Red Hat Product Errata RHSA-2024:5634 - Security Advisory
Issued:
2024-08-20
Updated:
2024-08-20

RHSA-2024:5634 - Security Advisory

Synopsis

Important: podman security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for podman is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.

Security Fix(es):

  • golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads (CVE-2024-1394)
  • go-retryablehttp: url might write sensitive information to log file (CVE-2024-6104)
  • gorilla/schema: Potential memory exhaustion attack due to sparse slice deserialization (CVE-2024-37298)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.2 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2 ppc64le
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390x

Fixes

  • BZ - 2262921 - CVE-2024-1394 golang-fips/openssl: Memory leaks in code encrypting and decrypting RSA payloads
  • BZ - 2294000 - CVE-2024-6104 go-retryablehttp: url might write sensitive information to log file
  • BZ - 2295010 - CVE-2024-37298 gorilla/schema: Potential memory exhaustion attack due to sparse slice deserialization

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2

SRPM
podman-4.4.1-20.el9_2.src.rpm SHA-256: 896af2f81b1f5c35997c4619bae6049af852302943223b8a161bb1f1114879bc
x86_64
podman-4.4.1-20.el9_2.x86_64.rpm SHA-256: e4093e8a366a4b0ccddb4ec819faff6dd6bad644518180d0cd060612de2cc1fa
podman-debuginfo-4.4.1-20.el9_2.x86_64.rpm SHA-256: 15d392ec361ee96201bfcd4ad0db8303d5643f025e93cba96c21ca6e639bc214
podman-debugsource-4.4.1-20.el9_2.x86_64.rpm SHA-256: 2d087339f43e4064b036dff9281bbd85ee406afeca7dd17c48a605468624cb74
podman-docker-4.4.1-20.el9_2.noarch.rpm SHA-256: 47f22e43de63d805a0b55d60964091fc80f6265d648e9ae81d6751dee663c4e6
podman-gvproxy-4.4.1-20.el9_2.x86_64.rpm SHA-256: 72b07bd6e0e41aac59459b8f55fef58698df55bbc1c0bfb07607c74ce93d06b2
podman-gvproxy-debuginfo-4.4.1-20.el9_2.x86_64.rpm SHA-256: 61fc245c7b62e033314616c860190f187880c7a09a9255f45d53641a541c1ed0
podman-plugins-4.4.1-20.el9_2.x86_64.rpm SHA-256: 5133211dc244ae59e9d6ed3f7f7e4c9f116f0cc24e2a5c00257ba2411112affb
podman-plugins-debuginfo-4.4.1-20.el9_2.x86_64.rpm SHA-256: bd780974699a6acb94a24d99a7caca10f12bb82f517a0b9cd8268164b35f1083
podman-remote-4.4.1-20.el9_2.x86_64.rpm SHA-256: 475f5c69db1f5af7659626f7fb802fa2f66302570d7ac4364a45d8f95e0e94ef
podman-remote-debuginfo-4.4.1-20.el9_2.x86_64.rpm SHA-256: 94515bf054d213773083593318fc75f15c9e12a3fbae88a740528621afc16d26
podman-tests-4.4.1-20.el9_2.x86_64.rpm SHA-256: 9026f4141b08089fa2a781c53cab4b8ea044fb38476c8e7ae9f4e6d52c1b9b67

Red Hat Enterprise Linux Server - AUS 9.2

SRPM
podman-4.4.1-20.el9_2.src.rpm SHA-256: 896af2f81b1f5c35997c4619bae6049af852302943223b8a161bb1f1114879bc
x86_64
podman-4.4.1-20.el9_2.x86_64.rpm SHA-256: e4093e8a366a4b0ccddb4ec819faff6dd6bad644518180d0cd060612de2cc1fa
podman-debuginfo-4.4.1-20.el9_2.x86_64.rpm SHA-256: 15d392ec361ee96201bfcd4ad0db8303d5643f025e93cba96c21ca6e639bc214
podman-debugsource-4.4.1-20.el9_2.x86_64.rpm SHA-256: 2d087339f43e4064b036dff9281bbd85ee406afeca7dd17c48a605468624cb74
podman-docker-4.4.1-20.el9_2.noarch.rpm SHA-256: 47f22e43de63d805a0b55d60964091fc80f6265d648e9ae81d6751dee663c4e6
podman-gvproxy-4.4.1-20.el9_2.x86_64.rpm SHA-256: 72b07bd6e0e41aac59459b8f55fef58698df55bbc1c0bfb07607c74ce93d06b2
podman-gvproxy-debuginfo-4.4.1-20.el9_2.x86_64.rpm SHA-256: 61fc245c7b62e033314616c860190f187880c7a09a9255f45d53641a541c1ed0
podman-plugins-4.4.1-20.el9_2.x86_64.rpm SHA-256: 5133211dc244ae59e9d6ed3f7f7e4c9f116f0cc24e2a5c00257ba2411112affb
podman-plugins-debuginfo-4.4.1-20.el9_2.x86_64.rpm SHA-256: bd780974699a6acb94a24d99a7caca10f12bb82f517a0b9cd8268164b35f1083
podman-remote-4.4.1-20.el9_2.x86_64.rpm SHA-256: 475f5c69db1f5af7659626f7fb802fa2f66302570d7ac4364a45d8f95e0e94ef
podman-remote-debuginfo-4.4.1-20.el9_2.x86_64.rpm SHA-256: 94515bf054d213773083593318fc75f15c9e12a3fbae88a740528621afc16d26
podman-tests-4.4.1-20.el9_2.x86_64.rpm SHA-256: 9026f4141b08089fa2a781c53cab4b8ea044fb38476c8e7ae9f4e6d52c1b9b67

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2

SRPM
podman-4.4.1-20.el9_2.src.rpm SHA-256: 896af2f81b1f5c35997c4619bae6049af852302943223b8a161bb1f1114879bc
s390x
podman-4.4.1-20.el9_2.s390x.rpm SHA-256: 752e8b9accd944998beb08b31caecc525a17c2b179ecd97449584f1277dd0eda
podman-debuginfo-4.4.1-20.el9_2.s390x.rpm SHA-256: a9615089f810dda412cb6eefb223d41adf0bbf81ad44c149a0a4832f3bd88c27
podman-debugsource-4.4.1-20.el9_2.s390x.rpm SHA-256: 9e3124302a690de548fb9bbac281b6fc5ce25a4783e3fbba2ebbc3f9c5a65fd7
podman-docker-4.4.1-20.el9_2.noarch.rpm SHA-256: 47f22e43de63d805a0b55d60964091fc80f6265d648e9ae81d6751dee663c4e6
podman-gvproxy-4.4.1-20.el9_2.s390x.rpm SHA-256: e77da69fb1479d676ee0878dca6223bb01e178a72fe6ee7cd3c6566ebe79c510
podman-gvproxy-debuginfo-4.4.1-20.el9_2.s390x.rpm SHA-256: 2e8aaddb4abcbc1adf51c7eeec1d59e0e558ed07b2beb92ac1c200fdd01e2694
podman-plugins-4.4.1-20.el9_2.s390x.rpm SHA-256: 5726c070a6e6b2cb893a36bea394cd144d560e26e32f7178cb3c3b2f06ae5425
podman-plugins-debuginfo-4.4.1-20.el9_2.s390x.rpm SHA-256: af33de0f93001307cfa8fa8796012c58ab9c5d825d994621f5b90cf6f0cb9f2a
podman-remote-4.4.1-20.el9_2.s390x.rpm SHA-256: 3cce1578cbfd3c14689f5b3c5a00bd1c30b4578a9a04fd742fc0b6e352854732
podman-remote-debuginfo-4.4.1-20.el9_2.s390x.rpm SHA-256: 7024b050fd2bf14283c45e9901477b4c00aedf1c56709e3b8cd2527b11cd23aa
podman-tests-4.4.1-20.el9_2.s390x.rpm SHA-256: f5c0f8e21ec7cb1ec98328294f8d7a45fe44f5bfe8749d9b4cbfeb02c3ac20c5

