Skip to content

fix(podman): CVE-2026-57231 - Fix env var leak from container images#11

Open
deepin-ci-robot wants to merge 1 commit into
masterfrom
fix/CVE-2026-57231
Open

fix(podman): CVE-2026-57231 - Fix env var leak from container images#11
deepin-ci-robot wants to merge 1 commit into
masterfrom
fix/CVE-2026-57231

Conversation

@deepin-ci-robot

Copy link
Copy Markdown

Description

Fix CVE-2026-57231: A container image that contains an environment variable with just a key and no value can trick podman into passing that variable from the host into the container.

Patch

Backport of upstream commit 6c431b73 from podman-container-tools/podman.

References

Fix image host env leak: container image with env var key-only (no value)
can leak host env vars into container. An asterisk (*) would leak all
host env vars.

Upstream: podman-container-tools/podman@6c431b7
Co-Authored-By: hudeng <hudeng@deepin.org>
@deepin-ci-robot

Copy link
Copy Markdown
Author

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@github-actions

github-actions Bot commented Jul 1, 2026

Copy link
Copy Markdown

TAG Bot

TAG: 5.2.5-1deepin3
EXISTED: no
DISTRIBUTION: unstable

@hudeng-go

Copy link
Copy Markdown

/integrate

@github-actions

github-actions Bot commented Jul 2, 2026

Copy link
Copy Markdown

AutoIntegrationPr Bot
auto integrate with pr url: deepin-community/Repository-Integration#4223
PrNumber: 4223
PrBranch: auto-integration-28560865824

@deepin-ci-robot

Copy link
Copy Markdown
Author

/integrate

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants