buildah-1.33.7-4.el9_4
エラータID: AXSA:2024-8769:07
The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images.
Security Fix(es):
* golang: crypto/x509: Verify panics on certificates with an unknown public key algorithm (CVE-2024-24783)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2024-24783
Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates.
Update packages.
Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates.
N/A
SRPMS
- buildah-1.33.7-4.el9_4.src.rpm
MD5: d32d67a9f18ddba7f55f9f249a46eeef
SHA-256: c4ac2374ef7417739ebb7b6ff7d15694a1620fe6233e059c41a4274974073042
Size: 17.46 MB
Asianux Server 9 for x86_64
- buildah-1.33.7-4.el9_4.x86_64.rpm
MD5: 298da2795e46a5576d0aaa72d32e0854
SHA-256: c382f7b2b1a20a0c0ca982d845c6f64a8d8ada22c548d8da34d655be274f80d7
Size: 9.41 MB - buildah-tests-1.33.7-4.el9_4.x86_64.rpm
MD5: 56cb12331fab00c5f63dbfced992214b
SHA-256: 79668e7199d13aac61b11b104fa09a6797c3e668f4570f4a82f0717e1137aca4
Size: 30.28 MB
日本語