CVE-2024-1753 fix for main

Bump to the version of Buidah in it's main branch to get the CVE-2024-1753 fix. [NO NEW TESTS NEEDED] Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
2025-12-08 06:39:05 +08:00 · 2024-03-18 16:30:00 -04:00
parent 8a643c243e
commit 079bfb085a
72 changed files with 838 additions and 2056 deletions
--- a/vendor/github.com/containers/common/libnetwork/internal/rootlessnetns/netns_linux.go
+++ b/vendor/github.com/containers/common/libnetwork/internal/rootlessnetns/netns_linux.go
@@ -158,7 +158,8 @@ func (n *Netns) setupPasta(nsPath string) error {
 		Netns:        nsPath,
 		ExtraOptions: []string{"--pid", pidPath},
 	}
-	if err := pasta.Setup(&pastaOpts); err != nil {
+	res, err := pasta.Setup2(&pastaOpts)
+	if err != nil {
 		return fmt.Errorf("setting up Pasta: %w", err)
 	}

@@ -185,11 +186,9 @@ func (n *Netns) setupPasta(nsPath string) error {
 		Namespaces: []specs.LinuxNamespace{
 			{Type: specs.NetworkNamespace},
 		},
-		// TODO: Need a way to determine if there is a valid v6 address on any
-		// external interface of the system.
-		IPv6Enabled:     false,
+		IPv6Enabled:     res.IPv6,
 		KeepHostServers: true,
-		Nameservers:     []string{},
+		Nameservers:     res.DNSForwardIPs,
 	}); err != nil {
 		return wrapError("create resolv.conf", err)
 	}