ELSA-2026-19032

ELSA-2026-19032 - buildah security update

Type:SECURITY
Impact:IMPORTANT
Release Date:2026-07-08

Description


[1.43.1-1.0.1]
- Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117178]

[2:1.43.1-1]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.43
(https://github.com/containers/buildah/commit/c6eb14c)
- fixes 'Buildah concurrent bearer token requests [RHEL 10.2] [0day]'
- Resolves: RHEL-164030

[2:1.43.0-3]
- Switch from GnuPG to Sequoia for container image signature verification
- Enable containers_image_sequoia build tag and add podman-sequoia dependency
- Resolves: RHEL-56366

[2:1.43.0-2]
- Rebuild for new golang to address CVE-2025-68121
- Resolves: RHEL-149240

[2:1.43.0-1]
- update to https://github.com/containers/buildah/releases/tag/v1.43.0
- Related: RHEL-122178


Related CVEs


CVE-2026-25679

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 10 (aarch64) buildah-1.43.1-1.0.1.el10_2.src.rpm145a21256fdb230d046b54f03066847a87776181bd024594987ce4dce4c8f694-ol10_aarch64_appstream
buildah-1.43.1-1.0.1.el10_2.aarch64.rpmfd2bd04394f6ee0e7d8926c7375b1664c34e70901b368b528e33361ce45971ff-ol10_aarch64_appstream
buildah-tests-1.43.1-1.0.1.el10_2.aarch64.rpm9091ccbddb1031ec71d6c428cb056f15caebfe1299f005bae7c4bac23a196efa-ol10_aarch64_appstream
Oracle Linux 10 (x86_64) buildah-1.43.1-1.0.1.el10_2.src.rpm145a21256fdb230d046b54f03066847a87776181bd024594987ce4dce4c8f694-ol10_x86_64_appstream
buildah-1.43.1-1.0.1.el10_2.x86_64.rpm67602ea7d3c98672015be281df18df77afb9ac9fdd37eaf9dd4c7b496b61dcfc-ol10_x86_64_appstream
buildah-tests-1.43.1-1.0.1.el10_2.x86_64.rpmaf6c5cbae64b50790131dcfd2e60fe31636fc207ae64bd783cf0dd45d0d42c25-ol10_x86_64_appstream



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete