[CLSA-2026:1784074201] podman: Fix of CVE-2026-57231
Type:
security
Severity:
Important
Release date:
2026-07-15 00:10:14 UTC
Description:
- CVE-2026-57231: reject image environment variables that are not strict key=value in ParseImageEnvs(), preventing a crafted image from leaking matching host environment variables into the container
CVEs fixed:
Updated packages:
  • podman-4.4.1-13.el9_2.tuxcare.els14.x86_64.rpm
    sha:bc6f88e8591a2a1e8a9f6c461d77102e30a331dfd127a392f406a9b5cfbcbbd7
  • podman-docker-4.4.1-13.el9_2.tuxcare.els14.noarch.rpm
    sha:6702980640dda4f3a86d46054e9febc0919eea9a7fa1f670decdbde0c3213cb1
  • podman-gvproxy-4.4.1-13.el9_2.tuxcare.els14.x86_64.rpm
    sha:73e1c6f2d97788a152eb4b9e738b389e036092e44bd1859471ccc69f7b0edefd
  • podman-plugins-4.4.1-13.el9_2.tuxcare.els14.x86_64.rpm
    sha:5a4d5f123fe14e074fa55c73f1f563322404b1ef2f689dc13e73996bca0ef506
  • podman-remote-4.4.1-13.el9_2.tuxcare.els14.x86_64.rpm
    sha:cf3d5b2684d1047972694d61ac05c1def9d451809476ec34747ec778f8fe63dc
  • podman-tests-4.4.1-13.el9_2.tuxcare.els14.x86_64.rpm
    sha:03d4a2679cedada464c25607b5744d819a9a68080c3a4091f3dd19e1f1578d4f
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.