From 3f8ddcafab537ff0a2a8ed3a9de85f880468f718 Mon Sep 17 00:00:00 2001
From: eabdullin <ed.abdullin.1@gmail.com>
Date: Tue, 25 Nov 2025 06:21:40 +0000
Subject: [PATCH] import UBI buildah-1.41.6-1.el10_1

---
 .gitignore   |  2 +-
 buildah.spec | 16 +++++++++++++---
 sources      |  2 +-
 3 files changed, 15 insertions(+), 5 deletions(-)

diff --git a/.gitignore b/.gitignore
index 15f7328..913d87d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1 @@
-release-1.41-ee5b574.tar.gz
+release-1.41-2ece502.tar.gz
diff --git a/buildah.spec b/buildah.spec
index a8c9716..2f19d73 100644
--- a/buildah.spec
+++ b/buildah.spec
@@ -11,7 +11,7 @@
 
 %global import_path github.com/containers/buildah
 %global branch release-1.41
-%global commit0 ee5b5742b0c5f8c879b140146b93971bb6a0d385
+%global commit0 2ece502d92acf1b3fab0fdf2329c41652440bf40
 %global shortcommit0 %(c=%{commit0}; echo ${c:0:7})
 
 %if %{defined fedora}
@@ -37,10 +37,10 @@ Epoch: 2
 # If that's what you're reading, Version must be 0, and will be updated by Packit for
 # copr and koji builds.
 # If you're reading this on dist-git, the version is automatically filled in by Packit.
-Version: 1.41.4
+Version: 1.41.6
 # The `AND` needs to be uppercase in the License for SPDX compatibility
 License: Apache-2.0 AND BSD-2-Clause AND BSD-3-Clause AND ISC AND MIT AND MPL-2.0
-Release: 2%{?dist}
+Release: 1%{?dist}
 %if %{defined golang_arches_future}
 ExclusiveArch: %{golang_arches_future}
 %else
@@ -193,6 +193,16 @@ rm %{buildroot}%{_datadir}/%{name}/test/system/tools/build/*
 %{_datadir}/%{name}/test
 
 %changelog
+* Thu Nov 20 2025 Jindrich Novy <jnovy@redhat.com> - 2:1.41.6-1
+- update to the latest content of https://github.com/containers/buildah/tree/release-1.41
+  (https://github.com/containers/buildah/commit/2ece502)
+- fixes "[Minor Incident] CVE-2025-52881 buildah: container escape and denial of service due to arbitrary write gadgets and procfs write redirects [rhel-10.1.z]"
+- Resolves: RHEL-126634
+
+* Thu Nov 20 2025 Jindrich Novy <jnovy@redhat.com> - 2:1.41.4-3
+- rebuild for CVE-2025-58183
+- Resolves: RHEL-125628
+
 * Tue Sep 23 2025 Jindrich Novy <jnovy@redhat.com> - 2:1.41.4-2
 - rebuild as the last build was built in the wrong tag
 - Related: RHEL-115167
diff --git a/sources b/sources
index 5d68272..84fcde6 100644
--- a/sources
+++ b/sources
@@ -1 +1 @@
-SHA512 (release-1.41-ee5b574.tar.gz) = 00cb2164bd07b25ab407eaa0793226e3aaf0431510715d3fe91e445601f48119f8c60eda362ac732a2c0510db4a2965558ac37abb0179791f9d160a0c61b957b
+SHA512 (release-1.41-2ece502.tar.gz) = b7fdf263da906c6f226691f7cb2d9fadf02bc1396ffd19f8f64ee206b89f60f65c0aa84975842205a21925dd82a0b48272103fb4daf773ae11373c5821ff41a1