ELSA-2024-9097

ELSA-2024-9097 - buildah security update

Type:SECURITY
Impact:MODERATE
Release Date:2024-11-14

Description


[1.37.2-1.0.1]
- Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117178]

[2:1.37.2-1]
- update to https://github.com/containers/buildah/releases/tag/v1.37.2
- Related: RHEL-27608

[2:1.37.1-1]
- update to https://github.com/containers/buildah/releases/tag/v1.37.1
- Related: RHEL-27608

[2:1.37.0-1]
- update to https://github.com/containers/buildah/releases/tag/v1.37.0
- Resolves: RHEL-47164 RHEL-40808

[2:1.36.0-1]
- update to https://github.com/containers/buildah/releases/tag/v1.36.0
- Related: RHEL-27608

[2:1.35.2-1]
- update to https://github.com/containers/buildah/releases/tag/v1.35.2
- Related: RHEL-27608

[2:1.35.1-1]
- update to https://github.com/containers/buildah/releases/tag/v1.35.1
- Related: RHEL-27608

[2:1.35.0-1]
- update to https://github.com/containers/buildah/releases/tag/v1.35.0
- Resolves: RHEL-29278

[2:1.33.6-2]
- update tags for systemd libsubid
- Resolves: RHEL-26594

[2:1.33.6-1]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.33
(https://github.com/containers/buildah/commit/f843563)
- Related: RHEL-2112

[2:1.33.5-1]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.33
(https://github.com/containers/buildah/commit/70b792d)
- Related: RHEL-2112

[2:1.33.4-1]
- revert back to 1.33.4
- Related: Jira:RHEL-2112

[1:1.34.0-1]
- update to https://github.com/containers/buildah/releases/tag/v1.34.0
- Related: RHEL-2112

[1:1.33.2-1]
- Bump to v1.33.2
- Related: Jira:RHEL-2112

[1:1.33.1-3]
- Rebuild for CVEs:
CVE-2023-39318 CVE-2023-39319 CVE-2023-39321 CVE-2023-39322
- Related: Jira:RHEL-2779

[1:1.33.1-2]
- Fix gating issues in tests/tests.yml
- Related: RHEL-2112

[1:1.33.1-1]
- update to https://github.com/containers/buildah/releases/tag/v1.33.1
- Related: RHEL-2112

[1:1.32.2-1]
- update to https://github.com/containers/buildah/releases/tag/v1.32.2
- Related: RHEL-2112

[1:1.32.1-1]
- update to https://github.com/containers/buildah/releases/tag/v1.32.1
- Related: RHEL-2112

[1:1.32.0-1]
- update to https://github.com/containers/buildah/releases/tag/v1.32.0
- Related: Jira:RHEL-2112

[1:1.31.3-1]
- update to https://github.com/containers/buildah/releases/tag/v1.31.3
- Related: #2176063

[1:1.31.2-1]
- update to https://github.com/containers/buildah/releases/tag/v1.31.2
- Related: #2176063

[1:1.31.1-2]
- build buildah off main branch for early testing of zstd compression
- Related: #2176063

[1:1.31.1-1]
- update to https://github.com/containers/buildah/releases/tag/v1.31.1
- Related: #2176063

[1:1.31.0-1]
- update to https://github.com/containers/buildah/releases/tag/v1.31.0
- Related: #2176063

[1:1.30.0-2]
- rebuild for following CVEs:
CVE-2023-25173 CVE-2022-41724 CVE-2022-41725 CVE-2023-24538 CVE-2023-24534 CVE-2023-24536 CVE-2022-41723 CVE-2023-24539 CVE-2023-24540 CVE-2023-29400
- Resolves: #2175073
- Resolves: #2179958
- Resolves: #2187332
- Resolves: #2187375
- Resolves: #2203696
- Resolves: #2207518

[1:1.30.0-1]
- update to 1.30.0
- Related: #2176063

[1:1.29.1-2]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.29
(https://github.com/containers/buildah/commit/f07d2c9)
- Resolves: #2178263

[1:1.29.1-1]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.29
(https://github.com/containers/buildah/commit/7fa17a8)
- Related: #2124478

[1:1.29.0-3]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.29
(https://github.com/containers/buildah/commit/c822cc6)
- Related: #2124478

[1:1.29.0-2]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.29
(https://github.com/containers/buildah/commit/94b723c)
- Related: #2124478

[1:1.29.0-1]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.29.0
(https://github.com/containers/buildah/commit/94b723c)
- Related: #2124478

[1:1.29.0-0.4]
- update to the latest content of https://github.com/containers/buildah/tree/main
(https://github.com/containers/buildah/commit/078a7ff)
- Related: #2124478

[1:1.29.0-0.3]
- update to the latest content of https://github.com/containers/buildah/tree/main
(https://github.com/containers/buildah/commit/4b72f05)
- Related: #2124478

[1:1.29.0-0.2]
- update to the latest content of https://github.com/containers/buildah/tree/main
(https://github.com/containers/buildah/commit/c541c35)
- Related: #2124478

[1:1.29.0-0.1]
- update to the latest content of https://github.com/containers/buildah/tree/main
(https://github.com/containers/buildah/commit/8ca903b)
- Related: #2124478

[1:1.28.2-3]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.28
(https://github.com/containers/buildah/commit/cfefbb6)
- fixes segmentation fault on s390x
- Resolves: #2150429

[1:1.28.2-2]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.28
(https://github.com/containers/buildah/commit/7e4d9dd)
- Resolves: #2151247

[1:1.28.2-1]
- update to https://github.com/containers/buildah/releases/tag/v1.28.2
- Related: #2124478

[1:1.28.0-2]
- pull in crun by default
- Resolves: #2142494

[1:1.28.0-1]
- update to https://github.com/containers/buildah/releases/tag/v1.28.0
- Related: #2124478


Related CVEs


CVE-2024-24791
CVE-2024-3727

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 9 (aarch64) buildah-1.37.2-1.0.1.el9.src.rpm7d433d664d449901d136c10992576a0c1ceb587d61179f128040fe9d734e9c03-ol9_aarch64_appstream
buildah-1.37.2-1.0.1.el9.aarch64.rpmfe718249674fdb1988a4cffdbb349313cb1daf2653c7da641c74f0df77bd2790-ol9_aarch64_appstream
buildah-tests-1.37.2-1.0.1.el9.aarch64.rpm42be58abdf4e94778176de01667edce55e0b53bc8468f83cd8dc7f0e89e94247-ol9_aarch64_appstream
Oracle Linux 9 (x86_64) buildah-1.37.2-1.0.1.el9.src.rpm7d433d664d449901d136c10992576a0c1ceb587d61179f128040fe9d734e9c03-ol9_x86_64_appstream
buildah-1.37.2-1.0.1.el9.x86_64.rpm73c68ada09f325cecb12609a0dd8891f015cafbaa9e8f87b92b3f20290e725b2-ol9_x86_64_appstream
buildah-tests-1.37.2-1.0.1.el9.x86_64.rpmc972b91e9405913c6808d36a30113a3d55f8662c44b9a5356b9f54c04343c3e5-ol9_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete