30de780751
Upgrade Kata packages
2024-08-30 22:16:11 +00:00
7c3fb026bc
Refactor kata(-cc) packages: img for Kata
2024-08-30 22:02:28 +00:00
2fab057215
Refactor kata(-cc) packages #8
2024-08-19 19:12:15 +00:00
4db1161806
Refactor kata(-cc) packages #7
2024-08-08 21:10:53 +00:00
9bbd71e0de
Refactor kata(-cc) packages #6
2024-07-25 23:52:14 +00:00
9348ccc6e4
Refactor kata(-cc) packages #5
2024-07-24 00:17:06 +00:00
00da57fdfc
Refactor kata(-cc) packages #4
2024-06-11 23:03:38 +00:00
23a131fbfe
Refactor kata(-cc) packages #3
2024-06-10 23:25:02 +00:00
e6b9d37e5a
Refactor kata(-cc) packages #2
2024-06-10 22:11:55 +00:00
548b1269dd
Refactor kata(-cc) packages
2024-06-10 19:36:07 +00:00
6b57d92440
Fix Fluent-bit issues #8198 and #8025 ( #9121 )
...
Fixes https://microsoft.visualstudio.com/OS/_workitems/edit/50531424
2024-06-07 02:09:50 +05:30
0d51af78bb
[AUTO-CHERRYPICK] CVE-2022-34169: docbook-style-xsl - upgrade embedded xalan jar from 2.7.2 to 2.7.3 (fasttrrack/2.0) - branch main ( #9308 )
...
Co-authored-by: bfjelds <bfjelds@microsoft.com>
2024-06-06 11:28:44 -07:00
4e90dd61c1
kata(-cc): upgrade to LSG release v2405.9.2 ( #9261 )
...
Co-authored-by: Dallas Delaney <dadelan@microsoft.com>
Co-authored-by: CBL-Mariner Servicing Account <cblmargh@microsoft.com>
2024-06-05 12:40:57 -07:00
7763977729
[AUTO-CHERRYPICK] Patch dhcp for CVE-2023-2828 - branch main ( #9306 )
...
Co-authored-by: Sumynwa <sumsharma@microsoft.com>
2024-06-05 11:58:19 +05:30
ec2c66e0fa
[AUTO-CHERRYPICK] Patch apparmor for CVE-2024-31755 - branch main ( #9302 )
...
Co-authored-by: Sumynwa <sumsharma@microsoft.com>
2024-06-05 11:57:29 +05:30
ff0a669b98
[AUTO-CHERRYPICK] hvloader: address openssl related CVEs (CVE-2023-0286, CVE-2023-0215, CVE-2022-4450, CVE-2022-4304) - branch main ( #9303 )
...
Co-authored-by: Archana Choudhary <36061892+arc9693@users.noreply.github.com>
2024-06-05 11:05:59 +05:30
5f33b4845c
[AUTO-CHERRYPICK] reaper: address CVE-2024-4068 - branch main ( #9298 )
...
Co-authored-by: Archana Choudhary <36061892+arc9693@users.noreply.github.com>
2024-06-05 11:05:47 +05:30
d03e5fd81f
[AUTO-CHERRYPICK] Fix fluent-bit CVE-2024-34250 with a patch - branch main ( #9293 )
...
Co-authored-by: sindhu-karri <33163197+sindhu-karri@users.noreply.github.com>
2024-06-05 10:23:17 +05:30
3eef9c87e1
openssl: only free buffers when done ( #9309 )
2024-06-04 15:21:33 -07:00
4246a18833
Revert "Fixed Perl automatic requires and provides. ( #9226 )"
...
This reverts commit 6b8eb01bf0
2024-06-04 00:09:50 -04:00
ed62ba9d97
Revert "Enable KNI module in DPDK build ( #9246 )"
...
This reverts commit 84f1470398
2024-06-04 00:08:36 -04:00
3a41e97aed
Add stable release maintainers to CODEOWNERS ( #7564 )
...
