Oracle Linux Security Advisory ELSA-2025-22012 http://linux.oracle.com/errata/ELSA-2025-22012.html
The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: buildah-1.41.6-1.0.1.el10_1.x86_64.rpm buildah-tests-1.41.6-1.0.1.el10_1.x86_64.rpm aarch64: buildah-1.41.6-1.0.1.el10_1.aarch64.rpm buildah-tests-1.41.6-1.0.1.el10_1.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/buildah-1.41.6-1.0.1.el10_1.src.rpm Related CVEs: CVE-2025-52881 CVE-2025-58183 Description of changes: [1.41.6-1.0.1] - Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117178] [2:1.41.6-1] - update to the latest content of https://github.com/containers/buildah/tree/release-1.41 (https://github.com/containers/buildah/commit/2ece502) - fixes "[Minor Incident] CVE-2025-52881 buildah: container escape and denial of service due to arbitrary write gadgets and procfs write redirects [rhel-10.1.z]" - Resolves: RHEL-126634 [2:1.41.4-3] - rebuild for CVE-2025-58183 - Resolves: RHEL-125628 [2:1.41.4-2] - rebuild as the last build was built in the wrong tag - Related: RHEL-115167 [2:1.41.4-1] - update to the latest content of https://github.com/containers/buildah/tree/release-1.41 (https://github.com/containers/buildah/commit/ee5b574) - fixes "buildah: create parent directories of mount targets with mode 0755 - [RHEL-10.1] 0day" - Resolves: RHEL-115167 _______________________________________________ El-errata mailing list [email protected] https://oss.oracle.com/mailman/listinfo/el-errata
