A buildah bug fix update has been released for Oracle Linux 8.

ELBA-2023-12757 Oracle Linux 8 buildah bug fix update

Oracle Linux Bug Fix Advisory ELBA-2023-12757

http://linux.oracle.com/errata/ELBA-2023-12757.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
aardvark-dns-1.0.1-37.0.1.module+el8.8.0+20984+ab6ce66c.x86_64.rpm
buildah-1.24.6-5.0.1.module+el8.8.0+21155+d18a3dca.x86_64.rpm
buildah-tests-1.24.6-5.0.1.module+el8.8.0+21155+d18a3dca.x86_64.rpm
cockpit-podman-46-1.module+el8.8.0+20984+ab6ce66c.noarch.rpm
conmon-2.1.4-1.module+el8.8.0+20984+ab6ce66c.x86_64.rpm
containernetworking-plugins-1.1.1-2.module+el8.8.0+20984+ab6ce66c.x86_64.rpm
containers-common-1-37.0.1.module+el8.8.0+20984+ab6ce66c.x86_64.rpm
container-selinux-2.199.0-1.module+el8.8.0+20984+ab6ce66c.noarch.rpm
crit-3.15-3.module+el8.8.0+20984+ab6ce66c.x86_64.rpm
criu-3.15-3.module+el8.8.0+20984+ab6ce66c.x86_64.rpm
criu-devel-3.15-3.module+el8.8.0+20984+ab6ce66c.x86_64.rpm
criu-libs-3.15-3.module+el8.8.0+20984+ab6ce66c.x86_64.rpm
crun-1.6-1.module+el8.8.0+20984+ab6ce66c.x86_64.rpm
fuse-overlayfs-1.9-1.module+el8.8.0+20984+ab6ce66c.x86_64.rpm
libslirp-4.4.0-1.module+el8.8.0+20984+ab6ce66c.x86_64.rpm
libslirp-devel-4.4.0-1.module+el8.8.0+20984+ab6ce66c.x86_64.rpm
netavark-1.0.1-37.0.1.module+el8.8.0+20984+ab6ce66c.x86_64.rpm
oci-seccomp-bpf-hook-1.2.5-2.module+el8.8.0+20984+ab6ce66c.x86_64.rpm
podman-4.0.2-20.0.1.module+el8.8.0+21155+d18a3dca.x86_64.rpm
podman-catatonit-4.0.2-20.0.1.module+el8.8.0+21155+d18a3dca.x86_64.rpm
podman-docker-4.0.2-20.0.1.module+el8.8.0+21155+d18a3dca.noarch.rpm
podman-gvproxy-4.0.2-20.0.1.module+el8.8.0+21155+d18a3dca.x86_64.rpm
podman-plugins-4.0.2-20.0.1.module+el8.8.0+21155+d18a3dca.x86_64.rpm
podman-remote-4.0.2-20.0.1.module+el8.8.0+21155+d18a3dca.x86_64.rpm
podman-tests-4.0.2-20.0.1.module+el8.8.0+21155+d18a3dca.x86_64.rpm
python3-criu-3.15-3.module+el8.8.0+20984+ab6ce66c.x86_64.rpm
python3-podman-4.0.0-1.module+el8.8.0+20984+ab6ce66c.noarch.rpm
runc-1.1.4-1.0.1.module+el8.8.0+21118+db7590d7.x86_64.rpm
skopeo-1.6.2-6.module+el8.8.0+20984+ab6ce66c.x86_64.rpm
skopeo-tests-1.6.2-6.module+el8.8.0+20984+ab6ce66c.x86_64.rpm
slirp4netns-1.1.8-2.module+el8.8.0+20984+ab6ce66c.x86_64.rpm
udica-0.2.6-3.module+el8.8.0+20984+ab6ce66c.noarch.rpm

aarch64:
aardvark-dns-1.0.1-37.0.1.module+el8.8.0+20984+ab6ce66c.aarch64.rpm
buildah-1.24.6-5.0.1.module+el8.8.0+21155+d18a3dca.aarch64.rpm
buildah-tests-1.24.6-5.0.1.module+el8.8.0+21155+d18a3dca.aarch64.rpm
cockpit-podman-46-1.module+el8.8.0+20984+ab6ce66c.noarch.rpm
conmon-2.1.4-1.module+el8.8.0+20984+ab6ce66c.aarch64.rpm
containernetworking-plugins-1.1.1-2.module+el8.8.0+20984+ab6ce66c.aarch64.rpm
containers-common-1-37.0.1.module+el8.8.0+20984+ab6ce66c.aarch64.rpm
container-selinux-2.199.0-1.module+el8.8.0+20984+ab6ce66c.noarch.rpm
crit-3.15-3.module+el8.8.0+20984+ab6ce66c.aarch64.rpm
criu-3.15-3.module+el8.8.0+20984+ab6ce66c.aarch64.rpm
criu-devel-3.15-3.module+el8.8.0+20984+ab6ce66c.aarch64.rpm
criu-libs-3.15-3.module+el8.8.0+20984+ab6ce66c.aarch64.rpm
crun-1.6-1.module+el8.8.0+20984+ab6ce66c.aarch64.rpm
fuse-overlayfs-1.9-1.module+el8.8.0+20984+ab6ce66c.aarch64.rpm
libslirp-4.4.0-1.module+el8.8.0+20984+ab6ce66c.aarch64.rpm
libslirp-devel-4.4.0-1.module+el8.8.0+20984+ab6ce66c.aarch64.rpm
netavark-1.0.1-37.0.1.module+el8.8.0+20984+ab6ce66c.aarch64.rpm
oci-seccomp-bpf-hook-1.2.5-2.module+el8.8.0+20984+ab6ce66c.aarch64.rpm
podman-4.0.2-20.0.1.module+el8.8.0+21155+d18a3dca.aarch64.rpm
podman-catatonit-4.0.2-20.0.1.module+el8.8.0+21155+d18a3dca.aarch64.rpm
podman-docker-4.0.2-20.0.1.module+el8.8.0+21155+d18a3dca.noarch.rpm
podman-gvproxy-4.0.2-20.0.1.module+el8.8.0+21155+d18a3dca.aarch64.rpm
podman-plugins-4.0.2-20.0.1.module+el8.8.0+21155+d18a3dca.aarch64.rpm
podman-remote-4.0.2-20.0.1.module+el8.8.0+21155+d18a3dca.aarch64.rpm
podman-tests-4.0.2-20.0.1.module+el8.8.0+21155+d18a3dca.aarch64.rpm
python3-criu-3.15-3.module+el8.8.0+20984+ab6ce66c.aarch64.rpm
python3-podman-4.0.0-1.module+el8.8.0+20984+ab6ce66c.noarch.rpm
runc-1.1.4-1.0.1.module+el8.8.0+21118+db7590d7.aarch64.rpm
skopeo-1.6.2-6.module+el8.8.0+20984+ab6ce66c.aarch64.rpm
skopeo-tests-1.6.2-6.module+el8.8.0+20984+ab6ce66c.aarch64.rpm
slirp4netns-1.1.8-2.module+el8.8.0+20984+ab6ce66c.aarch64.rpm
udica-0.2.6-3.module+el8.8.0+20984+ab6ce66c.noarch.rpm

SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates//buildah-1.24.6-5.0.1.module+el8.8.0+21155+d18a3dca.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//cockpit-podman-46-1.module+el8.8.0+20984+ab6ce66c.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//conmon-2.1.4-1.module+el8.8.0+20984+ab6ce66c.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//containernetworking-plugins-1.1.1-2.module+el8.8.0+20984+ab6ce66c.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//containers-common-1-37.0.1.module+el8.8.0+20984+ab6ce66c.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//container-selinux-2.199.0-1.module+el8.8.0+20984+ab6ce66c.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//criu-3.15-3.module+el8.8.0+20984+ab6ce66c.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//crun-1.6-1.module+el8.8.0+20984+ab6ce66c.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//fuse-overlayfs-1.9-1.module+el8.8.0+20984+ab6ce66c.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//libslirp-4.4.0-1.module+el8.8.0+20984+ab6ce66c.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//oci-seccomp-bpf-hook-1.2.5-2.module+el8.8.0+20984+ab6ce66c.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//podman-4.0.2-20.0.1.module+el8.8.0+21155+d18a3dca.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//python-podman-4.0.0-1.module+el8.8.0+20984+ab6ce66c.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//runc-1.1.4-1.0.1.module+el8.8.0+21118+db7590d7.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//skopeo-1.6.2-6.module+el8.8.0+20984+ab6ce66c.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//slirp4netns-1.1.8-2.module+el8.8.0+20984+ab6ce66c.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates//udica-0.2.6-3.module+el8.8.0+20984+ab6ce66c.src.rpm

Description of changes:

buildah
[1:1.24.6-5.0.1]
- Rebuild with newer glibc [Orabug: 35720304]

cockpit-podman
[46-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/46
- Related: #2061390

conmon
[2:2.1.4-1]
- update to https://github.com/containers/conmon/releases/tag/v2.1.4
- Related: #2061390

containernetworking-plugins
[1:1.1.1-2]
- bump golang BR to 1.17.7
- Related: #2061390

containers-common
[1-37.0.1]
- Updated removed references [Orabug: 33473101] (Alex Burmashev)
- Adjust registries.conf (Nikita Gerasimov)
- remove references to RedHat registry (Nikita Gerasimov)

container-selinux
[2:2.199.0-1]
- revert back to https://github.com/containers/container-selinux/releases/tag/v2.199.0
(2.200.0 fails to build as it relies on the new selinux-policy which is not there yet)
- Related: #2123641

criu
crun
[1.6-1]
- update to https://github.com/containers/crun/releases/tag/1.6
- Related: #2123641

fuse-overlayfs
[1.9-1]
- update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.9
- Related: #2061390

libslirp
oci-seccomp-bpf-hook
[1.2.5-2]
- fix compatibility with the new bcc
- Related: #2123641

podman
[2:4.0.2-20.0.1]
- Rebuild with newer glibc [Orabug: 35720304]

python-podman
[4.0.0-1]
- bump to v4.0.0
- Related: #2001445

runc
[1:1.1.4-1.0.1]
- rootless: fix /sys/fs/cgroup mounts to prevent CVE-2023-25809
- rootfs: prohibit symlinks that conflicts with readonlyPaths
and/or maskedPaths to prevent CVE-2023-27561
- Prohibit /proc and /sys to be symlinks to prevent CVE-2023-28642
- JIRA: OLDIS-25589

skopeo
[2:1.6.2-6]
- update to the latest content of https://github.com/containers/skopeo/tree/release-1.6
( https://github.com/containers/skopeo/commit/2b16a1c)
- Related: #2129766

slirp4netns
[1.1.8-2]
- fix gating - don't use insecure functions - thanks to Marc-Andre Lureau
- Related: #2001445

udica
[0.2.6-3]
- Make sure each section of the inspect exists before accessing (#2027662)