|
|
Subscribe / Log in / New account

Oracle alert ELSA-2025-9147 (buildah)



From:
              Errata Announcements for Oracle Linux via El-errata <el-errata@oss.oracle.com>


To:
              el-errata@oss.oracle.com


Subject:
              [El-errata] ELSA-2025-9147 Moderate: Oracle Linux 9 buildah security update


Date:
              Tue, 17 Jun 2025 20:52:06 -0700


Message-ID:
              <mailman.459.1750218733.37250.el-errata@oss.oracle.com>


Oracle Linux Security Advisory ELSA-2025-9147

http://linux.oracle.com/errata/ELSA-2025-9147.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
buildah-1.39.4-2.0.1.el9_6.x86_64.rpm
buildah-tests-1.39.4-2.0.1.el9_6.x86_64.rpm

aarch64:
buildah-1.39.4-2.0.1.el9_6.aarch64.rpm
buildah-tests-1.39.4-2.0.1.el9_6.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//buildah-1.39.4-2...

Related CVEs:

CVE-2025-22871




Description of changes:

[1.39.4-2.0.1]
- Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117178]

[2:1.39.4-2]
- rebuild to fix CVE-2025-22871 buildah: Request smuggling due to acceptance of invalid chunked
data in net/http
- Resolves: RHEL-89294


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds