Console Output
12:05:06 [2024-10-25T12:05:06.009Z] Triggered by CI message.
12:05:06 [2024-10-25T12:05:06.010Z] Checking out git https://github.com/coreos/coreos-ci into /var/lib/jenkins/jobs/bodhi-trigger/workspace@script/d3b3d4b4e048825f14ef13349412308e473bd35ada3022691564437455c6a0eb to read jobs/bodhi-trigger.Jenkinsfile
12:05:06 [2024-10-25T12:05:06.011Z] Selected Git installation does not exist. Using Default
12:05:06 [2024-10-25T12:05:06.011Z] The recommended git tool is: NONE
12:05:06 [2024-10-25T12:05:06.011Z] No credentials specified
12:05:06 [2024-10-25T12:05:06.016Z] > git rev-parse --resolve-git-dir /var/lib/jenkins/jobs/bodhi-trigger/workspace@script/d3b3d4b4e048825f14ef13349412308e473bd35ada3022691564437455c6a0eb/.git # timeout=10
12:05:06 [2024-10-25T12:05:06.021Z] Fetching changes from the remote Git repository
12:05:06 [2024-10-25T12:05:06.021Z] > git config remote.origin.url https://github.com/coreos/coreos-ci # timeout=10
12:05:06 [2024-10-25T12:05:06.028Z] Fetching upstream changes from https://github.com/coreos/coreos-ci
12:05:06 [2024-10-25T12:05:06.028Z] > git --version # timeout=10
12:05:06 [2024-10-25T12:05:06.032Z] > git --version # 'git version 2.39.3'
12:05:06 [2024-10-25T12:05:06.032Z] > git fetch --tags --force --progress -- https://github.com/coreos/coreos-ci +refs/heads/*:refs/remotes/origin/* # timeout=10
12:05:06 [2024-10-25T12:05:06.157Z] > git rev-parse origin/main^{commit} # timeout=10
12:05:06 [2024-10-25T12:05:06.162Z] Checking out Revision ee4a162272ce0fe8e9963c0123732c9bbcedcc55 (origin/main)
12:05:06 [2024-10-25T12:05:06.162Z] > git config core.sparsecheckout # timeout=10
12:05:06 [2024-10-25T12:05:06.167Z] > git checkout -f ee4a162272ce0fe8e9963c0123732c9bbcedcc55 # timeout=10
12:05:06 [2024-10-25T12:05:06.172Z] Commit message: "bodhi-testing: add kexec-tools and makedumpfile"
12:05:06 [2024-10-25T12:05:06.172Z] > git rev-list --no-walk ee4a162272ce0fe8e9963c0123732c9bbcedcc55 # timeout=10
12:05:06 [2024-10-25T12:05:06.259Z] Loading library coreos@main
12:05:06 [2024-10-25T12:05:06.259Z] Attempting to resolve main from remote references...
12:05:06 [2024-10-25T12:05:06.259Z] > git --version # timeout=10
12:05:06 [2024-10-25T12:05:06.263Z] > git --version # 'git version 2.39.3'
12:05:06 [2024-10-25T12:05:06.263Z] > git ls-remote -- https://github.com/coreos/coreos-ci-lib.git # timeout=10
12:05:06 [2024-10-25T12:05:06.385Z] Found match: refs/heads/main revision f6b43daa3ea886c62d521f2e73c7b54758aa3a20
12:05:06 [2024-10-25T12:05:06.386Z] Selected Git installation does not exist. Using Default
12:05:06 [2024-10-25T12:05:06.386Z] The recommended git tool is: NONE
12:05:06 [2024-10-25T12:05:06.386Z] No credentials specified
12:05:06 [2024-10-25T12:05:06.387Z] > git rev-parse --resolve-git-dir /var/lib/jenkins/jobs/bodhi-trigger/workspace@libs/eab8c8246d769da45c25fe988e77e311901efaee0905c0ce1a939f7ebfe4a13b/.git # timeout=10
12:05:06 [2024-10-25T12:05:06.391Z] Fetching changes from the remote Git repository
12:05:06 [2024-10-25T12:05:06.392Z] > git config remote.origin.url https://github.com/coreos/coreos-ci-lib.git # timeout=10
12:05:06 [2024-10-25T12:05:06.396Z] Fetching without tags
12:05:06 [2024-10-25T12:05:06.396Z] Fetching upstream changes from https://github.com/coreos/coreos-ci-lib.git
12:05:06 [2024-10-25T12:05:06.396Z] > git --version # timeout=10
12:05:06 [2024-10-25T12:05:06.400Z] > git --version # 'git version 2.39.3'
12:05:06 [2024-10-25T12:05:06.400Z] > git fetch --no-tags --force --progress -- https://github.com/coreos/coreos-ci-lib.git +refs/heads/*:refs/remotes/origin/* # timeout=10
12:05:06 [2024-10-25T12:05:06.506Z] Checking out Revision f6b43daa3ea886c62d521f2e73c7b54758aa3a20 (main)
12:05:06 [2024-10-25T12:05:06.506Z] > git config core.sparsecheckout # timeout=10
12:05:06 [2024-10-25T12:05:06.511Z] > git checkout -f f6b43daa3ea886c62d521f2e73c7b54758aa3a20 # timeout=10
12:05:06 [2024-10-25T12:05:06.516Z] Commit message: "vars/checkoutToDir: fix checkout step syntax"
12:05:06 [2024-10-25T12:05:06.516Z] > git rev-list --no-walk f6b43daa3ea886c62d521f2e73c7b54758aa3a20 # timeout=10
12:05:06 [2024-10-25T12:05:06.721Z] [Pipeline] Start of Pipeline
12:05:06 [2024-10-25T12:05:06.841Z] [Pipeline] node
12:05:06 [2024-10-25T12:05:06.862Z] Running on Jenkins in /var/lib/jenkins/jobs/bodhi-trigger/workspace
12:05:06 [2024-10-25T12:05:06.909Z] [Pipeline] {
12:05:07 [2024-10-25T12:05:07.017Z] [Pipeline] checkout
12:05:07 [2024-10-25T12:05:07.036Z] Selected Git installation does not exist. Using Default
12:05:07 [2024-10-25T12:05:07.037Z] The recommended git tool is: NONE
12:05:07 [2024-10-25T12:05:07.037Z] No credentials specified
12:05:07 [2024-10-25T12:05:07.037Z] > git rev-parse --resolve-git-dir /var/lib/jenkins/jobs/bodhi-trigger/workspace/.git # timeout=10
12:05:07 [2024-10-25T12:05:07.041Z] Fetching changes from the remote Git repository
12:05:07 [2024-10-25T12:05:07.042Z] > git config remote.origin.url https://github.com/coreos/coreos-ci # timeout=10
12:05:07 [2024-10-25T12:05:07.084Z] Fetching upstream changes from https://github.com/coreos/coreos-ci
12:05:07 [2024-10-25T12:05:07.084Z] > git --version # timeout=10
12:05:07 [2024-10-25T12:05:07.088Z] > git --version # 'git version 2.39.3'
12:05:07 [2024-10-25T12:05:07.088Z] > git fetch --tags --force --progress -- https://github.com/coreos/coreos-ci +refs/heads/*:refs/remotes/origin/* # timeout=10
12:05:07 [2024-10-25T12:05:07.188Z] > git rev-parse origin/main^{commit} # timeout=10
12:05:07 [2024-10-25T12:05:07.192Z] Checking out Revision ee4a162272ce0fe8e9963c0123732c9bbcedcc55 (origin/main)
12:05:07 [2024-10-25T12:05:07.192Z] > git config core.sparsecheckout # timeout=10
12:05:07 [2024-10-25T12:05:07.196Z] > git checkout -f ee4a162272ce0fe8e9963c0123732c9bbcedcc55 # timeout=10
12:05:07 [2024-10-25T12:05:07.201Z] Commit message: "bodhi-testing: add kexec-tools and makedumpfile"
12:05:07 [2024-10-25T12:05:07.290Z] [Pipeline] readYaml
12:05:07 [2024-10-25T12:05:07.485Z] [Pipeline] withEnv
12:05:07 [2024-10-25T12:05:07.498Z] [Pipeline] {
12:05:07 [2024-10-25T12:05:07.555Z] [Pipeline] sh
12:05:07 [2024-10-25T12:05:07.996Z] + set -xeuo pipefail
12:05:07 [2024-10-25T12:05:07.996Z] ++ umask
12:05:07 [2024-10-25T12:05:07.996Z] + '[' 0022 = 0000 ']'
12:05:07 [2024-10-25T12:05:07.996Z] + rm -rf pipe
12:05:07 [2024-10-25T12:05:07.996Z] + git clone https://github.com/coreos/fedora-coreos-pipeline --depth=1 pipe
12:05:07 [2024-10-25T12:05:07.996Z] Cloning into 'pipe'...
12:05:08 [2024-10-25T12:05:08.019Z] [Pipeline] }
12:05:08 [2024-10-25T12:05:08.064Z] [Pipeline] // withEnv
12:05:08 [2024-10-25T12:05:08.087Z] [Pipeline] load
12:05:08 [2024-10-25T12:05:08.245Z] [Pipeline] { (pipe/utils.groovy)
12:05:08 [2024-10-25T12:05:08.310Z] [Pipeline] }
12:05:08 [2024-10-25T12:05:08.385Z] [Pipeline] // load
12:05:08 [2024-10-25T12:05:08.449Z] [Pipeline] readYaml
12:05:08 [2024-10-25T12:05:08.530Z] [Pipeline] withEnv
12:05:08 [2024-10-25T12:05:08.532Z] [Pipeline] {
12:05:08 [2024-10-25T12:05:08.611Z] [Pipeline] sh
12:05:08 [2024-10-25T12:05:08.873Z] + set -xeuo pipefail
12:05:08 [2024-10-25T12:05:08.873Z] ++ umask
12:05:08 [2024-10-25T12:05:08.873Z] + '[' 0022 = 0000 ']'
12:05:08 [2024-10-25T12:05:08.873Z] + curl -sSLO https://raw.githubusercontent.com/coreos/fedora-coreos-config/testing-devel/manifest.yaml
12:05:08 [2024-10-25T12:05:08.944Z] [Pipeline] }
12:05:09 [2024-10-25T12:05:09.007Z] [Pipeline] // withEnv
12:05:09 [2024-10-25T12:05:09.080Z] [Pipeline] readYaml
12:05:09 [2024-10-25T12:05:09.150Z] [Pipeline] withEnv
12:05:09 [2024-10-25T12:05:09.152Z] [Pipeline] {
12:05:09 [2024-10-25T12:05:09.205Z] [Pipeline] sh
12:05:09 [2024-10-25T12:05:09.467Z] + set -xeuo pipefail
12:05:09 [2024-10-25T12:05:09.467Z] ++ umask
12:05:09 [2024-10-25T12:05:09.467Z] + '[' 0022 = 0000 ']'
12:05:09 [2024-10-25T12:05:09.467Z] + curl -sSLO https://raw.githubusercontent.com/coreos/fedora-coreos-config/next-devel/manifest.yaml
12:05:09 [2024-10-25T12:05:09.510Z] [Pipeline] }
12:05:09 [2024-10-25T12:05:09.612Z] [Pipeline] // withEnv
12:05:09 [2024-10-25T12:05:09.671Z] [Pipeline] readYaml
12:05:09 [2024-10-25T12:05:09.810Z] [Pipeline] withEnv
12:05:09 [2024-10-25T12:05:09.813Z] [Pipeline] {
12:05:09 [2024-10-25T12:05:09.909Z] [Pipeline] sh
12:05:10 [2024-10-25T12:05:10.177Z] + set -xeuo pipefail
12:05:10 [2024-10-25T12:05:10.177Z] ++ umask
12:05:10 [2024-10-25T12:05:10.177Z] + '[' 0022 = 0000 ']'
12:05:10 [2024-10-25T12:05:10.177Z] + curl -sSLO https://raw.githubusercontent.com/coreos/fedora-coreos-config/rawhide/manifest.yaml
12:05:10 [2024-10-25T12:05:10.201Z] [Pipeline] }
12:05:10 [2024-10-25T12:05:10.321Z] [Pipeline] // withEnv
12:05:10 [2024-10-25T12:05:10.403Z] [Pipeline] readYaml
12:05:10 [2024-10-25T12:05:10.505Z] [Pipeline] }
12:05:10 [2024-10-25T12:05:10.626Z] [Pipeline] // node
12:05:10 [2024-10-25T12:05:10.701Z] [Pipeline] properties
12:05:10 [2024-10-25T12:05:10.732Z] [Pipeline] echo
