Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Fedora 41: 2025-908dfe95f6 critical: podman container security fix

fedora
Calendar Grey January 25, 2025
Dist Fedora Esm H88
The containers-common package in Fedora 41 has been revised to address CVE-2024-11218, accompanied by fresh security patches for Podman and Buildah.
Security fix for CVE-2024-11218 - fixed in buildah 1.38.1, podman 5.3.2 Automatic update for buildah-1.38.1-1.fc41, containers-common-0.61.1-1.fc41, podman-5.3.2-1.fc41

Summary

This package contains common configuration files and documentation for container

tools ecosystem, such as Podman, Buildah and Skopeo.

It is required because the most of configuration files and docs come from projects

which are vendored into Podman, Buildah, Skopeo, etc. but they are not packaged

separately.

Update Information:

Security fix for CVE-2024-11218 - fixed in buildah 1.38.1, podman 5.3.2 Automatic update for buildah-1.38.1-1.fc41, containers-common-0.61.1-1.fc41, podman-5.3.2-1.fc41. Changelog for buildah * Tue Jan 21 2025 Packit - 2:1.38.1-1 - Update to 1.38.1 upstream release Changelog for containers-common * Thu Jan 16 2025 Packit - 5:0.61.1-1 - Update to 0.61.1 upstream release Changelog for podman * Wed Jan 22 2025 Packit - 5:5.3.2-1 - Update to 5.3.2 upstream release * Wed Jan 22 2025 Lokesh Mandvekar - 5:5.3.1-4 - remove patch merged in upcoming upstream release * Fri Jan 17 2025 Mikhail Gavrilov - 5:5.3.1-3 - apply MR https://github.com/containers/storage/pull/2193 * Wed Nov 27 2024 Lokesh Mandvekar - 5:5.3.1-2 - remove unused patch apply MR https://github.com/containers/storage/pull/2193

Topics%20covered

Topics Covered

security advisory Fedora security fix buildah podman container tools CVE-2024-11218

Change Log

* Thu Jan 16 2025 Packit - 5:0.61.1-1 - Update to 0.61.1 upstream release

References


[ 1 ] Bug #2326231 - CVE-2024-11218 podman: buildah: Container breakout by using --jobs=2 and a race condition when building a malicious Containerfile https://bugzilla.redhat.com/show_bug.cgi?id=2326231

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2025-908dfe95f6' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

Severity
critical
Lowest
Low
Medium
High
Critical

Name: containers-common
Product: Fedora 41
Version: 0.61.1
Release: 1.fc41
URL: https://github.com/containers/common
Summary: Common configuration and documentation for containers

Topics%20covered

Topics Covered

security advisory Fedora security fix buildah podman container tools CVE-2024-11218

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here