[El-errata] ELSA-2025-9147 Moderate: Oracle Linux 9 buildah security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Wed Jun 18 03:52:06 UTC 2025
Oracle Linux Security Advisory ELSA-2025-9147
http://linux.oracle.com/errata/ELSA-2025-9147.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
buildah-1.39.4-2.0.1.el9_6.x86_64.rpm
buildah-tests-1.39.4-2.0.1.el9_6.x86_64.rpm
aarch64:
buildah-1.39.4-2.0.1.el9_6.aarch64.rpm
buildah-tests-1.39.4-2.0.1.el9_6.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//buildah-1.39.4-2.0.1.el9_6.src.rpm
Related CVEs:
CVE-2025-22871
Description of changes:
[1.39.4-2.0.1]
- Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117178]
[2:1.39.4-2]
- rebuild to fix CVE-2025-22871 buildah: Request smuggling due to acceptance of invalid chunked data in net/http
- Resolves: RHEL-89294
More information about the El-errata
mailing list