Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CVE-2024-11218 fix #25099

Closed
wants to merge 1 commit into from
Closed

CVE-2024-11218 fix #25099

wants to merge 1 commit into from

Conversation

TomSweeneyRedHat
Copy link
Member

This vendors Buildah from the top of the main branch as of January 22, 2025. This included the fixes for CVE-2024-11218.

Fixes: https://issues.redhat.com/browse/RHEL-67605, https://issues.redhat.com/browse/RHEL-67607

Does this PR introduce a user-facing change?

A fix for CVE-2024-11218 was provided.

@TomSweeneyRedHat
CVE-2024-11218 fix
6ef7e52 
This vendors Buildah from the top of the main branch as of January 22, 2025.
This included the fixes for CVE-2024-11218.

Fixes: https://issues.redhat.com/browse/RHEL-67605, https://issues.redhat.com/browse/RHEL-67607

Signed-off-by: tomsweeneyredhat <[email protected]>
@TomSweeneyRedHat TomSweeneyRedHat added do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. No New Tests Allow PR to proceed without adding regression tests labels Jan 23, 2025
@openshift-ci openshift-ci bot added release-note and removed do-not-merge/work-in-progress Indicates that a PR should not merge because it is a work in progress. labels Jan 23, 2025
@openshift-ci OpenShift CI
Copy link
Contributor

openshift-ci bot commented Jan 23, 2025

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: TomSweeneyRedHat

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@openshift-ci openshift-ci bot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label Jan 23, 2025
@packit-as-a-service Packit-as-a-Service
Copy link

Ephemeral COPR build failed. @containers/packit-build please check.

@TomSweeneyRedHat
Copy link
Member Author

TomSweeneyRedHat commented Jan 23, 2025
edited
Loading

@Luap99 PTAL. I tried vendoring top of tree for Buildah, but it looks like it updated c/image and c/storage to the latest release rather than their respective top of trees, but I think we might not want to do that. We may have a catch-22.... Thoughts?

@Luap99
Copy link
Member

Luap99 commented Jan 23, 2025

That is the usual go being unable to figure out how our versions work.

We need containers/buildah#5932 and containers/buildah#5929 first merged in buildah

@Luap99
Copy link
Member

Luap99 commented Jan 27, 2025

I drive the vendor forward in #25130

@Luap99 Luap99 closed this Jan 27, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
approved Indicates a PR has been approved by an approver from all required OWNERS files. No New Tests Allow PR to proceed without adding regression tests release-note
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@TomSweeneyRedHat @Luap99