mirror of
https://github.com/containers/podman.git
synced 2025-10-17 03:04:21 +08:00
017535d05e
* Utils must support higher level API to create Tar with chrooted into directory * Volume export: use TarwithChroot instead of Tar so we can make sure no symlink can be exported by tar if it exists outside of the source directory. * container export: use chroot and Tar instead of Tar so we can make sure no symlink can be exported by tar if it exists outside of the mointPoint. [NO NEW TESTS NEEDED] [NO TESTS NEEDED] Race needs combination of external/in-container mechanism which is hard to repro in CI. CVE: https://access.redhat.com/security/cve/CVE-2023-0778 Signed-off-by: Aditya R <arajan@redhat.com> MH: Cherry-pick to v4.4.1-rhel per RHBZ 2169618 Signed-off-by: Matt Heon <mheon@redhat.com>