12:05:10 [2024-10-25T12:05:10.735Z] Handling message: {"artifact":{"type":"koji-build-group","builds":[{"type":"koji-build","id":2570802,"task_id":124956178,"nvr":"buildah-1.37.5-1.fc40"},{"type":"koji-build","id":2574734,"task_id":125190395,"nvr":"podman-5.2.5-2.fc40"}]},"agent":"lsm5","re-trigger":false,"update":{"autokarma":true,"autotime":true,"stable_karma":3,"stable_days":14,"unstable_karma":-3,"require_bugs":true,"require_testcases":true,"display_name":"","notes":"Fixes CVE-2024-9341, CVE-2024-9407, CVE-2024-9675 and CVE-2024-9676.\n","type":"security","status":"pending","request":"testing","severity":"medium","suggest":"unspecified","locked":false,"pushed":false,"critpath":true,"critpath_groups":"critical-path-build critical-path-compose critical-path-gnome","close_bugs":true,"date_submitted":"2024-10-24 13:40:22","date_modified":"2024-10-25 12:05:05","date_approved":null,"date_testing":null,"date_stable":null,"alias":"FEDORA-2024-054752ae69","test_gating_status":"failed","from_tag":null,"date_pushed":null,"meets_testing_requirements":false,"url":"https://bodhi.fedoraproject.org/updates/FEDORA-2024-054752ae69","title":"buildah-1.37.5-1.fc40 podman-5.2.5-2.fc40","version_hash":"68e8436c2f9bc611e53830f7134acbab5d800b15","release":{"name":"F40","long_name":"Fedora 40","version":"40","id_prefix":"FEDORA","branch":"f40","dist_tag":"f40","stable_tag":"f40-updates","testing_tag":"f40-updates-testing","candidate_tag":"f40-updates-candidate","pending_signing_tag":"f40-signing-pending","pending_testing_tag":"f40-updates-testing-pending","pending_stable_tag":"f40-updates-pending","override_tag":"f40-override","mail_template":"fedora_errata_template","state":"current","composed_by_bodhi":true,"create_automatic_updates":false,"package_manager":"dnf","testing_repository":"updates-testing","released_on":null,"eol":"2025-05-13","setting_status":null},"user":{"name":"lsm5","email":"lsm5@redhat.com","id":228,"avatar":null,"openid":null,"groups":[{"name":"packager"},{"name":"ipausers"},{"name":"fedora-contributor"},{"name":"signed_fpca"},{"name":"fedorabugs"},{"name":"container-sig"},{"name":"trust admins"}]},"comments":[{"karma":0,"karma_critpath":0,"text":"This update has been submitted for testing by lsm5. ","timestamp":"2024-10-24 13:40:22","update_id":661338,"user_id":91,"id":3787454,"bug_feedback":[],"testcase_feedback":[],"user":{"name":"bodhi","email":null,"id":91,"avatar":null,"openid":null,"groups":[]}},{"karma":0,"karma_critpath":0,"text":"This update's test gating status has been changed to 'waiting'.","timestamp":"2024-10-24 13:40:24","update_id":661338,"user_id":91,"id":3787455,"bug_feedback":[],"testcase_feedback":[],"user":{"name":"bodhi","email":null,"id":91,"avatar":null,"openid":null,"groups":[]}},{"karma":0,"karma_critpath":0,"text":"lsm5 edited this update.","timestamp":"2024-10-24 13:49:00","update_id":661338,"user_id":91,"id":3787458,"bug_feedback":[],"testcase_feedback":[],"user":{"name":"bodhi","email":null,"id":91,"avatar":null,"openid":null,"groups":[]}},{"karma":0,"karma_critpath":0,"text":"This update's test gating status has been changed to 'passed'.","timestamp":"2024-10-24 15:21:50","update_id":661338,"user_id":91,"id":3787492,"bug_feedback":[],"testcase_feedback":[],"user":{"name":"bodhi","email":null,"id":91,"avatar":null,"openid":null,"groups":[]}},{"karma":0,"karma_critpath":0,"text":"This update has been pushed to testing.","timestamp":"2024-10-25 01:56:56","update_id":661338,"user_id":91,"id":3787875,"bug_feedback":[],"testcase_feedback":[],"user":{"name":"bodhi","email":null,"id":91,"avatar":null,"openid":null,"groups":[]}},{"karma":0,"karma_critpath":0,"text":"lsm5 edited this update.\n\nNew build(s):\n\n- podman-5.2.5-2.fc40\n\nRemoved build(s):\n\n- podman-5.2.5-1.fc40\n\nKarma has been reset.","timestamp":"2024-10-25 12:05:03","update_id":661338,"user_id":91,"id":3788246,"bug_feedback":[],"testcase_feedback":[],"user":{"name":"bodhi","email":null,"id":91,"avatar":null,"openid":null,"groups":[]}},{"karma":0,"karma_critpath":0,"text":"This update has been submitted for testing by lsm5. ","timestamp":"2024-10-25 12:05:04","update_id":661338,"user_id":91,"id":3788247,"bug_feedback":[],"testcase_feedback":[],"user":{"name":"bodhi","email":null,"id":91,"avatar":null,"openid":null,"groups":[]}},{"karma":0,"karma_critpath":0,"text":"This update's test gating status has been changed to 'failed'.","timestamp":"2024-10-25 12:05:05","update_id":661338,"user_id":91,"id":3788248,"bug_feedback":[],"testcase_feedback":[],"user":{"name":"bodhi","email":null,"id":91,"avatar":null,"openid":null,"groups":[]}}],"builds":[{"nvr":"buildah-1.37.5-1.fc40","signed":true,"release_id":76,"type":"rpm","epoch":2},{"nvr":"podman-5.2.5-2.fc40","signed":false,"release_id":76,"type":"rpm","epoch":0}],"bugs":[{"bug_id":2315691,"title":"CVE-2024-9341 Podman: Buildah: cri-o: FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library","security":true,"parent":true,"feedback":[]},{"bug_id":2315887,"title":"CVE-2024-9407 Buildah: Podman: Improper Input Validation in bind-propagation Option of Dockerfile RUN --mount Instruction","security":true,"parent":true,"feedback":[]},{"bug_id":2317462,"title":"CVE-2024-9675 buildah: Buildah allows arbitrary directory mount [fedora-all]","security":true,"parent":false,"feedback":[{"karma":0,"comment_id":3778169,"bug_id":2317462,"comment":{"karma":1,"karma_critpath":0,"text":"","timestamp":"2024-10-19 02:23:58","update_id":659306,"user_id":5881,"id":3778169,"testcase_feedback":[],"user":{"name":"geraldosimiao","email":"geraldo.simiao.kutz@gmail.com","id":5881,"avatar":null,"openid":null,"groups":[{"name":"qa"},{"name":"ipausers"},{"name":"fedora-contributor"},{"name":"signed_fpca"},{"name":"fedorabugs"},{"name":"ambassadors"},{"name":"fedora-br"},{"name":"advocates"},{"name":"respins-sig"}]}}},{"karma":0,"comment_id":3778952,"bug_id":2317462,"comment":{"karma":1,"karma_critpath":0,"text":"Looks fine here. Didn't confirm CVE fix.","timestamp":"2024-10-19 22:33:05","update_id":659306,"user_id":302,"id":3778952,"testcase_feedback":[],"user":{"name":"adamwill","email":"awilliam@redhat.com","id":302,"avatar":null,"openid":null,"groups":[{"name":"proventesters"},{"name":"provenpackager"},{"name":"packager"},{"name":"qa-tools-sig"},{"name":"fedora-contributor"},{"name":"news"},{"name":"gittriage"},{"name":"sysadmin"},{"name":"gitspin-kickstarts"},{"name":"signed_fpca"},{"name":"gitgeneric-release"},{"name":"yak_farmers"},{"name":"triagers"},{"name":"qa"},{"name":"sysadmin-qa"},{"name":"fedorabugs"},{"name":"ipausers"},{"name":"gitmkinitrd"},{"name":"qa-admin"},{"name":"aws-qa"},{"name":"change-wranglers"},{"name":"fedora-ci-admins"},{"name":"common-issues-triage"},{"name":"sysadmin-main"},{"name":"trust admins"},{"name":"program-management"},{"name":"gitfedora-project-schedule"}]}}}]},{"bug_id":2317464,"title":"CVE-2024-9675 podman: Buildah allows arbitrary directory mount [fedora-all]","security":true,"parent":false,"feedback":[{"karma":0,"comment_id":3778169,"bug_id":2317464,"comment":{"karma":1,"karma_critpath":0,"text":"","timestamp":"2024-10-19 02:23:58","update_id":659306,"user_id":5881,"id":3778169,"testcase_feedback":[],"user":{"name":"geraldosimiao","email":"geraldo.simiao.kutz@gmail.com","id":5881,"avatar":null,"openid":null,"groups":[{"name":"qa"},{"name":"ipausers"},{"name":"fedora-contributor"},{"name":"signed_fpca"},{"name":"fedorabugs"},{"name":"ambassadors"},{"name":"fedora-br"},{"name":"advocates"},{"name":"respins-sig"}]}}},{"karma":0,"comment_id":3778952,"bug_id":2317464,"comment":{"karma":1,"karma_critpath":0,"text":"Looks fine here. Didn't confirm CVE fix.","timestamp":"2024-10-19 22:33:05","update_id":659306,"user_id":302,"id":3778952,"testcase_feedback":[],"user":{"name":"adamwill","email":"awilliam@redhat.com","id":302,"avatar":null,"openid":null,"groups":[{"name":"proventesters"},{"name":"provenpackager"},{"name":"packager"},{"name":"qa-tools-sig"},{"name":"fedora-contributor"},{"name":"news"},{"name":"gittriage"},{"name":"sysadmin"},{"name":"gitspin-kickstarts"},{"name":"signed_fpca"},{"name":"gitgeneric-release"},{"name":"yak_farmers"},{"name":"triagers"},{"name":"qa"},{"name":"sysadmin-qa"},{"name":"fedorabugs"},{"name":"ipausers"},{"name":"gitmkinitrd"},{"name":"qa-admin"},{"name":"aws-qa"},{"name":"change-wranglers"},{"name":"fedora-ci-admins"},{"name":"common-issues-triage"},{"name":"sysadmin-main"},{"name":"trust admins"},{"name":"program-management"},{"name":"gitfedora-project-schedule"}]}}}]},{"bug_id":2318511,"title":"CVE-2024-9341 podman: FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library [fedora-40]","security":true,"parent":false,"feedback":[{"karma":0,"comment_id":3778169,"bug_id":2318511,"comment":{"karma":1,"karma_critpath":0,"text":"","timestamp":"2024-10-19 02:23:58","update_id":659306,"user_id":5881,"id":3778169,"testcase_feedback":[],"user":{"name":"geraldosimiao","email":"geraldo.simiao.kutz@gmail.com","id":5881,"avatar":null,"openid":null,"groups":[{"name":"qa"},{"name":"ipausers"},{"name":"fedora-contributor"},{"name":"signed_fpca"},{"name":"fedorabugs"},{"name":"ambassadors"},{"name":"fedora-br"},{"name":"advocates"},{"name":"respins-sig"}]}}},{"karma":0,"comment_id":3778952,"bug_id":2318511,"comment":{"karma":1,"karma_critpath":0,"text":"Looks