Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2024:7819 - Security Advisory
Issued:
2024-10-08
Updated:
2024-10-08

RHSA-2024:7819 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: buildah security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for buildah is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The buildah package provides a tool for facilitating building OCI container images. Among other things, buildah enables you to: Create a working container, either from scratch or using an image as a starting point; Create an image, either from a working container or using the instructions in a Dockerfile; Build both Docker and OCI images.

Security Fix(es):

  • encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion (CVE-2024-34156)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.2 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2 ppc64le
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390x

Fixes

  • BZ - 2310528 - CVE-2024-34156 encoding/gob: golang: Calling Decoder.Decode on a message which contains deeply nested structures can cause a panic due to stack exhaustion

CVEs

  • CVE-2024-34156

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2

SRPM
buildah-1.29.3-1.el9_2.1.src.rpm SHA-256: 9ec435666e269b5e90ad7bf2ffd01a03233334a5b661dab3ea14049f3254e5fd
x86_64
buildah-1.29.3-1.el9_2.1.x86_64.rpm SHA-256: dcfa2a7a9f7b9d3ab998c6559f56a01147cd0880bb99fd4b18fffd7579c69ef6
buildah-debuginfo-1.29.3-1.el9_2.1.x86_64.rpm SHA-256: b39248372550c9d48afa6084876da88e596770b1d2bb97fdbb7ce2eed1fbacbb
buildah-debugsource-1.29.3-1.el9_2.1.x86_64.rpm SHA-256: 26772acc844b177febdc5b5d841eb918c24d3d56074786741a0d50a47a89878e
buildah-tests-1.29.3-1.el9_2.1.x86_64.rpm SHA-256: 7b26551de234962c5643903b47082942b5842198e6677760a804f6ca38b84f5e
buildah-tests-debuginfo-1.29.3-1.el9_2.1.x86_64.rpm SHA-256: b37cbf4a61b312ab40727bf8d9284e6716513e2c537aac0973c9fda6909b62e0

Red Hat Enterprise Linux Server - AUS 9.2

SRPM
buildah-1.29.3-1.el9_2.1.src.rpm SHA-256: 9ec435666e269b5e90ad7bf2ffd01a03233334a5b661dab3ea14049f3254e5fd
x86_64
buildah-1.29.3-1.el9_2.1.x86_64.rpm SHA-256: dcfa2a7a9f7b9d3ab998c6559f56a01147cd0880bb99fd4b18fffd7579c69ef6
buildah-debuginfo-1.29.3-1.el9_2.1.x86_64.rpm SHA-256: b39248372550c9d48afa6084876da88e596770b1d2bb97fdbb7ce2eed1fbacbb
buildah-debugsource-1.29.3-1.el9_2.1.x86_64.rpm SHA-256: 26772acc844b177febdc5b5d841eb918c24d3d56074786741a0d50a47a89878e
buildah-tests-1.29.3-1.el9_2.1.x86_64.rpm SHA-256: 7b26551de234962c5643903b47082942b5842198e6677760a804f6ca38b84f5e
buildah-tests-debuginfo-1.29.3-1.el9_2.1.x86_64.rpm SHA-256: b37cbf4a61b312ab40727bf8d9284e6716513e2c537aac0973c9fda6909b62e0

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2

SRPM
buildah-1.29.3-1.el9_2.1.src.rpm SHA-256: 9ec435666e269b5e90ad7bf2ffd01a03233334a5b661dab3ea14049f3254e5fd
s390x
buildah-1.29.3-1.el9_2.1.s390x.rpm SHA-256: 7a3e8e2feaa4d66e461afbe25c38bc7ba411ab8f730af6d485dce54e31687396
buildah-debuginfo-1.29.3-1.el9_2.1.s390x.rpm SHA-256: a960f5dc05e3eca518c43ef7f3bdcbf081ed6465702cf2bb3ee847a5fad07fee
buildah-debugsource-1.29.3-1.el9_2.1.s390x.rpm SHA-256: 0be361d42b639e734c32b73dd51c17a86171782eaef994798be889e4f09e6954
buildah-tests-1.29.3-1.el9_2.1.s390x.rpm SHA-256: 04d8c4e7ff60d470eaf0e75f337e746c5ae93c347f4becca3ae806d973f3928c
buildah-tests-debuginfo-1.29.3-1.el9_2.1.s390x.rpm SHA-256: eaead4fce7572654dcab689cfed418b036e5e49b2c21a6be5984a52316269bf0

