Bug 50533

Summary: Update to v4.9.5 ( v5.1.0 )
Product: Sisyphus Reporter: GordeevM <max.gordeef>
Component: podmanAssignee: Alexey Shabalin <shaba>
Status: CLOSED DUPLICATE QA Contact: qa-sisyphus
Severity: normal    
Priority: P5 CC: obirvalger, shaba
Version: unstable   
Hardware: x86_64   
OS: Linux   

Description GordeevM 2024-06-03 17:45:42 MSK 
https://github.com/containers/podman/releases



https://github.com/containers/podman/releases/tag/v4.9.4
Security
Fixed CVE-2024-1753 in Buildah and podman build which allowed a user to write files to the / directory of the host machine if selinux was not enabled.
Bugfixes
Fixed a bug where health check status would be updated to "healthy" before the startup delay had expired.

https://github.com/containers/podman/releases/tag/v4.9.5
Security
This release addresses CVE-2024-3727, a vulnerability in the containers/image library which allows attackers to trigger authenticated registry access on behalf of the victim user.
API
Fixed a bug in the Compat List endpoint for Networks which could result in a server crash due to concurrent writes to a map (#22330).

https://github.com/containers/podman/releases/tag/v5.1.0
Comment 1 GordeevM 2024-06-03 17:46:59 MSK 

*** This bug has been marked as a duplicate of bug 49168 ***