ELSA-2024-9102

ELSA-2024-9102 - podman security update

Type:SECURITY
Severity:MODERATE
Release Date:2024-11-14

Description


[5.2.2-1.0.2]
- Bump epoch to ensure upgrade path [Orabug: 37240207]

[5.2.2-1.0.1]
- Add devices on container startup, not on creation
- overlay: Put should ignore ENINVAL for Unmount [Orabug: 36234694]
- Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117404]

[2:5.2.2-1]
- update to https://github.com/containers/podman/releases/tag/v5.2.2
- Related: RHEL-27608

[2:5.2.1-1]
- update to https://github.com/containers/podman/releases/tag/v5.2.1
- Related: RHEL-27608

[2:5.2.0-2]
- Add PODMAN_TESTING definition
- Related: RHEL-27608

[2:5.2.0-1]
- update to https://github.com/containers/podman/releases/tag/v5.2.0
- Related: RHEL-27608

[2:5.1.2-1]
- update to https://github.com/containers/podman/releases/tag/v5.1.2
- Related: RHEL-27608

[2:5.1.1-1]
- update to https://github.com/containers/podman/releases/tag/v5.1.1
- Related: RHEL-27608

[2:5.1.0-1]
- update to https://github.com/containers/podman/releases/tag/v5.1.0
- Related: RHEL-27608

[2:5.0.3-1]
- update to https://github.com/containers/podman/releases/tag/v5.0.3
- Related: RHEL-27608

[2:5.0.2-1]
- update to https://github.com/containers/podman/releases/tag/v5.0.2
- Related: RHEL-27608

[2:5.0.1-2]
- Add requires to passt
- Related: RHEL-27608

[2:5.0.1-1]
- update to https://github.com/containers/podman/releases/tag/v5.0.1
- Related: RHEL-27608

[2:5.0.0-3]
- Add missing scripts
- Related: RHEL-27608

[2:5.0.0-2]
- update to latest content of https://github.com/containers/podman/releases/tag/5.0.0
(https://github.com/containers/podman/commit/e71ec6f1d94d2d97fb3afe08aae0d8adaf8bddf0)
- Related: RHEL-27608

[2:5.0.0-1]
- update to https://github.com/containers/podman/releases/tag/v5.0.0
- Related: RHEL-27608

[2:4.9.4-0.2]
- update to the latest content of https://github.com/containers/podman/tree/v4.9
(https://github.com/containers/podman/commit/3ae0197)
- Related: RHEL-27608

[2:4.9.4-0.1]
- update to the latest content of https://github.com/containers/podman/tree/v4.9
(https://github.com/containers/podman/commit/4b69d93)
- Related: RHEL-2112

[2:4.9.3-0.1]
- update to the latest content of https://github.com/containers/podman/tree/v4.9
(https://github.com/containers/podman/commit/b8a887c)
- Related: RHEL-2112

[2:4.9.2-1]
- update to the latest content of https://github.com/containers/podman/tree/v4.9
(https://github.com/containers/podman/commit/4c14019)
- Related: RHEL-2112

[2:4.9.1-1]
- switch to v4.9.1-rhel branch
- update dnsname to the latest commit
- Related: Jira:RHEL-2112

[2:4.9.0-1]
- update to https://github.com/containers/podman/releases/tag/v4.9.0
- Related: RHEL-2112

[2:4.8.3-1]
- update to https://github.com/containers/podman/releases/tag/v4.8.3
- Related: RHEL-2112

[2:4.8.2-1]
- update to https://github.com/containers/podman/releases/tag/v4.8.2
- Related: RHEL-2112

[2:4.8.1-1]
- update to latest content of https://github.com/containers/podman/releases/tag/4.8.1
- Related: Jira:RHEL-2112

[2:4.7.2-3]
- Rebuild for following CVEs:
CVE-2023-39318 CVE-2023-39319 CVE-2023-39321 CVE-2023-39322
- Related: Jira:RHEL-2785

[2:4.7.2-2]
- update to latest content of https://github.com/containers/podman/releases/tag/4.7.2
(https://github.com/containers/podman/commit/750b4c3a7c31f6573350f0b3f1b787f26e0fe1e3)
- Related: Jira:RHEL-2112

[2:4.7.2-1]
- update to https://github.com/containers/podman/releases/tag/v4.7.2
- remove gvisor from podman and depend on external one
- Related: Jira:RHEL-2112

[2:4.6.1-6]
- update to the latest content of https://github.com/containers/podman/tree/v4.6.1-rhel
(https://github.com/containers/podman/commit/68e7ae0)
- Related: Jira:RHEL-2112

