opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-12-04 04:09:40 +08:00
Code Issues Packages Projects Releases Wiki Activity

Address CVE-2024-3727

Browse Source 
This addrress the CVE-2024-3727 by pulling in the top of main for

c/image, c/common, and c/buildah, all of which have the fix.

Addresses: CVE-2024-3727
No associated Jira cards at the moment.

Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
This commit is contained in:
tomsweeneyredhat
2024-05-13 10:55:18 -04:00
parent 0c09421f85
commit 6830d0e3c8
34 changed files with 448 additions and 142 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
vendor/github.com/containers/image/v5/docker/docker_image.go generated vendored
View File

@@ -88,7 +88,12 @@ func GetRepositoryTags(ctx context.Context, sys *types.SystemContext, ref types.
if err = json.NewDecoder(res.Body).Decode(&tagsHolder); err != nil {
return nil, err
}
tags = append(tags, tagsHolder.Tags...)
for _, tag := range tagsHolder.Tags {
if _, err := reference.WithTag(dr.ref, tag); err != nil { // Ensure the tag does not contain unexpected values
return nil, fmt.Errorf("registry returned invalid tag %q: %w", tag, err)
}
tags = append(tags, tag)
}
link := res.Header.Get("Link")
if link == "" {