[El-errata] ELSA-2025-21702 Important: Oracle Linux 9 podman security update

Errata Announcements for Oracle Linux el-errata at oss.oracle.com
Wed Nov 26 22:10:07 UTC 2025 

Oracle Linux Security Advisory ELSA-2025-21702

http://linux.oracle.com/errata/ELSA-2025-21702.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
podman-5.6.0-7.0.1.el9_7.x86_64.rpm
podman-docker-5.6.0-7.0.1.el9_7.noarch.rpm
podman-plugins-5.6.0-7.0.1.el9_7.x86_64.rpm
podman-remote-5.6.0-7.0.1.el9_7.x86_64.rpm
podman-tests-5.6.0-7.0.1.el9_7.x86_64.rpm

aarch64:
podman-5.6.0-7.0.1.el9_7.aarch64.rpm
podman-docker-5.6.0-7.0.1.el9_7.noarch.rpm
podman-plugins-5.6.0-7.0.1.el9_7.aarch64.rpm
podman-remote-5.6.0-7.0.1.el9_7.aarch64.rpm
podman-tests-5.6.0-7.0.1.el9_7.aarch64.rpm


SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates/podman-5.6.0-7.0.1.el9_7.src.rpm

Related CVEs:

CVE-2025-52881




Description of changes:

[5.6.0-7.0.1]
- Add devices on container startup, not on creation
- overlay: Put should ignore ENINVAL for Unmount [Orabug: 36234694]
- Drop nmap-ncat requirement and skip ignore-socket test case [Orabug: 34117404]

[6:5.6.0-7]
- update to the latest content of https://github.com/containers/podman/tree/v5.6-rhel
  (https://github.com/containers/podman/commit/2791007)
- fixes "[Minor Incident] CVE-2025-52881 podman: container escape and denial of service due to arbitrary write gadgets and procfs write redirects [rhel-9.7.z]"
- Resolves: RHEL-126913

[6:5.6.0-6]
- update to the latest content of https://github.com/containers/podman/tree/v5.6-rhel
  (https://github.com/containers/podman/commit/61231e1)
- fixes "Timeouts while pushing Sigstore logs to Rekor - [RHEL 9.7] 0day"
- Resolves: RHEL-111076

[6:5.6.0-5]
- rebuild as last build was built in the wrong tag
- Related: RHEL-110317

[6:5.6.0-4]
- update to the latest content of https://github.com/containers/podman/tree/v5.6-rhel
  (https://github.com/containers/podman/commit/c5a3735)
- fixes "Can not find network create and rm message from podman event when set --events-backend to journald - [RHEL 9.7] 0day"
- Resolves: RHEL-110317

[6:5.6.0-3]
- update to the latest content of https://github.com/containers/podman/tree/v5.6-rhel
  (https://github.com/containers/podman/commit/7078b79)
- fixes "CVE-2025-9566 podman: Podman kube play command may overwrite host files [rhel-9.7]"
- Resolves: RHEL-113151

More information about the El-errata mailing list