[2:4.6.1-5]
- update to the latest content of https://github.com/containers/podman/tree/v4.6.1-rhel
(https://github.com/containers/podman/commit/ea33dce)
- Related: #2176063

[2:4.6.1-4]
- amend podmansh provides
- Related: #2176063

[2:4.6.1-3]
- update to the latest content of https://github.com/containers/podman/tree/v4.6.1-rhel
(https://github.com/containers/podman/commit/8bb0204)
- Related: #2176063

[2:4.6.1-2]
- update to the latest content of https://github.com/containers/podman/tree/v4.6.1-rhel
(https://github.com/containers/podman/commit/1b2fadd)
- Resolves: #2232127

[2:4.6.1-1]
- update to latest content of https://github.com/containers/podman/releases/tag/4.6.1
- Related: #2176063

[2:4.6.0-3]
- build podman 4.6.0 off main branch for early testing of zstd compression
- Related: #2176063

[2:4.6.0-2]
- update license token to be SPDX compatible
- Related: #2176063

[2:4.6.0-1]
- update to latest content of https://github.com/containers/podman/releases/tag/4.6.0
(https://github.com/containers/podman/commit/38e6fab9664c6e59b66e73523b307a56130316ae)

[2:4.6.0-0.3]
- rebuild with the new bats
- Related: #2176063

[2:4.6.0-0.2]
- update to 4.6.0-rc2
- Related: #2176063

[2:4.6.0-0.1]
- update to 4.6.0-rc1
- Related: #2176063

[2:4.5.1-5]
- rebuild for following CVEs:
CVE-2023-25173 CVE-2022-41724 CVE-2022-41725 CVE-2023-24537 CVE-2023-24538 CVE-2023-24534 CVE-2023-24536 CVE-2022-41723 CVE-2023-24539 CVE-2023-24540 CVE-2023-29400
- Resolves: #2175071
- Resolves: #2179950
- Resolves: #2187318
- Resolves: #2187366
- Resolves: #2203681
- Resolves: #2207512

[2:4.5.1-4]
- update to https://github.com/containers/gvisor-tap-vsock/releases/tag/v0.6.1
- Related: #2176063

[2:4.5.1-3]
- rebuild for following CVEs:
CVE-2023-25173 CVE-2022-41724 CVE-2022-41725 CVE-2023-24537 CVE-2023-24538 CVE-2023-24534 CVE-2023-24536 CVE-2022-41723 CVE-2023-24539 CVE-2023-24540 CVE-2023-29400
- Resolves: #2175074
- Resolves: #2179966
- Resolves: #2187322
- Resolves: #2187383
- Resolves: #2203702
- Resolves: #2207522

[2:4.5.1-2]
- rebuild
- Resolves: #2177611

[2:4.5.1-1]
- update to https://github.com/containers/podman/releases/tag/v4.5.1
- Related: #2176063

[2:4.5.0-1]
- update to 4.5.0
- Related: #2176063

[2:4.4.1-10]
- build and add missing docker man pages
- Resolves: #2187187

[2:4.4.1-9]
- update to the latest content of https://github.com/containers/podman/tree/v4.4.1-rhel
(https://github.com/containers/podman/commit/fd0ea3b)
- Resolves: #2173089

[2:4.4.1-8]
- update to the latest content of https://github.com/containers/podman/tree/v4.4.1-rhel
(https://github.com/containers/podman/commit/05037d3)
- Resolves: #2178263

[2:4.4.1-7]
- update to the latest content of https://github.com/containers/podman/tree/v4.4.1-rhel
(https://github.com/containers/podman/commit/67f7e1e)
- Related: #2176063

[2:4.4.1-6]
- update to the latest content of https://github.com/containers/podman/tree/v4.4.1-rhel
(https://github.com/containers/podman/commit/4461c9c)
- Related: #2176063

[2:4.4.1-5]
- update to the latest content of https://github.com/containers/podman/tree/v4.4.1-rhel
(https://github.com/containers/podman/commit/bf400bd)
- Related: #2176063

[2:4.4.1-4]
- update to the latest content of https://github.com/containers/podman/tree/v4.4.1-rhel
(https://github.com/containers/podman/commit/ffc2614)
- Resolves: #2179450

[2:4.4.1-3]
- update to the latest content of https://github.com/containers/podman/tree/v4.4.1-rhel
(https://github.com/containers/podman/commit/e1703bb)
- Related: #2124478

[2:4.4.1-2]
- update to the latest content of https://github.com/containers/podman/tree/v4.4.1-rhel
(https://github.com/containers/podman/commit/0b38633)
- Related: #2124478

[2:4.4.1-1]
- update to the latest content of https://github.com/containers/podman/tree/v4.4.1-rhel
(https://github.com/containers/podman/commit/d4e285a)
- Related: #2124478

