[El-errata] ELSA-2026-4672 Important: Oracle Linux 8 container-tools:rhel8 security update
Errata Announcements for Oracle Linux
el-errata at oss.oracle.com
Wed Mar 18 06:03:56 UTC 2026
Oracle Linux Security Advisory ELSA-2026-4672
http://linux.oracle.com/errata/ELSA-2026-4672.html
The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:
x86_64:
aardvark-dns-1.10.1-2.module+el8.10.0+90844+cf83192e.x86_64.rpm
buildah-1.33.14-3.module+el8.10.0+90844+cf83192e.x86_64.rpm
buildah-tests-1.33.14-3.module+el8.10.0+90844+cf83192e.x86_64.rpm
cockpit-podman-84.1-1.module+el8.10.0+90844+cf83192e.noarch.rpm
conmon-2.1.10-1.module+el8.10.0+90844+cf83192e.x86_64.rpm
containernetworking-plugins-1.4.0-8.module+el8.10.0+90844+cf83192e.x86_64.rpm
containers-common-1-82.0.1.module+el8.10.0+90844+cf83192e.x86_64.rpm
container-selinux-2.229.0-2.module+el8.10.0+90844+cf83192e.noarch.rpm
crit-3.18-5.module+el8.10.0+90844+cf83192e.x86_64.rpm
criu-3.18-5.module+el8.10.0+90844+cf83192e.x86_64.rpm
criu-devel-3.18-5.module+el8.10.0+90844+cf83192e.x86_64.rpm
criu-libs-3.18-5.module+el8.10.0+90844+cf83192e.x86_64.rpm
crun-1.14.3-2.module+el8.10.0+90844+cf83192e.x86_64.rpm
fuse-overlayfs-1.13-1.module+el8.10.0+90844+cf83192e.x86_64.rpm
libslirp-4.4.0-2.module+el8.10.0+90844+cf83192e.x86_64.rpm
libslirp-devel-4.4.0-2.module+el8.10.0+90844+cf83192e.x86_64.rpm
netavark-1.10.3-1.module+el8.10.0+90844+cf83192e.x86_64.rpm
oci-seccomp-bpf-hook-1.2.10-1.module+el8.10.0+90844+cf83192e.x86_64.rpm
podman-4.9.4-30.0.1.module+el8.10.0+90844+cf83192e.x86_64.rpm
podman-catatonit-4.9.4-30.0.1.module+el8.10.0+90844+cf83192e.x86_64.rpm
podman-docker-4.9.4-30.0.1.module+el8.10.0+90844+cf83192e.noarch.rpm
podman-gvproxy-4.9.4-30.0.1.module+el8.10.0+90844+cf83192e.x86_64.rpm
podman-plugins-4.9.4-30.0.1.module+el8.10.0+90844+cf83192e.x86_64.rpm
podman-remote-4.9.4-30.0.1.module+el8.10.0+90844+cf83192e.x86_64.rpm
podman-tests-4.9.4-30.0.1.module+el8.10.0+90844+cf83192e.x86_64.rpm
python3-criu-3.18-5.module+el8.10.0+90844+cf83192e.x86_64.rpm
python3-podman-4.9.0-3.module+el8.10.0+90844+cf83192e.noarch.rpm
runc-1.2.9-4.module+el8.10.0+90844+cf83192e.x86_64.rpm
skopeo-1.14.5-7.module+el8.10.0+90844+cf83192e.x86_64.rpm
skopeo-tests-1.14.5-7.module+el8.10.0+90844+cf83192e.x86_64.rpm
slirp4netns-1.2.3-1.module+el8.10.0+90844+cf83192e.x86_64.rpm
udica-0.2.6-21.module+el8.10.0+90844+cf83192e.noarch.rpm
aarch64:
aardvark-dns-1.10.1-2.module+el8.10.0+90844+cf83192e.aarch64.rpm
buildah-1.33.14-3.module+el8.10.0+90844+cf83192e.aarch64.rpm
buildah-tests-1.33.14-3.module+el8.10.0+90844+cf83192e.aarch64.rpm
cockpit-podman-84.1-1.module+el8.10.0+90844+cf83192e.noarch.rpm
conmon-2.1.10-1.module+el8.10.0+90844+cf83192e.aarch64.rpm
containernetworking-plugins-1.4.0-8.module+el8.10.0+90844+cf83192e.aarch64.rpm
containers-common-1-82.0.1.module+el8.10.0+90844+cf83192e.aarch64.rpm
container-selinux-2.229.0-2.module+el8.10.0+90844+cf83192e.noarch.rpm
crit-3.18-5.module+el8.10.0+90844+cf83192e.aarch64.rpm
criu-3.18-5.module+el8.10.0+90844+cf83192e.aarch64.rpm
criu-devel-3.18-5.module+el8.10.0+90844+cf83192e.aarch64.rpm
criu-libs-3.18-5.module+el8.10.0+90844+cf83192e.aarch64.rpm
crun-1.14.3-2.module+el8.10.0+90844+cf83192e.aarch64.rpm
fuse-overlayfs-1.13-1.module+el8.10.0+90844+cf83192e.aarch64.rpm
libslirp-4.4.0-2.module+el8.10.0+90844+cf83192e.aarch64.rpm
libslirp-devel-4.4.0-2.module+el8.10.0+90844+cf83192e.aarch64.rpm
netavark-1.10.3-1.module+el8.10.0+90844+cf83192e.aarch64.rpm
oci-seccomp-bpf-hook-1.2.10-1.module+el8.10.0+90844+cf83192e.aarch64.rpm
podman-4.9.4-30.0.1.module+el8.10.0+90844+cf83192e.aarch64.rpm
podman-catatonit-4.9.4-30.0.1.module+el8.10.0+90844+cf83192e.aarch64.rpm
podman-docker-4.9.4-30.0.1.module+el8.10.0+90844+cf83192e.noarch.rpm
podman-gvproxy-4.9.4-30.0.1.module+el8.10.0+90844+cf83192e.aarch64.rpm
podman-plugins-4.9.4-30.0.1.module+el8.10.0+90844+cf83192e.aarch64.rpm
podman-remote-4.9.4-30.0.1.module+el8.10.0+90844+cf83192e.aarch64.rpm
podman-tests-4.9.4-30.0.1.module+el8.10.0+90844+cf83192e.aarch64.rpm
python3-criu-3.18-5.module+el8.10.0+90844+cf83192e.aarch64.rpm
python3-podman-4.9.0-3.module+el8.10.0+90844+cf83192e.noarch.rpm
runc-1.2.9-4.module+el8.10.0+90844+cf83192e.aarch64.rpm
skopeo-1.14.5-7.module+el8.10.0+90844+cf83192e.aarch64.rpm
skopeo-tests-1.14.5-7.module+el8.10.0+90844+cf83192e.aarch64.rpm
slirp4netns-1.2.3-1.module+el8.10.0+90844+cf83192e.aarch64.rpm
udica-0.2.6-21.module+el8.10.0+90844+cf83192e.noarch.rpm
SRPMS:
http://oss.oracle.com/ol8/SRPMS-updates/aardvark-dns-1.10.1-2.module+el8.10.0+90844+cf83192e.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/buildah-1.33.14-3.module+el8.10.0+90844+cf83192e.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/cockpit-podman-84.1-1.module+el8.10.0+90844+cf83192e.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/conmon-2.1.10-1.module+el8.10.0+90844+cf83192e.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/containernetworking-plugins-1.4.0-8.module+el8.10.0+90844+cf83192e.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/containers-common-1-82.0.1.module+el8.10.0+90844+cf83192e.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/container-selinux-2.229.0-2.module+el8.10.0+90844+cf83192e.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/criu-3.18-5.module+el8.10.0+90844+cf83192e.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/crun-1.14.3-2.module+el8.10.0+90844+cf83192e.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/fuse-overlayfs-1.13-1.module+el8.10.0+90844+cf83192e.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/libslirp-4.4.0-2.module+el8.10.0+90844+cf83192e.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/netavark-1.10.3-1.module+el8.10.0+90844+cf83192e.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/oci-seccomp-bpf-hook-1.2.10-1.module+el8.10.0+90844+cf83192e.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/podman-4.9.4-30.0.1.module+el8.10.0+90844+cf83192e.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/python-podman-4.9.0-3.module+el8.10.0+90844+cf83192e.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/runc-1.2.9-4.module+el8.10.0+90844+cf83192e.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/skopeo-1.14.5-7.module+el8.10.0+90844+cf83192e.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/slirp4netns-1.2.3-1.module+el8.10.0+90844+cf83192e.src.rpm
http://oss.oracle.com/ol8/SRPMS-updates/udica-0.2.6-21.module+el8.10.0+90844+cf83192e.src.rpm
Related CVEs:
CVE-2025-61726
CVE-2025-61728
CVE-2025-68121
Description of changes:
aardvark-dns
[2:1.10.1-2]
- build off the RHEL maintenance branch
- Resolves: RHEL-59129
[2:1.10.0-1]
- update to https://github.com/containers/aardvark-dns/releases/tag/v1.10.0
- Related: Jira:RHEL-2110
[2:1.9.0-1]
- update to https://github.com/containers/aardvark-dns/releases/tag/v1.9.0
- Related: Jira:RHEL-2110
[2:1.8.0-1]
- update to https://github.com/containers/aardvark-dns/releases/tag/v1.8.0
- Related: Jira:RHEL-2110
[2:1.7.0-1]
- update to https://github.com/containers/aardvark-dns/releases/tag/v1.7.0
- Related: #2176055
[2:1.6.0-1]
- update to https://github.com/containers/aardvark-dns/releases/tag/v1.6.0
- Related: #2176055
[2:1.5.0-2]
- always stay offline during build
- Related: #2123641
[2:1.5.0-1]
- update to https://github.com/containers/aardvark-dns/releases/tag/v1.5.0
- Related: #2123641
[2:1.4.0-1]
- update to https://github.com/containers/aardvark-dns/releases/tag/v1.4.0
- Related: #2123641
[2:1.3.0-1]
- update to https://github.com/containers/aardvark-dns/releases/tag/v1.3.0
- Related: #2123641
buildah
[2:1.33.14-3]
- rebuild for CVE-2025-68121
- Resolves: RHEL-149262
[2:1.33.14-2]
- rebuild for CVE-2025-61729
- Resolves: RHEL-140529
[2:1.33.14-1]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.33
(https://github.com/containers/buildah/commit/a7f8179)
- fixes "CVE-2025-47913 container-tools:rhel8/buildah: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS [rhel-8.10.z]"
- Resolves: RHEL-130974
[2:1.33.13-1]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.33
(https://github.com/containers/buildah/commit/65707d0)
- fixes "[Minor Incident] CVE-2025-52881 container-tools:rhel8/buildah: container escape and denial of service due to arbitrary write gadgets and procfs write redirects [rhel-8.10.z]"
- Resolves: RHEL-126916
[2:1.33.12-3]
- rebuild for CVE-2025-58183
- Resolves: RHEL-125644
[2:1.33.12-2]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.33
(https://github.com/containers/buildah/commit/cf49e7c)
- fixes "CVE-2025-22871 container-tools:rhel8/buildah: Request smuggling due to acceptance of invalid chunked data in net/http [rhel-8.10.z]"
- Resolves: RHEL-89239
[2:1.33.12-1]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.33
(https://github.com/containers/buildah/commit/58af1cd)
- Resolves: RHEL-67612
[2:1.33.11-1]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.33
(https://github.com/containers/buildah/commit/fe85f0d)
- Resolves: RHEL-61853
[2:1.33.10-1]
- update to the latest content of https://github.com/containers/buildah/tree/release-1.33
(https://github.com/containers/buildah/commit/bd85c17)
- Resolves: RHEL-61835
[2:1.33.8-4]
- rebuild for golang fixes
- Related: RHEL-28452
cockpit-podman
[84.1-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/84.1
- Related: Jira:RHEL-25557
[84-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/84
- Related: Jira:RHEL-2110
[83-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/83
- Related: Jira:RHEL-2110
[82-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/82
- Related: Jira:RHEL-2110
[81-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/81
- Related: Jira:RHEL-2110
[80-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/80
- Related: Jira:RHEL-2110
[79-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/79
- Related: Jira:RHEL-2110
[78-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/78
- Related: Jira:RHEL-2110
[77-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/77
- Related: Jira:RHEL-2110
[75-1]
- update to https://github.com/cockpit-project/cockpit-podman/releases/tag/75
- Related: #2176055
conmon
[3:2.1.10-1]
- update to https://github.com/containers/conmon/releases/tag/v2.1.10
- Related: Jira:RHEL-2110
[3:2.1.8-1]
- update to https://github.com/containers/conmon/releases/tag/v2.1.8
- Related: #2176055
[3:2.1.7-1]
- update to https://github.com/containers/conmon/releases/tag/v2.1.7
- Related: #2176055
[3:2.1.6-1]
- update to https://github.com/containers/conmon/releases/tag/v2.1.6
- Related: #2176055
[3:2.1.5-1]
- update to https://github.com/containers/conmon/releases/tag/v2.1.5
- Related: #2123641
[3:2.1.4-1]
- update to https://github.com/containers/conmon/releases/tag/v2.1.4
- Related: #2061390
[3:2.1.2-2]
- revert conmon to 2.1.2
- Related: #2061390
[2:2.1.3-1]
- update to https://github.com/containers/conmon/releases/tag/v2.1.3
- Related: #2061390
[2:2.1.2-2]
- update to latest content of https://github.com/containers/conmon/releases/tag/2.1.2
(https://github.com/containers/conmon/commit/2bc95ee697e87d5f7b77063cf83fc32739addafe)
- Related: #2061390
[2:2.1.2-1]
- update to https://github.com/containers/conmon/releases/tag/v2.1.2
- Related: #2061390
containernetworking-plugins
[1:1.4.0-8]
- rebuild for CVE-2025-68121
- Resolves: RHEL-149265
[1:1.4.0-7]
- rebuild for CVE-2025-61729
- Resolves: RHEL-140529
[1:1.4.0-6]
- rebuild for CVE-2025-22871
- Resolves: RHEL-89244
[1:1.4.0-5]
- rebuild for golang fixes
- Related: RHEL-28452
[1:1.4.0-4]
- rebuild for golang fixes
- Related: RHEL-28452
[1:1.4.0-3]
- rebuild for CVE-2024-1394
- Resolves: RHEL-24294
[1:1.4.0-2]
- rebuild
- Resolves: RHEL-18390
[1:1.4.0-1]
- update to https://github.com/containernetworking/plugins/releases/tag/v1.4.0
- Related: Jira:RHEL-2110
[1:1.3.0-5]
- fix path to dhcp service
- Resolves: #RHEL-3789
[1:1.3.0-4]
- add Epoch in Provides
- Related: #2176055
containers-common
[1-82.0.1]
- Updated removed references [Orabug: 33473101] (Alex Burmashev)
- Adjust registries.conf (Nikita Gerasimov)
- remove references to RedHat registry (Nikita Gerasimov)
[2:1-82]
- update vendored components
- Resolves: RHEL-40801
[2:1-81]
- Update shortnames from Pyxis
- Related: Jira:RHEL-2110
[2:1-80]
- bump release to preserve upgrade path
- Resolves: Jira:RHEL-12277
[2:1-59]
- update vendored components
- Related: Jira:RHEL-2110
[2:1-58]
- update vendored components
- Related: Jira:RHEL-2110
[2:1-57]
- fix shortnames for rhel-minimal
- Related: Jira:RHEL-2110
[2:1-56]
- implement GPG auto updating mechanism from redhat-release
- Resolves: #RHEL-2110
[2:1-55]
- update GPG keys to the current content of redhat-release
- Resolves: #RHEL-3164
[2:1-54]
- update vendored components and shortnames
- Related: #2176055
container-selinux
[2:2.229.0-2]
- remove watch statements properly for RHEL8 and lower
- Related: Jira:RHEL-2110
[2:2.229.0-1]
- update to https://github.com/containers/container-selinux/releases/tag/v2.229.0
- Related: Jira:RHEL-2110
[2:2.228.1-1]
- update to https://github.com/containers/container-selinux/releases/tag/v2.228.1
- Related: Jira:RHEL-2110
[2:2.228.0-1]
- update to https://github.com/containers/container-selinux/releases/tag/v2.228.0
- Related: Jira:RHEL-2110
[2:2.227.0-1]
- update to https://github.com/containers/container-selinux/releases/tag/v2.227.0
- Related: Jira:RHEL-2110
[2:2.226.0-1]
- update to https://github.com/containers/container-selinux/releases/tag/v2.226.0
- remove dependency on policycoreutils-python-utils as it pulls in python
- Related: Jira:RHEL-2110
[2:2.224.0-1]
- update to https://github.com/containers/container-selinux/releases/tag/v2.224.0
- Related: Jira:RHEL-2110
[2:2.222.0-1]
- update to https://github.com/containers/container-selinux/releases/tag/v2.222.0
- Related: Jira:RHEL-2110
[2:2.221.1-1]
- update to https://github.com/containers/container-selinux/releases/tag/v2.221.1
- Related: Jira:RHEL-2110
[2:2.221.0-1]
- update to https://github.com/containers/container-selinux/releases/tag/v2.221.0
- Related: #2176055
criu
[3.18-5]
- rebuild to preserve upgrade path
- Related: RHEL-32671
[3.18-4]
- switch to egg-info on 8.9
- Related: #2176055
[3.18-3]
- remove --progress-bar option
- Related: #2176055
[3.18-2]
- update to 3.18
- Related: #2176055
[3.17-1]
- update to 3.17
- Resolves: #2175794
[3.15-2]
- add gating tests
- Related: #1971718
[3.15-1]
- add -devel and -libs subpackages
- Resolves: #1971718
[3.12-9]
- Added additional fixup patches for the socket labelling
[3.12-8]
- Patch for socket labelling has changed upstream
[3.12-4]
- Applied patch to correctly restore socket()s
crun
[1.14.3-2]
- remove BR libgcrypt-devel, no longer needed
- Related: Jira:RHEL-2110
[1.14.3-1]
- update to https://github.com/containers/crun/releases/tag/1.14.3
- Related: Jira:RHEL-2110
[1.14.1-1]
- update to https://github.com/containers/crun/releases/tag/1.14.1
- Related: Jira:RHEL-2110
[1.14-1]
- update to https://github.com/containers/crun/releases/tag/1.14
- Related: Jira:RHEL-2110
[1.13-1]
- update to https://github.com/containers/crun/releases/tag/1.13
- Related: Jira:RHEL-2110
[1.12-1]
- update to https://github.com/containers/crun/releases/tag/1.12
- Related: Jira:RHEL-2110
[1.11.2-1]
- update to https://github.com/containers/crun/releases/tag/1.11.2
- Related: Jira:RHEL-2110
[1.11.1-1]
- update to https://github.com/containers/crun/releases/tag/1.11.1
- Related: Jira:RHEL-2110
[1.11-1]
- update to https://github.com/containers/crun/releases/tag/1.11
- Related: Jira:RHEL-2110
[1.9.2-1]
- update to https://github.com/containers/crun/releases/tag/1.9.2
- Related: Jira:RHEL-2110
fuse-overlayfs
[1.13-1]
- update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.13
- Related: Jira:RHEL-2110
[1.12-1]
- update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.12
- Related: #2176055
[1.11-1]
- update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.11
- Related: #2176055
[1.10-2]
- update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.10
- Related: #2176055
[1.10-1]
- update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.10
- Related: #2123641
[1.9-1]
- update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.9
- Related: #2061390
[1.8.2-2]
- BuildRequires: /usr/bin/go-md2man
- Related: #2061390
[1.8.2-1]
- update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.8.2
- Related: #2001445
[1.8.1-1]
- update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.8.1
- Related: #2001445
[1.8-1]
- update to https://github.com/containers/fuse-overlayfs/releases/tag/v1.8
- Related: #2001445
libslirp
[4.4.0-2]
- rebuild to preserve upgrade path 8.9 -> 8.10
- Related: RHEL-32671
[4.4.0-1]
- Fix CVE-2021-3592 CVE-2021-3593 CVE-2021-3594 CVE-2021-3595 out-of-bounds access
- Related: #1934415
[4.3.1-1]
- update to https://gitlab.freedesktop.org/slirp/libslirp/-/releases/v4.3.1
- Related: #1821193
[4.3.0-5]
- replace patch for CVE-2020-10756 with dedicated upstream one
- Related: #1821193
[4.3.0-4]
- fix "CVE-2020-10756 QEMU: slirp: networking out-of-bounds read information disclosure vulnerability"
- Related: #1821193
[4.3.0-3]
- fix static analysis issues merged upstream
(https://gitlab.freedesktop.org/slirp/libslirp/-/merge_requests/41)
- Related: #1821193
[4.3.0-2]
- initial libslirp build for container-tools 8.3.0 module
- Resolves: #1821193
[4.3.0-1]
- New v4.3.0 release
[4.2.0-2]
- CVE-2020-1983 fix
[4.2.0-1]
- New v4.2.0 release
netavark
[2:1.10.3-1]
- update to https://github.com/containers/netavark/releases/tag/v1.10.3
- Related: Jira:RHEL-2110
[2:1.10.2-1]
- update to https://github.com/containers/netavark/releases/tag/v1.10.2
- Related: Jira:RHEL-2110
[2:1.10.1-1]
- update to https://github.com/containers/netavark/releases/tag/v1.10.1
- Related: Jira:RHEL-2110
[2:1.10.0-1]
- update to https://github.com/containers/netavark/releases/tag/v1.10.0
- Related: Jira:RHEL-2110
[2:1.9.0-1]
- update to https://github.com/containers/netavark/releases/tag/v1.9.0
- Related: Jira:RHEL-2110
[2:1.8.0-2]
- fix directory for systemd units
- Related: Jira:RHEL-2110
[2:1.8.0-1]
- update to https://github.com/containers/netavark/releases/tag/v1.8.0
- Related: Jira:RHEL-2110
[2:1.7.0-1]
- update to https://github.com/containers/netavark/releases/tag/v1.7.0
- Related: #2176055
[2:1.6.0-1]
- update to https://github.com/containers/netavark/releases/tag/v1.6.0
- Related: #2176055
[2:1.5.0-5]
- fix --dns-add command is not functioning
- Resolves: #2182897
oci-seccomp-bpf-hook
[1.2.10-1]
- update to https://github.com/containers/oci-seccomp-bpf-hook/releases/tag/v1.2.10
- Related: Jira:RHEL-2110
[1.2.9-1]
- update to https://github.com/containers/oci-seccomp-bpf-hook/releases/tag/v1.2.9
- Related: #2176055
[1.2.8-2]
- update to https://github.com/containers/oci-seccomp-bpf-hook/releases/tag/v1.2.8
- Related: #2176055
[1.2.8-1]
- update to https://github.com/containers/oci-seccomp-bpf-hook/releases/tag/v1.2.8
- Related: #2123641
[1.2.7-1]
- update to https://github.com/containers/oci-seccomp-bpf-hook/releases/tag/v1.2.7
- Related: #2123641
[1.2.6-1]
- update to https://github.com/containers/oci-seccomp-bpf-hook/releases/tag/v1.2.6
- Related: #2061390
[1.2.5-2]
- BuildRequires: /usr/bin/go-md2man
- Related: #2061390
[1.2.5-1]
- update to https://github.com/containers/oci-seccomp-bpf-hook/releases/tag/v1.2.5
- Related: #2061390
[1.2.3-3]
- change runc dependency to conflict
- Related: #1934415
[1.2.3-2]
- remove unneeded patch
- Related: #1934415
podman
[4.9.4-30.0.1]
- Fixes issue of container created in cgroupv2 not start in cgroupv1 [Orabug: 36136813]
- Fixes container memory limit not set after host is rebooted with cgroupv2 [Orabug: 36136802]
- Fixes issue of podman execvp error while using podmansh [Orabug: 36756665]
[4:4.9.4-30]
- update to the latest content of https://github.com/containers/podman/tree/v4.9-rhel
(https://github.com/containers/podman/commit/79517c7)