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2

SRPM
podman-4.4.1-20.el9_2.src.rpm SHA-256: 896af2f81b1f5c35997c4619bae6049af852302943223b8a161bb1f1114879bc
ppc64le
podman-4.4.1-20.el9_2.ppc64le.rpm SHA-256: 7d43639fba3ab177316d2b4f95cf8631ae4089b9010be3d8c4f66839cc7034a6
podman-debuginfo-4.4.1-20.el9_2.ppc64le.rpm SHA-256: 7af45bd6d8cf0fe6434c72de7f6cd079f9277c64f9ca16f5100d53277db4b2ce
podman-debugsource-4.4.1-20.el9_2.ppc64le.rpm SHA-256: 56f1af5aea004b5e86a15ad3a2f9a967aaa9ef015118960370670b6c13c90da1
podman-docker-4.4.1-20.el9_2.noarch.rpm SHA-256: 47f22e43de63d805a0b55d60964091fc80f6265d648e9ae81d6751dee663c4e6
podman-gvproxy-4.4.1-20.el9_2.ppc64le.rpm SHA-256: 3e84fa868e6924417ac3a391cd8923007356db5fa8d006af0280bd8394b94dfe
podman-gvproxy-debuginfo-4.4.1-20.el9_2.ppc64le.rpm SHA-256: 017d0861834baef174ef0e72f8537e95c3f5f5aa4d6bc1e5f5aaf9fc1c7091bb
podman-plugins-4.4.1-20.el9_2.ppc64le.rpm SHA-256: ea43e9eb4d2e869b9141f84c9ad14b97aeb337f619159d45c19e9729c9a014d5
podman-plugins-debuginfo-4.4.1-20.el9_2.ppc64le.rpm SHA-256: 3adcae8be7d5e58e8d8296c049901fcba314f9acbe58bec65a1a9fe62b2d1dad
podman-remote-4.4.1-20.el9_2.ppc64le.rpm SHA-256: 8bef6b494a64947b96f2586bede0c78c2883ab15ea32e412473615b467fe6b8b
podman-remote-debuginfo-4.4.1-20.el9_2.ppc64le.rpm SHA-256: 924f07ed07638dfb33f44754cb4f7baccb1d7dfb2e0bdd2f86079c84bba1bd19
podman-tests-4.4.1-20.el9_2.ppc64le.rpm SHA-256: 7747b45265c7967b39125e559a4f8c2c2d666ffaf1ee68fa7250da74eb22ac2e

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2

SRPM
podman-4.4.1-20.el9_2.src.rpm SHA-256: 896af2f81b1f5c35997c4619bae6049af852302943223b8a161bb1f1114879bc
aarch64
podman-4.4.1-20.el9_2.aarch64.rpm SHA-256: 59554ee75e21d6fd2e6c9d7d870e98916e9a9cb9027f1d6ea49f51672c182e5a
podman-debuginfo-4.4.1-20.el9_2.aarch64.rpm SHA-256: be6e98f9b813b75990c8b20c6f1a7fcb4bdd335e373b986ae740150e34fab0d3
podman-debugsource-4.4.1-20.el9_2.aarch64.rpm SHA-256: f719ed77118ba9fc177e2286ec60c5b2ccded071f238415e5f41fc3815b63afe
podman-docker-4.4.1-20.el9_2.noarch.rpm SHA-256: 47f22e43de63d805a0b55d60964091fc80f6265d648e9ae81d6751dee663c4e6
podman-gvproxy-4.4.1-20.el9_2.aarch64.rpm SHA-256: cb05d6026a56d6bd75d2548aa27d36f1faf890a3d12f59322de4494427fa819e
podman-gvproxy-debuginfo-4.4.1-20.el9_2.aarch64.rpm SHA-256: 5411d82f3fa902339532a7dece69e35c205bc2188cef91a18161af93e8ac2979
podman-plugins-4.4.1-20.el9_2.aarch64.rpm SHA-256: 6e8059481389b55b27e214c69d0453abbb281cd4ade07357ce7b8e8093e5bc07
podman-plugins-debuginfo-4.4.1-20.el9_2.aarch64.rpm SHA-256: 804813bfd6f7406a8f86ad00e62cfaa1a11191e286b9e4ac0be414ab8403d536
podman-remote-4.4.1-20.el9_2.aarch64.rpm SHA-256: b47638ffe3d7f93305ef13893ad70fd0c6c498ec1ef15853cda212beba10f76e
podman-remote-debuginfo-4.4.1-20.el9_2.aarch64.rpm SHA-256: 1fa4c86b26ffa4ea096a4ab004ddab967a5123aba13ab1cf9d2050330ca8be44
podman-tests-4.4.1-20.el9_2.aarch64.rpm SHA-256: 39d23c8e982d2242497e9667210eb8230565bc3c64fdd2ac6238d4d2b2f46d6b