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2

SRPM
buildah-1.29.3-1.el9_2.1.src.rpm SHA-256: 9ec435666e269b5e90ad7bf2ffd01a03233334a5b661dab3ea14049f3254e5fd
ppc64le
buildah-1.29.3-1.el9_2.1.ppc64le.rpm SHA-256: 137d5453dc3131b1d7ec78ca0fe0e14a74efc45c78d657edec18196c0e33f50e
buildah-debuginfo-1.29.3-1.el9_2.1.ppc64le.rpm SHA-256: bea5e84b1744d9ecfd3e266d5967ccac4d271d5dee89bef6b6aa4b4199e58abf
buildah-debugsource-1.29.3-1.el9_2.1.ppc64le.rpm SHA-256: c0a2e430b0d25c0d34931f4dab84da80917f736e377e90bfe83b0c1731cec0aa
buildah-tests-1.29.3-1.el9_2.1.ppc64le.rpm SHA-256: 3c01a9a056c6c120b316a7a7d7cc6ea52c3b6d60ad8e6ad24a1aa6bea1250b26
buildah-tests-debuginfo-1.29.3-1.el9_2.1.ppc64le.rpm SHA-256: b210eae687a92a33c79b84b16f737ae8b40586abea91bc763ea3ede0d0be9b14

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2

SRPM
buildah-1.29.3-1.el9_2.1.src.rpm SHA-256: 9ec435666e269b5e90ad7bf2ffd01a03233334a5b661dab3ea14049f3254e5fd
aarch64
buildah-1.29.3-1.el9_2.1.aarch64.rpm SHA-256: dd620c26483c443a1bcc468de92a4308b8c6abfb301161dff19b22abf3d886ec
buildah-debuginfo-1.29.3-1.el9_2.1.aarch64.rpm SHA-256: 6e64fa6a0a3f6eb6b7ae106a5d6b7c0aa48bce5be567f74789305cb02e0e0ad7
buildah-debugsource-1.29.3-1.el9_2.1.aarch64.rpm SHA-256: a6429cfb55e7a811918381733cf4d13c1d99faa11d5c44effb3bef787ab8b00c
buildah-tests-1.29.3-1.el9_2.1.aarch64.rpm SHA-256: 7ddae0a8e7dd8dc347fc7e974cc1ae3c3d151fd3930d488867d0d8bdbc9e301b
buildah-tests-debuginfo-1.29.3-1.el9_2.1.aarch64.rpm SHA-256: 8e43fcd22afb6962708585aba4c14dd9b485da9ad3c1de1877838139d46593c3

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2

SRPM
buildah-1.29.3-1.el9_2.1.src.rpm SHA-256: 9ec435666e269b5e90ad7bf2ffd01a03233334a5b661dab3ea14049f3254e5fd
ppc64le
buildah-1.29.3-1.el9_2.1.ppc64le.rpm SHA-256: 137d5453dc3131b1d7ec78ca0fe0e14a74efc45c78d657edec18196c0e33f50e
buildah-debuginfo-1.29.3-1.el9_2.1.ppc64le.rpm SHA-256: bea5e84b1744d9ecfd3e266d5967ccac4d271d5dee89bef6b6aa4b4199e58abf
buildah-debugsource-1.29.3-1.el9_2.1.ppc64le.rpm SHA-256: c0a2e430b0d25c0d34931f4dab84da80917f736e377e90bfe83b0c1731cec0aa
buildah-tests-1.29.3-1.el9_2.1.ppc64le.rpm SHA-256: 3c01a9a056c6c120b316a7a7d7cc6ea52c3b6d60ad8e6ad24a1aa6bea1250b26
buildah-tests-debuginfo-1.29.3-1.el9_2.1.ppc64le.rpm SHA-256: b210eae687a92a33c79b84b16f737ae8b40586abea91bc763ea3ede0d0be9b14

