opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-12-05 21:32:22 +08:00
Code Issues Packages Projects Releases Wiki Activity

CVE-2024-1753 fix for main

Browse Source 
Bump to the version of Buidah in it's main branch to get the
CVE-2024-1753 fix.

[NO NEW TESTS NEEDED]

Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
This commit is contained in:
tomsweeneyredhat
2024-03-18 16:30:00 -04:00
parent 8a643c243e
commit 079bfb085a
72 changed files with 838 additions and 2056 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
vendor/github.com/containers/common/libnetwork/etchosts/ip.go generated vendored
View File

@@ -1,6 +1,8 @@
package etchosts
import (
"net"
"github.com/containers/common/libnetwork/types"
"github.com/containers/common/libnetwork/util"
"github.com/containers/common/pkg/config"
@@ -8,9 +10,16 @@ import (
"github.com/containers/storage/pkg/unshare"
)
// GetHostContainersInternalIP return the host.containers.internal ip
// GetHostContainersInternalIP returns the host.containers.internal ip
// if netStatus is not nil then networkInterface also must be non nil otherwise this function panics
func GetHostContainersInternalIP(conf *config.Config, netStatus map[string]types.StatusBlock, networkInterface types.ContainerNetwork) string {
return GetHostContainersInternalIPExcluding(conf, netStatus, networkInterface, nil)
}
// GetHostContainersInternalIPExcluding returns the host.containers.internal ip
// Exclude are ips that should not be returned, this is useful to prevent returning the same ip as in the container.
// if netStatus is not nil then networkInterface also must be non nil otherwise this function panics
func GetHostContainersInternalIPExcluding(conf *config.Config, netStatus map[string]types.StatusBlock, networkInterface types.ContainerNetwork, exclude []net.IP) string {
switch conf.Containers.HostContainersInternalIP {
case "":
// if empty (default) we will automatically choose one below
@@ -27,7 +36,7 @@ func GetHostContainersInternalIP(conf *config.Config, netStatus map[string]types
// Only use the bridge ip when root, as rootless the interfaces are created
// inside the special netns and not the host so we cannot use them.
if unshare.IsRootless() {
return util.GetLocalIP()
return util.GetLocalIPExcluding(exclude)
}
for net, status := range netStatus {
network, err := networkInterface.NetworkInspect(net)
@@ -51,7 +60,7 @@ func GetHostContainersInternalIP(conf *config.Config, netStatus map[string]types
if ip != "" {
return ip
}
return util.GetLocalIP()
return util.GetLocalIPExcluding(exclude)
}
// GetNetworkHostEntries returns HostEntries for all ips in the network status