{"update": {"autokarma": true, "autotime": true, "stable_karma": 3, "stable_days": 14, "unstable_karma": -3, "require_bugs": true, "require_testcases": true, "display_name": "", "notes": "Security fix for CVE-2024-1753\n\nAutomatic update for podman-4.9.4-1.fc38.\n\n##### **Changelog for podman**\n\n```\n* Mon Mar 25 2024 Packit <hello@packit.dev> - 5:4.9.4-1\n- [packit] 4.9.4 upstream release\n\n```\n", "type": "security", "status": "stable", "request": null, "severity": "high", "suggest": "unspecified", "locked": false, "pushed": true, "critpath": true, "critpath_groups": "critical-path-build critical-path-compose", "close_bugs": true, "date_submitted": "2024-03-26 09:49:14", "date_modified": "2024-03-27 10:59:56", "date_approved": null, "date_testing": "2024-03-27 02:24:55", "date_stable": "2024-04-03 01:38:00", "alias": "FEDORA-2024-8409b5fa8e", "test_gating_status": "passed", "from_tag": null, "date_pushed": "2024-04-03 01:38:00", "meets_testing_requirements": true, "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-8409b5fa8e", "title": "podman-4.9.4-1.fc38", "version_hash": "5d45b39710118e19f41f73af300a6c7b74c0a1a1", "release": {"name": "F38", "long_name": "Fedora 38", "version": "38", "id_prefix": "FEDORA", "branch": "f38", "dist_tag": "f38", "stable_tag": "f38-updates", "testing_tag": "f38-updates-testing", "candidate_tag": "f38-updates-candidate", "pending_signing_tag": "f38-signing-pending", "pending_testing_tag": "f38-updates-testing-pending", "pending_stable_tag": "f38-updates-pending", "override_tag": "f38-override", "mail_template": "fedora_errata_template", "state": "archived", "composed_by_bodhi": true, "create_automatic_updates": false, "package_manager": "dnf", "testing_repository": "updates-testing", "released_on": null, "eol": "2024-05-21", "critpath_mandatory_days_in_testing": 14, "mandatory_days_in_testing": 7, "critpath_min_karma": 2, "min_karma": 1, "setting_status": null}, "user": {"name": "packit", "email": "user-cont-team+packit-fas@redhat.com", "id": 6406, "avatar": "https://seccdn.libravatar.org/avatar/89c7891f6b2fd89e071b61fd0582f846380026f81a92cf5349cc101484b12d46?s=24&d=retro", "openid": "packit.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "centosproject-email-aliases"}, {"name": "git-packit-team"}, {"name": "sig-cloud"}, {"name": "bodhi_update_bots"}]}, "comments": [{"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for testing by packit. ", "timestamp": "2024-03-26 09:49:15", "update_id": 600079, "user_id": 91, "id": 3466069, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'waiting'.", "timestamp": "2024-03-26 09:49:15", "update_id": 600079, "user_id": 91, "id": 3466070, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'waiting'.", "timestamp": "2024-03-26 09:49:16", "update_id": 600079, "user_id": 91, "id": 3466071, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'failed'.", "timestamp": "2024-03-26 11:40:35", "update_id": 600079, "user_id": 91, "id": 3466149, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to testing.", "timestamp": "2024-03-27 02:25:46", "update_id": 600079, "user_id": 91, "id": 3467155, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "lsm5 edited this update.", "timestamp": "2024-03-27 10:59:56", "update_id": 600079, "user_id": 91, "id": 3467514, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'waiting'.", "timestamp": "2024-03-27 11:00:40", "update_id": 600079, "user_id": 91, "id": 3467519, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update's test gating status has been changed to 'passed'.", "timestamp": "2024-03-27 11:00:40", "update_id": 600079, "user_id": 91, "id": 3467520, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2024-03-29 04:03:40", "update_id": 600079, "user_id": 5881, "id": 3469946, "bug_feedback": [{"karma": 0, "comment_id": 3469946, "bug_id": 2265513, "bug": {"bug_id": 2265513, "title": "CVE-2024-1753 buildah: full container escape at build time", "security": true, "parent": true}}, {"karma": 0, "comment_id": 3469946, "bug_id": 2270124, "bug": {"bug_id": 2270124, "title": "TRIAGE CVE-2024-1753 podman: full container escape at build time [fedora-all]", "security": true, "parent": false}}], "testcase_feedback": [], "user": {"name": "geraldosimiao", "email": "geraldo.simiao.kutz@gmail.com", "id": 5881, "avatar": "https://seccdn.libravatar.org/avatar/03fa5b58e8ac78544bf41ad8ecf9ee1920f2ebedb86542c2f4cdf7ef15813168?s=24&d=retro", "openid": "geraldosimiao.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "fedora-br"}, {"name": "advocates"}, {"name": "respins-sig"}]}}, {"karma": 1, "karma_critpath": 0, "text": "no regressions noted", "timestamp": "2024-03-30 21:19:35", "update_id": 600079, "user_id": 124, "id": 3471305, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "filiperosset", "email": "rosset.filipe@gmail.com", "id": 124, "avatar": "https://seccdn.libravatar.org/avatar/f4394b8fb4c9a99c4b534dc724912fe75a5b87fe15048985ece8388c2441d0ca?s=24&d=retro", "openid": "filiperosset.id.fedoraproject.org", "groups": [{"name": "proventesters"}, {"name": "packager"}, {"name": "provenpackager"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "l10n"}, {"name": "cvsl10n"}, {"name": "fedora-br"}, {"name": "trust admins"}]}}, {"karma": 0, "karma_critpath": 0, "text": "This update can be pushed to stable now if the maintainer wishes", "timestamp": "2024-03-30 21:21:18", "update_id": 600079, "user_id": 91, "id": 3471335, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been submitted for stable by lsm5. ", "timestamp": "2024-04-02 12:43:38", "update_id": 600079, "user_id": 91, "id": 3473678, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}, {"karma": 0, "karma_critpath": 0, "text": "This update has been pushed to stable.", "timestamp": "2024-04-03 01:38:34", "update_id": 600079, "user_id": 91, "id": 3474455, "bug_feedback": [], "testcase_feedback": [], "user": {"name": "bodhi", "email": null, "id": 91, "avatar": "https://apps.fedoraproject.org/img/icons/bodhi-24.png", "openid": "bodhi.id.fedoraproject.org", "groups": []}}], "builds": [{"nvr": "podman-4.9.4-1.fc38", "signed": true, "release_id": 66, "type": "rpm", "epoch": 5}], "bugs": [{"bug_id": 2265513, "title": "CVE-2024-1753 buildah: full container escape at build time", "security": true, "parent": true, "feedback": [{"karma": 0, "comment_id": 3461752, "bug_id": 2265513, "comment": {"karma": 1, "karma_critpath": 0, "text": "passes CoreOS tests", "timestamp": "2024-03-23 00:34:55", "update_id": 598792, "user_id": 659, "id": 3461752, "testcase_feedback": [], "user": {"name": "dustymabe", "email": "dusty@dustymabe.com", "id": 659, "avatar": "https://seccdn.libravatar.org/avatar/9ec855a28fe61a7fe3d6788882c87ee4c95b38da423234fbb70673a977552c4c?s=24&d=retro", "openid": "dustymabe.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "sysadmin-badges"}, {"name": "aws"}, {"name": "qa-beaker-user"}, {"name": "gitfedora-web"}, {"name": "centosproject-email-aliases"}, {"name": "fi-apprentice"}, {"name": "sysadmin-veteran"}, {"name": "web"}, {"name": "sig-paas"}, {"name": "atomic-wg"}, {"name": "qa"}, {"name": "fedorabugs"}, {"name": "msftazure"}, {"name": "pungi-devel"}, {"name": "qa-automation-shell"}, {"name": "sysadmin-fedimg"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "coreos"}, {"name": "sysadmin"}, {"name": "communishift"}, {"name": "aws-fcos-mgmt"}, {"name": "sysadmin-bodhi"}, {"name": "sysadmin-releng"}, {"name": "sysadmin-coreos"}, {"name": "ipausers"}, {"name": "ibmcloud"}, {"name": "discussion-mods-project"}, {"name": "discussion-mods-ask"}, {"name": "hetznercloud"}, {"name": "coreos-sig"}]}}}, {"karma": 0, "comment_id": 3465342, "bug_id": 2265513, "comment": {"karma": 1, "karma_critpath": 0, "text": "Toolboxes and my backup containers (quadlets) keep working fine on silverblue 40.", "timestamp": "2024-03-25 20:29:32", "update_id": 598792, "user_id": 7838, "id": 3465342, "testcase_feedback": [], "user": {"name": "job79", "email": "job@plabble.org", "id": 7838, "avatar": "https://seccdn.libravatar.org/avatar/a8be6781602a360192b643842d6c46f919da9c4b24eee3e317c7946c0be67205?s=24&d=retro", "openid": "job79.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}]}}}, {"karma": 0, "comment_id": 3467673, "bug_id": 2265513, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2024-03-27 13:39:42", "update_id": 600080, "user_id": 5881, "id": 3467673, "testcase_feedback": [], "user": {"name": "geraldosimiao", "email": "geraldo.simiao.kutz@gmail.com", "id": 5881, "avatar": "https://seccdn.libravatar.org/avatar/03fa5b58e8ac78544bf41ad8ecf9ee1920f2ebedb86542c2f4cdf7ef15813168?s=24&d=retro", "openid": "geraldosimiao.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "fedora-br"}, {"name": "advocates"}, {"name": "respins-sig"}]}}}, {"karma": 0, "comment_id": 3469946, "bug_id": 2265513, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2024-03-29 04:03:40", "update_id": 600079, "user_id": 5881, "id": 3469946, "testcase_feedback": [], "user": {"name": "geraldosimiao", "email": "geraldo.simiao.kutz@gmail.com", "id": 5881, "avatar": "https://seccdn.libravatar.org/avatar/03fa5b58e8ac78544bf41ad8ecf9ee1920f2ebedb86542c2f4cdf7ef15813168?s=24&d=retro", "openid": "geraldosimiao.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "fedora-br"}, {"name": "advocates"}, {"name": "respins-sig"}]}}}]}, {"bug_id": 2270124, "title": "TRIAGE CVE-2024-1753 podman: full container escape at build time [fedora-all]", "security": true, "parent": false, "feedback": [{"karma": 0, "comment_id": 3461752, "bug_id": 2270124, "comment": {"karma": 1, "karma_critpath": 0, "text": "passes CoreOS tests", "timestamp": "2024-03-23 00:34:55", "update_id": 598792, "user_id": 659, "id": 3461752, "testcase_feedback": [], "user": {"name": "dustymabe", "email": "dusty@dustymabe.com", "id": 659, "avatar": "https://seccdn.libravatar.org/avatar/9ec855a28fe61a7fe3d6788882c87ee4c95b38da423234fbb70673a977552c4c?s=24&d=retro", "openid": "dustymabe.id.fedoraproject.org", "groups": [{"name": "packager"}, {"name": "sysadmin-badges"}, {"name": "aws"}, {"name": "qa-beaker-user"}, {"name": "gitfedora-web"}, {"name": "centosproject-email-aliases"}, {"name": "fi-apprentice"}, {"name": "sysadmin-veteran"}, {"name": "web"}, {"name": "sig-paas"}, {"name": "atomic-wg"}, {"name": "qa"}, {"name": "fedorabugs"}, {"name": "msftazure"}, {"name": "pungi-devel"}, {"name": "qa-automation-shell"}, {"name": "sysadmin-fedimg"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "coreos"}, {"name": "sysadmin"}, {"name": "communishift"}, {"name": "aws-fcos-mgmt"}, {"name": "sysadmin-bodhi"}, {"name": "sysadmin-releng"}, {"name": "sysadmin-coreos"}, {"name": "ipausers"}, {"name": "ibmcloud"}, {"name": "discussion-mods-project"}, {"name": "discussion-mods-ask"}, {"name": "hetznercloud"}, {"name": "coreos-sig"}]}}}, {"karma": 0, "comment_id": 3465342, "bug_id": 2270124, "comment": {"karma": 1, "karma_critpath": 0, "text": "Toolboxes and my backup containers (quadlets) keep working fine on silverblue 40.", "timestamp": "2024-03-25 20:29:32", "update_id": 598792, "user_id": 7838, "id": 3465342, "testcase_feedback": [], "user": {"name": "job79", "email": "job@plabble.org", "id": 7838, "avatar": "https://seccdn.libravatar.org/avatar/a8be6781602a360192b643842d6c46f919da9c4b24eee3e317c7946c0be67205?s=24&d=retro", "openid": "job79.id.fedoraproject.org", "groups": [{"name": "ipausers"}, {"name": "signed_fpca"}]}}}, {"karma": 0, "comment_id": 3467673, "bug_id": 2270124, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2024-03-27 13:39:42", "update_id": 600080, "user_id": 5881, "id": 3467673, "testcase_feedback": [], "user": {"name": "geraldosimiao", "email": "geraldo.simiao.kutz@gmail.com", "id": 5881, "avatar": "https://seccdn.libravatar.org/avatar/03fa5b58e8ac78544bf41ad8ecf9ee1920f2ebedb86542c2f4cdf7ef15813168?s=24&d=retro", "openid": "geraldosimiao.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "fedora-br"}, {"name": "advocates"}, {"name": "respins-sig"}]}}}, {"karma": 0, "comment_id": 3469946, "bug_id": 2270124, "comment": {"karma": 1, "karma_critpath": 0, "text": "", "timestamp": "2024-03-29 04:03:40", "update_id": 600079, "user_id": 5881, "id": 3469946, "testcase_feedback": [], "user": {"name": "geraldosimiao", "email": "geraldo.simiao.kutz@gmail.com", "id": 5881, "avatar": "https://seccdn.libravatar.org/avatar/03fa5b58e8ac78544bf41ad8ecf9ee1920f2ebedb86542c2f4cdf7ef15813168?s=24&d=retro", "openid": "geraldosimiao.id.fedoraproject.org", "groups": [{"name": "qa"}, {"name": "ipausers"}, {"name": "fedora-contributor"}, {"name": "signed_fpca"}, {"name": "fedorabugs"}, {"name": "ambassadors"}, {"name": "fedora-br"}, {"name": "advocates"}, {"name": "respins-sig"}]}}}]}], "updateid": "FEDORA-2024-8409b5fa8e", "karma": 2, "content_type": "rpm", "test_cases": []}, "can_edit": false, "ci_allowed": false}