ALSA-2024:1150

[ALSA-2024:1150] Moderate: buildah security update

Type:

security

Severity:

moderate

Release date:

2024-03-06

Description:

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. 

Security Fix(es):

* ssh: Prefix truncation attack on Binary Packet Protocol (BPP) (CVE-2023-48795)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	buildah-1.31.4-1.el9_3.aarch64.rpm	74aac642565474dc67f8a26a74eb8c1a3d49885e9ce60a8d01e3fd646ab7e946
aarch64	buildah-tests-1.31.4-1.el9_3.aarch64.rpm	c78be9cae213d48238a96fd97cb9ceccd143630176d1d83c8dcae0151379c0cb
ppc64le	buildah-tests-1.31.4-1.el9_3.ppc64le.rpm	709976884489a1af6fee96fa00e87cf3a1be2a830878cf22b8a63b08fd1f90e4
ppc64le	buildah-1.31.4-1.el9_3.ppc64le.rpm	af724a24118dafa7591b2a6d00807b916d36e4cc9eb2e35655c6ed14f948de4c
s390x	buildah-tests-1.31.4-1.el9_3.s390x.rpm	daf1fd6c65e2993badc41e8479bf4651a1ecf9d4941e3b69f88fb64cc5949a3b
s390x	buildah-1.31.4-1.el9_3.s390x.rpm	fcdf0cc3333a471a26bce6ab82d0d05d98675d33ed544e43b16943adea52534a
x86_64	buildah-1.31.4-1.el9_3.x86_64.rpm	8138e37ba2df0ddd806fe258d88f21e64430c45ef95ba28032c6a5f46cc79802
x86_64	buildah-tests-1.31.4-1.el9_3.x86_64.rpm	e8ee9e8adb796098a356d4399ec21f6d4fb80de552b3012aefcad06ff973912c

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.