Red Hat Product Errata RHSA-2024:2645 - Security Advisory
Issued:
2024-05-01
Updated:
2024-05-01

RHSA-2024:2645 - Security Advisory

Synopsis

Important: podman security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for podman is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of
Important. A Common Vulnerability Scoring System (CVSS) base score, which gives
a detailed severity rating, is available for each vulnerability from the CVE
link(s) in the References section.

Description

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.

Security Fix(es):

  • podman: full container escape at build time (CVE-2024-1753)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.2 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2 ppc64le
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390x

Fixes

  • BZ - 2265513 - CVE-2024-1753 buildah: full container escape at build time

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2

SRPM
podman-4.4.1-16.el9_2.src.rpm SHA-256: 8554535a185a4ee73b04bcf903f93d66767995affd094daba05c0917e05b8e56
x86_64
podman-4.4.1-16.el9_2.x86_64.rpm SHA-256: e8b6424721652916f660fb573dfd625f83452adec423604b490d32910dbeb7b3
podman-debuginfo-4.4.1-16.el9_2.x86_64.rpm SHA-256: fd5aa2d3cfb1952a9b0aff28dbf3182fe5e35159bf8b7ba17a177f78401b9a34
podman-debugsource-4.4.1-16.el9_2.x86_64.rpm SHA-256: 6ba4aadfc30eb0c7977d8f6a4eeb3c2bf7c90ee4dfd417f0907ac43843a3dedd
podman-docker-4.4.1-16.el9_2.noarch.rpm SHA-256: a7009cad1a14170f5a98ac683b624ac4e9c3ac5a6f23546080d438ee4cf341bc
podman-gvproxy-4.4.1-16.el9_2.x86_64.rpm SHA-256: 8cb4eaabb21548c60d023232bdbaffc53771cc7bce8da9632a95e654b0752345
podman-gvproxy-debuginfo-4.4.1-16.el9_2.x86_64.rpm SHA-256: 2c7efc2f720784e02830782a774bebdeaaf5839628e787d9dd2efedbcbc699f8
podman-plugins-4.4.1-16.el9_2.x86_64.rpm SHA-256: db10b1f7d59673cea4c0f1be67069698275bd895b02203dcde49251d300e2f26
podman-plugins-debuginfo-4.4.1-16.el9_2.x86_64.rpm SHA-256: ff51f9593a11bc539818314edb586ec3d0fe5a31e75f9041b3b1f36655ef6fca
podman-remote-4.4.1-16.el9_2.x86_64.rpm SHA-256: 4344bafcf9ffdda653d2506ad2449647161c90b33729b216ccb2352bbc65a4f8
podman-remote-debuginfo-4.4.1-16.el9_2.x86_64.rpm SHA-256: ec8a6d062d7abb15fe4a46f61be7aa56af9b1978e834f815b8b5031e724fec7a
podman-tests-4.4.1-16.el9_2.x86_64.rpm SHA-256: c1b0750007cf9067fa0558729dce017e1008b98c26b58fa87bdb809435f08f4b

Red Hat Enterprise Linux Server - AUS 9.2

SRPM
podman-4.4.1-16.el9_2.src.rpm SHA-256: 8554535a185a4ee73b04bcf903f93d66767995affd094daba05c0917e05b8e56
x86_64
podman-4.4.1-16.el9_2.x86_64.rpm SHA-256: e8b6424721652916f660fb573dfd625f83452adec423604b490d32910dbeb7b3
podman-debuginfo-4.4.1-16.el9_2.x86_64.rpm SHA-256: fd5aa2d3cfb1952a9b0aff28dbf3182fe5e35159bf8b7ba17a177f78401b9a34
podman-debugsource-4.4.1-16.el9_2.x86_64.rpm SHA-256: 6ba4aadfc30eb0c7977d8f6a4eeb3c2bf7c90ee4dfd417f0907ac43843a3dedd
podman-docker-4.4.1-16.el9_2.noarch.rpm SHA-256: a7009cad1a14170f5a98ac683b624ac4e9c3ac5a6f23546080d438ee4cf341bc
podman-gvproxy-4.4.1-16.el9_2.x86_64.rpm SHA-256: 8cb4eaabb21548c60d023232bdbaffc53771cc7bce8da9632a95e654b0752345
podman-gvproxy-debuginfo-4.4.1-16.el9_2.x86_64.rpm SHA-256: 2c7efc2f720784e02830782a774bebdeaaf5839628e787d9dd2efedbcbc699f8
podman-plugins-4.4.1-16.el9_2.x86_64.rpm SHA-256: db10b1f7d59673cea4c0f1be67069698275bd895b02203dcde49251d300e2f26
podman-plugins-debuginfo-4.4.1-16.el9_2.x86_64.rpm SHA-256: ff51f9593a11bc539818314edb586ec3d0fe5a31e75f9041b3b1f36655ef6fca
podman-remote-4.4.1-16.el9_2.x86_64.rpm SHA-256: 4344bafcf9ffdda653d2506ad2449647161c90b33729b216ccb2352bbc65a4f8
podman-remote-debuginfo-4.4.1-16.el9_2.x86_64.rpm SHA-256: ec8a6d062d7abb15fe4a46f61be7aa56af9b1978e834f815b8b5031e724fec7a
podman-tests-4.4.1-16.el9_2.x86_64.rpm SHA-256: c1b0750007cf9067fa0558729dce017e1008b98c26b58fa87bdb809435f08f4b