Update main branch CODEOWNERS file to require CBL-Mariner-Stable-Maintainers team review for all files in this branch since PRs targeting main are going to our next 2.0 stable release.
2024-06-03 19:29:33 -07:00
a264db1f75
Patch moby-engine to address CVE-2023-44487 ( #9276 )
2024-06-03 10:52:43 -07:00
a6539502f3
python-requests: patch CVE-2024-35195. ( #9238 )
...
Co-authored-by: lanzeliu <lanzeliu@microsoft.com>
2024-06-03 09:17:01 -07:00
513297d3dc
upgrade rubygem-rexml to 3.2.7 to resolve CVE-2024-35176 ( #9282 )
...
Co-authored-by: minghe <rmhsawyer>
2024-05-31 17:03:13 -07:00
6e4ebc6899
update and correct ruby CVE-2024035176.patch ( #9280 )
...
Co-authored-by: minghe <rmhsawyer>
2024-05-31 16:28:37 -07:00
db8f0137f6
Address kernel CVE-2022-38096, CVE-2023-47233, CVE-2023-52827, CVE-2024-25739, CVE-2024-26900, CVE-2024-26902, CVE-2024-26929, CVE-2024-26934, CVE-2024-26949, CVE-2024-26952, CVE-2024-26979, CVE-2024-27013, CVE-2024-27015, CVE-2024-27016, CVE-2024-27018, CVE-2024-27019, CVE-2024-27020, CVE-2024-35978, CVE-2024-35982, CVE-2024-35984, CVE-2024-35990, CVE-2024-35997, CVE-2024-36008 ( #9270 )
...
Address CVE-2022-38096, CVE-2023-47233, CVE-2023-52827, CVE-2024-25739, CVE-2024-26900, CVE-2024-26902, CVE-2024-26929, CVE-2024-26934, CVE-2024-26949, CVE-2024-26952, CVE-2024-26979, CVE-2024-27013, CVE-2024-27015, CVE-2024-27016, CVE-2024-27018, CVE-2024-27019, CVE-2024-27020, CVE-2024-35978, CVE-2024-35982, CVE-2024-35984, CVE-2024-35990, CVE-2024-35997, CVE-2024-36008
2024-05-31 10:21:15 -07:00
ebc77031e5
Patch CVE-2024-26147 for cert-manager ( #9268 )
2024-05-30 18:57:31 -07:00
47df6748d9
add patch for ruby CVE-2024-35176 ( #9267 )
...
Co-authored-by: minghe <rmhsawyer>
Co-authored-by: Mykhailo Bykhovtsev <108374904+mbykhovtsev-ms@users.noreply.github.com>
2024-05-30 17:49:12 -07:00
84f1470398
Enable KNI module in DPDK build ( #9246 )
2024-05-30 08:33:04 -07:00
3304dc254a
Patch nodejs18 to address CVE-2023-21100 ( #9250 )
2024-05-29 14:58:04 -07:00
07800afe35
Address hyperv-daemons CVE-2024-26951, CVE-2024-26961, CVE-2024-26965, CVE-2024-26966, CVE-2024-26973, CVE-2024-26977, CVE-2024-26984, CVE-2024-26993, CVE-2024-27000, CVE-2024-27018, CVE-2024-35848, CVE-2024-35912, CVE-2024-36008 ( #9216 )
...
Address CVE-2024-26951, CVE-2024-26961, CVE-2024-26965, CVE-2024-26966, CVE-2024-26973, CVE-2024-26977, CVE-2024-26984, CVE-2024-26993, CVE-2024-27000, CVE-2024-27018, CVE-2024-35848, CVE-2024-35912, CVE-2024-36008
2024-05-29 14:32:23 -07:00
f0b8294283
[AUTOPATCHER-kernel] Kernel upgrade to version 5.15.159.1 - branch main ( #9187 )
2024-05-29 14:31:46 -07:00
222de009ea
add patch for rubygem-rexml CVE-2024-35176 ( #9242 )
...
Co-authored-by: minghe <rmhsawyer>
2024-05-29 14:11:36 -07:00
fea7c96a84
moby-compose: Fix CVE-2024-24786, CVE-2024-23650, CVE-2023-2253 ( #9239 )
2024-05-28 17:05:34 -07:00
ac45317296
[AUTO-CHERRYPICK] graphviz: address CVE-2023-46045 & CVE-2020-18032 - branch main ( #9129 )
...
Co-authored-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
2024-05-28 15:01:40 -07:00
e86c9c1d13
[AUTO-CHERRYPICK] pytorch: Add patch for CVE-2024-27318 - branch main ( #9130 )
...
Co-authored-by: Sumynwa <sumsharma@microsoft.com>
2024-05-28 15:01:09 -07:00
f344024065
[AUTO-CHERRYPICK] [AUTOPATCHER-CORE] Upgrade fluent-bit to 2.2.3 to fix CVE-2024-4323 - branch main ( #9237 )
2024-05-28 15:00:50 -07:00
dc5da04c2b
[2.0] Resolve telegraf CVE-2024-27289 ( #9235 )
...
Co-authored-by: Henry Li <lihl@microsoft.com>
2024-05-28 12:41:26 -07:00
c5d244ff28
[2.0] Upgrade cri-o to v1.22.3 to resolve regressed CVE-2022-0811 ( #9191 )
...
Co-authored-by: Henry Li <lihl@microsoft.com>
2024-05-28 12:41:17 -07:00
a7e75e15aa
add azl-compliance package ( #9213 )
...
Adds the azl-compliance package to our distro. This will be used to harden images for FIPS and FedRAMP.
2024-05-28 11:35:53 -07:00
4c410bbcd1
[AUTO-CHERRYPICK] python-werkzeug: Patch CVE-2024-34069 - branch main ( #9118 )
...
Co-authored-by: Jonathan Behrens <jbehrens@microsoft.com>
2024-05-28 09:57:50 -07:00
14d8692ef9
libvirt: Patch for CVE-2024-4418 ( #9197 )
2024-05-28 09:08:43 -07:00
4b86ac16fd
cups: patch CVE-2022-26691. ( #9168 )
...
Co-authored-by: lanzeliu <lanzeliu@microsoft.com>
2024-05-28 09:01:28 -07:00
61c7a0b9b4
Fix CVE-2023-48795 in moby-compose by patching vendor packages ( #9232 )
2024-05-28 20:01:00 +05:30
a6e63391b5
update python h5py to fix build break caused by recent to HDF5 update ( #9223 )
2024-05-27 10:51:43 -07:00
1dbde42485
Bump Mariner 2.0 Release for June 2024 Update ( #9230 )
2024-05-27 08:16:08 -04:00
6b8eb01bf0
Fixed Perl automatic requires and provides. ( #9226 )
2024-05-26 22:20:56 -07:00
c3ccae590e
[AUTO-CHERRYPICK] [AUTOPATCHER-CORE] Upgrade git to 2.39.4 Fix CVE-2024-32002, CVE-2024-32004, CVE-2024-32020, CVE-2024-32021, CVE-2024-32465 - branch main ( #9215 )
2024-05-27 10:46:25 +05:30
6d11efd8d2
[AUTO-CHERRYPICK] Add patch to add network interface renaming support for CAPM3 Met - branch main ( #9132 )
...
Co-authored-by: sharath-srikanth-chellappa <115591284+sharath-srikanth-chellappa@users.noreply.github.com>
2024-05-24 14:33:38 -07:00
CBL-Mariner Servicing Account
Manuel Huber
sindhu-karri
CBL-Mariner-Bot
Saul Paredes
Tobias Brick
jslobodzian
Christopher Co
Mitch Zhu
Lanze Liu
Minghe Ren
Rachel Menge
Mykhailo Bykhovtsev
Dinesh Kumar Ramasamy
corvus-callidus
Henry Li
J Camposeco
Bala
Riken Maharjan
Pawel Winogrodzki