[release-1.37] Fix CVE-2024-9407 and CVE-2024-9341 #5764
Merged
+164
−43
Commits on Oct 2, 2024
-
CVE-2024-9407: validate "bind-propagation" flag settings
CVE-2024-9407: validate that the value for the "bind-propagation" flag when handling "bind" and "cache" mounts in `buildah run` or in RUN instructions is one of the values that we would accept without the "bind-propagation=" prefix. Paul: fix merged conflict in tests (cherry-picked from 732f770) Fixes https://issues.redhat.com/browse/RHEL-61147 Fixes https://issues.redhat.com/browse/RHEL-61145 Signed-off-by: Nalin Dahyabhai <nalin@redhat.com> Signed-off-by: Paul Holzinger <pholzing@redhat.com>
-
vendor: update c/common to v0.60.4
Update c/common to fix CVE-2024-9341 Fixes CVE-2024-9341 Fixes https://issues.redhat.com/browse/RHEL-61114 Fixes https://issues.redhat.com/browse/RHEL-61112 Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.