ALSA-2024:9051

[ALSA-2024:9051] Important: podman security update

Type:

security

Severity:

important

Release date:

2024-11-11

Description:

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.  

Security Fix(es):  

  * Buildah: Podman: Improper Input Validation in bind-propagation Option of Dockerfile RUN --mount Instruction (CVE-2024-9407)
  * buildah: Buildah allows arbitrary directory mount (CVE-2024-9675)
  * Podman: Buildah: CRI-O: symlink traversal vulnerability in the containers/storage library can cause Denial of Service (DoS) (CVE-2024-9676)


For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	podman-plugins-4.9.4-16.el9_4.aarch64.rpm	2a050ae86df5c4a5da6440bb725082794dfad95adbe5a9439c8aba76c4e31395
aarch64	podman-tests-4.9.4-16.el9_4.aarch64.rpm	4b98e4681581e441caebfe7968c742452efbd395aedd735c1d985d84584352ae
aarch64	podman-remote-4.9.4-16.el9_4.aarch64.rpm	9c67dffd76c4bf7e035ecb3875c7fb3f0e7303fcafb5de4aed52ee552005d5b8
aarch64	podman-4.9.4-16.el9_4.aarch64.rpm	a471d11247e105129e9101bd61d7735fa25e7d05d503a2d83c54095bc6600604
noarch	podman-docker-4.9.4-16.el9_4.noarch.rpm	cd443bee4356a06d153ed758b873dc9841cf680477297951706ae1557bd1a9bd
ppc64le	podman-tests-4.9.4-16.el9_4.ppc64le.rpm	4e394cb95649c7c10ae7776380b43a9464174ca22cbc2f0f41f41bb37657befc
ppc64le	podman-4.9.4-16.el9_4.ppc64le.rpm	62a2afc44872521b7b74c9a85540dd600789544e7b9f6249256ae10acd035fbd
ppc64le	podman-plugins-4.9.4-16.el9_4.ppc64le.rpm	c0ce42fe3563291ad1efb97c64dabdaf0a2fe5bf5684a476d52b4fcfdab75523
ppc64le	podman-remote-4.9.4-16.el9_4.ppc64le.rpm	ea674bd5927f47948ddea6ff4adb9e6decc2e8ffc01168f8ddc0d590ac8b5998
s390x	podman-plugins-4.9.4-16.el9_4.s390x.rpm	34bd3b7fa0aad185028b5b8f8588a570fce893c5f3be8863684220d58de681b6
s390x	podman-tests-4.9.4-16.el9_4.s390x.rpm	873ad89948902fb2bdd4feda05895028d4377e3a421bbb3af78bbef3f8ddeac6
s390x	podman-4.9.4-16.el9_4.s390x.rpm	ab3f797451eec4cb8722badc0c7ed19d139cf71381163d5127dbab0aaf2aa08d
s390x	podman-remote-4.9.4-16.el9_4.s390x.rpm	b382c675c7f3f49bcfc584b31721624147e7bc14e3320d8dd6151ab078828a8a
x86_64	podman-4.9.4-16.el9_4.x86_64.rpm	74d256274e6949415da5b4e3053c076ca02eaaee0c8b8f3decefb90a820b7514
x86_64	podman-plugins-4.9.4-16.el9_4.x86_64.rpm	97b02f669ae280fc44c9cd443cb63314c349e4810ae5c6a8134cc3e8cba779ed
x86_64	podman-remote-4.9.4-16.el9_4.x86_64.rpm	9e07b24cf1f4ae0c2bff6f0b67c5c8e3aac4c64aafe7c6895bfe3e7b34f92085
x86_64	podman-tests-4.9.4-16.el9_4.x86_64.rpm	d4992a1d3ba7e7066d5d7a09e29f5a823d49fc843d2a306e224954e369b82a2e

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.