Oracle Linux Security Advisory ELSA-2026-4672 http://linux.oracle.com/errata/ELSA-2026-4672.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: aardvark-dns-1.10.1-2.module+el8.10.0+90844+cf83192e.x86_64.rpm buildah-1.33.14-3.module+el8.10.0+90844+cf83192e.x86_64.rpm buildah-tests-1.33.14-3.module+el8.10.0+90844+cf83192e.x86_64.rpm cockpit-podman-84.1-1.module+el8.10.0+90844+cf83192e.noarch.rpm conmon-2.1.10-1.module+el8.10.0+90844+cf83192e.x86_64.rpm containernetworking-plugins-1.4.0-8.module+el8.10.0+90844+cf83192e.x86_64.rpm containers-common-1-82.0.1.module+el8.10.0+90844+cf83192e.x86_64.rpm container-selinux-2.229.0-2.module+el8.10.0+90844+cf83192e.noarch.rpm crit-3.18-5.module+el8.10.0+90844+cf83192e.x86_64.rpm criu-3.18-5.module+el8.10.0+90844+cf83192e.x86_64.rpm criu-devel-3.18-5.module+el8.10.0+90844+cf83192e.x86_64.rpm criu-libs-3.18-5.module+el8.10.0+90844+cf83192e.x86_64.rpm crun-1.14.3-2.module+el8.10.0+90844+cf83192e.x86_64.rpm fuse-overlayfs-1.13-1.module+el8.10.0+90844+cf83192e.x86_64.rpm libslirp-4.4.0-2.module+el8.10.0+90844+cf83192e.x86_64.rpm libslirp-devel-4.4.0-2.module+el8.10.0+90844+cf83192e.x86_64.rpm netavark-1.10.3-1.module+el8.10.0+90844+cf83192e.x86_64.rpm oci-seccomp-bpf-hook-1.2.10-1.module+el8.10.0+90844+cf83192e.x86_64.rpm podman-4.9.4-30.0.1.module+el8.10.0+90844+cf83192e.x86_64.rpm podman-catatonit-4.9.4-30.0.1.module+el8.10.0+90844+cf83192e.x86_64.rpm podman-docker-4.9.4-30.0.1.module+el8.10.0+90844+cf83192e.noarch.rpm podman-gvproxy-4.9.4-30.0.1.module+el8.10.0+90844+cf83192e.x86_64.rpm podman-plugins-4.9.4-30.0.1.module+el8.10.0+90844+cf83192e.x86_64.rpm podman-remote-4.9.4-30.0.1.module+el8.10.0+90844+cf83192e.x86_64.rpm podman-tests-4.9.4-30.0.1.module+el8.10.0+90844+cf83192e.x86_64.rpm python3-criu-3.18-5.module+el8.10.0+90844+cf83192e.x86_64.rpm python3-podman-4.9.0-3.module+el8.10.0+90844+cf83192e.noarch.rpm runc-1.2.9-4.module+el8.10.0+90844+cf83192e.x86_64.rpm skopeo-1.14.5-7.module+el8.10.0+90844+cf83192e.x86_64.rpm skopeo-tests-1.14.5-7.module+el8.10.0+90844+cf83192e.x86_64.rpm slirp4netns-1.2.3-1.module+el8.10.0+90844+cf83192e.x86_64.rpm udica-0.2.6-21.module+el8.10.0+90844+cf83192e.noarch.rpm aarch64: aardvark-dns-1.10.1-2.module+el8.10.0+90844+cf83192e.aarch64.rpm buildah-1.33.14-3.module+el8.10.0+90844+cf83192e.aarch64.rpm buildah-tests-1.33.14-3.module+el8.10.0+90844+cf83192e.aarch64.rpm cockpit-podman-84.1-1.module+el8.10.0+90844+cf83192e.noarch.rpm conmon-2.1.10-1.module+el8.10.0+90844+cf83192e.aarch64.rpm containernetworking-plugins-1.4.0-8.module+el8.10.0+90844+cf83192e.aarch64.rpm containers-common-1-82.0.1.module+el8.10.0+90844+cf83192e.aarch64.rpm container-selinux-2.229.0-2.module+el8.10.0+90844+cf83192e.noarch.rpm crit-3.18-5.module+el8.10.0+90844+cf83192e.aarch64.rpm criu-3.18-5.module+el8.10.0+90844+cf83192e.aarch64.rpm criu-devel-3.18-5.module+el8.10.0+90844+cf83192e.aarch64.rpm criu-libs-3.18-5.module+el8.10.0+90844+cf83192e.aarch64.rpm crun-1.14.3-2.module+el8.10.0+90844+cf83192e.aarch64.rpm fuse-overlayfs-1.13-1.module+el8.10.0+90844+cf83192e.aarch64.rpm libslirp-4.4.0-2.module+el8.10.0+90844+cf83192e.aarch64.rpm libslirp-devel-4.4.0-2.module+el8.10.0+90844+cf83192e.aarch64.rpm netavark-1.10.3-1.module+el8.10.0+90844+cf83192e.aarch64.rpm oci-seccomp-bpf-hook-1.2.10-1.module+el8.10.0+90844+cf83192e.aarch64.rpm podman-4.9.4-30.0.1.module+el8.10.0+90844+cf83192e.aarch64.rpm podman-catatonit-4.9.4-30.0.1.module+el8.10.0+90844+cf83192e.aarch64.rpm podman-docker-4.9.4-30.0.1.module+el8.10.0+90844+cf83192e.noarch.rpm podman-gvproxy-4.9.4-30.0.1.module+el8.10.0+90844+cf83192e.aarch64.rpm podman-plugins-4.9.4-30.0.1.module+el8.10.0+90844+cf83192e.aarch64.rpm podman-remote-4.9.4-30.0.1.module+el8.10.0+90844+cf83192e.aarch64.rpm podman-tests-4.9.4-30.0.1.module+el8.10.0+90844+cf83192e.aarch64.rpm python3-criu-3.18-5.module+el8.10.0+90844+cf83192e.aarch64.rpm python3-podman-4.9.0-3.module+el8.10.0+90844+cf83192e.noarch.rpm runc-1.2.9-4.module+el8.10.0+90844+cf83192e.aarch64.rpm skopeo-1.14.5-7.module+el8.10.0+90844+cf83192e.aarch64.rpm skopeo-tests-1.14.5-7.module+el8.10.0+90844+cf83192e.aarch64.rpm slirp4netns-1.2.3-1.module+el8.10.0+90844+cf83192e.aarch64.rpm udica-0.2.6-21.module+el8.10.0+90844+cf83192e.noarch.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/aardvark-dns-1.10.1-2.module+el8.10.0+90844+cf83192e.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/buildah-1.33.14-3.module+el8.10.0+90844+cf83192e.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/cockpit-podman-84.1-1.module+el8.10.0+90844+cf83192e.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/conmon-2.1.10-1.module+el8.10.0+90844+cf83192e.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/containernetworking-plugins-1.4.0-8.module+el8.10.0+90844+cf83192e.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/containers-common-1-82.0.1.module+el8.10.0+90844+cf83192e.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/container-selinux-2.229.0-2.module+el8.10.0+90844+cf83192e.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/criu-3.18-5.module+el8.10.0+90844+cf83192e.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/crun-1.14.3-2.module+el8.10.0+90844+cf83192e.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/fuse-overlayfs-1.13-1.module+el8.10.0+90844+cf83192e.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/libslirp-4.4.0-2.module+el8.10.0+90844+cf83192e.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/netavark-1.10.3-1.module+el8.10.0+90844+cf83192e.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/oci-seccomp-bpf-hook-1.2.10-1.module+el8.10.0+90844+cf83192e.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/podman-4.9.4-30.0.1.module+el8.10.0+90844+cf83192e.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/python-podman-4.9.0-3.module+el8.10.0+90844+cf83192e.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/runc-1.2.9-4.module+el8.10.0+90844+cf83192e.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/skopeo-1.14.5-7.module+el8.10.0+90844+cf83192e.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/slirp4netns-1.2.3-1.module+el8.10.0+90844+cf83192e.src.rpm http://oss.oracle.com/ol8/SRPMS-updates/udica-0.2.6-21.module+el8.10.0+90844+cf83192e.src.rpm Related CVEs: CVE-2025-61726 CVE-2025-61728 CVE-2025-68121 Description of changes: aardvark-dns [2:1.10.1-2] - build off the RHEL maintenance branch - Resolves: RHEL-59129 [2:1.10.0-1] - update to https://github.com/containers/aardvark-dns/releases/tag/v1.10.0 - Related: Jira:RHEL-2110 [2:1.9.0-1] - update to https://github.com/containers/aardvark-dns/releases/tag/v1.9.0 - Related: Jira:RHEL-2110 [2:1.8.0-1] - update to https://github.com/containers/aardvark-dns/releases/tag/v1.8.0 - Related: Jira:RHEL-2110 [2:1.7.0-1] - update to https://github.com/containers/aardvark-dns/releases/tag/v1.7.0 - Related: #2176055 [2:1.6.0-1] - update to https://github.com/containers/aardvark-dns/releases/tag/v1.6.0 - Related: #2176055 [2:1.5.0-2] - always stay offline during build - Related: #2123641 [2:1.5.0-1] - update to https://github.com/containers/aardvark-dns/releases/tag/v1.5.0 - Related: #2123641 [2:1.4.0-1] - update to https://github.com/containers/aardvark-dns/releases/tag/v1.4.0 - Related: #2123641 [2:1.3.0-1] - update to https://github.com/containers/aardvark-dns/releases/tag/v1.3.0 - Related: #2123641 buildah [2:1.33.14-3] - rebuild for CVE-2025-68121 - Resolves: RHEL-149262 [2:1.33.14-2] - rebuild for CVE-2025-61729 - Resolves: RHEL-140529 [2:1.33.14-1] - update to the latest content of https://github.com/containers/buildah/tree/release-1.33 (https://github.com/containers/buildah/commit/a7f8179) - fixes "CVE-2025-47913 container-tools:rhel8/buildah: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS [rhel-8.10.z]" - Resolves: RHEL-130974 [2:1.33.13-1] - update to the latest content of https://github.com/containers/buildah/tree/release-1.33 (https://github.com/containers/buildah/commit/65707d0) - fixes "[Minor Incident] CVE-2025-52881 container-tools:rhel8/buildah: container escape and denial of service due to arbitrary write gadgets and procfs write redirects [rhel-8.10.z]" - Resolves: RHEL-126916 [2:1.33.12-3] - rebuild for CVE-2025-58183 - Resolves: RHEL-125644 [2:1.33.12-2] - update to the latest content of https://github.com/containers/buildah/tree/release-1.33 (https://github.com/containers/buildah/commit/cf49e7c) - fixes "CVE-2025-22871 container-tools:rhel8/buildah: Request smuggling due to acceptance of invalid chunked data in net/http [rhel-8.10.z]" - Resolves: RHEL-89239 [2:1.33.12-1] - update to the latest content of https://github.com/containers/buildah/tree/release-1.33 (https://github.com/containers/buildah/commit/58af1cd) - Resolves: RHEL-67612 [2:1.33.11-1] - update to the latest content of https://github.com/containers/buildah/tree/release-1.33 (https://github.com/containers/buildah/commit/fe85f0d) - Resolves: RHEL-61853 [2:1.33.10-1] - update to the latest content of https://github.com/containers/buildah/tree/release-1.33 (https://github.com/containers/buildah/commit/bd85c17) - Resolves: RHEL-61835 [2:1.33.8-4] - rebuild for golang fixes - Related: RHEL-28452 cockpit-podman [84.1-1] - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/84.1 - Related: Jira:RHEL-25557 [84-1] - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/84 - Related: Jira:RHEL-2110 [83-1] - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/83 - Related: Jira:RHEL-2110 [82-1] - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/82 - Related: Jira:RHEL-2110 [81-1] - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/81 - Related: Jira:RHEL-2110 [80-1] - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/80 - Related: Jira:RHEL-2110 [79-1] - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/79 - Related: Jira:RHEL-2110 [78-1] - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/78 - Related: Jira:RHEL-2110 [77-1] - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/77 - Related: Jira:RHEL-2110 [75-1] - update to https://github.com/cockpit-project/cockpit-podman/releases/tag/75 - Related: #2176055 conmon [3:2.1.10-1] - update to https://github.com/containers/conmon/releases/tag/v2.1.10 - Related: Jira:RHEL-2110 [3:2.1.8-1] - update to https://github.com/containers/conmon/releases/tag/v2.1.8 - Related: #2176055 [3:2.1.7-1] - update to https://github.com/containers/conmon/releases/tag/v2.1.7 - Related: #2176055 [3:2.1.6-1] - update to https://github.com/containers/conmon/releases/tag/v2.1.6 - Related: #2176055 [3:2.1.5-1] - update to https://github.com/containers/conmon/releases/tag/v2.1.5 - Related: #2123641 [3:2.1.4-1] - update to https://github.com/containers/conmon/releases/tag/v2.1.4 - Related: #2061390 [3:2.1.2-2] - revert conmon to 2.1.2 - Related: #2061390 [2:2.1.3-1] - update to https://github.com/containers/conmon/releases/tag/v2.1.3 - Related: #2061390 [2:2.1.2-2] - update to latest content of https://github.com/containers/conmon/releases/tag/2.1.2 (https://github.com/containers/conmon/commit/2bc95ee697e87d5f7b77063cf83fc32739addafe) - Related: #2061390 [2:2.1.2-1] - update to https://github.com/containers/conmon/releases/tag/v2.1.2 - Related: #2061390 containernetworking-plugins [1:1.4.0-8] - rebuild for CVE-2025-68121 - Resolves: RHEL-149265 [1:1.4.0-7] - rebuild for CVE-2025-61729 - Resolves: RHEL-140529 [1:1.4.0-6] - rebuild for CVE-2025-22871 - Resolves: RHEL-89244 [1:1.4.0-5] - rebuild for golang fixes - Related: RHEL-28452 [1:1.4.0-4] - rebuild for golang fixes - Related: RHEL-28452 [1:1.4.0-3] - rebuild for CVE-2024-1394 - Resolves: RHEL-24294 [1:1.4.0-2] - rebuild - Resolves: RHEL-18390 [1:1.4.0-1] - update to https://github.com/containernetworking/plugins/releases/tag/v1.4.0 - Related: Jira:RHEL-2110 [1:1.3.0-5] - fix path to dhcp service - Resolves: #RHEL-3789 [1:1.3.0-4] - add Epoch in Provides - Related: #2176055 containers-common [1-82.0.1] - Updated removed references [Orabug: 33473101] (Alex Burmashev) - Adjust registries.conf (Nikita Gerasimov) - remove references to RedHat registry (Nikita Gerasimov) [2:1-82] - update vendored components - Resolves: RHEL-40801 [2:1-81] - Update shortnames from Pyxis - Related: Jira:RHEL-2110 [2:1-80] - bump release to preserve upgrade path - Resolves: Jira:RHEL-12277 [2:1-59] - update vendored components - Related: Jira:RHEL-2110 [2:1-58] - update vendored components - Related: Jira:RHEL-2110 [2:1-57] - fix shortnames for rhel-minimal - Related: Jira:RHEL-2110 [2:1-56] - implement GPG auto updating mechanism from redhat-release - Resolves: #RHEL-2110 [2:1-55] - update GPG keys to the current content of redhat-release - Resolves: #RHEL-3164 [2:1-54] - update vendored components and shortnames - Related: #2176055 container-selinux [2:2.229.0-2] - remove watch statements properly for RHEL8 and lower - Related: Jira:RHEL-2110 [2:2.229.0-1] - update to https://github.com/containers/container-selinux/releases/tag/v2.229.0 - Related: Jira:RHEL-2110 [2:2.228.1-1] - update to https://github.com/containers/container-selinux/releases/tag/v2.228.1 - Related: Jira:RHEL-2110 [2:2.228.0-1] - update to https://github.com/containers/container-selinux/releases/tag/v2.228.0 - Related: Jira:RHEL-2110 [2:2.227.0-1] - update to https://github.com/containers/container-selinux/releases/tag/v2.227.0 - Related: Jira:RHEL-2110 [2:2.226.0-1] - update to https://github.com/containers/container-selinux/releases/tag/v2.226.0 - remove dependency on policycoreutils-python-utils as it pulls in python - Related: Jira:RHEL-2110 [2:2.224.0-1] - update to https://github.com/containers/container-selinux/releases/tag/v2.224.0 - Related: Jira:RHEL-2110 [2:2.222.0-1] - update to https://github.com/containers/container-selinux/releases/tag/v2.222.0 - Related: Jira:RHEL-2110 [2:2.221.1-1] - update to https://github.com/containers/container-selinux/releases/tag/v2.221.1 - Related: Jira:RHEL-2110 [2:2.221.0-1] - update to https://github.com/containers/container-selinux/releases/tag/v2.221.0 - Related: #2176055 criu [3.18-5] - rebuild to preserve upgrade path - Related: RHEL-32671 [3.18-4] - switch to egg-info on 8.9 - Related: #2176055 [3.18-3] - remove --progress-bar option - Related: #2176055 [3.18-2] - update to 3.18 - Related: #2176055 [3.17-1] - update to 3.17 - Resolves: #2175794 [3.15-2] - add gating tests - Related: #1971718 [3.15-1] - add -devel and -libs subpackages - Resolves: #1971718 [3.12-9] - Added additional fixup patches for the socket labelling [3.12-8] - Patch for socket labelling has changed upstream [3.12-4] - Applied patch to correctly restore socket()s crun [1.14.3-2] - remove BR libgcrypt-devel, no longer needed - Related: Jira:RHEL-2110 [1.14.3-1] - update to https://github.com/containers/crun/releases/tag/1.14.3 - Related: Jira:RHEL-2110 [1.14.1-1] - update to https://github.com/containers/crun/releases/tag/1.14.1 - Related: Jira:RHEL-2110 [1.14-1] - update to https://github.com/containers/crun/releases/tag/1.14 - Related: Jira:RHEL-2110 [1.13-1] - update to https://github.com/containers/crun/releases/tag/1.13 - Related: Jira:RHEL-2110 [1.12-1] - update to https://github.com/containers/crun/releases/tag/1.12 - Related: Jira:RHEL-2110 [1.11.2-1] - update to https://github.com/containers/crun/releases/tag/1.11.2 - Related: Jira:RHEL-2110 [1.11.1-1] - update to https://github.com/containers/crun/releases/tag/1.11.1 - Related: Jira:RHEL-2110 [1.11-1] - update to https://github.com/containers/crun/releases/tag/1.11 - Related: Jira:RHEL-2110 [1.9.2-1] - update to https://github.com/containers/crun/releases/tag/1.9.2 - Related: Jira:RHEL-2110 fuse-overlayfs [1.13-1] - update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.13 - Related: Jira:RHEL-2110 [1.12-1] - update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.12 - Related: #2176055 [1.11-1] - update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.11 - Related: #2176055 [1.10-2] - update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.10 - Related: #2176055 [1.10-1] - update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.10 - Related: #2123641 [1.9-1] - update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.9 - Related: #2061390 [1.8.2-2] - BuildRequires: /usr/bin/go-md2man - Related: #2061390 [1.8.2-1] - update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.8.2 - Related: #2001445 [1.8.1-1] - update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.8.1 - Related: #2001445 [1.8-1] - update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.8 - Related: #2001445 libslirp [4.4.0-2] - rebuild to preserve upgrade path 8.9 -> 8.10 - Related: RHEL-32671 [4.4.0-1] - Fix CVE-2021-3592 CVE-2021-3593 CVE-2021-3594 CVE-2021-3595 out-of-bounds access - Related: #1934415 [4.3.1-1] - update to https://gitlab.freedesktop.org/slirp/libslirp/-/releases/v4.3.1 - Related: #1821193 [4.3.0-5] - replace patch for CVE-2020-10756 with dedicated upstream one - Related: #1821193 [4.3.0-4] - fix "CVE-2020-10756 QEMU: slirp: networking out-of-bounds read information disclosure vulnerability" - Related: #1821193 [4.3.0-3] - fix static analysis issues merged upstream (https://gitlab.freedesktop.org/slirp/libslirp/-/merge_requests/41) - Related: #1821193 [4.3.0-2] - initial libslirp build for container-tools 8.3.0 module - Resolves: #1821193 [4.3.0-1] - New v4.3.0 release [4.2.0-2] - CVE-2020-1983 fix [4.2.0-1] - New v4.2.0 release netavark [2:1.10.3-1] - update to https://github.com/containers/netavark/releases/tag/v1.10.3 - Related: Jira:RHEL-2110 [2:1.10.2-1] - update to https://github.com/containers/netavark/releases/tag/v1.10.2 - Related: Jira:RHEL-2110 [2:1.10.1-1] - update to https://github.com/containers/netavark/releases/tag/v1.10.1 - Related: Jira:RHEL-2110 [2:1.10.0-1] - update to https://github.com/containers/netavark/releases/tag/v1.10.0 - Related: Jira:RHEL-2110 [2:1.9.0-1] - update to https://github.com/containers/netavark/releases/tag/v1.9.0 - Related: Jira:RHEL-2110 [2:1.8.0-2] - fix directory for systemd units - Related: Jira:RHEL-2110 [2:1.8.0-1] - update to https://github.com/containers/netavark/releases/tag/v1.8.0 - Related: Jira:RHEL-2110 [2:1.7.0-1] - update to https://github.com/containers/netavark/releases/tag/v1.7.0 - Related: #2176055 [2:1.6.0-1] - update to https://github.com/containers/netavark/releases/tag/v1.6.0 - Related: #2176055 [2:1.5.0-5] - fix --dns-add command is not functioning - Resolves: #2182897 oci-seccomp-bpf-hook [1.2.10-1] - update to https://github.com/containers/oci-seccomp-bpf-hook/releases/tag/v1.2.10 - Related: Jira:RHEL-2110 [1.2.9-1] - update to https://github.com/containers/oci-seccomp-bpf-hook/releases/tag/v1.2.9 - Related: #2176055 [1.2.8-2] - update to https://github.com/containers/oci-seccomp-bpf-hook/releases/tag/v1.2.8 - Related: #2176055 [1.2.8-1] - update to https://github.com/containers/oci-seccomp-bpf-hook/releases/tag/v1.2.8 - Related: #2123641 [1.2.7-1] - update to https://github.com/containers/oci-seccomp-bpf-hook/releases/tag/v1.2.7 - Related: #2123641 [1.2.6-1] - update to https://github.com/containers/oci-seccomp-bpf-hook/releases/tag/v1.2.6 - Related: #2061390 [1.2.5-2] - BuildRequires: /usr/bin/go-md2man - Related: #2061390 [1.2.5-1] - update to https://github.com/containers/oci-seccomp-bpf-hook/releases/tag/v1.2.5 - Related: #2061390 [1.2.3-3] - change runc dependency to conflict - Related: #1934415 [1.2.3-2] - remove unneeded patch - Related: #1934415 podman [4.9.4-30.0.1] - Fixes issue of container created in cgroupv2 not start in cgroupv1 [Orabug: 36136813] - Fixes container memory limit not set after host is rebooted with cgroupv2 [Orabug: 36136802] - Fixes issue of podman execvp error while using podmansh [Orabug: 36756665] [4:4.9.4-30] - update to the latest content of https://github.com/containers/podman/tree/v4.9-rhel (https://github.com/containers/podman/commit/79517c7) - fixes "When using a volume mount that is RO in podman it throws error because runc automatically appends RW to it which throws an error [rhel-8.10.z]" - Resolves: RHEL-152630 [4:4.9.4-29] - rebuild for CVE-2025-68121 - Resolves: RHEL-149265 [4:4.9.4-28] - rebuild - Resolves: RHEL-140532 [4:4.9.4-27] - update to the latest content of https://github.com/containers/podman/tree/v4.9-rhel (https://github.com/containers/podman/commit/702415d) - fixes "CVE-2025-47913 container-tools:rhel8/podman: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS [rhel-8.10.z]" - Resolves: RHEL-130976 [4:4.9.4-26] - update to the latest content of https://github.com/containers/podman/tree/v4.9-rhel (https://github.com/containers/podman/commit/837a65c) - fixes "do not pass volume options as bind mounts options to runtime" - Resolves: RHEL-132859 [4:4.9.4-25] - update to the latest content of https://github.com/containers/podman/tree/v4.9-rhel (https://github.com/containers/podman/commit/638f1d2) - fixes "[Minor Incident] CVE-2025-52881 container-tools:rhel8/podman: container escape and denial of service due to arbitrary write gadgets and procfs write redirects [rhel-8.10.z]" - Resolves: RHEL-126904 [4:4.9.4-24] - rebuild for CVE-2025-58183 - Resolves: RHEL-125654 [4:4.9.4-23] - update to the latest content of https://github.com/containers/podman/tree/v4.9-rhel (https://github.com/containers/podman/commit/ff15af1) - fixes "CVE-2025-9566 container-tools:rhel8/podman: Podman kube play command may overwrite host files [rhel-8.10.z]" - Resolves: RHEL-113145 [4:4.9.4-22] - update to the latest content of https://github.com/containers/podman/tree/v4.9-rhel (https://github.com/containers/podman/commit/6cc8283) - fixes "CVE-2025-6032 container-tools:rhel8/podman: podman missing TLS verification [rhel-8.10.z]" - Resolves: RHEL-96702 python-podman [4.9.0-3] - sync with release-4.9 branch - Resolves: RHEL-31069 [4.9.0-2] - depend directly on urllib3 - Resolves: RHEL-43567 [4.9.0-1] - update to https://github.com/containers/podman-py/releases/tag/v4.9.0 - Related: Jira:RHEL-2110 [4.8.2-1] - update to https://github.com/containers/podman-py/releases/tag/v4.8.2 - Related: Jira:RHEL-2110 [4.8.0.post1-1] - update to https://github.com/containers/podman-py/releases/tag/v4.8.0.post1 - Related: Jira:RHEL-2110 [4.7.0-1] - update to https://github.com/containers/podman-py/releases/tag/v4.7.0 - Related: Jira:RHEL-2110 [4.6.0-1] - update to https://github.com/containers/podman-py/releases/tag/v4.6.0 - Related: #2176055 [4.5.1-1] - update to https://github.com/containers/podman-py/releases/tag/v4.5.1 - Related: #2176055 [4.5.0-1] - update to https://github.com/containers/podman-py/releases/tag/v4.5.0 - Related: #2176055 [4.4.1-1] - update to https://github.com/containers/podman-py/releases/tag/v4.4.1 - Related: #2176055 runc [4:1.2.9-4] - rebuild for CVE-2025-68121 - Resolves: RHEL-149266 [4:1.2.9-3] - rebuild for CVE-2025-61729 - Resolves: RHEL-140533 [4:1.2.9-2] - update to https://github.com/opencontainers/runc/releases/tag/v1.2.9 - Resolves: RHEL-132818 [4:1.2.5-2] - fix permission regression - Related: RHEL-122384 [4:1.2.5-1] - fix CVE-2025-31133 CVE-2025-52565 CVE-2025-52881 - Resolves: RHEL-122384 [1:1.1.12-6] - Add CPU affinity feature from Kir Kolishkin - Resolves: RHEL-74865 [1:1.1.12-5] - bump golang buildrequires - add no_openssl build tag - Resolves RHEL-55757 [1:1.1.12-4] - rebuild for golang fixes - Related: RHEL-28452 [1:1.1.12-3] - rebuild for golang fixes - Related: RHEL-28452 [1:1.1.12-2] - rebuild for CVE-2024-1394 - Resolves: RHEL-24297 skopeo [2:1.14.5-7] - rebuild for CVE-2025-68121 - Resolves: RHEL-149267 [2:1.14.5-6] - rebuild for CVE-2025-61729 - Resolves: RHEL-140534 [2:1.14.5-5] - rebuild for CVE-2025-58183 - Resolves: RHEL-125659 [2:1.14.5-4] - rebuild for CVE-2025-22871 - Resolves: RHEL-89254 [2:1.14.5-3] - rebuild for golang fixes - Related: RHEL-28452 [2:1.14.5-2] - rebuild for golang fixes - Related: RHEL-28452 [2:1.14.5-1] - update to the latest content of https://github.com/containers/skopeo/tree/release-1.14 (https://github.com/containers/skopeo/commit/072072b) - Resolves: RHEL-40801 [2:1.14.4-2] - rebuild for CVE-2024-24786 - Resolves: RHEL-24297 [2:1.14.4-1] - update to the latest content of https://github.com/containers/skopeo/tree/release-1.14 (https://github.com/containers/skopeo/commit/78d9c9a) - Resolves: RHEL-40852 [2:1.14.3-2] - update to the latest content of https://github.com/containers/skopeo/tree/release-1.14 (https://github.com/containers/skopeo/commit/5f2b9af) - Resolves: RHEL-28728 slirp4netns [1.2.3-1] - update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.2.3 - Related: Jira:RHEL-2110 [1.2.2-1] - update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.2.2 - Related: Jira:RHEL-2110 [1.2.1-1] - update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.2.1 - Related: #2176055 [1.2.0-3] - BuildRequires: /usr/bin/go-md2man - Related: #2176055 [1.2.0-2] - BuildRequires: /usr/bin/go-md2man - Related: #2061390 [1.2.0-1] - update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.2.0 - Related: #2061390 [1.1.8-2] - fix gating - don't use insecure functions - thanks to Marc-André Lureau - Related: #2001445 [1.1.8-1] - update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.1.8 - Related: #1883490 [1.1.7-2] - exclude i686 because of build failures - Related: #1883490 [1.1.7-1] - update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.1.7 - Related: #1883490 udica [0.2.6-21] - bump release to preserve update path - Resolves: RHEL-32671 [0.2.6-20] - bump release to preserve update path - Related: #2139052 [0.2.6-4] - Bump release to match latest release available in rhel-8.6.1 - Resolves: #2139052 [0.2.6-3] - Make sure each section of the inspect exists before accessing (#2027662) [0.2.6-2] - Require container-selinux shipping policy templates (#2005866) [0.2.6-1] - update to https://github.com/containers/udica/releases/tag/v0.2.6 - Related: #2001445 [0.2.5-2] - New rebase https://github.com/containers/udica/releases/tag/v0.2.5 (#1995041) - Replace capability dictionary with str.lower() - Enable udica to generate policies with fifo class - Sort container inspect data before processing - Update templates to work properly with new cil parser - Related: #1934415 [0.2.5-1] - update to https://github.com/containers/udica/releases/tag/v0.2.5 - Related: #1934415 [0.2.4-2] - remove %check again and all related BRs - Related: #1934415 [0.2.4-1] - update to https://github.com/containers/udica/releases/tag/v0.2.4 - Related: #1883490 _______________________________________________ El-errata mailing list [email protected] https://oss.oracle.com/mailman/listinfo/el-errata
