microsoft
/
CBL-Mariner
зеркало из https://github.com/microsoft/CBL-Mariner.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность
6 191 коммит 960 Ветки 457 Теги 848 MiB
Граф коммитов

6191 Коммитов

Автор SHA1 Сообщение Дата
Sindhu Karri 50da9336af Fix CVE-2024-5991 2024-09-02 15:36:07 +00:00
Rohit Rawat 7e1a176f1b
Add patch to fix CVE-2024-43788 in python-tensorboard (#10316) 2024-09-02 17:27:29 +05:30
Sam Meluch 31f1cafb41
Filter out debuginfo packages when running sodiff (#6698) (#10295) 
Co-authored-by: Sam Meluch <sam.meluch@microsoft.com>
 2024-08-30 15:27:06 -05:00
Neha Agarwal 4c0f5c4e36
remove unused source signature: plexus-utils (#10306) 2024-08-30 13:22:51 -07:00
Neha Agarwal 230d668743
remove unused source signature: rabbitmq-server (#10305) 2024-08-30 11:58:17 -07:00
Andrew Phelps e9ceede2ec
libsafec: upgrade to 3.8.1 (#10296) 2024-08-30 11:55:55 -07:00
Neha Agarwal 2cf25b8c83
add perl-Match-Simple and perl-Sub-Infix (#10261) 2024-08-30 11:49:21 -07:00
CBL-Mariner-Bot d6a21a1d2b
[AUTOPATCHER-kernel-rt] Kernel RT upgrade to version 6.6.44.1-rt39 - branch 3.0-dev (#10141) 2024-08-30 14:43:40 -04:00
jozzsi b2de6be6db
kernel-uki: remove usrmount from initrd (#10168) 2024-08-30 10:42:35 -07:00
Andrew Phelps 9280cc7932
Makefile: fix typo clean-imggen (#10300) 2024-08-29 23:48:10 -07:00
Andrew Phelps 538e181a00
fix ocaml test issues (#10298) 2024-08-29 23:47:36 -07:00
Rachel Menge cad86954ea
Enable check section for glibc (#10277) 
Previously, the glibc check section caused major failures for the builds. However, these no longer exisit. To enable these tests, address conflicting gcc flags and turn off the macro which prevents check section for glibc. Note there are still 3 tests which need to be invetigated for failures.

The patch prevents the error
c1: error: '-Wformat-security' ignored without '-Wformat' [-Werror=format-security]
The error occurs when glibc is compiled with -Wformat-security which requires -Wformat and thus conflicts with tests which use -Wno-format

