Files
Paul Holzinger 75ffb356d8 [v5.6-rhel] kube play: don't follow volume symlinks onto the host
For ConfigMap and Secret kube play volumes podman populates the data
from the yaml. However the volume content is not controlled by us and we
can be tricked following a symlink to a file on the host instead.

Fixes: CVE-2025-9566

Fixes: https://issues.redhat.com/browse/RHEL-113140, https://issues.redhat.com/browse/RHEL-113151

Signed-off-by: Paul Holzinger <pholzing@redhat.com>
Signed-off-by: tomsweeneyredhat <tsweeney@redhat.com>
2025-09-08 17:06:14 -04:00
..
2025-03-16 13:40:16 +00:00
2022-12-15 13:39:56 +01:00
2024-10-21 17:37:20 +01:00
2025-06-26 19:37:14 +02:00
2024-02-08 09:35:39 -05:00
2025-06-26 19:37:15 +02:00
2025-03-02 19:47:44 +02:00
2025-03-31 12:27:55 -07:00
2025-06-26 19:37:16 +02:00
2025-03-11 17:21:24 +01:00