[ELSA-2024-3826] podman security and bug fix update

Severity Moderate

Affected Packages 5

CVEs 3

[4.9.4-4.0.1]
- Improved saving remote build context to tarfile in Podman daemon [Orabug: 36495655]
- Add devices on container startup, not on creation
- Backport fast gzip for compression [Orabug: 36420418]
- overlay: Put should ignore ENINVAL for Unmount [Orabug: 36234694]
- Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117404]

[4:4.9.4-4]
- update to the latest content of https://github.com/containers/podman/tree/v4.9-rhel
(https://github.com/containers/podman/commit/4afc71a)
- Resolves: RHEL-28735

Package	Affected Version
pkg:rpm/oraclelinux/podman?distro=oraclelinux-9.4	< 4.9.4-4.0.1.el9_4
pkg:rpm/oraclelinux/podman-tests?distro=oraclelinux-9.4	< 4.9.4-4.0.1.el9_4
pkg:rpm/oraclelinux/podman-remote?distro=oraclelinux-9.4	< 4.9.4-4.0.1.el9_4
pkg:rpm/oraclelinux/podman-plugins?distro=oraclelinux-9.4	< 4.9.4-4.0.1.el9_4
pkg:rpm/oraclelinux/podman-docker?distro=oraclelinux-9.4	< 4.9.4-4.0.1.el9_4

ID

ELSA-2024-3826

Severity

moderate

URL

https://linux.oracle.com/errata/ELSA-2024-3826.html

Published

2024-06-11T00:00:00
(3 months ago)

Modified

2024-06-11T00:00:00
(3 months ago)

Rights

Other Advisories

Source	# ID	URL
elsa	ELSA-2024-3826	https://linux.oracle.com/errata/ELSA-2024-3826.html
CVE	CVE-2024-28176	https://linux.oracle.com/cve/CVE-2024-28176.html
CVE	CVE-2024-28180	https://linux.oracle.com/cve/CVE-2024-28180.html
CVE	CVE-2023-45290	https://linux.oracle.com/cve/CVE-2023-45290.html

Type	Package URL	Namespace	Name / Product	Version	Distribution / Platform
Affected	pkg:rpm/oraclelinux/podman?distro=oraclelinux-9.4	oraclelinux	podman	< 4.9.4-4.0.1.el9_4	oraclelinux-9.4
Affected	pkg:rpm/oraclelinux/podman-tests?distro=oraclelinux-9.4	oraclelinux	podman-tests	< 4.9.4-4.0.1.el9_4	oraclelinux-9.4
Affected	pkg:rpm/oraclelinux/podman-remote?distro=oraclelinux-9.4	oraclelinux	podman-remote	< 4.9.4-4.0.1.el9_4	oraclelinux-9.4
Affected	pkg:rpm/oraclelinux/podman-plugins?distro=oraclelinux-9.4	oraclelinux	podman-plugins	< 4.9.4-4.0.1.el9_4	oraclelinux-9.4
Affected	pkg:rpm/oraclelinux/podman-docker?distro=oraclelinux-9.4	oraclelinux	podman-docker	< 4.9.4-4.0.1.el9_4	oraclelinux-9.4

# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	Exploits	PoC	Pubblication Date	Modification Date
# CVE	Description	CVSS	EPSS	EPSS Trend (30 days)	Affected Products	Weaknesses	Security Advisories	PoC	Pubblication Date	Modification Date