buildah-1.37.6-1.el9_5
エラータID: AXSA:2025-9650:01
The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images.
Security Fix(es):
* podman: buildah: Container breakout by using --jobs=2 and a race condition when building a malicious Containerfile (CVE-2024-11218)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2024-11218
A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host.
Update packages.
A vulnerability was found in `podman build` and `buildah.` This issue occurs in a container breakout by using --jobs=2 and a race condition when building a malicious Containerfile. SELinux might mitigate it, but even with SELinux on, it still allows the enumeration of files and directories on the host.
N/A
SRPMS
- buildah-1.37.6-1.el9_5.src.rpm
MD5: 02f0cc1c086e54d5ef70c42cee3ee40d
SHA-256: d82f831e39b0ac29c8fd0f3dc69785c38f0e4eb7729ff952bc5f976d6b9ffd8b
Size: 18.15 MB
Asianux Server 9 for x86_64
- buildah-1.37.6-1.el9_5.x86_64.rpm
MD5: a470c7e13327569049d5742990dd37da
SHA-256: 8714248795683b5bb0ab2dc6e6c57003b63ce6f972815b45718c9bb2f743c031
Size: 10.96 MB - buildah-tests-1.37.6-1.el9_5.x86_64.rpm
MD5: c39241edcd105682d94f5ff0fda4b2b9
SHA-256: 9b6f388a9399579b36ce52a8e6d84164eb62411b199315f11ea1e74661d8ee23
Size: 33.79 MB
日本語