Red Hat Product Errata RHSA-2024:8709 - Security Advisory
Issued:
2024-10-31
Updated:
2024-10-31

RHSA-2024:8709 - Security Advisory

Synopsis

Important: podman security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for podman is now available for Red Hat Enterprise Linux 9.2 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

The podman tool manages pods, container images, and containers. It is part of the libpod library, which is for applications that use container pods. Container pods is a concept in Kubernetes.

Security Fix(es):

  • buildah: Buildah allows arbitrary directory mount (CVE-2024-9675)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.2 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2 ppc64le
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390x

Fixes

  • BZ - 2317458 - CVE-2024-9675 buildah: Buildah allows arbitrary directory mount

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2

SRPM
podman-4.4.1-21.el9_2.src.rpm SHA-256: 67af4d3c04e8c4bf80b48ce3b1352a3b05733023e77f66bfa827d14d635a7eab
x86_64
podman-4.4.1-21.el9_2.x86_64.rpm SHA-256: f855737bfa7d2e4c19ee26aa26248d8d1367c64299047f47ba63168680f95cfc
podman-debuginfo-4.4.1-21.el9_2.x86_64.rpm SHA-256: c92816b92b57c9833b207ad02c2d6a254f0690f40e2506e05b8cb7be15f427e3
podman-debugsource-4.4.1-21.el9_2.x86_64.rpm SHA-256: cb602a270a6128d1f8a073deeb6a9bcf78516817f167a60330373aa7e4bd4a19
podman-docker-4.4.1-21.el9_2.noarch.rpm SHA-256: 16c120d3f4e5ed9957a1dddaa55c799e3351b77813bbd45deb7c00828467997e
podman-gvproxy-4.4.1-21.el9_2.x86_64.rpm SHA-256: 93abc241d7f0ce65660ffedfd219934310db4593b3057f21ffc8cd852c81396c
podman-gvproxy-debuginfo-4.4.1-21.el9_2.x86_64.rpm SHA-256: b7804373b2360ac094b8cb2946aa6dbfa93d8eb60ad750f392bdba9b182b3736
podman-plugins-4.4.1-21.el9_2.x86_64.rpm SHA-256: f6a882523ced8b8a0479f4fe41e5d0770c9c9be085fd3e1dd88bbc9553dd4414
podman-plugins-debuginfo-4.4.1-21.el9_2.x86_64.rpm SHA-256: 55f7a2b8def462232d40800c50bec7d0f59428cdd2c2721cfe305085eb9cedff
podman-remote-4.4.1-21.el9_2.x86_64.rpm SHA-256: 1f6fef7cd49f874629fc2967b94744079522a0fd802e23df0e809ee5cbeae2a4
podman-remote-debuginfo-4.4.1-21.el9_2.x86_64.rpm SHA-256: 0cf8bbc488e510f4d992578f30df0b59f71a60dd422565daf2f803b12950898b
podman-tests-4.4.1-21.el9_2.x86_64.rpm SHA-256: 548b3cd5a73dbbe2f0ee469d46c6da239b715e37734c2865b0beec8890679163

Red Hat Enterprise Linux Server - AUS 9.2

SRPM
podman-4.4.1-21.el9_2.src.rpm SHA-256: 67af4d3c04e8c4bf80b48ce3b1352a3b05733023e77f66bfa827d14d635a7eab
x86_64
podman-4.4.1-21.el9_2.x86_64.rpm SHA-256: f855737bfa7d2e4c19ee26aa26248d8d1367c64299047f47ba63168680f95cfc
podman-debuginfo-4.4.1-21.el9_2.x86_64.rpm SHA-256: c92816b92b57c9833b207ad02c2d6a254f0690f40e2506e05b8cb7be15f427e3
podman-debugsource-4.4.1-21.el9_2.x86_64.rpm SHA-256: cb602a270a6128d1f8a073deeb6a9bcf78516817f167a60330373aa7e4bd4a19
podman-docker-4.4.1-21.el9_2.noarch.rpm SHA-256: 16c120d3f4e5ed9957a1dddaa55c799e3351b77813bbd45deb7c00828467997e
podman-gvproxy-4.4.1-21.el9_2.x86_64.rpm SHA-256: 93abc241d7f0ce65660ffedfd219934310db4593b3057f21ffc8cd852c81396c
podman-gvproxy-debuginfo-4.4.1-21.el9_2.x86_64.rpm SHA-256: b7804373b2360ac094b8cb2946aa6dbfa93d8eb60ad750f392bdba9b182b3736
podman-plugins-4.4.1-21.el9_2.x86_64.rpm SHA-256: f6a882523ced8b8a0479f4fe41e5d0770c9c9be085fd3e1dd88bbc9553dd4414
podman-plugins-debuginfo-4.4.1-21.el9_2.x86_64.rpm SHA-256: 55f7a2b8def462232d40800c50bec7d0f59428cdd2c2721cfe305085eb9cedff
podman-remote-4.4.1-21.el9_2.x86_64.rpm SHA-256: 1f6fef7cd49f874629fc2967b94744079522a0fd802e23df0e809ee5cbeae2a4
podman-remote-debuginfo-4.4.1-21.el9_2.x86_64.rpm SHA-256: 0cf8bbc488e510f4d992578f30df0b59f71a60dd422565daf2f803b12950898b
podman-tests-4.4.1-21.el9_2.x86_64.rpm SHA-256: 548b3cd5a73dbbe2f0ee469d46c6da239b715e37734c2865b0beec8890679163

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2

SRPM
podman-4.4.1-21.el9_2.src.rpm SHA-256: 67af4d3c04e8c4bf80b48ce3b1352a3b05733023e77f66bfa827d14d635a7eab
s390x
podman-4.4.1-21.el9_2.s390x.rpm SHA-256: e06bf076756089dc6a511a887be1eb5d243af1ae49706156710035abed97a754
podman-debuginfo-4.4.1-21.el9_2.s390x.rpm SHA-256: e4ee2bde92ff51a8e2f32fc41620fe08f59e87770fd14883a5ddf7b1a4fb4ce4
podman-debugsource-4.4.1-21.el9_2.s390x.rpm SHA-256: 52b72ea3890e51c0254e2d4898c9ce320cfccce88de09d12ae0eeb7b7d9d3447
podman-docker-4.4.1-21.el9_2.noarch.rpm SHA-256: 16c120d3f4e5ed9957a1dddaa55c799e3351b77813bbd45deb7c00828467997e
podman-gvproxy-4.4.1-21.el9_2.s390x.rpm SHA-256: 93973201d9351c52ebdd6a59e88320ecfa6bb05fe13111f5113c1ae8015f9f0c
podman-gvproxy-debuginfo-4.4.1-21.el9_2.s390x.rpm SHA-256: c209792357dbd93c84a0535bf09d87537ad5b5659e88100d304954808510d8bc
podman-plugins-4.4.1-21.el9_2.s390x.rpm SHA-256: 2fb6beb57597c78a746ac8ec13a383664c1edb04a7569fa8991788869738315d
podman-plugins-debuginfo-4.4.1-21.el9_2.s390x.rpm SHA-256: 9de4ab45188a1b96a01e7d714d46105e2c11364bce2285bce57bd19b9fdde3f1
podman-remote-4.4.1-21.el9_2.s390x.rpm SHA-256: a49ec3c326079ecc2b454c0e6b8dc906acf58b9bb1c343e8dd267cc1d30ee13e
podman-remote-debuginfo-4.4.1-21.el9_2.s390x.rpm SHA-256: 917172c08f07cd12a14a20ed28766cfbbf5812d3e9190f3fcc9746f6f246b569
podman-tests-4.4.1-21.el9_2.s390x.rpm SHA-256: cac8877c387a4902d81e8bdbafbb8fb8965dd2e41600355974add2e9b62742f3

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2

SRPM
podman-4.4.1-21.el9_2.src.rpm SHA-256: 67af4d3c04e8c4bf80b48ce3b1352a3b05733023e77f66bfa827d14d635a7eab
ppc64le
podman-4.4.1-21.el9_2.ppc64le.rpm SHA-256: 1cf809f942a10aaf00c954fe7cfd78ff24f8886c18d3050df129aaf1483acd70
podman-debuginfo-4.4.1-21.el9_2.ppc64le.rpm SHA-256: e287bc52d1634be422de163d7751306f8657e0303eb4451e4b1d5009b48ae8f5
podman-debugsource-4.4.1-21.el9_2.ppc64le.rpm SHA-256: e56bf8385d655ae714460b93e5a036a0dc3efd8d023f661180089ad612b9032f
podman-docker-4.4.1-21.el9_2.noarch.rpm SHA-256: 16c120d3f4e5ed9957a1dddaa55c799e3351b77813bbd45deb7c00828467997e
podman-gvproxy-4.4.1-21.el9_2.ppc64le.rpm SHA-256: a3f7b6a6cc992cbd7627a4f4300539696c8715a1520c602beb1fd1f84ca95ebe
podman-gvproxy-debuginfo-4.4.1-21.el9_2.ppc64le.rpm SHA-256: 84c9d73acecd598f573422fdec74360de32ce3a270495f76d56bd62d10058c00
podman-plugins-4.4.1-21.el9_2.ppc64le.rpm SHA-256: c86e315ea3a0fb5382c5864689c8092493fe503cba5c7d626d1e854faf1603c1
podman-plugins-debuginfo-4.4.1-21.el9_2.ppc64le.rpm SHA-256: 661d36ab86313ce09231c09d1cf2159cc24b7f7bbc8069524a55c28cc1ff1673
podman-remote-4.4.1-21.el9_2.ppc64le.rpm SHA-256: 1e8c45726f342ab432f61ac629a762a940ad3436b2703ebb8fb835e5f946e795
podman-remote-debuginfo-4.4.1-21.el9_2.ppc64le.rpm SHA-256: efc9c5f1758fa0c695fb6867966c7f73728666b0691fab9800fe125652071c39
podman-tests-4.4.1-21.el9_2.ppc64le.rpm SHA-256: d81679829f02d19992669f4a6234c3cbed3142df9cef57c0f8c91bbec80be4ef

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2

SRPM
podman-4.4.1-21.el9_2.src.rpm SHA-256: 67af4d3c04e8c4bf80b48ce3b1352a3b05733023e77f66bfa827d14d635a7eab
aarch64
podman-4.4.1-21.el9_2.aarch64.rpm SHA-256: c8969352329f107e8c49eb35ea59aac3d52bbef3d1dc8ba54fc142a3dbc10e48
podman-debuginfo-4.4.1-21.el9_2.aarch64.rpm SHA-256: 1dd15cefa5274ffa3918779cd840c6bbe09cd1f254e14309a11da9453643e9a7
podman-debugsource-4.4.1-21.el9_2.aarch64.rpm SHA-256: 0833ca610642e501f42acfae52e60ccf1f4a089ebffbb60a8740643e79033bb5
podman-docker-4.4.1-21.el9_2.noarch.rpm SHA-256: 16c120d3f4e5ed9957a1dddaa55c799e3351b77813bbd45deb7c00828467997e
podman-gvproxy-4.4.1-21.el9_2.aarch64.rpm SHA-256: 28cbf52da93fddce8326978a810b329abf59cf6ea840911fe69821a885ebf3b3
podman-gvproxy-debuginfo-4.4.1-21.el9_2.aarch64.rpm SHA-256: c9e8cf64f6c8b08ab1c6fa0ff4942d5f5a6700804a8b21ded269568ec11692c1
podman-plugins-4.4.1-21.el9_2.aarch64.rpm SHA-256: 78e3df75b735109519b04ecb97a10b73f7646e8dec3020621e06e14995ef2ffc
podman-plugins-debuginfo-4.4.1-21.el9_2.aarch64.rpm SHA-256: 057116e89a68c9033d19ff1a0d088075b65efc9004e0260aebeecffd43805860
podman-remote-4.4.1-21.el9_2.aarch64.rpm SHA-256: 50881a05b97c1af7e3646d1880609b86e24974b491c7e2fe87b0e49be5c13663
podman-remote-debuginfo-4.4.1-21.el9_2.aarch64.rpm SHA-256: d37f3a2923ef5fea022abebdabe89c73dc029d4db93b1b94b02e2a79b87b8f15
podman-tests-4.4.1-21.el9_2.aarch64.rpm SHA-256: 678b0bcdcc625867e3f30909aa0065dae112ce96f7154612c996599a6ab51106

