE-2024-9341: Fixed FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library (bsc#1231230)

- Using networking slirp4netns as default instead of pasta on SLE (bsc#1232522).

</description>
  <issue id="1231208" tracker="bnc">VUL-0: CVE-2024-9407: buildah: Buildah: Podman: Improper Input Validation in bind-propagation Option of Dockerfile RUN --mount Instruction</issue>
  <issue id="1231230" tracker="bnc">VUL-0: CVE-2024-9341: buildah,podman: cri-o: FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library</issue>
  <issue id="1231499" tracker="bnc">VUL-0: CVE-2024-9675: buildah,podman: buildah: cache arbitrary directory mount</issue>
  <issue id="1231698" tracker="bnc">VUL-0: CVE-2024-9676: buildah,podman,skopeo: github.com/containers/storage: symlink traversal vulnerability in the containers/storage library can cause Denial of Service (DoS)</issue>
  <issue id="1232522" tracker="bnc">buildah security update changes default network mode from slirp4netns to passt for rootless containers</issue>
  <issue id="2024-9341" tracker="cve"/>
  <issue id="2024-9407" tracker="cve"/>
  <issue id="2024-9675" tracker="cve"/>
  <issue id="2024-9676" tracker="cve"/>
</patchinfo>
openSUSE Build Service is sponsored by
Places