CBL-Mariner/SPECS/docbook-style-dsssl/docbook-style-dsssl.signatu...

{
 "Signatures": {
  "LICENSE.PTR": "db70d4b9d5666648eff6e57328ab1f7a32646700fde77e9f97c06fa8017d7a17",
  "docbook-dsssl-1.79.tar.gz": "d5a199024a5fe0862bfaff9e3533817cd8d08bddf3cdfb5bfe6088cbb2cd62b3",
  "docbook-style-dsssl.Makefile": "563662f6a3a0777f1ac037a0aebcfcdf7e9c8a8d3e042e69a33edffc0bcae1f1"
 }
}
[main] Add SPECS-EXTENDED folder and populate with 2159 packages (#1754) * Add specs-extended collection * Update log4j for CVE-2021-44228 2021-12-13 21:40:12 +03:00			`{`
			`"Signatures": {`
Moving PHP from SPECS-EXTENDED to SPECS (#3820) * Only build bond against x86_64 architecture (#1800) (#1801) * fix bond build break for ARM64 on main branch * fix bond build break for ARM64 on main branch * fix bond build break for ARM64 on main branch Co-authored-by: nicolas guibourge <nicolasg@microsoft.com> Co-authored-by: nicolas guibourge <nicolasg@microsoft.com> * [main extended] Enable libguestfs (#1970) * Remove libreport support from mdadm * Conditionally pull in perl-Sys-Virt test deps * Fix dependency resolution for ocaml-ctypes * Upgrade to latest ocaml-gettext * Fix ocaml-ounit build * Upgrade ocaml-base to latest * Upgrade ocaml-migrate-parsetree to latest * Upgrade ocaml-stdio to 0.15.0 * Upgrade ocaml-parsexp to 0.15.0 * Upgrade ocaml-ppxlib to 0.24.0 * Upgrade ocaml-sexplib to 0.15.0 * Upgrade ocaml-sexplib0 to 0.15.0 * Upgrade supermin to 5.2.1 * Fixup libguestfs patches and configuration * [main extended] Fix dnf-plugins-core, ocaml-findlib builds (#1950) * [main] Removing in-spec sources verification using `libguestfs.keyring`. (#1971) * kernel: Update Mariner cert in kernel keyring (#1979) * kernel: Update mariner cert in kernel keyring * kernel-hyperv: Update mariner cert in kernel keyring * kernel-headers: Bump to match kernel release number * kernel-signed: Bump to match kernel release Signed-off-by: Chris Co <chrco@microsoft.com> * lttng-consume: disable tests to fix build break (#1980) Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com> * Revert "Upgrading Parted to v3.4" (#1966) * Revert "Upgrading Parted to v3.4 (#1898)" This reverts commit 24382cfa6efa5cbdbbac777f22041612c57df9c6. * verifying license to unblock upgrade revert pr * Temporary: Add python3-distro to azurevm-packages packagelist (#2016) * Upgrade libmemcached, memcached and promote to core specs (#1981) * kernel-signed: workaround errant .build-id file (#2032) After the upgrade to RPM 4.17, when building on ARM64 only, we are observing an unexpected /usr/lib/debug/.build-id/xx/yyyy.debug file being packaged into the kernel.rpm package. This errant file is causing build errors when repackaging in the kernel-signed build phase. This patch workarounds the build issue by specifically excluding the /usr/lib/debug/.build-id folder when building for ARM64. More investigation underway to identify why this unexpect /usr/lib/debug/.build-id/xx/yyyy.debug file is being included. Signed-off-by: Chris Co <chrco@microsoft.com> * Fix grubby build with newer versions of RPM (#2036) * Update libgit2 to latest upstream version 1.1.0 (#2021) Signed-off-by: Kate Goldenring <kagold@microsoft.com> * Fix build break (signature) for libgit2 * Fix TDNF download of packages during libguestfs build * Replace perl(Locale::TextDomain) BR in libguestfs with actual package * [main] Fixing tooling issues during package candidates resolution. (#2091) * Fix dependency constraints, UUID parsing in libguestfs (#2113) * Bring over libguestfs changes from 2.0 * Fix selinux-policy, file bugs in libguestfs * kernel: Update input aarch64 config file (#2358) ARM64 kernel package builds are failing due to a config diff missing between the expected config and the actual config file. Add missing CONFIG_USBIP_VUDC line Signed-off-by: Chris Co <chrco@microsoft.com> * Revert "[main] Update envoy to v1.21.0 (#2330)" This reverts commit 5c0c47a867c39cd8f53f2680f5460e615d76366b. * toolkit only - use local /run folder in chroot instead of mounted tmpfs (#2435) * toolkit - use local /run folder in chroot instead of mounted tmpfs * address PR comments * address PR comments * address PR comments Co-authored-by: Nicolas Guibourge <nicolasg@microsoft.com> * [main] iperf3: Update to 3.11 (#2512) * Update iperf3 to 3.11 * toolchain: Remove alsa-lib (#2543) * Fix post-install script args in imageconfig being ignored (#2414) * Upgrade nodejs to 16.14.0 (#2485) * upgrade nodejs to 16.14.0 * upgrade nodejs to 16.14.0 * upgrade nodejs to 16.14.0 * upgrade nodejs Co-authored-by: Nicolas Guibourge <nicolasg@microsoft.com> * [main] upgrading libarchive to v3.6.0 (#2515) * upgrading libarchive to v3.6.0 * removing patch file * adding missing URL * fixing URL * [2.0] Modify pam to require audit-libs (#2572) * update pam * update manifests * install audit-libs before systemd (#2584) * Revert "install audit-libs before systemd (#2584)" This reverts commit 217097585286b756144d91d46e45f892e58526ba. * Build rubygems with ruby to fix build error in pipeline (#2601) * Add rubygems to build with ruby to fix build error in pipeline * Remove bundler requirement * [main] Adding `--assumeyes` for TDNF calls. (#2641) (#2642) * Fix bad ruby merge issue * Revert "python3: Add python-unversioned-command subpackage (#2637)" This reverts commit b62bb32bef2981406522b8da5b6a992808fb393a. * dnf-plugins-core: Fix bad python path in cmake call (#2658) * dnf-plugins-core: Fix bad python path in cmake call * Update license map * Empty commit to trigger GH checks * Unblock build, exclude SymCrypt from ARM64 * Update python requirement in azurevm packagelist for 2.0 (#2667) * Revert "Unblock build, exclude SymCrypt from ARM64" This reverts commit 9b0a48fc52ffd296bbf5340cc95d2ce3d6d099e4. * Repair toolkit merge issue * fix boringssl license issue (#2775) * revert arm64 exclusion workaround (#2769) * [main] Build break workaround. (#2788) * Revert "fix boringssl license issue (#2775)" This reverts commit 50b3397168fcbfcb270644b64de68d39f15985ab. * Remove boringssl to reconcile with main branch * [main] Fixing installation paths with new version of Ruby. (#2859) * vim: Fix vi provides with reversed EVR (#2872) * cri-o: Replace openSUSE systemd macros with Mariner's (#2874) * toolchain: Rebuild audit with systemd-bootstrap-rpm-macros installed (#2878) * toolchain: Rebuild audit with systemd-bootstrap-rpm-macros installed * audit: Add BR on systemd-bootstrap-rpm-macros * [2.0] Cherry-pick credscan failure caused by unattended installer image config (#2908) * minor fix to build doc (#2907) Co-authored-by: Henry Li <lihl@microsoft.com> * fix image config json (#2906) Co-authored-by: Henry Li <lihl@microsoft.com> Co-authored-by: Henry Li <lihl@microsoft.com> * download msopenjdk-11 from prod folder (#2921) * Cherry Pick build fixes to Extended (#3105) * ARM64 `buildah` and `edk2` blocked packages fix. (#3101) * Adding missing signature for `perl-Module-Install-Repository`. (#3086) Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com> * Python-twisted: upgrade to version 22.4.0 to fix CVE-2022-24801 (#3079) * python-twisted upgrade to 22.4.0 to fix CVE-2022-24801 * python-twisted upgrade to 22.4.0 to fix CVE-2022-24801 * python-twisted upgrade to 22.4.0 to fix CVE-2022-24801 * python-twisted upgrade to 22.4.0 to fix CVE-2022-24801 Co-authored-by: Nicolas Guibourge <nicolasg@microsoft.com> * upgrading vim to 8.2.4979 for CVE-2022-1619, CVE-2022-1621, CVE-2022-… (#3087) * upgrading vim to 8.2.4979 for CVE-2022-1619, CVE-2022-1621, CVE-2022-1629, CVE-2022-1616, CVE-2022-1733, CVE-2022-1735, CVE-2022-1769, CVE-2022-1620, CVE-2022-1674, CVE-2022-1771, CVE-2022-1785, CVE-2022-1796 * upgrading vim to 8.2.4979 for CVE-2022-1619, CVE-2022-1621, CVE-2022-1629, CVE-2022-1616, CVE-2022-1733, CVE-2022-1735, CVE-2022-1769, CVE-2022-1620, CVE-2022-1674, CVE-2022-1771, CVE-2022-1785, CVE-2022-1796 * upgrading vim to 8.2.4979 for CVE-2022-1619, CVE-2022-1621, CVE-2022-1629, CVE-2022-1616, CVE-2022-1733, CVE-2022-1735, CVE-2022-1769, CVE-2022-1620, CVE-2022-1674, CVE-2022-1771, CVE-2022-1785, CVE-2022-1796 Co-authored-by: Nicolas Guibourge <nicolasg@microsoft.com> * Updating `vim` to version 8.2.5064. (#3112) * Bump Mariner Release (#3140) * Revert "Add missing e2fsprogs dep to cloud-init (#3141)" This reverts commit 7417d8a04fc716763e40e8e405eb68b60464c57a. Reverting this change temporarily because we are not ready to upgrade cloud-init * Revert "cloud-init: uprev to 22.2 (#3104)" This reverts commit 3bcdc43b8f21082c7fb19a6286ff341bf627cb2c. Reverting this change temporarily because we are not ready to upgrade cloud-init. * Fix build errors caused by ncurses 6.3 upgrade (#3184) * Fix ARM64 Build Break (#3191) * t1lib: Fix SRPM packing (#3192) * Revert "cloud-init: patch for CVE-2022-2084 (#3281)" This reverts commit e3174308e7fa883c3dc52182da13c66355607aea. * Revert "Revert "cloud-init: uprev to 22.2 (#3104)"" This reverts commit ae3a7d80afa0f1694aa7e782b51f97f13abb7bc6. * Revert "Revert "Add missing e2fsprogs dep to cloud-init (#3141)"" This reverts commit 68bd0ec8d78dadc954851ad00c6039bcb608bcaa. * Revert "Revert "cloud-init: patch for CVE-2022-2084 (#3281)"" This reverts commit 0b1ba723bc5cbf6cc5623faccb4057254761a6ae. * Revert "Initial KeysInUse Integration (#3182)" This reverts commit 7de96f680a89ca8a7d3a6bfa4c8f291ea459b2f9. * Updating 'mariner-release' version for July update 2. (#3444) * remove provides from unsigned grub2 (#3461) Co-authored-by: Henry Li <lihl@microsoft.com> * Updating 'mariner-release' for the August release. * Updating licenses after the 'main' merge. * KeysInUse: re-introduce package back to 2.0. (#3531) * Update helm version 3.9.3 (#3586) * Update helm version 3.9.3 * Fix helm version info not displaying correctly * fix cloud-init dependency issue (#3606) * `mariadb`: update to v10.6.9 to fix CVE-2022-32091, CVE-2022-32081 (#3645) * fix npm version in nodejs.spec (#3571) * upgrade vim to 9.0.0232 (#3580) * qemu : fix CVE-2022-35414 (#3597) * qemu : fix CVE-2022-35414 * address PR comment Co-authored-by: Nicolas Guibourge <nicolasg@microsoft.com> * libxml2 and python-lxml: fix CVE-2022-2309 (#3583) * libxml2 and python-lxml: fix CVE-2022-2309 * libxml2 and python-lxml: fix CVE-2022-2309 * address PR comments Co-authored-by: Nicolas Guibourge <nicolasg@microsoft.com> * rubygem-yajl-ruby: fix CVE 2022 24795 (#3598) * rubygem-yajl-ruby : fix CVE-2022-24795 * rubygem-yajl-ruby : fix CVE-2022-24795 * back port patch from 1.4.1 * fix spec issue * address PR comments Co-authored-by: Nicolas Guibourge <nicolasg@microsoft.com> * Update cert-manager to v1.7.3. (#3575) - Update cert-manager to v1.7.3. - Split cert-manager binaries into separate packages. - Remove cert-manager build dependency on Bazel and just build the binaries directly using `go build`. This makes building easier. Also, the latest upstream version of cert-manager does this. - Use the Go "vendor" directory for Go dependencies instead of dumping files in the global Go cache. * Bump supported go versions to 1.17.13, 1.18.5 to fix fifteen CVEs (#3600) Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com> * dpkd: bump version to 21.11.2 to address CVE-2022-2132 (#3631) * dpkd: bump version to 21.11.2 to address CVE-2022-2132 * dpdk: cgmanifest: update entry Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com> * `vim`: upgrade to 9.0.0325 to fix CVE-2022-2980, CVE-2022-2982, CVE-2022-2923, CVE-2022-2946 (#3643) * `python3`: fix CVE-2015-20107 (#3644) * `python3`: fix CVE-2021-28861 (#3654) * `colord`: fix CVE-2021-42523 (#3675) * `virglrenderer`: fix CVE-2022-0135 (#3674) * libtar: Pull misc Fedora patches, fix CVE-2021-33643, CVE-2021-33644, CVE-2021-33645, CVE-2021-33646 (#3686) * Apply Fedora patches * Apply linter * Use upstream patch * Patch qemu CVE-2021-4158 (#3696) * libtar: Fixup spec formatting, remove .la files, remove explicit provides (#3698) * Fixup libtar spec formatting, .la files, provides * Add comment so we can track CVE fixes * update mariner-release to 2.0-19 (#3723) * fix br in libvirt (#3726) * Added nopatch to libtirpc for CVE-2021-46828 (#3779) Co-authored-by: Nick Samson <nisamson@microsoft.com> * update mariner-release to 2.0-21 (#3778) * revert changes for adding sysinit.target dependency (#3777) * Expat fix CVE-2022-40674 (#3799) Co-authored-by: Betty Lakes <bettylakes@microsoft.com> * bump mariner-release to 2.0-21 * switching branches * Ensure rpm-* ABI compatibility (#3880) * Ensure `python3-rpm` pulls in appropriate libs * Add rpm-build-libs -> rpm-libs dependency too * Declare release `4.18.0-2` with fixes * toolkit.mk: fix 'clean-rpms-snapshot' target. (#3843) * 7.4.14 to 8.1.11; need to delete the old SPECS-EXTENDED folders * php 8.1.11 build now * removed libraries from SPECS-EXTENDED * merged current 2.0; added changelog for php & updated other licenses; need to verify changelog for php & version thing olivia said * update cgmanifest.json * reresolving old mr comments * updated hunspell to fix CVE; added aspell patch to fix CVE; fixed some PHP linting issues * one linting fix * removed commented-out modphp code; updated changelog * debugging url issues * trying 2sec timeout instead of 1sec * echoing to txt log * undoing validate-cg-manifests.sh changes; trying new url * resolving mr comments * updating malaga in cgmanifest * trying source-git's mirror * trying with local tarball * trying with local tarball * using blob storage * Delete bad_registrations.txt * updating tokyocabinet url * changing branches * resolving conflicts with upstream/main * mr comments * updating cgmanifest * actually fixing validate_cg_manifest.sh * Delete php-8.1.11.tar.xz.asc * Delete php-keyring.gpg Signed-off-by: Chris Co <chrco@microsoft.com> Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com> Signed-off-by: Kate Goldenring <kagold@microsoft.com> Co-authored-by: nicolas guibourge <nicogbg@gmail.com> Co-authored-by: nicolas guibourge <nicolasg@microsoft.com> Co-authored-by: Jon Slobodzian <joslobo@microsoft.com> Co-authored-by: Thomas Crain <thcrain@microsoft.com> Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com> Co-authored-by: Christopher Co <35273088+christopherco@users.noreply.github.com> Co-authored-by: Muhammad Falak R Wani <falakreyaz@gmail.com> Co-authored-by: Max Brodeur-Urbas <35381493+MaxBrodeurUrbas@users.noreply.github.com> Co-authored-by: Kate Goldenring <kate.goldenring@microsoft.com> Co-authored-by: rlmenge <rachelmenge@microsoft.com> Co-authored-by: Vince Perri <5596945+vinceaperri@users.noreply.github.com> Co-authored-by: Andrew Phelps <anphel31@users.noreply.github.com> Co-authored-by: Neha Agarwal <58672330+neha170@users.noreply.github.com> Co-authored-by: Olivia Crain <olivia@olivia.dev> Co-authored-by: Henry Li <69694695+henryli001@users.noreply.github.com> Co-authored-by: Henry Li <lihl@microsoft.com> Co-authored-by: CBL-Mariner Servicing Account <cblmargh@microsoft.com> Co-authored-by: chalamalasetty <42326515+chalamalasetty@users.noreply.github.com> Co-authored-by: Nan Liu <108544011+liunan-ms@users.noreply.github.com> Co-authored-by: Henry Beberman <henry.beberman@microsoft.com> Co-authored-by: Cameron E Baird <cameronbaird@microsoft.com> Co-authored-by: Chris Gunn <chrisgun@microsoft.com> Co-authored-by: Daniel McIlvaney <damcilva@microsoft.com> Co-authored-by: Nick Samson <nick.samson@microsoft.com> Co-authored-by: Nick Samson <nisamson@microsoft.com> Co-authored-by: Minghe Ren <mingheren@microsoft.com> Co-authored-by: Betty <38226164+BettyRain@users.noreply.github.com> Co-authored-by: Betty Lakes <bettylakes@microsoft.com> Co-authored-by: Andrew Phelps <anphel@microsoft.com> Co-authored-by: Andy Caldwell <andycaldwell@microsoft.com> 2022-10-13 02:00:03 +03:00			`"LICENSE.PTR": "db70d4b9d5666648eff6e57328ab1f7a32646700fde77e9f97c06fa8017d7a17",`
[main] Add SPECS-EXTENDED folder and populate with 2159 packages (#1754) * Add specs-extended collection * Update log4j for CVE-2021-44228 2021-12-13 21:40:12 +03:00			`"docbook-dsssl-1.79.tar.gz": "d5a199024a5fe0862bfaff9e3533817cd8d08bddf3cdfb5bfe6088cbb2cd62b3",`
			`"docbook-style-dsssl.Makefile": "563662f6a3a0777f1ac037a0aebcfcdf7e9c8a8d3e042e69a33edffc0bcae1f1"`
			`}`
			`}`