fine here. Didn't confirm CVE fix.","timestamp":"2024-10-19 22:33:05","update_id":659306,"user_id":302,"id":3778952,"testcase_feedback":[],"user":{"name":"adamwill","email":"awilliam@redhat.com","id":302,"avatar":null,"openid":null,"groups":[{"name":"proventesters"},{"name":"provenpackager"},{"name":"packager"},{"name":"qa-tools-sig"},{"name":"fedora-contributor"},{"name":"news"},{"name":"gittriage"},{"name":"sysadmin"},{"name":"gitspin-kickstarts"},{"name":"signed_fpca"},{"name":"gitgeneric-release"},{"name":"yak_farmers"},{"name":"triagers"},{"name":"qa"},{"name":"sysadmin-qa"},{"name":"fedorabugs"},{"name":"ipausers"},{"name":"gitmkinitrd"},{"name":"qa-admin"},{"name":"aws-qa"},{"name":"change-wranglers"},{"name":"fedora-ci-admins"},{"name":"common-issues-triage"},{"name":"sysadmin-main"},{"name":"trust admins"},{"name":"program-management"},{"name":"gitfedora-project-schedule"}]}}}]},{"bug_id":2318514,"title":"CVE-2024-9341 buildah: FIPS Crypto-Policy Directory Mounting Issue in containers/common Go Library [fedora-40]","security":true,"parent":false,"feedback":[{"karma":0,"comment_id":3778169,"bug_id":2318514,"comment":{"karma":1,"karma_critpath":0,"text":"","timestamp":"2024-10-19 02:23:58","update_id":659306,"user_id":5881,"id":3778169,"testcase_feedback":[],"user":{"name":"geraldosimiao","email":"geraldo.simiao.kutz@gmail.com","id":5881,"avatar":null,"openid":null,"groups":[{"name":"qa"},{"name":"ipausers"},{"name":"fedora-contributor"},{"name":"signed_fpca"},{"name":"fedorabugs"},{"name":"ambassadors"},{"name":"fedora-br"},{"name":"advocates"},{"name":"respins-sig"}]}}},{"karma":0,"comment_id":3778952,"bug_id":2318514,"comment":{"karma":1,"karma_critpath":0,"text":"Looks fine here. Didn't confirm CVE fix.","timestamp":"2024-10-19 22:33:05","update_id":659306,"user_id":302,"id":3778952,"testcase_feedback":[],"user":{"name":"adamwill","email":"awilliam@redhat.com","id":302,"avatar":null,"openid":null,"groups":[{"name":"proventesters"},{"name":"provenpackager"},{"name":"packager"},{"name":"qa-tools-sig"},{"name":"fedora-contributor"},{"name":"news"},{"name":"gittriage"},{"name":"sysadmin"},{"name":"gitspin-kickstarts"},{"name":"signed_fpca"},{"name":"gitgeneric-release"},{"name":"yak_farmers"},{"name":"triagers"},{"name":"qa"},{"name":"sysadmin-qa"},{"name":"fedorabugs"},{"name":"ipausers"},{"name":"gitmkinitrd"},{"name":"qa-admin"},{"name":"aws-qa"},{"name":"change-wranglers"},{"name":"fedora-ci-admins"},{"name":"common-issues-triage"},{"name":"sysadmin-main"},{"name":"trust admins"},{"name":"program-management"},{"name":"gitfedora-project-schedule"}]}}}]},{"bug_id":2319017,"title":"CVE-2024-9676 buildah: symlink traversal vulnerability in the containers/storage library can cause Denial of Service (DoS) [fedora-all]","security":true,"parent":false,"feedback":[{"karma":0,"comment_id":3778169,"bug_id":2319017,"comment":{"karma":1,"karma_critpath":0,"text":"","timestamp":"2024-10-19 02:23:58","update_id":659306,"user_id":5881,"id":3778169,"testcase_feedback":[],"user":{"name":"geraldosimiao","email":"geraldo.simiao.kutz@gmail.com","id":5881,"avatar":null,"openid":null,"groups":[{"name":"qa"},{"name":"ipausers"},{"name":"fedora-contributor"},{"name":"signed_fpca"},{"name":"fedorabugs"},{"name":"ambassadors"},{"name":"fedora-br"},{"name":"advocates"},{"name":"respins-sig"}]}}},{"karma":0,"comment_id":3778952,"bug_id":2319017,"comment":{"karma":1,"karma_critpath":0,"text":"Looks fine here. Didn't confirm CVE fix.","timestamp":"2024-10-19 22:33:05","update_id":659306,"user_id":302,"id":3778952,"testcase_feedback":[],"user":{"name":"adamwill","email":"awilliam@redhat.com","id":302,"avatar":null,"openid":null,"groups":[{"name":"proventesters"},{"name":"provenpackager"},{"name":"packager"},{"name":"qa-tools-sig"},{"name":"fedora-contributor"},{"name":"news"},{"name":"gittriage"},{"name":"sysadmin"},{"name":"gitspin-kickstarts"},{"name":"signed_fpca"},{"name":"gitgeneric-release"},{"name":"yak_farmers"},{"name":"triagers"},{"name":"qa"},{"name":"sysadmin-qa"},{"name":"fedorabugs"},{"name":"ipausers"},{"name":"gitmkinitrd"},{"name":"qa-admin"},{"name":"aws-qa"},{"name":"change-wranglers"},{"name":"fedora-ci-admins"},{"name":"common-issues-triage"},{"name":"sysadmin-main"},{"name":"trust admins"},{"name":"program-management"},{"name":"gitfedora-project-schedule"}]}}}]},{"bug_id":2319019,"title":"CVE-2024-9676 podman: symlink traversal vulnerability in the containers/storage library can cause Denial of Service (DoS) [fedora-all]","security":true,"parent":false,"feedback":[{"karma":0,"comment_id":3778169,"bug_id":2319019,"comment":{"karma":1,"karma_critpath":0,"text":"","timestamp":"2024-10-19 02:23:58","update_id":659306,"user_id":5881,"id":3778169,"testcase_feedback":[],"user":{"name":"geraldosimiao","email":"geraldo.simiao.kutz@gmail.com","id":5881,"avatar":null,"openid":null,"groups":[{"name":"qa"},{"name":"ipausers"},{"name":"fedora-contributor"},{"name":"signed_fpca"},{"name":"fedorabugs"},{"name":"ambassadors"},{"name":"fedora-br"},{"name":"advocates"},{"name":"respins-sig"}]}}},{"karma":0,"comment_id":3778952,"bug_id":2319019,"comment":{"karma":1,"karma_critpath":0,"text":"Looks fine here. Didn't confirm CVE fix.","timestamp":"2024-10-19 22:33:05","update_id":659306,"user_id":302,"id":3778952,"testcase_feedback":[],"user":{"name":"adamwill","email":"awilliam@redhat.com","id":302,"avatar":null,"openid":null,"groups":[{"name":"proventesters"},{"name":"provenpackager"},{"name":"packager"},{"name":"qa-tools-sig"},{"name":"fedora-contributor"},{"name":"news"},{"name":"gittriage"},{"name":"sysadmin"},{"name":"gitspin-kickstarts"},{"name":"signed_fpca"},{"name":"gitgeneric-release"},{"name":"yak_farmers"},{"name":"triagers"},{"name":"qa"},{"name":"sysadmin-qa"},{"name":"fedorabugs"},{"name":"ipausers"},{"name":"gitmkinitrd"},{"name":"qa-admin"},{"name":"aws-qa"},{"name":"change-wranglers"},{"name":"fedora-ci-admins"},{"name":"common-issues-triage"},{"name":"sysadmin-main"},{"name":"trust admins"},{"name":"program-management"},{"name":"gitfedora-project-schedule"}]}}}]}],"updateid":"FEDORA-2024-054752ae69","karma":0,"content_type":"rpm","test_cases":[]}}
12:05:10 [2024-10-25T12:05:10.746Z] [Pipeline] readJSON
12:05:10 [2024-10-25T12:05:10.950Z] [Pipeline] libraryResource
12:05:10 [2024-10-25T12:05:10.978Z] [Pipeline] readJSON
12:05:11 [2024-10-25T12:05:11.100Z] [Pipeline] node
12:05:11 [2024-10-25T12:05:11.111Z] Running on Jenkins in /var/lib/jenkins/jobs/bodhi-trigger/workspace
12:05:11 [2024-10-25T12:05:11.230Z] [Pipeline] {
12:05:11 [2024-10-25T12:05:11.308Z] [Pipeline] writeYaml
12:05:11 [2024-10-25T12:05:11.375Z] [Pipeline] readFile
12:05:11 [2024-10-25T12:05:11.422Z] [Pipeline] }
12:05:11 [2024-10-25T12:05:11.537Z] [Pipeline] // node
12:05:11 [2024-10-25T12:05:11.573Z] [Pipeline] podTemplate
12:05:11 [2024-10-25T12:05:11.602Z] [Pipeline] {
12:05:11 [2024-10-25T12:05:11.712Z] [Pipeline] node
12:05:17 [2024-10-25T12:05:17.042Z] Created Pod: openshift coreos-ci/pod-79e82e7a-f788-4c0c-89c5-fcb691443505-7wqsk-n1v8m
12:05:26 [2024-10-25T12:05:26.320Z] Agent pod-79e82e7a-f788-4c0c-89c5-fcb691443505-7wqsk-n1v8m is provisioned from template pod-79e82e7a-f788-4c0c-89c5-fcb691443505-7wqsk
12:05:26 [2024-10-25T12:05:26.321Z] ---
12:05:26 [2024-10-25T12:05:26.321Z] apiVersion: "v1"
12:05:26 [2024-10-25T12:05:26.321Z] kind: "Pod"
12:05:26 [2024-10-25T12:05:26.321Z] metadata:
12:05:26 [2024-10-25T12:05:26.321Z] annotations:
12:05:26 [2024-10-25T12:05:26.321Z] buildUrl: "http://172.30.130.216:80/job/bodhi-trigger/1114/"
12:05:26 [2024-10-25T12:05:26.321Z] runUrl: "job/bodhi-trigger/1114/"
12:05:26 [2024-10-25T12:05:26.321Z] labels:
12:05:26 [2024-10-25T12:05:26.321Z] jenkins: "slave"
12:05:26 [2024-10-25T12:05:26.321Z] jenkins/label-digest: "05b9f970f85e733dddd7d7f1c2e807fe67a10a2c"
12:05:26 [2024-10-25T12:05:26.321Z] jenkins/label: "pod-79e82e7a-f788-4c0c-89c5-fcb691443505"
12:05:26 [2024-10-25T12:05:26.321Z] name: "pod-79e82e7a-f788-4c0c-89c5-fcb691443505-7wqsk-n1v8m"
12:05:26 [2024-10-25T12:05:26.321Z] namespace: "coreos-ci"
12:05:26 [2024-10-25T12:05:26.321Z] spec:
12:05:26 [2024-10-25T12:05:26.321Z] containers:
12:05:26 [2024-10-25T12:05:26.321Z] - command:
12:05:26 [2024-10-25T12:05:26.321Z] - "/usr/bin/dumb-init"
12:05:26 [2024-10-25T12:05:26.321Z] - "/usr/bin/sleep"
12:05:26 [2024-10-25T12:05:26.321Z] - "infinity"
12:05:26 [2024-10-25T12:05:26.321Z] env:
12:05:26 [2024-10-25T12:05:26.321Z] - name: "NCPUS"
12:05:26 [2024-10-25T12:05:26.321Z] value: "0.1"
12:05:26 [2024-10-25T12:05:26.321Z] image: "quay.io/coreos-assembler/coreos-assembler:main"
12:05:26 [2024-10-25T12:05:26.321Z] imagePullPolicy: "Always"
12:05:26 [2024-10-25T12:05:26.321Z] name: "worker"
12:05:26 [2024-10-25T12:05:26.321Z] resources:
12:05:26 [2024-10-25T12:05:26.321Z] limits:
12:05:26 [2024-10-25T12:05:26.321Z] cpu: "0.1"
12:05:26 [2024-10-25T12:05:26.321Z] requests:
12:05:26 [2024-10-25T12:05:26.321Z] cpu: "0.1"
12:05:26 [2024-10-25T12:05:26.321Z] volumeMounts:
12:05:26 [2024-10-25T12:05:26.321Z] - mountPath: "/srv/"