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2

SRPM
podman-4.4.1-16.el9_2.src.rpm SHA-256: 8554535a185a4ee73b04bcf903f93d66767995affd094daba05c0917e05b8e56
s390x
podman-4.4.1-16.el9_2.s390x.rpm SHA-256: ff4f8b9e51b29db15a442341a62de6fcbd45fb879cf0140711e7ee05ebdcd82f
podman-debuginfo-4.4.1-16.el9_2.s390x.rpm SHA-256: 45baac8294cd8f2f5193c01ba924d4798fd96e7211d1b949bfb13ad32810aed1
podman-debugsource-4.4.1-16.el9_2.s390x.rpm SHA-256: fac0c2aaa17d1a49112e993e4e1fb2fd85439fcd10df5798a701964442e4b8a6
podman-docker-4.4.1-16.el9_2.noarch.rpm SHA-256: a7009cad1a14170f5a98ac683b624ac4e9c3ac5a6f23546080d438ee4cf341bc
podman-gvproxy-4.4.1-16.el9_2.s390x.rpm SHA-256: 2d28e6c767074d63266b06d4fc313e9041e8a70f88efa64b7b20d3ddf25a25a9
podman-gvproxy-debuginfo-4.4.1-16.el9_2.s390x.rpm SHA-256: dd0bce7857395764ee2dd5079d0178ab77f63aef6a39aa6ad6f4cf4a2a387c7b
podman-plugins-4.4.1-16.el9_2.s390x.rpm SHA-256: e44e2664b1240cb68652074da946f7a083cccc2823224f98814e29b136bad913
podman-plugins-debuginfo-4.4.1-16.el9_2.s390x.rpm SHA-256: 385bec82248fca36ec30a84fd5abd62657578a1846b4cf6bf0a9aa023da728fa
podman-remote-4.4.1-16.el9_2.s390x.rpm SHA-256: 48bf9e67557b207b2bb010c60515e88e983b97afb8ce4b4c6ad9e5d5e6485832
podman-remote-debuginfo-4.4.1-16.el9_2.s390x.rpm SHA-256: a588b831381f0512c7b7a1abf5c3330b3daf0dfaa309f826ffd8ec45ab2eea8e
podman-tests-4.4.1-16.el9_2.s390x.rpm SHA-256: 2b80bad542715305b682098ef7089e07c785e2426b0a7aa9a452c7550cbd4d05

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2

SRPM
podman-4.4.1-16.el9_2.src.rpm SHA-256: 8554535a185a4ee73b04bcf903f93d66767995affd094daba05c0917e05b8e56
ppc64le
podman-4.4.1-16.el9_2.ppc64le.rpm SHA-256: 4bcd8ce1aafdecc7e1806fa92600e2b90f7d38db7d414ae8d78bf96ef34ee17c
podman-debuginfo-4.4.1-16.el9_2.ppc64le.rpm SHA-256: f5914280d87bb3a23f9e2d4ff8e849a851b5719937a77928e62714bcec29cb76
podman-debugsource-4.4.1-16.el9_2.ppc64le.rpm SHA-256: dbd1dad57c02d7f807b8da7cc5371949bb20f146240147e46d8c147463523fa8
podman-docker-4.4.1-16.el9_2.noarch.rpm SHA-256: a7009cad1a14170f5a98ac683b624ac4e9c3ac5a6f23546080d438ee4cf341bc
podman-gvproxy-4.4.1-16.el9_2.ppc64le.rpm SHA-256: 55f4037efa7aaaeecb7ed19c5da486b530f9ef2464d33ad45f3da2feb95ae76b
podman-gvproxy-debuginfo-4.4.1-16.el9_2.ppc64le.rpm SHA-256: 0d528701f3b9c4281b8644cc09966ed4806eac7c3d8d832736cac409163f4671
podman-plugins-4.4.1-16.el9_2.ppc64le.rpm SHA-256: 0a7c094c665958b692e04b0bcb71db6da22e0209abd74c2cdc861adeb8806864
podman-plugins-debuginfo-4.4.1-16.el9_2.ppc64le.rpm SHA-256: 7a796f156e4afe77a7e95af029049dc81ed6073fd34cf89045d11c8d0a37f662
podman-remote-4.4.1-16.el9_2.ppc64le.rpm SHA-256: cf2a77eacefd3aaa6a1c9e41a7261263f24c5433db08312803502fa178e60897
podman-remote-debuginfo-4.4.1-16.el9_2.ppc64le.rpm SHA-256: aa91f1755df041aebfb071c6897953895f47da72f262865256a7d3297527ddf4
podman-tests-4.4.1-16.el9_2.ppc64le.rpm SHA-256: ceb57afd51c88eb7566957c662c120bff5d4062f6184fd8fa359ff888dbadfce

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2

SRPM
podman-4.4.1-16.el9_2.src.rpm SHA-256: 8554535a185a4ee73b04bcf903f93d66767995affd094daba05c0917e05b8e56
aarch64
podman-4.4.1-16.el9_2.aarch64.rpm SHA-256: e083a572b8faadc29cbeb8e6f34cd7f4f91e5930f5b98220907f3b569dc390af
podman-debuginfo-4.4.1-16.el9_2.aarch64.rpm SHA-256: a111c25359d16b5e6d082ef9cd3f0a8addbe5a6c65172559ed00e3121eebd74f
podman-debugsource-4.4.1-16.el9_2.aarch64.rpm SHA-256: 31986981170c084543e32f1f62e1bcb678cfeb0dd47b4c843d819de5a3fa2cd3
podman-docker-4.4.1-16.el9_2.noarch.rpm SHA-256: a7009cad1a14170f5a98ac683b624ac4e9c3ac5a6f23546080d438ee4cf341bc
podman-gvproxy-4.4.1-16.el9_2.aarch64.rpm SHA-256: 15862a55bbb22ce07d898ad171a6bb2cb285d217d34034e3c137ebde4c46e610
podman-gvproxy-debuginfo-4.4.1-16.el9_2.aarch64.rpm SHA-256: 445cb87baceeb9d82e4583914a1439de6b80ab72af88398dfdf1d4068934786d
podman-plugins-4.4.1-16.el9_2.aarch64.rpm SHA-256: 3af9ea07618ef9dc432957c081f710ca9243856e0aade81465b3d529a0fe7e7e
podman-plugins-debuginfo-4.4.1-16.el9_2.aarch64.rpm SHA-256: 1ccbf0a6695833482609f1739de8c07a60a471d94dd39bcd452f2ea107f1af75
podman-remote-4.4.1-16.el9_2.aarch64.rpm SHA-256: 4ddbe8bc6a79a3c551cecfda6cd07376b0b50ae7143693425a926caa61a683c5
podman-remote-debuginfo-4.4.1-16.el9_2.aarch64.rpm SHA-256: 1f77bf8b26ea7f2615763bdc8f08a0c02927f5a87ef56a79a3d09737100bba5d
podman-tests-4.4.1-16.el9_2.aarch64.rpm SHA-256: 5d1a6f3b0fbdcaec19c6a32c2db387eb8c9e67ff029758955514e8afd7fbc115

