[v4.4.1-crio] Bump Buildah to v1.29.3 CVE-2024-1753 #22210
Conversation
As the title says. Addresses CVE-2024-1753 https://issues.redhat.com/browse/OCPBUGS-30996 [NO NEW TESTS NEEDED] Signed-off-by: tomsweeneyredhat <[email protected]>
|
[APPROVALNOTIFIER] This PR is APPROVED This pull-request has been approved by: TomSweeneyRedHat The full list of commands accepted by this bot can be found here. The pull request process is described here
Needs approval from an approver in each of these files:
Approvers can indicate their approval by writing |
openshift-ci
bot
added
the
approved
|
@mheon PTAL. I strongly suspect this will be bloated too |
mheon
added
the
bloat_approved
|
@edsantiago any thoughts on the test errors here? |
|
The common error I see is ...which doesn't really give anyone anything to go on. @giuseppe? |
|
I think we're missing a patch in this branch, but it's hard to say which one. |
that error means that we are trying to use a gid that is not present in the current user namespace. In other words, we are using a too small user namespace for the specified gid. |
the one above could fail for the same reason |
|
if the branch is used only for CRI-O, then rootless should not matter |
|
/lgtm |
|
CI on this branch is obviously broken and has been since it was created. I'm still concerned because this is not specifically for CRI-O, just for OCP, but we have merged into the branch before despite failing CI. |
stale-locking-app
bot
added
the
locked - please file new issue/PR
As the title says. Addresses CVE-2024-1753
https://issues.redhat.com/browse/OCPBUGS-30996
[NO NEW TESTS NEEDED]
Does this PR introduce a user-facing change?