[2:4.4.1-0.1]
- update to the latest content of https://github.com/containers/podman/tree/v4.4
(https://github.com/containers/podman/commit/f5670f0)
- Related: #2124478

[2:4.4.0-1]
- update to podman-4.4 release
- Related: #2124478

[2:4.4.0-0.10]
- update to the latest content of https://github.com/containers/podman/tree/main
(https://github.com/containers/podman/commit/68bbdc2)
- Related: #2124478

[2:4.4.0-0.9]
- update to the latest content of https://github.com/containers/podman/tree/main
(https://github.com/containers/podman/commit/323b515)
- Related: #2124478

[2:4.4.0-0.8]
- update to the latest content of https://github.com/containers/podman/tree/main
(https://github.com/containers/podman/commit/c35e74f)
- Related: #2124478

[2:4.4.0-0.7]
- update to the latest content of https://github.com/containers/podman/tree/main
(https://github.com/containers/podman/commit/ce504bb)
- Related: #2124478

[2:4.4.0-0.6]
- add quadlet to tests
- Related: #2124478

[2:4.4.0-0.5]
- obsolete podman-catatonit in order to not to file conflict with catatonit
- Related: #2124478

[2:4.4.0-0.4]
- build v4.4.0-rc2
- Related: #2124478

[2:4.4.0-0.3]
- remove podman-machine-cni, it is now part of podman 4.0 or newer
- Related: #2124478

[2:4.4.0-0.2]
- update to the latest content of https://github.com/containers/podman/tree/main
(https://github.com/containers/podman/commit/07ba51d)
- update gvisor-tap-vsock to 0.5.0
- Related: #2124478

[2:4.4.0-0.1]
- podman-4.4.0-rc1
- update to the latest content of https://github.com/containers/podman/tree/main
(https://github.com/containers/podman/commit/f1af5b3)
- Related: #2124478

[2:4.3.1-4]
- podman shouldn't provide and file conflict with catatonit in CRB
- Resolves: #2151322

[2:4.3.1-3]
- fix 'podman manifest add' is not concurrent safe
- Resolves: #2105173

[2:4.3.1-2]
- properly obsolete catatonit
- Resolves: #2123319

[2:4.3.1-1]
- update to https://github.com/containers/podman/releases/tag/v4.3.1
- Related: #2124478

[2:4.3.0-2]
- rebuild to fix CVE-2022-30629
- Related: #2102994


Related CVEs


CVE-2024-24791
CVE-2024-24789
CVE-2022-4122
CVE-2024-3727

Updated Packages


Release/ArchitectureFilenameMD5sumSuperseded By AdvisoryChannel Label
Oracle Linux 9 (aarch64) podman-5.2.2-1.0.2.el9.src.rpm304207f43e9eef1b501cfc795cac74ad-ol9_aarch64_appstream
podman-5.2.2-1.0.2.el9.aarch64.rpm138140911cf3e705decd9d002692b74f-ol9_aarch64_appstream
podman-docker-5.2.2-1.0.2.el9.noarch.rpm274f5b78396a044a6471cb85d1fd4c12-ol9_aarch64_appstream
podman-plugins-5.2.2-1.0.2.el9.aarch64.rpmc254c152878a7f0650fbcb14a7582558-ol9_aarch64_appstream
podman-remote-5.2.2-1.0.2.el9.aarch64.rpm7f0a392a3528ea392d6afb1a05cc5f51-ol9_aarch64_appstream
podman-tests-5.2.2-1.0.2.el9.aarch64.rpm75db79cc7d5cc8b793fd31d831bb0d20-ol9_aarch64_appstream
Oracle Linux 9 (x86_64) podman-5.2.2-1.0.2.el9.src.rpm304207f43e9eef1b501cfc795cac74ad-ol9_x86_64_appstream
podman-5.2.2-1.0.2.el9.x86_64.rpm89f1ab94763aa7ebbc22ea6dbdd1f061-ol9_x86_64_appstream
podman-docker-5.2.2-1.0.2.el9.noarch.rpm274f5b78396a044a6471cb85d1fd4c12-ol9_x86_64_appstream
podman-plugins-5.2.2-1.0.2.el9.x86_64.rpm472ec88a5ee14861e79b03fc9f822249-ol9_x86_64_appstream
podman-remote-5.2.2-1.0.2.el9.x86_64.rpm1a0aefd5068dd0536c5d453c26efad1d-ol9_x86_64_appstream
podman-tests-5.2.2-1.0.2.el9.x86_64.rpmae74d6456c715407b4637c30382e3527-ol9_x86_64_appstream


This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections:

software.hardware.complete