[Apollo] Advisories Statistics light light Login

RLSA-2024:9051

Security Mirrored from RHSA-2024:9051
Issued at: 2024-11-19
Updated at: 2024-11-19

Synopsis

Important: podman security update



Description

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.

Security Fix(es):

* Buildah: Podman: Improper Input Validation in bind-propagation Option of Dockerfile RUN --mount Instruction (CVE-2024-9407)

* buildah: Buildah allows arbitrary directory mount (CVE-2024-9675)

* Podman: Buildah: CRI-O: symlink traversal vulnerability in the containers/storage library can cause Denial of Service (DoS) (CVE-2024-9676)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.



Affected products

Rocky Linux 9 aarch64 Rocky Linux 9 ppc64le Rocky Linux 9 s390x Rocky Linux 9 x86_64

Fixes

2315887 2317458 2317467

CVEs

CVE-2024-9407 CVE-2024-9675 CVE-2024-9676

Affected packages

Rocky Linux 9 aarch64 - AppStream

podman-4:4.9.4-16.el9_4.aarch64.rpm podman-4:4.9.4-16.el9_4.src.rpm podman-debuginfo-4:4.9.4-16.el9_4.aarch64.rpm podman-debugsource-4:4.9.4-16.el9_4.aarch64.rpm podman-docker-4:4.9.4-16.el9_4.noarch.rpm podman-plugins-4:4.9.4-16.el9_4.aarch64.rpm podman-plugins-debuginfo-4:4.9.4-16.el9_4.aarch64.rpm podman-remote-4:4.9.4-16.el9_4.aarch64.rpm podman-remote-debuginfo-4:4.9.4-16.el9_4.aarch64.rpm podman-tests-4:4.9.4-16.el9_4.aarch64.rpm

Rocky Linux 9 ppc64le - AppStream

podman-4:4.9.4-16.el9_4.ppc64le.rpm podman-4:4.9.4-16.el9_4.src.rpm podman-debuginfo-4:4.9.4-16.el9_4.ppc64le.rpm podman-debugsource-4:4.9.4-16.el9_4.ppc64le.rpm podman-docker-4:4.9.4-16.el9_4.noarch.rpm podman-plugins-4:4.9.4-16.el9_4.ppc64le.rpm podman-plugins-debuginfo-4:4.9.4-16.el9_4.ppc64le.rpm podman-remote-4:4.9.4-16.el9_4.ppc64le.rpm podman-remote-debuginfo-4:4.9.4-16.el9_4.ppc64le.rpm podman-tests-4:4.9.4-16.el9_4.ppc64le.rpm

Rocky Linux 9 s390x - AppStream

podman-4:4.9.4-16.el9_4.s390x.rpm podman-4:4.9.4-16.el9_4.src.rpm podman-debuginfo-4:4.9.4-16.el9_4.s390x.rpm podman-debugsource-4:4.9.4-16.el9_4.s390x.rpm podman-docker-4:4.9.4-16.el9_4.noarch.rpm podman-plugins-4:4.9.4-16.el9_4.s390x.rpm podman-plugins-debuginfo-4:4.9.4-16.el9_4.s390x.rpm podman-remote-4:4.9.4-16.el9_4.s390x.rpm podman-remote-debuginfo-4:4.9.4-16.el9_4.s390x.rpm podman-tests-4:4.9.4-16.el9_4.s390x.rpm

Rocky Linux 9 x86_64 - AppStream

podman-4:4.9.4-16.el9_4.src.rpm podman-4:4.9.4-16.el9_4.x86_64.rpm podman-debuginfo-4:4.9.4-16.el9_4.x86_64.rpm podman-debugsource-4:4.9.4-16.el9_4.x86_64.rpm podman-docker-4:4.9.4-16.el9_4.noarch.rpm podman-plugins-4:4.9.4-16.el9_4.x86_64.rpm podman-plugins-debuginfo-4:4.9.4-16.el9_4.x86_64.rpm podman-remote-4:4.9.4-16.el9_4.x86_64.rpm podman-remote-debuginfo-4:4.9.4-16.el9_4.x86_64.rpm podman-tests-4:4.9.4-16.el9_4.x86_64.rpm