41 lines
1.8 KiB
Plaintext
41 lines
1.8 KiB
Plaintext
<patchinfo incident="21">
|
|
<!-- generated from request(s) 338195 -->
|
|
<issue tracker="bnc" id="1219563">docker v.25.0 breaks API compatibility with skopeo/buildah [ref:_00D1igLOd._500Tr4rZDT:ref]</issue>
|
|
<issue tracker="bnc" id="1224123">VUL-0: CVE-2024-3727: skopeo: containers/image: digest type does not guarantee valid type</issue>
|
|
<issue tracker="cve" id="2024-3727"/>
|
|
<issue tracker="cve" id="2024-28180"/>
|
|
<packager>dancermak</packager>
|
|
<rating>important</rating>
|
|
<category>security</category>
|
|
<summary>Security update for skopeo</summary>
|
|
<description>This update for skopeo fixes the following issues:
|
|
|
|
- Update to version 1.14.4:
|
|
* CVE-2024-3727: digest type does not guarantee valid type (bsc#1224123)
|
|
* Packit: update packit targets
|
|
* Bump gopkg.in/go-jose to v2.6.3
|
|
* Bump ocicrypt and go-jose CVE-2024-28180
|
|
* Freeze the fedora-minimal image reference at Fedora 38
|
|
* Bump c/common to v0.57.4
|
|
* Bump google.golang.org/protobuf to v1.33.0
|
|
* Bump Skopeo to v1.14.3-dev
|
|
|
|
- Update to version 1.14.2:
|
|
* Bump c/image to v5.29.2, c/common to v0.57.3 (fixes bsc#1219563)
|
|
|
|
- Update to version 1.14.1:
|
|
* fix(deps): update module github.com/containers/common to v0.57.2
|
|
* fix(deps): update module github.com/containers/image/v5 to v5.29.1
|
|
* chore(deps): update dependency containers/automation_images to v20240102
|
|
* Fix libsubid detection
|
|
* fix(deps): update module golang.org/x/term to v0.16.0
|
|
* fix(deps): update golang.org/x/exp digest to 02704c9
|
|
* chore(deps): update dependency containers/automation_images to v20231208
|
|
* [skip-ci] Update actions/stale action to v9
|
|
* fix(deps): update module github.com/containers/common to v0.57.1
|
|
* fix(deps): update golang.org/x/exp digest to 6522937
|
|
* fix(deps): update module golang.org/x/term to v0.15.0
|
|
</description>
|
|
<package>skopeo</package>
|
|
<seperate_build_arch/>
|
|
</patchinfo> |