Граф коммитов

17 Коммитов

Автор SHA1 Сообщение Дата
Sumynwa 80a582c7db
jx: Add patch to resolve CVE-2023-45288 (#10225) 2024-08-27 11:10:10 +05:30
Muhammad Falak R Wani 6359c27c2d
treewide: *.spec: switch Distribution to Azure Linux (#7606)
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
2024-02-06 12:14:23 -08:00
nicolas guibourge c732954ec0
[mariner 3.0] spec upgrades - batch1 (#6646)
Co-authored-by: CBL-Mariner Servicing Account <cblmargh@microsoft.com>
2023-12-01 20:42:59 -05:00
Nan Liu 15bf461433
Fix golang CVE-2023-29409, CVE-2023-39318, CVE-2023-39319, CVE-2023-39323, CVE-2023-39533 (#6470) 2023-10-31 14:50:57 -07:00
Pawel Winogrodzki 01547eeed5
Fixed CVE-2023-44487 in `nginx` and `golang` (CP of #6381) (#6395)
* Fixed CVE-2023-44487 in `nginx` and `golang` (#6381)

Co-authored-by: Dan Streetman <ddstreet@ieee.org>
Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>

* Bumping 'kubernetes'.

---------

Co-authored-by: Dan Streetman <ddstreet@microsoft.com>
Co-authored-by: Dan Streetman <ddstreet@ieee.org>
2023-10-12 14:22:26 -07:00
Muhammad Falak R Wani e2ad74a2ca
Upgrade golang to 1.19.12 to address CVE-2023-29409 (#5946)
* golang: introduce patch to permit requests with invalid host headers

Reference: https://go-review.googlesource.com/c/go/+/518855
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
2023-08-16 10:15:25 +05:30
CBL-Mariner-Bot 78e1d24d47
Upgrade golang to 1.19.11 to fix CVE-2023-29406 (#5828) 2023-07-13 13:55:07 -07:00
CBL-Mariner-Bot c5a190f783
[AUTOPATCHER-CORE] Upgrade golang to 1.19.10 Address CVE-2023-24540, CVE-2023-29402, CVE-2023-29403, CVE-2023-29404, CVE-2023-29405 (#5689)
* Upgrade golang to 1.19.10 Adress CVEs

* Fix changelog

---------

Co-authored-by: Mitch Zhu <mitchzhu@microsoft.com>
2023-06-20 13:39:41 -07:00
Muhammad Falak R Wani a364e616af
golang: upgrade to 1.19.8 to address CVE-2023-24534, CVE-2023-24536, CVE-2023-24537, CVE-2023-24538 (#5228)
Reference: https://github.com/golang/go/issues?q=milestone%3AGo1.19.8+label%3ASecurity
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
2023-04-05 21:38:04 +05:30
CBL-Mariner-Bot 42a2d6d72d
Upgrade golang to 1.19.7 to address CVE-2023-24532 (#5160)
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
2023-03-28 13:20:34 +05:30
CBL-Mariner-Bot 768aae23e3
Upgrade golang to 1.19.6 Address CVE-2022-41722, CVE-2022-41724, CVE-2022-41725, CVE-2022-41723 (#5096)
Co-authored-by: Rakshaa Viswanathan <46165429+rakshaa2000@users.noreply.github.com>
2023-03-17 21:20:58 +05:30
CBL-Mariner-Bot 5ed28413bb
[AUTOPATCHER-CORE] Upgrade golang to 1.19.5 upgrade to latest - (#4759)
* Upgrade golang to 1.19.5 upgrade to latest

* remove release bump of spec that should stay on golang 1.18.8 or below
2023-02-03 20:56:43 +01:00
CBL-Mariner-Bot 63c1d45e66
[AUTOPATCHER-CORE] Upgrade golang to 1.19.4 upgrade to latest - (#4643)
* Upgrade golang to 1.19.4 upgrade to latest

* fix issues due to golang 1.19.4 upgrade

* re-add CVE-2022-41717.patch which is required by golang 1.17 spec

* clean up gh dependencies
2023-01-19 18:37:17 +01:00
Daniel McIlvaney 449fbf1b41
Patch golang to resolve CVE-2022-41717 (#4457)
* Patch golang to resolve CVE-2022-41717
2022-12-19 12:17:43 -08:00
Olivia Crain a828f488f8
Upgrade golang to 1.18.8 to fix CVE-2022-2879, CVE-2022-2880, CVE-2022-41715, CVE-2022-27664, CVE-2022-32190 (#4157) 2022-11-01 16:37:38 -07:00
Olivia Crain fdc6619ad3
Bump supported go versions to 1.17.13, 1.18.5 to fix fifteen CVEs (#3600)
Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>
2022-08-24 09:01:02 -07:00
chalamalasetty a0830b9c38
Add command line tool jx SPEC (#3218) 2022-06-22 18:14:59 -07:00