- fixes "When using a volume mount that is RO in podman it throws error because runc automatically appends RW to it which throws an error [rhel-8.10.z]"
- Resolves: RHEL-152630
[4:4.9.4-29]
- rebuild for CVE-2025-68121
- Resolves: RHEL-149265
[4:4.9.4-28]
- rebuild
- Resolves: RHEL-140532
[4:4.9.4-27]
- update to the latest content of https://github.com/containers/podman/tree/v4.9-rhel
(https://github.com/containers/podman/commit/702415d)
- fixes "CVE-2025-47913 container-tools:rhel8/podman: golang.org/x/crypto/ssh/agent: SSH client panic due to unexpected SSH_AGENT_SUCCESS [rhel-8.10.z]"
- Resolves: RHEL-130976
[4:4.9.4-26]
- update to the latest content of https://github.com/containers/podman/tree/v4.9-rhel
(https://github.com/containers/podman/commit/837a65c)
- fixes "do not pass volume options as bind mounts options to runtime"
- Resolves: RHEL-132859
[4:4.9.4-25]
- update to the latest content of https://github.com/containers/podman/tree/v4.9-rhel
(https://github.com/containers/podman/commit/638f1d2)
- fixes "[Minor Incident] CVE-2025-52881 container-tools:rhel8/podman: container escape and denial of service due to arbitrary write gadgets and procfs write redirects [rhel-8.10.z]"
- Resolves: RHEL-126904
[4:4.9.4-24]
- rebuild for CVE-2025-58183
- Resolves: RHEL-125654
[4:4.9.4-23]
- update to the latest content of https://github.com/containers/podman/tree/v4.9-rhel
(https://github.com/containers/podman/commit/ff15af1)
- fixes "CVE-2025-9566 container-tools:rhel8/podman: Podman kube play command may overwrite host files [rhel-8.10.z]"
- Resolves: RHEL-113145
[4:4.9.4-22]
- update to the latest content of https://github.com/containers/podman/tree/v4.9-rhel
(https://github.com/containers/podman/commit/6cc8283)
- fixes "CVE-2025-6032 container-tools:rhel8/podman: podman missing TLS verification [rhel-8.10.z]"
- Resolves: RHEL-96702
python-podman
[4.9.0-3]
- sync with release-4.9 branch
- Resolves: RHEL-31069
[4.9.0-2]
- depend directly on urllib3
- Resolves: RHEL-43567
[4.9.0-1]
- update to https://github.com/containers/podman-py/releases/tag/v4.9.0
- Related: Jira:RHEL-2110
[4.8.2-1]
- update to https://github.com/containers/podman-py/releases/tag/v4.8.2
- Related: Jira:RHEL-2110
[4.8.0.post1-1]
- update to https://github.com/containers/podman-py/releases/tag/v4.8.0.post1
- Related: Jira:RHEL-2110
[4.7.0-1]
- update to https://github.com/containers/podman-py/releases/tag/v4.7.0
- Related: Jira:RHEL-2110
[4.6.0-1]
- update to https://github.com/containers/podman-py/releases/tag/v4.6.0
- Related: #2176055
[4.5.1-1]
- update to https://github.com/containers/podman-py/releases/tag/v4.5.1
- Related: #2176055
[4.5.0-1]
- update to https://github.com/containers/podman-py/releases/tag/v4.5.0
- Related: #2176055
[4.4.1-1]
- update to https://github.com/containers/podman-py/releases/tag/v4.4.1
- Related: #2176055
runc
[4:1.2.9-4]
- rebuild for CVE-2025-68121
- Resolves: RHEL-149266
[4:1.2.9-3]
- rebuild for CVE-2025-61729
- Resolves: RHEL-140533
[4:1.2.9-2]
- update to https://github.com/opencontainers/runc/releases/tag/v1.2.9
- Resolves: RHEL-132818
[4:1.2.5-2]
- fix permission regression
- Related: RHEL-122384
[4:1.2.5-1]
- fix CVE-2025-31133 CVE-2025-52565 CVE-2025-52881
- Resolves: RHEL-122384
[1:1.1.12-6]
- Add CPU affinity feature from Kir Kolishkin
- Resolves: RHEL-74865
[1:1.1.12-5]
- bump golang buildrequires
