[ELSA-2024-2245] buildah security update
[1.33.6-2.0.1]
- Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117178]
[2:1.33.6-2]
- update tags for systemd libsubid
- Resolves: RHEL-26594
[2:1.33.6-1]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.33
(https://github.com/containers/buildah/commit/f843563)
- Related: RHEL-2112
[2:1.33.5-1]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.33
(https://github.com/containers/buildah/commit/70b792d)
- Related: RHEL-2112
[2:1.33.4-1]
- revert back to 1.33.4
- Related: Jira:RHEL-2112
[1:1.34.0-1]
- update to https://github.com/containers/buildah/releases/tag/v1.34.0
- Related: RHEL-2112
[1:1.33.2-1]
- Bump to v1.33.2
- Related: Jira:RHEL-2112
[1:1.33.1-3]
- Rebuild for CVEs:
CVE-2023-39318 CVE-2023-39319 CVE-2023-39321 CVE-2023-39322
- Related: Jira:RHEL-2779
[1:1.33.1-2]
- Fix gating issues in tests/tests.yml
- Related: RHEL-2112
[1:1.33.1-1]
- update to https://github.com/containers/buildah/releases/tag/v1.33.1
- Related: RHEL-2112
[1:1.32.2-1]
- update to https://github.com/containers/buildah/releases/tag/v1.32.2
- Related: RHEL-2112
[1:1.32.1-1]
- update to https://github.com/containers/buildah/releases/tag/v1.32.1
- Related: RHEL-2112
[1:1.32.0-1]
- update to https://github.com/containers/buildah/releases/tag/v1.32.0
- Related: Jira:RHEL-2112
[1:1.31.3-1]
- update to https://github.com/containers/buildah/releases/tag/v1.31.3
- Related: #2176063
[1:1.31.2-1]
- update to https://github.com/containers/buildah/releases/tag/v1.31.2
- Related: #2176063
[1:1.31.1-2]
- build buildah off main branch for early testing of zstd compression
- Related: #2176063
[1:1.31.1-1]
- update to https://github.com/containers/buildah/releases/tag/v1.31.1
- Related: #2176063
[1:1.31.0-1]
- update to https://github.com/containers/buildah/releases/tag/v1.31.0
- Related: #2176063
[1:1.30.0-2]
- rebuild for following CVEs:
CVE-2023-25173 CVE-2022-41724 CVE-2022-41725 CVE-2023-24538 CVE-2023-24534 CVE-2023-24536 CVE-2022-41723 CVE-2023-24539 CVE-2023-24540 CVE-2023-29400
- Resolves: #2175073
- Resolves: #2179958
- Resolves: #2187332
- Resolves: #2187375
- Resolves: #2203696
- Resolves: #2207518
[1:1.30.0-1]
- update to 1.30.0
- Related: #2176063
[1:1.29.1-2]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.29
(https://github.com/containers/buildah/commit/f07d2c9)
- Resolves: #2178263
[1:1.29.1-1]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.29
(https://github.com/containers/buildah/commit/7fa17a8)
- Related: #2124478
[1:1.29.0-3]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.29
(https://github.com/containers/buildah/commit/c822cc6)
- Related: #2124478
[1:1.29.0-2]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.29
(https://github.com/containers/buildah/commit/94b723c)
- Related: #2124478
[1:1.29.0-1]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.29.0
(https://github.com/containers/buildah/commit/94b723c)
- Related: #2124478
[1:1.29.0-0.4]
- update to the latest content of https://github.com/containers/buildah/tree/main
(https://github.com/containers/buildah/commit/078a7ff)
- Related: #2124478
[1:1.29.0-0.3]
- update to the latest content of https://github.com/containers/buildah/tree/main
(https://github.com/containers/buildah/commit/4b72f05)
- Related: #2124478
[1:1.29.0-0.2]
- update to the latest content of https://github.com/containers/buildah/tree/main
(https://github.com/containers/buildah/commit/c541c35)
- Related: #2124478
[1:1.29.0-0.1]
- update to the latest content of https://github.com/containers/buildah/tree/main
(https://github.com/containers/buildah/commit/8ca903b)
- Related: #2124478
[1:1.28.2-3]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.28
(https://github.com/containers/buildah/commit/cfefbb6)
- fixes segmentation fault on s390x
- Resolves: #2150429
[1:1.28.2-2]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.28
(https://github.com/containers/buildah/commit/7e4d9dd)
- Resolves: #2151247
[1:1.28.2-1]
- update to https://github.com/containers/buildah/releases/tag/v1.28.2
- Related: #2124478
[1:1.28.0-2]
- pull in crun by default
- Resolves: #2142494
[1:1.28.0-1]
- update to https://github.com/containers/buildah/releases/tag/v1.28.0
- Related: #2124478
[1:1.27.0-2]
- fix CVE-2022-2990
- Related: #2061316
[1:1.27.0-1]
- update to https://github.com/containers/buildah/releases/tag/v1.27.0
- Related: #2061316
[1:1.26.4-2]
- add buildah-tutorial to test subpackage
- Related: #2061316
[1:1.26.4-1]
- update to https://github.com/containers/buildah/releases/tag/v1.26.4
- Related: #2061316
[1:1.26.3-1]
- update to https://github.com/containers/buildah/releases/tag/v1.26.3
- Related: #2061316
[1:1.26.2-1]
- update to https://github.com/containers/buildah/releases/tag/v1.26.2
- Related: #2061316
[1:1.26.1-4]
- Re-enable LTO and debuginfo
- Related: #2061316
[1:1.26.1-3]
- BuildRequires: /usr/bin/go-md2man
- Related: #2061316
[1:1.26.1-2]
- Add missing container networking dependencies (thanks to Neal Gompa)
- Related: #2061316
[1:1.26.1-1]
- update to https://github.com/containers/buildah/releases/tag/v1.26.1
- Related: #2061316
Package | Affected Version |
---|---|
pkg:rpm/oraclelinux/buildah?distro=oraclelinux-9 | < 1.33.6-2.0.1.el9 |
pkg:rpm/oraclelinux/buildah-tests?distro=oraclelinux-9 | < 1.33.6-2.0.1.el9 |
- ID
- ELSA-2024-2245
- Severity
- moderate
- URL
- https://linux.oracle.com/errata/ELSA-2024-2245.html
- Published
-
2024-05-03T00:00:00
(4 months ago) - Modified
-
2024-05-03T00:00:00
(4 months ago) - Rights
- Copyright 2024 Oracle, Inc.
- Other Advisories
-
- ALAS-2024-1903
- ALAS-2024-1920
- ALAS2-2024-2388
- ALAS2-2024-2424
- ALAS2-2024-2446
- ALAS2-2024-2458
- ALAS2-2024-2543
- ALAS2-2024-2556
- ALAS2-2024-2618
- ALPINE:CVE-2023-39326
- ALSA-2024:0748
- ALSA-2024:0887
- ALSA-2024:1131
- ALSA-2024:1149
- ALSA-2024:2160
- ALSA-2024:2180
- ALSA-2024:2193
- ALSA-2024:2239
- ALSA-2024:2245
- ALSA-2024:2272
- ELSA-2024-0748
- ELSA-2024-0887
- ELSA-2024-1131
- ELSA-2024-1149
- ELSA-2024-12189
- ELSA-2024-12190
- ELSA-2024-12191
- ELSA-2024-12225
- ELSA-2024-12226
- ELSA-2024-12261
- ELSA-2024-12262
- ELSA-2024-12263
- ELSA-2024-12264
- ELSA-2024-2180
- ELSA-2024-2193
- ELSA-2024-2239
- ELSA-2024-2272
- ELSA-2024-2988
- FEDORA-2024-193547def8
- GLSA-202408-07
- GO-2023-2375
- GO-2023-2382
- RHSA-2024:0748
- RHSA-2024:0887
- RHSA-2024:1131
- RHSA-2024:1149
- RHSA-2024:1244
- RHSA-2024:2160
- RHSA-2024:2180
- RHSA-2024:2193
- RHSA-2024:2239
- RHSA-2024:2245
- RHSA-2024:2272
- RHSA-2024:2988
- SUSE-SU-2023:4708-1
- SUSE-SU-2023:4709-1
- SUSE-SU-2023:4930-1
- SUSE-SU-2023:4931-1
- USN-6574-1
Source | # ID | Name | URL |
---|---|---|---|
elsa | ELSA-2024-2245 | https://linux.oracle.com/errata/ELSA-2024-2245.html | |
CVE | CVE-2023-45287 | https://linux.oracle.com/cve/CVE-2023-45287.html | |
CVE | CVE-2023-39326 | https://linux.oracle.com/cve/CVE-2023-39326.html |
Type | Package URL | Namespace | Name / Product | Version | Distribution / Platform | Arch | Patch / Fix |
---|---|---|---|---|---|---|---|
Affected | pkg:rpm/oraclelinux/buildah?distro=oraclelinux-9 | oraclelinux | buildah | < 1.33.6-2.0.1.el9 | oraclelinux-9 | ||
Affected | pkg:rpm/oraclelinux/buildah-tests?distro=oraclelinux-9 | oraclelinux | buildah-tests | < 1.33.6-2.0.1.el9 | oraclelinux-9 |
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | Exploits | PoC | Pubblication Date | Modification Date |
---|---|---|---|---|---|---|---|---|---|---|---|
# CVE | Description | CVSS | EPSS | EPSS Trend (30 days) | Affected Products | Weaknesses | Security Advisories | PoC | Pubblication Date | Modification Date |