ALSA-2024:8563

[ALSA-2024:8563] Important: buildah security update

Type:

security

Severity:

important

Release date:

2024-10-29

Description:

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images.   

Security Fix(es):  

  * buildah: Buildah allows arbitrary directory mount (CVE-2024-9675)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	buildah-1.33.10-1.el9_4.aarch64.rpm	31a535cb73e8c93df6841d0ac116f055fd303de21194fe113143d6f731d34e73
aarch64	buildah-tests-1.33.10-1.el9_4.aarch64.rpm	c0e4b35fe7d21a46b9f69403255eed94b540c0e27ab2780ba052d299abd5f5e4
ppc64le	buildah-1.33.10-1.el9_4.ppc64le.rpm	3cb136e656ac793f7296ac69177ee09c6abb2f3dc344a4940f68891a85cf2f6e
ppc64le	buildah-tests-1.33.10-1.el9_4.ppc64le.rpm	85add3488072ecaeaeb94117aaa84204e0a97ff855a2f69fead4f97cdf83e2aa
s390x	buildah-1.33.10-1.el9_4.s390x.rpm	a12a63923f5741a104017eea6c596a788514afa0ce018de98348a3850dfdb57b
s390x	buildah-tests-1.33.10-1.el9_4.s390x.rpm	b77c4c0187a9a8992df1ae96295962ee2c95471462b1d503f2d175fbc71f5db5
x86_64	buildah-tests-1.33.10-1.el9_4.x86_64.rpm	07a983fab6cf384d6cf758282cde617df7a08fb4e91f97f3cce6069ea9183821
x86_64	buildah-1.33.10-1.el9_4.x86_64.rpm	ace934089e69512c57028ebc1883b48458438e64db560b02d36b71192cb0438f

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.