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2

SRPM
podman-4.4.1-20.el9_2.src.rpm SHA-256: 896af2f81b1f5c35997c4619bae6049af852302943223b8a161bb1f1114879bc
ppc64le
podman-4.4.1-20.el9_2.ppc64le.rpm SHA-256: 7d43639fba3ab177316d2b4f95cf8631ae4089b9010be3d8c4f66839cc7034a6
podman-debuginfo-4.4.1-20.el9_2.ppc64le.rpm SHA-256: 7af45bd6d8cf0fe6434c72de7f6cd079f9277c64f9ca16f5100d53277db4b2ce
podman-debugsource-4.4.1-20.el9_2.ppc64le.rpm SHA-256: 56f1af5aea004b5e86a15ad3a2f9a967aaa9ef015118960370670b6c13c90da1
podman-docker-4.4.1-20.el9_2.noarch.rpm SHA-256: 47f22e43de63d805a0b55d60964091fc80f6265d648e9ae81d6751dee663c4e6
podman-gvproxy-4.4.1-20.el9_2.ppc64le.rpm SHA-256: 3e84fa868e6924417ac3a391cd8923007356db5fa8d006af0280bd8394b94dfe
podman-gvproxy-debuginfo-4.4.1-20.el9_2.ppc64le.rpm SHA-256: 017d0861834baef174ef0e72f8537e95c3f5f5aa4d6bc1e5f5aaf9fc1c7091bb
podman-plugins-4.4.1-20.el9_2.ppc64le.rpm SHA-256: ea43e9eb4d2e869b9141f84c9ad14b97aeb337f619159d45c19e9729c9a014d5
podman-plugins-debuginfo-4.4.1-20.el9_2.ppc64le.rpm SHA-256: 3adcae8be7d5e58e8d8296c049901fcba314f9acbe58bec65a1a9fe62b2d1dad
podman-remote-4.4.1-20.el9_2.ppc64le.rpm SHA-256: 8bef6b494a64947b96f2586bede0c78c2883ab15ea32e412473615b467fe6b8b
podman-remote-debuginfo-4.4.1-20.el9_2.ppc64le.rpm SHA-256: 924f07ed07638dfb33f44754cb4f7baccb1d7dfb2e0bdd2f86079c84bba1bd19
podman-tests-4.4.1-20.el9_2.ppc64le.rpm SHA-256: 7747b45265c7967b39125e559a4f8c2c2d666ffaf1ee68fa7250da74eb22ac2e

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2

SRPM
podman-4.4.1-20.el9_2.src.rpm SHA-256: 896af2f81b1f5c35997c4619bae6049af852302943223b8a161bb1f1114879bc
x86_64
podman-4.4.1-20.el9_2.x86_64.rpm SHA-256: e4093e8a366a4b0ccddb4ec819faff6dd6bad644518180d0cd060612de2cc1fa
podman-debuginfo-4.4.1-20.el9_2.x86_64.rpm SHA-256: 15d392ec361ee96201bfcd4ad0db8303d5643f025e93cba96c21ca6e639bc214
podman-debugsource-4.4.1-20.el9_2.x86_64.rpm SHA-256: 2d087339f43e4064b036dff9281bbd85ee406afeca7dd17c48a605468624cb74
podman-docker-4.4.1-20.el9_2.noarch.rpm SHA-256: 47f22e43de63d805a0b55d60964091fc80f6265d648e9ae81d6751dee663c4e6
podman-gvproxy-4.4.1-20.el9_2.x86_64.rpm SHA-256: 72b07bd6e0e41aac59459b8f55fef58698df55bbc1c0bfb07607c74ce93d06b2
podman-gvproxy-debuginfo-4.4.1-20.el9_2.x86_64.rpm SHA-256: 61fc245c7b62e033314616c860190f187880c7a09a9255f45d53641a541c1ed0
podman-plugins-4.4.1-20.el9_2.x86_64.rpm SHA-256: 5133211dc244ae59e9d6ed3f7f7e4c9f116f0cc24e2a5c00257ba2411112affb
podman-plugins-debuginfo-4.4.1-20.el9_2.x86_64.rpm SHA-256: bd780974699a6acb94a24d99a7caca10f12bb82f517a0b9cd8268164b35f1083
podman-remote-4.4.1-20.el9_2.x86_64.rpm SHA-256: 475f5c69db1f5af7659626f7fb802fa2f66302570d7ac4364a45d8f95e0e94ef
podman-remote-debuginfo-4.4.1-20.el9_2.x86_64.rpm SHA-256: 94515bf054d213773083593318fc75f15c9e12a3fbae88a740528621afc16d26
podman-tests-4.4.1-20.el9_2.x86_64.rpm SHA-256: 9026f4141b08089fa2a781c53cab4b8ea044fb38476c8e7ae9f4e6d52c1b9b67