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2

SRPM
podman-4.4.1-21.el9_2.src.rpm SHA-256: 67af4d3c04e8c4bf80b48ce3b1352a3b05733023e77f66bfa827d14d635a7eab
ppc64le
podman-4.4.1-21.el9_2.ppc64le.rpm SHA-256: 1cf809f942a10aaf00c954fe7cfd78ff24f8886c18d3050df129aaf1483acd70
podman-debuginfo-4.4.1-21.el9_2.ppc64le.rpm SHA-256: e287bc52d1634be422de163d7751306f8657e0303eb4451e4b1d5009b48ae8f5
podman-debugsource-4.4.1-21.el9_2.ppc64le.rpm SHA-256: e56bf8385d655ae714460b93e5a036a0dc3efd8d023f661180089ad612b9032f
podman-docker-4.4.1-21.el9_2.noarch.rpm SHA-256: 16c120d3f4e5ed9957a1dddaa55c799e3351b77813bbd45deb7c00828467997e
podman-gvproxy-4.4.1-21.el9_2.ppc64le.rpm SHA-256: a3f7b6a6cc992cbd7627a4f4300539696c8715a1520c602beb1fd1f84ca95ebe
podman-gvproxy-debuginfo-4.4.1-21.el9_2.ppc64le.rpm SHA-256: 84c9d73acecd598f573422fdec74360de32ce3a270495f76d56bd62d10058c00
podman-plugins-4.4.1-21.el9_2.ppc64le.rpm SHA-256: c86e315ea3a0fb5382c5864689c8092493fe503cba5c7d626d1e854faf1603c1
podman-plugins-debuginfo-4.4.1-21.el9_2.ppc64le.rpm SHA-256: 661d36ab86313ce09231c09d1cf2159cc24b7f7bbc8069524a55c28cc1ff1673
podman-remote-4.4.1-21.el9_2.ppc64le.rpm SHA-256: 1e8c45726f342ab432f61ac629a762a940ad3436b2703ebb8fb835e5f946e795
podman-remote-debuginfo-4.4.1-21.el9_2.ppc64le.rpm SHA-256: efc9c5f1758fa0c695fb6867966c7f73728666b0691fab9800fe125652071c39
podman-tests-4.4.1-21.el9_2.ppc64le.rpm SHA-256: d81679829f02d19992669f4a6234c3cbed3142df9cef57c0f8c91bbec80be4ef

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2

SRPM
podman-4.4.1-21.el9_2.src.rpm SHA-256: 67af4d3c04e8c4bf80b48ce3b1352a3b05733023e77f66bfa827d14d635a7eab
x86_64
podman-4.4.1-21.el9_2.x86_64.rpm SHA-256: f855737bfa7d2e4c19ee26aa26248d8d1367c64299047f47ba63168680f95cfc
podman-debuginfo-4.4.1-21.el9_2.x86_64.rpm SHA-256: c92816b92b57c9833b207ad02c2d6a254f0690f40e2506e05b8cb7be15f427e3
podman-debugsource-4.4.1-21.el9_2.x86_64.rpm SHA-256: cb602a270a6128d1f8a073deeb6a9bcf78516817f167a60330373aa7e4bd4a19
podman-docker-4.4.1-21.el9_2.noarch.rpm SHA-256: 16c120d3f4e5ed9957a1dddaa55c799e3351b77813bbd45deb7c00828467997e
podman-gvproxy-4.4.1-21.el9_2.x86_64.rpm SHA-256: 93abc241d7f0ce65660ffedfd219934310db4593b3057f21ffc8cd852c81396c
podman-gvproxy-debuginfo-4.4.1-21.el9_2.x86_64.rpm SHA-256: b7804373b2360ac094b8cb2946aa6dbfa93d8eb60ad750f392bdba9b182b3736
podman-plugins-4.4.1-21.el9_2.x86_64.rpm SHA-256: f6a882523ced8b8a0479f4fe41e5d0770c9c9be085fd3e1dd88bbc9553dd4414
podman-plugins-debuginfo-4.4.1-21.el9_2.x86_64.rpm SHA-256: 55f7a2b8def462232d40800c50bec7d0f59428cdd2c2721cfe305085eb9cedff
podman-remote-4.4.1-21.el9_2.x86_64.rpm SHA-256: 1f6fef7cd49f874629fc2967b94744079522a0fd802e23df0e809ee5cbeae2a4
podman-remote-debuginfo-4.4.1-21.el9_2.x86_64.rpm SHA-256: 0cf8bbc488e510f4d992578f30df0b59f71a60dd422565daf2f803b12950898b
podman-tests-4.4.1-21.el9_2.x86_64.rpm SHA-256: 548b3cd5a73dbbe2f0ee469d46c6da239b715e37734c2865b0beec8890679163

Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2

SRPM
podman-4.4.1-21.el9_2.src.rpm SHA-256: 67af4d3c04e8c4bf80b48ce3b1352a3b05733023e77f66bfa827d14d635a7eab
aarch64
podman-4.4.1-21.el9_2.aarch64.rpm SHA-256: c8969352329f107e8c49eb35ea59aac3d52bbef3d1dc8ba54fc142a3dbc10e48
podman-debuginfo-4.4.1-21.el9_2.aarch64.rpm SHA-256: 1dd15cefa5274ffa3918779cd840c6bbe09cd1f254e14309a11da9453643e9a7
podman-debugsource-4.4.1-21.el9_2.aarch64.rpm SHA-256: 0833ca610642e501f42acfae52e60ccf1f4a089ebffbb60a8740643e79033bb5
podman-docker-4.4.1-21.el9_2.noarch.rpm SHA-256: 16c120d3f4e5ed9957a1dddaa55c799e3351b77813bbd45deb7c00828467997e
podman-gvproxy-4.4.1-21.el9_2.aarch64.rpm SHA-256: 28cbf52da93fddce8326978a810b329abf59cf6ea840911fe69821a885ebf3b3
podman-gvproxy-debuginfo-4.4.1-21.el9_2.aarch64.rpm SHA-256: c9e8cf64f6c8b08ab1c6fa0ff4942d5f5a6700804a8b21ded269568ec11692c1
podman-plugins-4.4.1-21.el9_2.aarch64.rpm SHA-256: 78e3df75b735109519b04ecb97a10b73f7646e8dec3020621e06e14995ef2ffc
podman-plugins-debuginfo-4.4.1-21.el9_2.aarch64.rpm SHA-256: 057116e89a68c9033d19ff1a0d088075b65efc9004e0260aebeecffd43805860
podman-remote-4.4.1-21.el9_2.aarch64.rpm SHA-256: 50881a05b97c1af7e3646d1880609b86e24974b491c7e2fe87b0e49be5c13663
podman-remote-debuginfo-4.4.1-21.el9_2.aarch64.rpm SHA-256: d37f3a2923ef5fea022abebdabe89c73dc029d4db93b1b94b02e2a79b87b8f15
podman-tests-4.4.1-21.el9_2.aarch64.rpm SHA-256: 678b0bcdcc625867e3f30909aa0065dae112ce96f7154612c996599a6ab51106

Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2

SRPM
podman-4.4.1-21.el9_2.src.rpm SHA-256: 67af4d3c04e8c4bf80b48ce3b1352a3b05733023e77f66bfa827d14d635a7eab
s390x
podman-4.4.1-21.el9_2.s390x.rpm SHA-256: e06bf076756089dc6a511a887be1eb5d243af1ae49706156710035abed97a754
podman-debuginfo-4.4.1-21.el9_2.s390x.rpm SHA-256: e4ee2bde92ff51a8e2f32fc41620fe08f59e87770fd14883a5ddf7b1a4fb4ce4
podman-debugsource-4.4.1-21.el9_2.s390x.rpm SHA-256: 52b72ea3890e51c0254e2d4898c9ce320cfccce88de09d12ae0eeb7b7d9d3447
podman-docker-4.4.1-21.el9_2.noarch.rpm SHA-256: 16c120d3f4e5ed9957a1dddaa55c799e3351b77813bbd45deb7c00828467997e
podman-gvproxy-4.4.1-21.el9_2.s390x.rpm SHA-256: 93973201d9351c52ebdd6a59e88320ecfa6bb05fe13111f5113c1ae8015f9f0c
podman-gvproxy-debuginfo-4.4.1-21.el9_2.s390x.rpm SHA-256: c209792357dbd93c84a0535bf09d87537ad5b5659e88100d304954808510d8bc
podman-plugins-4.4.1-21.el9_2.s390x.rpm SHA-256: 2fb6beb57597c78a746ac8ec13a383664c1edb04a7569fa8991788869738315d
podman-plugins-debuginfo-4.4.1-21.el9_2.s390x.rpm SHA-256: 9de4ab45188a1b96a01e7d714d46105e2c11364bce2285bce57bd19b9fdde3f1
podman-remote-4.4.1-21.el9_2.s390x.rpm SHA-256: a49ec3c326079ecc2b454c0e6b8dc906acf58b9bb1c343e8dd267cc1d30ee13e
podman-remote-debuginfo-4.4.1-21.el9_2.s390x.rpm SHA-256: 917172c08f07cd12a14a20ed28766cfbbf5812d3e9190f3fcc9746f6f246b569
podman-tests-4.4.1-21.el9_2.s390x.rpm SHA-256: cac8877c387a4902d81e8bdbafbb8fb8965dd2e41600355974add2e9b62742f3

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.