All, On August 23rd it was discovered that the credentials for several robot service accounts with write-access to the container-images could have leaked. Upon discovery, the credentials were invalidated. The earliest possible leak opportunity was around March 10th, 2022. While the investigation is ongoing, initial inspection of the images seem to indicate it is unlikely any credentials had actually been discovered and/or used to manipulate images. Nevertheless, out of an abundance of caution, all possibly-affected images will be disabled. quay.io/containers/podman : tags v3 - v4 quay.io/containers/buildah : tags v1.23.1 - v1.31.0 quay.io/containers/skopeo : tags v1.5.2 - v1.13.1 quay.io/podman/stable : tags v1.6 - v4.6.0 quay.io/podman/hello:latest SHA256 afda668e706a (<= Aug 2, 2023) quay.io/buildah/stable : tags v1.23.3 - 1.31.0 quay.io/skopeo/stable : tags v1.3.0 - 1.13.1 We realize this issue has the potential to impact not only direct, but also indirect use, such as base-images. The safety and integrity of these images has and must take priority. At this time, all images have been disabled. We will restore originals and/or rebuild fresh copies based on further safety analysis. We expect analysis to be complete and/or known-safe images restored, before Sept. 8th. Though please keep in mind the research is ongoing, and the situation remains somewhat fluid. When the examination work is complete, or if any manipulation is discovered, we will issue further updates. Thank you in advance for your patients and understanding.