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2

SRPM
podman-4.4.1-16.el9_2.src.rpm SHA-256: 8554535a185a4ee73b04bcf903f93d66767995affd094daba05c0917e05b8e56
ppc64le
podman-4.4.1-16.el9_2.ppc64le.rpm SHA-256: 4bcd8ce1aafdecc7e1806fa92600e2b90f7d38db7d414ae8d78bf96ef34ee17c
podman-debuginfo-4.4.1-16.el9_2.ppc64le.rpm SHA-256: f5914280d87bb3a23f9e2d4ff8e849a851b5719937a77928e62714bcec29cb76
podman-debugsource-4.4.1-16.el9_2.ppc64le.rpm SHA-256: dbd1dad57c02d7f807b8da7cc5371949bb20f146240147e46d8c147463523fa8
podman-docker-4.4.1-16.el9_2.noarch.rpm SHA-256: a7009cad1a14170f5a98ac683b624ac4e9c3ac5a6f23546080d438ee4cf341bc
podman-gvproxy-4.4.1-16.el9_2.ppc64le.rpm SHA-256: 55f4037efa7aaaeecb7ed19c5da486b530f9ef2464d33ad45f3da2feb95ae76b
podman-gvproxy-debuginfo-4.4.1-16.el9_2.ppc64le.rpm SHA-256: 0d528701f3b9c4281b8644cc09966ed4806eac7c3d8d832736cac409163f4671
podman-plugins-4.4.1-16.el9_2.ppc64le.rpm SHA-256: 0a7c094c665958b692e04b0bcb71db6da22e0209abd74c2cdc861adeb8806864
podman-plugins-debuginfo-4.4.1-16.el9_2.ppc64le.rpm SHA-256: 7a796f156e4afe77a7e95af029049dc81ed6073fd34cf89045d11c8d0a37f662
podman-remote-4.4.1-16.el9_2.ppc64le.rpm SHA-256: cf2a77eacefd3aaa6a1c9e41a7261263f24c5433db08312803502fa178e60897
podman-remote-debuginfo-4.4.1-16.el9_2.ppc64le.rpm SHA-256: aa91f1755df041aebfb071c6897953895f47da72f262865256a7d3297527ddf4
podman-tests-4.4.1-16.el9_2.ppc64le.rpm SHA-256: ceb57afd51c88eb7566957c662c120bff5d4062f6184fd8fa359ff888dbadfce

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2

SRPM
podman-4.4.1-16.el9_2.src.rpm SHA-256: 8554535a185a4ee73b04bcf903f93d66767995affd094daba05c0917e05b8e56
x86_64
podman-4.4.1-16.el9_2.x86_64.rpm SHA-256: e8b6424721652916f660fb573dfd625f83452adec423604b490d32910dbeb7b3
podman-debuginfo-4.4.1-16.el9_2.x86_64.rpm SHA-256: fd5aa2d3cfb1952a9b0aff28dbf3182fe5e35159bf8b7ba17a177f78401b9a34
podman-debugsource-4.4.1-16.el9_2.x86_64.rpm SHA-256: 6ba4aadfc30eb0c7977d8f6a4eeb3c2bf7c90ee4dfd417f0907ac43843a3dedd
podman-docker-4.4.1-16.el9_2.noarch.rpm SHA-256: a7009cad1a14170f5a98ac683b624ac4e9c3ac5a6f23546080d438ee4cf341bc
podman-gvproxy-4.4.1-16.el9_2.x86_64.rpm SHA-256: 8cb4eaabb21548c60d023232bdbaffc53771cc7bce8da9632a95e654b0752345
podman-gvproxy-debuginfo-4.4.1-16.el9_2.x86_64.rpm SHA-256: 2c7efc2f720784e02830782a774bebdeaaf5839628e787d9dd2efedbcbc699f8
podman-plugins-4.4.1-16.el9_2.x86_64.rpm SHA-256: db10b1f7d59673cea4c0f1be67069698275bd895b02203dcde49251d300e2f26
podman-plugins-debuginfo-4.4.1-16.el9_2.x86_64.rpm SHA-256: ff51f9593a11bc539818314edb586ec3d0fe5a31e75f9041b3b1f36655ef6fca
podman-remote-4.4.1-16.el9_2.x86_64.rpm SHA-256: 4344bafcf9ffdda653d2506ad2449647161c90b33729b216ccb2352bbc65a4f8
podman-remote-debuginfo-4.4.1-16.el9_2.x86_64.rpm SHA-256: ec8a6d062d7abb15fe4a46f61be7aa56af9b1978e834f815b8b5031e724fec7a
podman-tests-4.4.1-16.el9_2.x86_64.rpm SHA-256: c1b0750007cf9067fa0558729dce017e1008b98c26b58fa87bdb809435f08f4b