12:05:26 [2024-10-25T12:05:26.321Z] name: "emptydir-0"
12:05:26 [2024-10-25T12:05:26.321Z] - mountPath: "/home/jenkins/agent"
12:05:26 [2024-10-25T12:05:26.321Z] name: "workspace-volume"
12:05:26 [2024-10-25T12:05:26.321Z] readOnly: false
12:05:26 [2024-10-25T12:05:26.321Z] - env:
12:05:26 [2024-10-25T12:05:26.321Z] - name: "JENKINS_SECRET"
12:05:26 [2024-10-25T12:05:26.321Z] value: "********"
12:05:26 [2024-10-25T12:05:26.321Z] - name: "JENKINS_TUNNEL"
12:05:26 [2024-10-25T12:05:26.321Z] value: "172.30.136.1:50000"
12:05:26 [2024-10-25T12:05:26.321Z] - name: "JENKINS_AGENT_NAME"
12:05:26 [2024-10-25T12:05:26.321Z] value: "pod-79e82e7a-f788-4c0c-89c5-fcb691443505-7wqsk-n1v8m"
12:05:26 [2024-10-25T12:05:26.321Z] - name: "JENKINS_NAME"
12:05:26 [2024-10-25T12:05:26.321Z] value: "pod-79e82e7a-f788-4c0c-89c5-fcb691443505-7wqsk-n1v8m"
12:05:26 [2024-10-25T12:05:26.321Z] - name: "JENKINS_AGENT_WORKDIR"
12:05:26 [2024-10-25T12:05:26.321Z] value: "/home/jenkins/agent"
12:05:26 [2024-10-25T12:05:26.321Z] - name: "JENKINS_URL"
12:05:26 [2024-10-25T12:05:26.321Z] value: "http://172.30.130.216:80/"
12:05:26 [2024-10-25T12:05:26.321Z] image: "jenkins-agent-base:latest"
12:05:26 [2024-10-25T12:05:26.321Z] name: "jnlp"
12:05:26 [2024-10-25T12:05:26.321Z] resources:
12:05:26 [2024-10-25T12:05:26.321Z] limits:
12:05:26 [2024-10-25T12:05:26.321Z] memory: "512Mi"
12:05:26 [2024-10-25T12:05:26.321Z] cpu: "1"
12:05:26 [2024-10-25T12:05:26.321Z] requests:
12:05:26 [2024-10-25T12:05:26.321Z] memory: "512Mi"
12:05:26 [2024-10-25T12:05:26.321Z] cpu: "1"
12:05:26 [2024-10-25T12:05:26.321Z] volumeMounts:
12:05:26 [2024-10-25T12:05:26.321Z] - mountPath: "/home/jenkins/agent"
12:05:26 [2024-10-25T12:05:26.321Z] name: "workspace-volume"
12:05:26 [2024-10-25T12:05:26.321Z] readOnly: false
12:05:26 [2024-10-25T12:05:26.321Z] nodeSelector:
12:05:26 [2024-10-25T12:05:26.321Z] kubernetes.io/os: "linux"
12:05:26 [2024-10-25T12:05:26.321Z] restartPolicy: "Never"
12:05:26 [2024-10-25T12:05:26.321Z] serviceAccountName: "default"
12:05:26 [2024-10-25T12:05:26.321Z] volumes:
12:05:26 [2024-10-25T12:05:26.321Z] - emptyDir: {}
12:05:26 [2024-10-25T12:05:26.321Z] name: "emptydir-0"
12:05:26 [2024-10-25T12:05:26.321Z] - emptyDir:
12:05:26 [2024-10-25T12:05:26.321Z] medium: ""
12:05:26 [2024-10-25T12:05:26.321Z] name: "workspace-volume"
12:05:26 [2024-10-25T12:05:26.321Z]
12:05:26 [2024-10-25T12:05:26.596Z] Running on pod-79e82e7a-f788-4c0c-89c5-fcb691443505-7wqsk-n1v8m in /home/jenkins/agent/workspace/bodhi-trigger
12:05:26 [2024-10-25T12:05:26.623Z] [Pipeline] {
12:05:26 [2024-10-25T12:05:26.673Z] [Pipeline] container
12:05:26 [2024-10-25T12:05:26.681Z] [Pipeline] {
12:05:26 [2024-10-25T12:05:26.822Z] [Pipeline] withEnv
12:05:26 [2024-10-25T12:05:26.825Z] [Pipeline] {
12:05:26 [2024-10-25T12:05:26.944Z] [Pipeline] sh
12:05:27 [2024-10-25T12:05:27.957Z] + set -xeuo pipefail
12:05:27 [2024-10-25T12:05:27.957Z] ++ umask
12:05:27 [2024-10-25T12:05:27.957Z] + '[' 0022 = 0000 ']'
12:05:27 [2024-10-25T12:05:27.958Z] + cat /cosa/coreos-assembler-git.json
12:05:27 [2024-10-25T12:05:27.958Z] {
12:05:27 [2024-10-25T12:05:27.958Z] "date": "2024-10-24T12:28:07Z",
12:05:27 [2024-10-25T12:05:27.958Z] "git": {
12:05:27 [2024-10-25T12:05:27.958Z] "commit": "7653b933cb50bc6edf66862857e8764aac1ba3cc",
12:05:27 [2024-10-25T12:05:27.958Z] "origin": "https://github.com/coreos/coreos-assembler.git",
12:05:27 [2024-10-25T12:05:27.958Z] "branch": "HEAD",
12:05:27 [2024-10-25T12:05:27.958Z] "dirty": "false"
12:05:27 [2024-10-25T12:05:27.958Z] },
12:05:27 [2024-10-25T12:05:27.958Z] "file": {
12:05:27 [2024-10-25T12:05:27.958Z] "checksum": "d3a4e94af675778d5d95236dc21896319c1b225fbbfc79be6477324c66f41836",
12:05:27 [2024-10-25T12:05:27.958Z] "checksum_type": "sha256",
12:05:27 [2024-10-25T12:05:27.958Z] "format": "tar.gz",
12:05:27 [2024-10-25T12:05:27.958Z] "name": "coreos-assembler-git.tar.gz",
12:05:27 [2024-10-25T12:05:27.958Z] "size": "9982132"
12:05:27 [2024-10-25T12:05:27.958Z] }
12:05:27 [2024-10-25T12:05:27.958Z] }
12:05:28 [2024-10-25T12:05:28.227Z] [Pipeline] }
12:05:28 [2024-10-25T12:05:28.415Z] [Pipeline] // withEnv
12:05:28 [2024-10-25T12:05:28.472Z] [Pipeline] stage
12:05:28 [2024-10-25T12:05:28.484Z] [Pipeline] { (Report Running)
12:05:28 [2024-10-25T12:05:28.585Z] [Pipeline] withCredentials
12:05:28 [2024-10-25T12:05:28.594Z] Masking supported pattern matches of $RDB_PASSWORD
12:05:28 [2024-10-25T12:05:28.641Z] [Pipeline] {
12:05:28 [2024-10-25T12:05:28.707Z] [Pipeline] withEnv
12:05:28 [2024-10-25T12:05:28.718Z] [Pipeline] {
