[ALSA-2024:2055] Important: buildah security update
Type:
security
Severity:
important
Release date:
2024-04-29
Description:
The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. Security Fix(es): * buildah: full container escape at build time (CVE-2024-1753) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 buildah-1.31.5-1.el9_3.aarch64.rpm acff697f9b05d88bea569e74c3b1e7b791438d967e4972da1714fa97d4306e7f
aarch64 buildah-tests-1.31.5-1.el9_3.aarch64.rpm ad74884387641caa51108130760ce2791cd1a54a75d53bea9662c07a843eba0c
ppc64le buildah-tests-1.31.5-1.el9_3.ppc64le.rpm c9af2ce86b28dd22ad08dee480a5e7aa3e7d5507fd5e24638033680b30a12d37
ppc64le buildah-1.31.5-1.el9_3.ppc64le.rpm cdd4a684386b1f4a9d0b3e35c34ae39c2c09efdc233cf1c5fdf76adffc8b75a1
s390x buildah-1.31.5-1.el9_3.s390x.rpm 5c221f7bdd805d269ffa07d0b45ef747d2332b46723bf476377fd65d128f132b
s390x buildah-tests-1.31.5-1.el9_3.s390x.rpm e52c32e015c3816ee2e7df0685e74711eb0a48a2ada662fd4fb1fdb7f4797edd
x86_64 buildah-1.31.5-1.el9_3.x86_64.rpm c86ff17df04fe1d70e5a9d05052fb43d7672e37ddd40a6e000271b13901ff138
x86_64 buildah-tests-1.31.5-1.el9_3.x86_64.rpm ea9577bdf314026d24b51ae39f0eb66ad3d2764049e241fe0e6d225ee8557604
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.