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2

SRPM
buildah-1.29.3-1.el9_2.1.src.rpm SHA-256: 9ec435666e269b5e90ad7bf2ffd01a03233334a5b661dab3ea14049f3254e5fd
x86_64
buildah-1.29.3-1.el9_2.1.x86_64.rpm SHA-256: dcfa2a7a9f7b9d3ab998c6559f56a01147cd0880bb99fd4b18fffd7579c69ef6
buildah-debuginfo-1.29.3-1.el9_2.1.x86_64.rpm SHA-256: b39248372550c9d48afa6084876da88e596770b1d2bb97fdbb7ce2eed1fbacbb
buildah-debugsource-1.29.3-1.el9_2.1.x86_64.rpm SHA-256: 26772acc844b177febdc5b5d841eb918c24d3d56074786741a0d50a47a89878e
buildah-tests-1.29.3-1.el9_2.1.x86_64.rpm SHA-256: 7b26551de234962c5643903b47082942b5842198e6677760a804f6ca38b84f5e
buildah-tests-debuginfo-1.29.3-1.el9_2.1.x86_64.rpm SHA-256: b37cbf4a61b312ab40727bf8d9284e6716513e2c537aac0973c9fda6909b62e0

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2

SRPM
buildah-1.29.3-1.el9_2.1.src.rpm SHA-256: 9ec435666e269b5e90ad7bf2ffd01a03233334a5b661dab3ea14049f3254e5fd
aarch64
buildah-1.29.3-1.el9_2.1.aarch64.rpm SHA-256: dd620c26483c443a1bcc468de92a4308b8c6abfb301161dff19b22abf3d886ec
buildah-debuginfo-1.29.3-1.el9_2.1.aarch64.rpm SHA-256: 6e64fa6a0a3f6eb6b7ae106a5d6b7c0aa48bce5be567f74789305cb02e0e0ad7
buildah-debugsource-1.29.3-1.el9_2.1.aarch64.rpm SHA-256: a6429cfb55e7a811918381733cf4d13c1d99faa11d5c44effb3bef787ab8b00c
buildah-tests-1.29.3-1.el9_2.1.aarch64.rpm SHA-256: 7ddae0a8e7dd8dc347fc7e974cc1ae3c3d151fd3930d488867d0d8bdbc9e301b
buildah-tests-debuginfo-1.29.3-1.el9_2.1.aarch64.rpm SHA-256: 8e43fcd22afb6962708585aba4c14dd9b485da9ad3c1de1877838139d46593c3

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2

SRPM
buildah-1.29.3-1.el9_2.1.src.rpm SHA-256: 9ec435666e269b5e90ad7bf2ffd01a03233334a5b661dab3ea14049f3254e5fd
s390x
buildah-1.29.3-1.el9_2.1.s390x.rpm SHA-256: 7a3e8e2feaa4d66e461afbe25c38bc7ba411ab8f730af6d485dce54e31687396
buildah-debuginfo-1.29.3-1.el9_2.1.s390x.rpm SHA-256: a960f5dc05e3eca518c43ef7f3bdcbf081ed6465702cf2bb3ee847a5fad07fee
buildah-debugsource-1.29.3-1.el9_2.1.s390x.rpm SHA-256: 0be361d42b639e734c32b73dd51c17a86171782eaef994798be889e4f09e6954
buildah-tests-1.29.3-1.el9_2.1.s390x.rpm SHA-256: 04d8c4e7ff60d470eaf0e75f337e746c5ae93c347f4becca3ae806d973f3928c
buildah-tests-debuginfo-1.29.3-1.el9_2.1.s390x.rpm SHA-256: eaead4fce7572654dcab689cfed418b036e5e49b2c21a6be5984a52316269bf0

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility