Multiple vulnerabilities have been discovered in Buildah, the worst of which could lead to privilege escalation.
Package | app-containers/buildah on all architectures |
---|---|
Affected versions | < 1.35.3 |
Unaffected versions | >= 1.35.3 |
Buildah is a tool that facilitates building Open Container Initiative (OCI) container images
Please review the referenced CVE identifiers for details.
Please review the referenced CVE identifiers for details.
There is no known workaround at this time.
All Buildah users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-containers/buildah-1.35.3"