[ALSA-2026:38493] Important: buildah security update
Type:
security
Severity:
important
Release date:
2026-07-14
Description:
The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images. Security Fix(es): * os: golang: Go os.Root: Symlink following vulnerability allows directory traversal (CVE-2026-39822) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages listed below:
Architecture Package Checksum
aarch64 buildah-tests-1.43.1-4.el9_8.aarch64.rpm 0d7ebf1e21c93029d17b83466d1b97eb990bbac1b3a347eda041121ea4b5974c
aarch64 buildah-1.43.1-4.el9_8.aarch64.rpm 8b0134ee1b46f8ec84617819fb4459ee2e6736af220f0d3543c904466f947faa
ppc64le buildah-tests-1.43.1-4.el9_8.ppc64le.rpm c2ba96668bb073f759f3aa29db117ae15f9068e3d3621cc25c77739b342a940d
ppc64le buildah-1.43.1-4.el9_8.ppc64le.rpm f889fbca5b45963f6e6823ab3b275b10a09e78ea299a057071e23736c9ea4ecd
s390x buildah-tests-1.43.1-4.el9_8.s390x.rpm 8076cb18f7040981cbd3c91cc1a0d4985d3af065d226a6db972f78778ce57420
s390x buildah-1.43.1-4.el9_8.s390x.rpm f4c91afe42794d70d588b0b17d7f01afaf01fc3a81b285b43b1aaebd64c743f4
x86_64 buildah-1.43.1-4.el9_8.x86_64.rpm 24beb1e2f9f083c056a593bcb2eb3231a74421c35e0903d5f337d1090b9f10db
x86_64 buildah-tests-1.43.1-4.el9_8.x86_64.rpm 9c01f812e1a31d9e12ca74ed0df21ea9c5543077e7cec077baee57c90f425652
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.