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2

SRPM
podman-4.4.1-20.el9_2.src.rpm SHA-256: 896af2f81b1f5c35997c4619bae6049af852302943223b8a161bb1f1114879bc
aarch64
podman-4.4.1-20.el9_2.aarch64.rpm SHA-256: 59554ee75e21d6fd2e6c9d7d870e98916e9a9cb9027f1d6ea49f51672c182e5a
podman-debuginfo-4.4.1-20.el9_2.aarch64.rpm SHA-256: be6e98f9b813b75990c8b20c6f1a7fcb4bdd335e373b986ae740150e34fab0d3
podman-debugsource-4.4.1-20.el9_2.aarch64.rpm SHA-256: f719ed77118ba9fc177e2286ec60c5b2ccded071f238415e5f41fc3815b63afe
podman-docker-4.4.1-20.el9_2.noarch.rpm SHA-256: 47f22e43de63d805a0b55d60964091fc80f6265d648e9ae81d6751dee663c4e6
podman-gvproxy-4.4.1-20.el9_2.aarch64.rpm SHA-256: cb05d6026a56d6bd75d2548aa27d36f1faf890a3d12f59322de4494427fa819e
podman-gvproxy-debuginfo-4.4.1-20.el9_2.aarch64.rpm SHA-256: 5411d82f3fa902339532a7dece69e35c205bc2188cef91a18161af93e8ac2979
podman-plugins-4.4.1-20.el9_2.aarch64.rpm SHA-256: 6e8059481389b55b27e214c69d0453abbb281cd4ade07357ce7b8e8093e5bc07
podman-plugins-debuginfo-4.4.1-20.el9_2.aarch64.rpm SHA-256: 804813bfd6f7406a8f86ad00e62cfaa1a11191e286b9e4ac0be414ab8403d536
podman-remote-4.4.1-20.el9_2.aarch64.rpm SHA-256: b47638ffe3d7f93305ef13893ad70fd0c6c498ec1ef15853cda212beba10f76e
podman-remote-debuginfo-4.4.1-20.el9_2.aarch64.rpm SHA-256: 1fa4c86b26ffa4ea096a4ab004ddab967a5123aba13ab1cf9d2050330ca8be44
podman-tests-4.4.1-20.el9_2.aarch64.rpm SHA-256: 39d23c8e982d2242497e9667210eb8230565bc3c64fdd2ac6238d4d2b2f46d6b

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2

SRPM
podman-4.4.1-20.el9_2.src.rpm SHA-256: 896af2f81b1f5c35997c4619bae6049af852302943223b8a161bb1f1114879bc
s390x
podman-4.4.1-20.el9_2.s390x.rpm SHA-256: 752e8b9accd944998beb08b31caecc525a17c2b179ecd97449584f1277dd0eda
podman-debuginfo-4.4.1-20.el9_2.s390x.rpm SHA-256: a9615089f810dda412cb6eefb223d41adf0bbf81ad44c149a0a4832f3bd88c27
podman-debugsource-4.4.1-20.el9_2.s390x.rpm SHA-256: 9e3124302a690de548fb9bbac281b6fc5ce25a4783e3fbba2ebbc3f9c5a65fd7
podman-docker-4.4.1-20.el9_2.noarch.rpm SHA-256: 47f22e43de63d805a0b55d60964091fc80f6265d648e9ae81d6751dee663c4e6
podman-gvproxy-4.4.1-20.el9_2.s390x.rpm SHA-256: e77da69fb1479d676ee0878dca6223bb01e178a72fe6ee7cd3c6566ebe79c510
podman-gvproxy-debuginfo-4.4.1-20.el9_2.s390x.rpm SHA-256: 2e8aaddb4abcbc1adf51c7eeec1d59e0e558ed07b2beb92ac1c200fdd01e2694
podman-plugins-4.4.1-20.el9_2.s390x.rpm SHA-256: 5726c070a6e6b2cb893a36bea394cd144d560e26e32f7178cb3c3b2f06ae5425
podman-plugins-debuginfo-4.4.1-20.el9_2.s390x.rpm SHA-256: af33de0f93001307cfa8fa8796012c58ab9c5d825d994621f5b90cf6f0cb9f2a
podman-remote-4.4.1-20.el9_2.s390x.rpm SHA-256: 3cce1578cbfd3c14689f5b3c5a00bd1c30b4578a9a04fd742fc0b6e352854732
podman-remote-debuginfo-4.4.1-20.el9_2.s390x.rpm SHA-256: 7024b050fd2bf14283c45e9901477b4c00aedf1c56709e3b8cd2527b11cd23aa
podman-tests-4.4.1-20.el9_2.s390x.rpm SHA-256: f5c0f8e21ec7cb1ec98328294f8d7a45fe44f5bfe8749d9b4cbfeb02c3ac20c5

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.