12:05:28 [2024-10-25T12:05:28.799Z] [Pipeline] sh
12:05:29 [2024-10-25T12:05:29.643Z] + set -xeuo pipefail
12:05:29 [2024-10-25T12:05:29.644Z] ++ umask
12:05:29 [2024-10-25T12:05:29.644Z] + '[' 0022 = 0000 ']'
12:05:29 [2024-10-25T12:05:29.644Z] + /usr/lib/coreos-assembler/resultsdb-report --testcase cosa.build-and-test --testcase-url https://jenkins-coreos-ci.apps.ocp.fedoraproject.org//job/test-override --testrun-url https://jenkins-coreos-ci.apps.ocp.fedoraproject.org//job/test-override --outcome RUNNING --advisory FEDORA-2024-054752ae69 --stream testing-devel
12:05:32 [2024-10-25T12:05:32.211Z] [Pipeline] }
12:05:32 [2024-10-25T12:05:32.317Z] [Pipeline] // withEnv
12:05:32 [2024-10-25T12:05:32.373Z] [Pipeline] }
12:05:32 [2024-10-25T12:05:32.420Z] [Pipeline] // withCredentials
12:05:32 [2024-10-25T12:05:32.438Z] [Pipeline] }
12:05:32 [2024-10-25T12:05:32.483Z] [Pipeline] // stage
12:05:32 [2024-10-25T12:05:32.521Z] [Pipeline] stage
12:05:32 [2024-10-25T12:05:32.535Z] [Pipeline] { (Test)
12:05:32 [2024-10-25T12:05:32.566Z] [Pipeline] build
12:05:32 [2024-10-25T12:05:32.569Z] Scheduling project: test-override
12:05:34 [2024-10-25T12:05:34.939Z] Starting building: test-override #1134
13:42:39 [2024-10-25T13:42:39.611Z] Build test-override #1134 completed: SUCCESS
13:42:39 [2024-10-25T13:42:39.645Z] [Pipeline] }
13:42:39 [2024-10-25T13:42:39.838Z] [Pipeline] // stage
13:42:40 [2024-10-25T13:42:40.029Z] [Pipeline] stage
13:42:40 [2024-10-25T13:42:40.063Z] [Pipeline] { (Report Completion)
13:42:40 [2024-10-25T13:42:40.303Z] [Pipeline] withCredentials
13:42:40 [2024-10-25T13:42:40.329Z] Masking supported pattern matches of $RDB_PASSWORD
13:42:40 [2024-10-25T13:42:40.566Z] [Pipeline] {
13:42:40 [2024-10-25T13:42:40.770Z] [Pipeline] withEnv
13:42:40 [2024-10-25T13:42:40.801Z] [Pipeline] {
13:42:40 [2024-10-25T13:42:40.995Z] [Pipeline] sh
13:42:41 [2024-10-25T13:42:41.887Z] + set -xeuo pipefail
13:42:41 [2024-10-25T13:42:41.887Z] ++ umask
13:42:41 [2024-10-25T13:42:41.887Z] + '[' 0022 = 0000 ']'
13:42:41 [2024-10-25T13:42:41.887Z] + /usr/lib/coreos-assembler/resultsdb-report --testcase cosa.build-and-test --testcase-url https://jenkins-coreos-ci.apps.ocp.fedoraproject.org//job/test-override --testrun-url https://jenkins-coreos-ci.apps.ocp.fedoraproject.org//blue/organizations/jenkins/test-override/detail/test-override/1134 --outcome PASSED --advisory FEDORA-2024-054752ae69 --stream testing-devel
13:42:43 [2024-10-25T13:42:43.828Z] [Pipeline] }
13:42:44 [2024-10-25T13:42:44.041Z] [Pipeline] // withEnv
13:42:44 [2024-10-25T13:42:44.161Z] [Pipeline] }
13:42:44 [2024-10-25T13:42:44.332Z] [Pipeline] // withCredentials
13:42:44 [2024-10-25T13:42:44.489Z] [Pipeline] withCredentials
13:42:44 [2024-10-25T13:42:44.533Z] Masking supported pattern matches of $TOKEN
13:42:44 [2024-10-25T13:42:44.642Z] [Pipeline] {
13:42:44 [2024-10-25T13:42:44.867Z] [Pipeline] withEnv
13:42:44 [2024-10-25T13:42:44.895Z] [Pipeline] {
13:42:45 [2024-10-25T13:42:45.033Z] [Pipeline] sh
13:42:45 [2024-10-25T13:42:45.910Z] + set -xeuo pipefail
13:42:45 [2024-10-25T13:42:45.910Z] ++ umask
13:42:45 [2024-10-25T13:42:45.910Z] + '[' 0022 = 0000 ']'
13:42:45 [2024-10-25T13:42:45.910Z] + curl -X POST -H 'Content-Type: application/json' -u **** https://maubot.apps.ocp.fedoraproject.org/plugin/nonbot-coreos/send --silent -d '
13:42:45 [2024-10-25T13:42:45.911Z] {
13:42:45 [2024-10-25T13:42:45.911Z] "body": "���� buildah-1.37.5-1.fc40 - [����](https://jenkins-coreos-ci.apps.ocp.fedoraproject.org//blue/organizations/jenkins/test-override/detail/test-override/1134) [����](https://bodhi.fedoraproject.org/updates/FEDORA-2024-054752ae69)"
13:42:45 [2024-10-25T13:42:45.911Z] }'
13:42:46 [2024-10-25T13:42:46.543Z] [Pipeline] }
13:42:46 [2024-10-25T13:42:46.834Z] [Pipeline] // withEnv
13:42:46 [2024-10-25T13:42:46.915Z] [Pipeline] }
13:42:47 [2024-10-25T13:42:47.243Z] [Pipeline] // withCredentials
13:42:47 [2024-10-25T13:42:47.386Z] [Pipeline] }
13:42:47 [2024-10-25T13:42:47.626Z] [Pipeline] // stage
13:42:47 [2024-10-25T13:42:47.699Z] [Pipeline] }
13:42:47 [2024-10-25T13:42:47.946Z] [Pipeline] // container
13:42:48 [2024-10-25T13:42:48.029Z] [Pipeline] }
13:42:48 [2024-10-25T13:42:48.309Z] [Pipeline] // node
13:42:48 [2024-10-25T13:42:48.410Z] [Pipeline] }
13:42:48 [2024-10-25T13:42:48.572Z] [Pipeline] // podTemplate
13:42:48 [2024-10-25T13:42:48.666Z] [Pipeline] End of Pipeline
13:42:48 [2024-10-25T13:42:48.844Z] Finished: SUCCESS
![[Jenkins]](/static/8398155c/images/svgs/logo.svg){kind=logo}