The new results from the check section should be
Summary of test results:
3 FAIL : nptl/tst-cancel1, io/tst-lchmod, nptl/tst-mutex10
5040 PASS
152 UNSUPPORTED
12 XFAIL
8 XPASS
 2024-08-29 18:46:31 -07:00
Chris Gunn d7765f9441
Image Customizer: Add tests for Azure Linux 3.0. (#10249) 
Allow the functional tests to accept both Azure Linux 2.0 and 3.0 image versions as input. Then, for the features that have different behavior based on the image version, ensure the tests for those features cover both image versions.
 2024-08-29 17:34:19 -07:00
Neha Agarwal 5f41f3f519
remove unused source signature (#10293) 2024-08-29 16:56:43 -07:00
Neha Agarwal 420429bb1d
remove unused source signature from extra-cmake-modules (#10292) 2024-08-29 14:56:32 -07:00
Pawel Winogrodzki 2667db1fc9
Fixed `nbdkit` test-time dependency on `/sbin/ss`. (#10290) 2024-08-29 14:06:37 -07:00
Pawel Winogrodzki a878f87999
Fixed `nghttp2` test-time dependency on `CUnit`. (#10289) 2024-08-29 13:55:04 -07:00
bfjelds e4836b25b8
tensorflow: CVE-2024-7592 (#10246) 2024-08-29 10:31:07 -07:00
Dallas Delaney e073c74219
vte291: patch CVE-2024-37535 (#10275) 
Co-authored-by: Dallas Delaney <dadelan@example.com>
 2024-08-29 05:55:37 -07:00
Cameron E Baird 280394afcf
nginx: Address CVE-2024-7347 (#10194) 2024-08-28 11:18:39 -07:00
Neha Agarwal 91ddec4076
perl-sub-name update to v0.27 (#10265) 2024-08-28 09:17:01 -07:00
Neha Agarwal c95622bdf6
move perl strictures and bareword-filehandles (#10268) 2024-08-28 09:16:51 -07:00
Neha Agarwal 800bb6c027
port perl-IO-String from extended into core (#10271) 2024-08-28 09:16:46 -07:00
Neha Agarwal 94d8b0edae
port perl modules from extended into core - part 6 (#10272) 2024-08-28 09:16:38 -07:00
Pawel Winogrodzki 82aa2945bd
Fixed `numpy` ptests. Added `python3-pyproject-metadata`. (#10270) 2024-08-27 15:15:09 -07:00
Lanze Liu d47dc39ac7
ImageCustomizer: Implement new MIC Overlays APIs. (#10138) 
Authored-by: lanzeliu <lanzeliu@microsoft.com>
 2024-08-27 15:13:42 -07:00
Daniel McIlvaney 27fdcfbf79
fix: use static search path for toolchain GPG keys during validation (#10269) 2024-08-27 13:59:31 -07:00
Neha Agarwal 4aeda01dbe
port perl module from extended into core: part-4 (#10260) 2024-08-27 08:32:49 -07:00
Bala 45c19e2e8e
Fix CVE-2024-6104 in cert-manager by patching vendor gomodules (#9994) 2024-08-27 16:24:51 +05:30
suresh-thelkar 8bfbc334c4
Fix nfs-utils to build rsc.svcgssd and provide the missing rpc-gssd (#10256) 2024-08-27 12:04:21 +05:30
Sumynwa 83698c93d5
multus: Add patch to resolve CVE-2023-3978 (#10206) 2024-08-27 11:10:25 +05:30
Sumynwa 80a582c7db
jx: Add patch to resolve CVE-2023-45288 (#10225) 2024-08-27 11:10:10 +05:30
Sumynwa 3da6b0cffa
unbound: Add patch to resolve CVE-2024-33655 (#10254) 2024-08-27 11:07:20 +05:30
bhagyapathak 5216feb6fc
Fix for CVE-2024-39908 in rubygem-rexml (#10188) 2024-08-27 09:47:28 +05:30
Neha Agarwal cded74d345
move perl-indirect from extended to core (#10259) 2024-08-26 17:55:01 -07:00
Neha Agarwal 5f00fec23e
port perl module from extended into core: part-3 (#10258) 2024-08-26 17:54:52 -07:00
Neha Agarwal c30db97b61
port perl modules from extended to core (#10233) 2024-08-26 15:48:58 -07:00
Cameron E Baird 34254ef77a
edk2: Deprecate hvloader; introduce edk2-hvloader (#10221) 2024-08-26 14:43:37 -07:00
CBL-Mariner-Bot 7c7a878515
[AUTOPATCHER-kernel] Kernel CVE - branch 3.0-dev - CVE-2024-39472 (#10250) 2024-08-26 14:05:02 -07:00
sindhu-karri a4bed8eb86
Upgrade and build samba in 3.0 (#10109) 2024-08-26 22:30:30 +05:30
bfjelds b047e722ac
libnbd: CVE-2024-7383 (azl 3) (#10181) 2024-08-26 07:44:50 -07:00
Muhammad Falak R Wani 0cfd540f54
sysstat: upgrade 12.7.4 -> 12.7.6 to address CVE-2018-19416 (#10245) 
Changelog: https://github.com/sysstat/sysstat/blob/v12.7.6/CHANGES
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
 2024-08-26 06:42:24 +05:30
Christopher Co bde321f1ea
fix: change bfq patch to select "none" scheduler as default (#10240) 
On Azure, it is recommended to use an i/o scheduler that passes the scheduling decisions to the underlying Hyper-V hypervisor. In our case, we should use the "none" scheduler, which is also ideal for fast random I/O devices like NVMe. So we update Fedora's bfq patch to change the udev rule to select "none" instead of Fedora's default Budget Fair Queuing (bfq) and rename the patch from referencing "bfq" to "none".

https://learn.microsoft.com/en-us/windows-server/virtualization/hyper-v/best-practices-for-running-linux-on-hyper-v#use-io-scheduler-noopnone-for-better-disk-io-performance

Signed-off-by: Chris Co <chrco@microsoft.com>
 2024-08-23 18:26:53 -07:00
Cameron E Baird 3c01c0a79f
dracut: Drop disable-xattr dracut patch, introduce config to optionally enable it (#10070) 
Signed-off-by: Chris Co <chrco@microsoft.com>
Co-authored-by: Chris Co <chrco@microsoft.com>
 2024-08-23 17:39:34 -07:00
Daniel McIlvaney db9a27ce48
Toolkit: Fix readdirent toolchain errors for reusable chroots (#10222) 2024-08-23 09:59:21 -07:00
Sumynwa 9db64babe7
libsndfile: Add patch to resolve CVE-2022-33065 (#10242) 2024-08-23 15:21:44 +05:30
CBL-Mariner-Bot 36bb0399c2
[AUTOPATCHER-kernel] Kernel upgrade to version 6.6.47.1 - branch 3.0-dev (#10239) 
Co-authored-by: Rachel Menge <rachelmenge@microsoft.com>
 2024-08-22 20:19:13 -07:00
Neha Agarwal 77fa3043c5
containerized-rpmbuild: add container image for 3.0 (#10231) 2024-08-22 12:49:41 -07:00
AZaugg 284e13d884
Toolkit bugfix: update_manifest.sh group name may not allways exist (#10217) 2024-08-22 10:26:24 -07:00
Maxwell Moyer-McKee 2b8193e819
Update SymCrypt-OpenSSL to 1.5.1 (#10220) 
Updates SymCrypt-OpenSSL to 1.5.1 with bugfixes for .NET and golang wrapper libraries.
 2024-08-21 19:56:28 -07:00