SUSE-SU-2022:0770-1

Source
https://www.suse.com/support/update/announcement/2022/suse-su-20220770-1/
Import Source
https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2022:0770-1.json
JSON Data
https://api.osv.dev/v1/vulns/SUSE-SU-2022:0770-1
Related
Published
2022-03-09T08:24:57Z
Modified
2022-03-09T08:24:57Z
Summary
Security update for buildah
Details

This update for buildah fixes the following issues:

buildah was updated to version 1.23.1:

Update to version 1.22.3:

  • Update dependencies
  • Post-branch commit
  • Accept repositories on login/logout

Update to version 1.22.0:

  • c/image, c/storage, c/common vendor before Podman 3.3 release
  • Proposed patch for 3399 (shadowutils)
  • Fix handling of --restore shadow-utils
  • runtime-flag (debug) test: handle old & new runc
  • Allow dst and destination for target in secret mounts
  • Multi-arch: Always push updated version-tagged img
  • imagebuildah.stageExecutor.prepare(): remove pseudonym check
  • refine dangling filter
  • Chown with environment variables not set should fail
  • Just restore protections of shadow-utils
  • Remove specific kernel version number requirement from install.md
  • Multi-arch image workflow: Make steps generic
  • chroot: fix environment value leakage to intermediate processes
  • Update nix pin with make nixpkgs
  • buildah source - create and manage source images
  • Update cirrus-cron notification GH workflow
  • Reuse code from containers/common/pkg/parse
  • Cirrus: Freshen VM images
  • Fix excludes exception begining with / or ./
  • Fix syntax for --manifest example
  • vendor containers/common@main
  • Cirrus: Drop dependence on fedora-minimal
  • Adjust conformance-test error-message regex
  • Workaround appearance of differing debug messages
  • Cirrus: Install docker from package cache
  • Switch rusagelogfile to use options.Out
  • Turn stdio back to blocking when command finishes
  • Add support for default network creation
  • Cirrus: Updates for master->main rename
  • Change references from master to main
  • Add --env and --workingdir flags to run command
  • [CI:DOCS] buildah bud: spelling --ignore-file requires parameter
  • [CI:DOCS] push/pull: clarify supported transports
  • Remove unused function arguments
  • Create mountOptions for mount command flags
  • Extract version command implementation to function
  • Add --json flags to mount and version commands
  • copier.Put(): set xattrs after ownership
  • buildah add/copy: spelling
  • buildah copy and buildah add should support .containerignore
  • Remove unused util.StartsWithValidTransport
  • Fix documentation of the --format option of buildah push
  • Don't use alltransports.ParseImageName with known transports
  • man pages: clarify rmi removes dangling parents
  • [CI:DOCS] Fix links to c/image master branch
  • imagebuildah: use the specified logger for logging preprocessing warnings
  • Fix copy into workdir for a single file
  • Fix docs links due to branch rename
  • Update nix pin with make nixpkgs
  • fix(docs): typo
  • Move to v1.22.0-dev
  • Fix handling of auth.json file while in a user namespace
  • Add rusage-logfile flag to optionally send rusage to a file
  • imagebuildah: redo step logging
  • Add volumes to make running buildah within a container easier
  • Add and use a 'copy' helper instead of podman load/save
  • Bump github.com/containers/common from 0.38.4 to 0.39.0
  • containerImageRef/containerImageSource: don't buffer uncompressed layers
  • containerImageRef(): squashed images have no parent images
  • Sync. workflow across skopeo, buildah, and podman
  • Bump github.com/containers/storage from 1.31.1 to 1.31.2
  • Bump github.com/opencontainers/runc from 1.0.0-rc94 to 1.0.0-rc95
  • Bump to v1.21.1-dev [NO TESTS NEEDED]
References

Affected packages

SUSE:Linux Enterprise Module for Containers 15 SP3 / buildah

Package

Name
buildah
Purl
purl:rpm/suse/buildah&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Containers%2015%20SP3

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1.23.1-150300.8.3.1

Ecosystem specific

{
    "binaries": [
        {
            "buildah": "1.23.1-150300.8.3.1"
        }
    ]
}