- add no_openssl build tag
- Resolves RHEL-55757
[1:1.1.12-4]
- rebuild for golang fixes
- Related: RHEL-28452
[1:1.1.12-3]
- rebuild for golang fixes
- Related: RHEL-28452
[1:1.1.12-2]
- rebuild for CVE-2024-1394
- Resolves: RHEL-24297
skopeo
[2:1.14.5-7]
- rebuild for CVE-2025-68121
- Resolves: RHEL-149267
[2:1.14.5-6]
- rebuild for CVE-2025-61729
- Resolves: RHEL-140534
[2:1.14.5-5]
- rebuild for CVE-2025-58183
- Resolves: RHEL-125659
[2:1.14.5-4]
- rebuild for CVE-2025-22871
- Resolves: RHEL-89254
[2:1.14.5-3]
- rebuild for golang fixes
- Related: RHEL-28452
[2:1.14.5-2]
- rebuild for golang fixes
- Related: RHEL-28452
[2:1.14.5-1]
- update to the latest content of https://github.com/containers/skopeo/tree/release-1.14
(https://github.com/containers/skopeo/commit/072072b)
- Resolves: RHEL-40801
[2:1.14.4-2]
- rebuild for CVE-2024-24786
- Resolves: RHEL-24297
[2:1.14.4-1]
- update to the latest content of https://github.com/containers/skopeo/tree/release-1.14
(https://github.com/containers/skopeo/commit/78d9c9a)
- Resolves: RHEL-40852
[2:1.14.3-2]
- update to the latest content of https://github.com/containers/skopeo/tree/release-1.14
(https://github.com/containers/skopeo/commit/5f2b9af)
- Resolves: RHEL-28728
slirp4netns
[1.2.3-1]
- update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.2.3
- Related: Jira:RHEL-2110
[1.2.2-1]
- update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.2.2
- Related: Jira:RHEL-2110
[1.2.1-1]
- update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.2.1
- Related: #2176055
[1.2.0-3]
- BuildRequires: /usr/bin/go-md2man
- Related: #2176055
[1.2.0-2]
- BuildRequires: /usr/bin/go-md2man
- Related: #2061390
[1.2.0-1]
- update to https://github.com/rootless-containers/slirp4netns/releases/tag/v1.2.0
- Related: #2061390
[1.1.8-2]
- fix gating - don't use insecure functions - thanks to Marc-André Lureau
- Related: #2001445
[1.1.8-1]
- update to
https://github.com/rootless-containers/slirp4netns/releases/tag/v1.1.8
- Related: #1883490
[1.1.7-2]
- exclude i686 because of build failures
- Related: #1883490
[1.1.7-1]
- update to
https://github.com/rootless-containers/slirp4netns/releases/tag/v1.1.7
- Related: #1883490
udica
[0.2.6-21]
- bump release to preserve update path
- Resolves: RHEL-32671
[0.2.6-20]
- bump release to preserve update path
- Related: #2139052
[0.2.6-4]
- Bump release to match latest release available in rhel-8.6.1
- Resolves: #2139052
[0.2.6-3]
- Make sure each section of the inspect exists before accessing (#2027662)
[0.2.6-2]
- Require container-selinux shipping policy templates (#2005866)
[0.2.6-1]
- update to https://github.com/containers/udica/releases/tag/v0.2.6
- Related: #2001445
[0.2.5-2]
- New rebase https://github.com/containers/udica/releases/tag/v0.2.5 (#1995041)
- Replace capability dictionary with str.lower()
- Enable udica to generate policies with fifo class
- Sort container inspect data before processing
- Update templates to work properly with new cil parser
- Related: #1934415
[0.2.5-1]
- update to https://github.com/containers/udica/releases/tag/v0.2.5
- Related: #1934415
[0.2.4-2]
- remove %check again and all related BRs
- Related: #1934415
[0.2.4-1]
- update to https://github.com/containers/udica/releases/tag/v0.2.4
- Related: #1883490
More information about the El-errata
mailing list