| Summary: | app-containers/buildah: Denial of Service with invalid JSON input | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | Rahil Bhimjiani <me> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | UNCONFIRMED --- | ||
| Severity: | normal | CC: | me |
| Priority: | Normal | Keywords: | PullRequest, SECURITY |
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://github.com/containers/buildah/commit/699d1ed51d5ff0116803c2a2c71d51b628d36b33#commitcomment-140115370 | ||
| See Also: | https://github.com/gentoo/gentoo/pull/35943 | ||
| Whiteboard: | |||
| Package list: | Runtime testing required: | --- | |
| Bug Depends on: | 927575 | ||
| Bug Blocks: | 927498 | ||
|
Description
Rahil Bhimjiani
2024-03-22 10:22:05 UTC
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=da62fc25c5269bad61409b528c7cd456de6f2a9d commit da62fc25c5269bad61409b528c7cd456de6f2a9d Author: Rahil Bhimjiani <me@rahil.rocks> AuthorDate: 2024-03-22 10:45:37 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2024-03-23 08:29:05 +0000 app-containers/buildah: add 1.33.7 and 1.34.3 fix security issues Bug: https://bugs.gentoo.org/show_bug.cgi?id=927502 Bug: https://bugs.gentoo.org/show_bug.cgi?id=927499 Signed-off-by: Rahil Bhimjiani <me@rahil.rocks> Signed-off-by: Sam James <sam@gentoo.org> app-containers/buildah/Manifest | 2 + app-containers/buildah/buildah-1.33.7.ebuild | 122 +++++++++++++++++++++++++++ app-containers/buildah/buildah-1.34.3.ebuild | 122 +++++++++++++++++++++++++++ 3 files changed, 246 insertions(+) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=43b007f04043855ca1604cc6499576b235703282 commit 43b007f04043855ca1604cc6499576b235703282 Author: Rahil Bhimjiani <me@rahil.rocks> AuthorDate: 2024-03-27 05:32:49 +0000 Commit: Zac Medico <zmedico@gentoo.org> CommitDate: 2024-03-31 00:05:41 +0000 app-containers/buildah: add 1.35.3 Bug: https://bugs.gentoo.org/927499 Bug: https://bugs.gentoo.org/927502 Signed-off-by: Rahil Bhimjiani <me@rahil.rocks> From: https://github.com/gentoo/gentoo/pull/35943 Signed-off-by: Zac Medico <zmedico@gentoo.org> app-containers/buildah/Manifest | 1 + app-containers/buildah/buildah-1.35.3.ebuild | 128 +++++++++++++++++++++++++++ 2 files changed, 129 insertions(+) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=2548753d633ea5a15c023e8584418a96fd1823a6 commit 2548753d633ea5a15c023e8584418a96fd1823a6 Author: Rahil Bhimjiani <me@rahil.rocks> AuthorDate: 2024-03-31 07:23:24 +0000 Commit: Zac Medico <zmedico@gentoo.org> CommitDate: 2024-04-01 00:35:09 +0000 app-containers/buildah: cleanup vulnerable versions 1.33.5, 1.33.6 1.34.0 1.35.1 Signed-off-by: Rahil Bhimjiani <me@rahil.rocks> Bug: https://bugs.gentoo.org/927499 Bug: https://bugs.gentoo.org/927502 Closes: https://github.com/gentoo/gentoo/pull/36011 Signed-off-by: Zac Medico <zmedico@gentoo.org> app-containers/buildah/Manifest | 4 - app-containers/buildah/buildah-1.33.5.ebuild | 125 ------------------------- app-containers/buildah/buildah-1.33.6.ebuild | 125 ------------------------- app-containers/buildah/buildah-1.34.0.ebuild | 125 ------------------------- app-containers/buildah/buildah-1.35.1.ebuild | 132 --------------------------- 5 files changed, 511 deletions(-) |