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2

SRPM
podman-4.4.1-16.el9_2.src.rpm SHA-256: 8554535a185a4ee73b04bcf903f93d66767995affd094daba05c0917e05b8e56
aarch64
podman-4.4.1-16.el9_2.aarch64.rpm SHA-256: e083a572b8faadc29cbeb8e6f34cd7f4f91e5930f5b98220907f3b569dc390af
podman-debuginfo-4.4.1-16.el9_2.aarch64.rpm SHA-256: a111c25359d16b5e6d082ef9cd3f0a8addbe5a6c65172559ed00e3121eebd74f
podman-debugsource-4.4.1-16.el9_2.aarch64.rpm SHA-256: 31986981170c084543e32f1f62e1bcb678cfeb0dd47b4c843d819de5a3fa2cd3
podman-docker-4.4.1-16.el9_2.noarch.rpm SHA-256: a7009cad1a14170f5a98ac683b624ac4e9c3ac5a6f23546080d438ee4cf341bc
podman-gvproxy-4.4.1-16.el9_2.aarch64.rpm SHA-256: 15862a55bbb22ce07d898ad171a6bb2cb285d217d34034e3c137ebde4c46e610
podman-gvproxy-debuginfo-4.4.1-16.el9_2.aarch64.rpm SHA-256: 445cb87baceeb9d82e4583914a1439de6b80ab72af88398dfdf1d4068934786d
podman-plugins-4.4.1-16.el9_2.aarch64.rpm SHA-256: 3af9ea07618ef9dc432957c081f710ca9243856e0aade81465b3d529a0fe7e7e
podman-plugins-debuginfo-4.4.1-16.el9_2.aarch64.rpm SHA-256: 1ccbf0a6695833482609f1739de8c07a60a471d94dd39bcd452f2ea107f1af75
podman-remote-4.4.1-16.el9_2.aarch64.rpm SHA-256: 4ddbe8bc6a79a3c551cecfda6cd07376b0b50ae7143693425a926caa61a683c5
podman-remote-debuginfo-4.4.1-16.el9_2.aarch64.rpm SHA-256: 1f77bf8b26ea7f2615763bdc8f08a0c02927f5a87ef56a79a3d09737100bba5d
podman-tests-4.4.1-16.el9_2.aarch64.rpm SHA-256: 5d1a6f3b0fbdcaec19c6a32c2db387eb8c9e67ff029758955514e8afd7fbc115

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2

SRPM
podman-4.4.1-16.el9_2.src.rpm SHA-256: 8554535a185a4ee73b04bcf903f93d66767995affd094daba05c0917e05b8e56
s390x
podman-4.4.1-16.el9_2.s390x.rpm SHA-256: ff4f8b9e51b29db15a442341a62de6fcbd45fb879cf0140711e7ee05ebdcd82f
podman-debuginfo-4.4.1-16.el9_2.s390x.rpm SHA-256: 45baac8294cd8f2f5193c01ba924d4798fd96e7211d1b949bfb13ad32810aed1
podman-debugsource-4.4.1-16.el9_2.s390x.rpm SHA-256: fac0c2aaa17d1a49112e993e4e1fb2fd85439fcd10df5798a701964442e4b8a6
podman-docker-4.4.1-16.el9_2.noarch.rpm SHA-256: a7009cad1a14170f5a98ac683b624ac4e9c3ac5a6f23546080d438ee4cf341bc
podman-gvproxy-4.4.1-16.el9_2.s390x.rpm SHA-256: 2d28e6c767074d63266b06d4fc313e9041e8a70f88efa64b7b20d3ddf25a25a9
podman-gvproxy-debuginfo-4.4.1-16.el9_2.s390x.rpm SHA-256: dd0bce7857395764ee2dd5079d0178ab77f63aef6a39aa6ad6f4cf4a2a387c7b
podman-plugins-4.4.1-16.el9_2.s390x.rpm SHA-256: e44e2664b1240cb68652074da946f7a083cccc2823224f98814e29b136bad913
podman-plugins-debuginfo-4.4.1-16.el9_2.s390x.rpm SHA-256: 385bec82248fca36ec30a84fd5abd62657578a1846b4cf6bf0a9aa023da728fa
podman-remote-4.4.1-16.el9_2.s390x.rpm SHA-256: 48bf9e67557b207b2bb010c60515e88e983b97afb8ce4b4c6ad9e5d5e6485832
podman-remote-debuginfo-4.4.1-16.el9_2.s390x.rpm SHA-256: a588b831381f0512c7b7a1abf5c3330b3daf0dfaa309f826ffd8ec45ab2eea8e
podman-tests-4.4.1-16.el9_2.s390x.rpm SHA-256: 2b80bad542715305b682098ef7089e07c785e2426b0a7aa9a452c7550cbd4d05

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.