25 lines
1.6 KiB
Plaintext
25 lines
1.6 KiB
Plaintext
<patchinfo incident="95">
|
|
<!-- generated from request(s) 349275 -->
|
|
<issue tracker="bnc" id="1231208">VUL-0: CVE-2024-9407: buildah: Buildah: Podman: Improper Input Validation in bind-propagation Option of Dockerfile RUN --mount Instruction</issue>
|
|
<issue tracker="bnc" id="1231230">VUL-0: CVE-2024-9341: buildah,podman: cri-o: FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library</issue>
|
|
<issue tracker="bnc" id="1231499">VUL-0: CVE-2024-9675: buildah,podman: buildah: cache arbitrary directory mount</issue>
|
|
<issue tracker="bnc" id="1231698">VUL-0: CVE-2024-9676: buildah,podman,skopeo: github.com/containers/storage: symlink traversal vulnerability in the containers/storage library can cause Denial of Service (DoS)</issue>
|
|
<issue tracker="cve" id="2024-6104"/>
|
|
<issue tracker="cve" id="2024-9341"/>
|
|
<issue tracker="cve" id="2024-9407"/>
|
|
<issue tracker="cve" id="2024-9675"/>
|
|
<issue tracker="cve" id="2024-9676"/>
|
|
<packager>danishprakash</packager>
|
|
<rating>moderate</rating>
|
|
<category>security</category>
|
|
<summary>Security update for podman</summary>
|
|
<description>This update for podman fixes the following issues:
|
|
|
|
- CVE-2024-9676: Fixed a denial of service via a symlink traversal in the containers/storage library (bsc#1231698)
|
|
- CVE-2024-9341: Fixed FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library (bsc#1231230)
|
|
- CVE-2024-9675: Fixed caching of arbitrary directory mount (bsc#1231499)
|
|
- CVE-2024-9407: Fixed improper input validation in bind-propagation option of Dockerfile RUN --mount instruction (bsc#1231208)
|
|
</description>
|
|
<package>podman</package>
|
|
<seperate_build_arch/>
|
|
</patchinfo> |