opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-08-23 17:22:30 +08:00
Code Issues Packages Projects Releases Wiki Activity

Update release notes for 5.2.5

Browse Source 
Signed-off-by: Matt Heon <mheon@redhat.com>
This commit is contained in:
Matt Heon
2024-10-18 10:49:59 -04:00
parent 4d2bf24807
commit 62d5d47ebf
1 changed files with 9 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
RELEASE_NOTES.md
View File

@ -1,5 +1,14 @@
# Release Notes # Release Notes
## 5.2.5
### Security
- This release addresses [CVE-2024-9675](https://access.redhat.com/security/cve/cve-2024-9675), which allows arbitrary access to the host filesystem from `RUN --mount type=cache` arguments to a Dockerfile being built.
- This release also addresses [CVE-2024-9676](https://access.redhat.com/security/cve/cve-2024-9676), which allows malicious images with a symlink `/etc/passwd` or `/etc/group` to potentially cause a denial of service through reading a FIFO on the host.
### Misc
- Updated Buildah to v1.37.5
- Updated the containers/storage library to v1.55.1
## 5.2.4 ## 5.2.4
### Security ### Security
- This release addresses [CVE-2024-9407](https://github.com/advisories/GHSA-fhqq-8f65-5xfc), which allows arbitrary access to the host filesystem from `RUN --mount` arguments to a Dockerfile being built. - This release addresses [CVE-2024-9407](https://github.com/advisories/GHSA-fhqq-8f65-5xfc), which allows arbitrary access to the host filesystem from `RUN --mount` arguments to a Dockerfile being built.