[scarthgap][PATCH v2] podman: Upgrade 5.0.1 -> 5.0.3

All of lore.kernel.org
 help / color / mirror / Atom feed

* [scarthgap][PATCH v2] podman: Upgrade 5.0.1 -> 5.0.3
@ 2026-04-24  9:47 mingli.yu
  2026-04-28 11:43 ` [meta-virtualization] " Bruce Ashfield
  0 siblings, 1 reply; 2+ messages in thread
From: mingli.yu @ 2026-04-24  9:47 UTC (permalink / raw)
  To: meta-virtualization

From: Mingli Yu <mingli.yu@windriver.com>

Upgrade podman to 5.0.3 to include some bugfixes and some security fix
such as CVE-2024-3727 [1].

Release notes:
Security
  This release addresses CVE-2024-3727, a vulnerability in the
containers/image library which allows attackers to trigger authenticated
registry access on behalf of the victim user.

Bugfixes
  Fixed a bug where podman machine start would fail if the machine
had a volume with a long target path (#22226).
  Fixed a bug where podman machine start mounted volumes with paths
that included dashes in the wrong location (#22505).

Misc
  Updated Buildah to v1.35.4
  Updated the containers/common library to v0.58.3
  Updated the containers/image library to v5.30.1

[1] https://github.com/containers/podman/releases/tag/v5.0.3

Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
---
 recipes-containers/podman/podman_git.bb | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/recipes-containers/podman/podman_git.bb b/recipes-containers/podman/podman_git.bb
index ef9798f0..b80b8d5b 100644
--- a/recipes-containers/podman/podman_git.bb
+++ b/recipes-containers/podman/podman_git.bb
@@ -17,7 +17,7 @@ DEPENDS = " \
     gettext-native \
 "
 
-SRCREV = "bb81e85a430fa95d23a15b77c717fd68bf06ebf2"
+SRCREV = "d08315df35cb6e95f65bf3935f529295c6e54742"
 SRC_URI = " \
     git://github.com/containers/libpod.git;branch=v5.0;protocol=https \
     ${@bb.utils.contains('PACKAGECONFIG', 'rootless', 'file://50-podman-rootless.conf', '', d)} \
@@ -33,7 +33,7 @@ GO_IMPORT = "import"
 
 S = "${WORKDIR}/git"
 
-PV = "5.0.1+git"
+PV = "5.0.3+git"
 
 CVE_STATUS[CVE-2022-2989] = "fixed-version: fixed since v4.3.0"
 CVE_STATUS[CVE-2023-0778] = "fixed-version: fixed since v4.5.0"
-- 
2.49.0



^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [meta-virtualization] [scarthgap][PATCH v2] podman: Upgrade 5.0.1 -> 5.0.3
  2026-04-24  9:47 [scarthgap][PATCH v2] podman: Upgrade 5.0.1 -> 5.0.3 mingli.yu
@ 2026-04-28 11:43 ` Bruce Ashfield
  0 siblings, 0 replies; 2+ messages in thread
From: Bruce Ashfield @ 2026-04-28 11:43 UTC (permalink / raw)
  To: mingli.yu; +Cc: meta-virtualization

merged.

Bruce

In message: [meta-virtualization] [scarthgap][PATCH v2] podman: Upgrade 5.0.1 -> 5.0.3
on 24/04/2026 Yu, Mingli via lists.yoctoproject.org wrote:

> From: Mingli Yu <mingli.yu@windriver.com>
> 
> Upgrade podman to 5.0.3 to include some bugfixes and some security fix
> such as CVE-2024-3727 [1].
> 
> Release notes:
> Security
>   This release addresses CVE-2024-3727, a vulnerability in the
> containers/image library which allows attackers to trigger authenticated
> registry access on behalf of the victim user.
> 
> Bugfixes
>   Fixed a bug where podman machine start would fail if the machine
> had a volume with a long target path (#22226).
>   Fixed a bug where podman machine start mounted volumes with paths
> that included dashes in the wrong location (#22505).
> 
> Misc
>   Updated Buildah to v1.35.4
>   Updated the containers/common library to v0.58.3
>   Updated the containers/image library to v5.30.1
> 
> [1] https://github.com/containers/podman/releases/tag/v5.0.3
> 
> Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
> ---
>  recipes-containers/podman/podman_git.bb | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/recipes-containers/podman/podman_git.bb b/recipes-containers/podman/podman_git.bb
> index ef9798f0..b80b8d5b 100644
> --- a/recipes-containers/podman/podman_git.bb
> +++ b/recipes-containers/podman/podman_git.bb
> @@ -17,7 +17,7 @@ DEPENDS = " \
>      gettext-native \
>  "
>  
> -SRCREV = "bb81e85a430fa95d23a15b77c717fd68bf06ebf2"
> +SRCREV = "d08315df35cb6e95f65bf3935f529295c6e54742"
>  SRC_URI = " \
>      git://github.com/containers/libpod.git;branch=v5.0;protocol=https \
>      ${@bb.utils.contains('PACKAGECONFIG', 'rootless', 'file://50-podman-rootless.conf', '', d)} \
> @@ -33,7 +33,7 @@ GO_IMPORT = "import"
>  
>  S = "${WORKDIR}/git"
>  
> -PV = "5.0.1+git"
> +PV = "5.0.3+git"
>  
>  CVE_STATUS[CVE-2022-2989] = "fixed-version: fixed since v4.3.0"
>  CVE_STATUS[CVE-2023-0778] = "fixed-version: fixed since v4.5.0"
> -- 
> 2.49.0
> 

> 
> -=-=-=-=-=-=-=-=-=-=-=-
> Links: You receive all messages sent to this group.
> View/Reply Online (#9742): https://lists.yoctoproject.org/g/meta-virtualization/message/9742
> Mute This Topic: https://lists.yoctoproject.org/mt/118985012/1050810
> Group Owner: meta-virtualization+owner@lists.yoctoproject.org
> Unsubscribe: https://lists.yoctoproject.org/g/meta-virtualization/unsub [bruce.ashfield@gmail.com]
> -=-=-=-=-=-=-=-=-=-=-=-
> 



^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2026-04-28 11:43 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-04-24  9:47 [scarthgap][PATCH v2] podman: Upgrade 5.0.1 -> 5.0.3 mingli.yu
2026-04-28 11:43 ` [meta-virtualization] " Bruce Ashfield

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.