That CVE was announced here: https://github.com/containers/buildah/security/advisories/GHSA-pmf3-c36m-g5cf https://github.com/containers/podman/security/advisories/GHSA-874v-pj72-92f3 That problem is fixed in buildah 1.35.1 and podman 4.9.4 (or 5.0.1). Mageia 9 is also affected.
Whiteboard: (none) => MGA9TOOStatus comment: (none) => Fixed upstream in buildah 1.35.1 and podman 4.9.4Source RPM: (none) => buildah-1.35.0-1.mga10.src.rpm, podman-4.8.3-1.mga10.src.rpmCVE: (none) => CVE-2024-1753
Both new version cures. Assigning to Joseph who currently maintains these pkgs.
Assignee: bugsquad => joequant