[ALSA-2024:3827] Moderate: buildah security and bug fix update
Type:
security
Severity:
moderate
Release date:
2024-06-13
Description:
The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. Security Fix(es): * golang: net/http: memory exhaustion in Request.ParseMultipartForm (CVE-2023-45290) * jose-go: improper handling of highly compressed data (CVE-2024-28180) * buildah: jose: resource exhaustion (CVE-2024-28176)
References:
Updated packages listed below:
Architecture Package Checksum
aarch64 buildah-tests-1.33.7-2.el9_4.aarch64.rpm 31a76b1917e4e824051b3d2c0affa8c44b462001c4c77fd381190c49dd77d3d6
aarch64 buildah-1.33.7-2.el9_4.aarch64.rpm 6c1bf624c54bc0d9c8362dd969180f4bfc6505460629e5baa12358bfd613c005
ppc64le buildah-tests-1.33.7-2.el9_4.ppc64le.rpm 23f1f88c26c6fc2e22626651e1a47dcf70621e61de43916b9d8da4444df0dd0c
ppc64le buildah-1.33.7-2.el9_4.ppc64le.rpm dd9f0b9b552948cc31e226211814a6e837cfc174bd85ddc6de8f978aed7309b8
s390x buildah-1.33.7-2.el9_4.s390x.rpm 226218bce35d72cfff16498172f56d77314152168a0396e2564686af324c366e
s390x buildah-tests-1.33.7-2.el9_4.s390x.rpm c003f4af4a5369894cd6c12f15df77e4c35f12ab84ec223457b04f5863e05d32
x86_64 buildah-tests-1.33.7-2.el9_4.x86_64.rpm 14ae4a7ba048f6e1f5c6342872e1693932692582c36c39dbd323b32f2a93662d
x86_64 buildah-1.33.7-2.el9_4.x86_64.rpm 9463328ca397f88e4cef2e39c24628f953e14aeed754cd6b2f748cf5660dac28
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.