Overview

File _patchinfo of Package patchinfo.27031

<patchinfo incident="27031">
  <issue tracker="cve" id="2020-10696"/>
  <issue tracker="cve" id="2022-2990"/>
  <issue tracker="bnc" id="1202812">VUL-0: CVE-2022-2990: buildah: possible information disclosure and modification</issue>
  <issue tracker="bnc" id="1167864">VUL-0: CVE-2020-10696: buildah: crafted input tar file may lead to local file overwriting during image build process</issue>
  <packager>dancermak</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for buildah</summary>
  <description>This update for buildah fixes the following issues:

Version update to 1.28.2.

- CVE-2022-2990: Fixed a possible information disclosure and modification vulnerability (bsc#1202812).
- CVE-2020-10696: Fixed an issue with a crafted input tar file that may lead to a local file overwriting during image build process (bsc#1167864).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places