mirror of
https://github.com/containers/podman.git
synced 2025-05-20 00:27:03 +08:00
a5d8acb304
* Utils must support higher level API to create Tar with chrooted into directory * Volume export: use TarwithChroot instead of Tar so we can make sure no symlink can be exported by tar if it exists outside of the source directory. * container export: use chroot and Tar instead of Tar so we can make sure no symlink can be exported by tar if it exists outside of the mointPoint. [NO NEW TESTS NEEDED] [NO TESTS NEEDED] Race needs combination of external/in-container mechanism which is hard to repro in CI. Closes: BZ:#2168256 CVE: https://access.redhat.com/security/cve/CVE-2023-0778 Signed-off-by: Aditya R <arajan@redhat.com> MH: Backport to v4.4-rhel per RHBZ 2169617 Signed-off-by: Matt Heon <mheon@redhat.com>