[v1.13] backport fixes for CVE-2022-1227 (Podman v1.6.4)#1206
Merged
giuseppe merged 2 commits intocontainers:release-1.13from Apr 20, 2022
Merged
[v1.13] backport fixes for CVE-2022-1227 (Podman v1.6.4)#1206giuseppe merged 2 commits intocontainers:release-1.13from
giuseppe merged 2 commits intocontainers:release-1.13from
Conversation
Member
Author
|
@cevich the CI images are gone. Any chance we can get them back? |
While the IDMapping methods are preferable for most users, sometimes it is necessary to map a single ID using a given mapping. In particular this is needed for psgo to be able to map the user and group entries in /proc/$pid/status using the user namespace of the target process. Required to resolve CVE-2022-1227 for Podman v1.6.4. Signed-off-by: Aleksa Sarai <cyphar@cyphar.com> Backported-by: Valentin Rothberg <vrothberg@redhat.com>
vrothberg
force-pushed
the
1.13-backports
branch
from
40bb7c8 to
33feddc
Compare
Member
Author
|
@rhatdan PTAL |
Member
Unlikely, these images predate sanity 😆 Seriously, I have zero keepalive jobs setup on this repo. It was discussed a few times and deemed not worth the effort. I'm open to changing that stance, if similar unavailability is going to potentially cause future pain w/o workarounds. |
Member
|
LGTM |
Member
Author
|
@giuseppe can we get this in? |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
5 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bump to v1.13.7 at the same time. Note that there is also a
v1.13-stablebranch which I find confusing. Podman v1.6.4 is vendoring c/storage v1.13.6, so we are good in this case.@giuseppe @rhatdan @lsm5 PTAL
Cc: @TomSweeneyRedHat
Let the dance continue man_dancing woman_dancing