Security
- This release addresses CVE-2024-9675, which allows arbitrary access to the host filesystem from
RUN --mount type=cache
arguments to a Dockerfile being built. - This release also addresses CVE-2024-9676, which allows malicious images with a symlink
/etc/passwd
or/etc/group
to potentially cause a denial of service through reading a FIFO on the host.
Misc
- Updated Buildah to v1.37.5
- Updated the containers/storage library to v1.55.1