1c2633d531
[dev] `make`: updating to version 4.3. ( #1699 )
2021-11-30 14:17:13 -08:00
34502d0ddc
[dev] kernel: update to 5.10.78.1 ( #1640 )
...
* Update kernel 5.10.78.1
* Add patch to fix linux license issue in headers
* address additional CVE
* Move patch for better readability
2021-11-30 13:42:17 -08:00
8bdbfe3323
Add new patch files to toolkit gitignore ( #1676 )
2021-11-30 12:51:05 -08:00
57aa115252
Upgrade blobfuse to 1.4.2 ( #1688 )
2021-11-30 12:33:56 -08:00
fe2d58e1b1
[dev] Upgrade iproute to 5.15.0 ( #1690 )
2021-11-30 12:33:14 -08:00
4c35856ccb
[dev] Prune unnecessary toolchain packages ( #1691 )
...
* Remove golang
* Remove libcap-ng
* Remove groff
* Remove perl-File-HomeDir
* Remove perl-File-Which
* Remove libnsl2
* Remove libtirpc
* Remove rpcsvc-proto
* Move krb5 install earlier
* Remove double-install of gperf
* Move up intltool install
* Remove libpwquality
* Remove json-c
* Remove libaio
* Remove groff's perl deps
* Remove double installs of libselinux, libsepol
2021-11-30 12:32:37 -08:00
73b6190701
[dev] `rust`: update to version 1.56.1. ( #1678 )
2021-11-30 10:26:43 -08:00
54b8679f9d
cgmanifest: pgbouncer: bump version 1.11.0 -> 1.16.1
...
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
2021-11-30 23:27:44 +05:30
d6c5361aff
pgbouncer: bump version to fix CVE-2021-3935
...
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
2021-11-30 23:27:44 +05:30
a2d6a97fed
Nicogbg/fix dev build break ( #1696 )
...
* fix libstoragemgmt build break
* fix rpm-ostree build break
Co-authored-by: nicolas guibourge <nicolasg@microsoft.com>
2021-11-30 08:58:06 -08:00
1ca5aaa039
[dev] Upgrade librelp to 1.10.0 to fix build failure ( #1689 )
2021-11-29 12:25:09 -08:00
e264f25fd7
[dev] Upgrade GnuPG component packages to latest versions ( #1677 )
...
* Upgrade GnuPG component packages to latest versions
* Lint libksba spec
2021-11-24 21:42:31 -08:00
955a3631b4
Remove majority of Python2 packages ( #1524 )
2021-11-24 13:06:58 -08:00
86d6846496
Updating expat to v.2.4.1 ( #1667 )
...
* upgrading expat to 2.4.1
* updating references to expat 2.4.1
* updating changelog
* linting applied
* cleaning up expat.spec
* fixing changelog, adding global variable for underscored version
* removing useless toolchain-sha256sums entry
2021-11-24 12:19:54 -08:00
7ed4a4e2db
update bash to 5.1.8 ( #1669 )
...
* update bash to 5.1.8
* update toolchain_build_temp_tools.sh
* linting fixes
* fix mode
* remove nopatch
2021-11-24 09:57:11 -08:00
d469abadc3
upgrade versions of automake and check ( #1670 )
...
* upgrade versions of automake and check
* upgrade versions of automake and check
* upgrade versions of automake and check
* upgrade versions of automake and check
* upgrade versions of automake and check
* upgrade versions of automake and check
* upgrade versions of automake and check
* upgrade automake version
* address PR comment
Co-authored-by: nico <nicolasg@microsoft.com>
2021-11-24 08:50:58 -08:00
e8e45e7440
[dev] `gmp`: porting #1656 CVE-2021-43618 fix from `1.0-dev`. ( #1666 )
2021-11-23 10:19:20 -08:00
15c23fd4be
[dev] Removing unused packages from toolchain. ( #1661 )
2021-11-23 10:16:52 -08:00
1b5acd03e9
[dev] Update dejagnu to 1.6.3 ( #1643 )
...
* dejagnu: Update to 1.6.3
* cgmanifest: Update dejagnu entry to 1.6.3
* toolchain: Update dejagnu to 1.6.3
* dejagnu: Verify license
License is GPLv3+
Signed-off-by: Chris Co <chrco@microsoft.com>
2021-11-22 14:52:12 -08:00
e65b0aec49
Upgrade iana-etc to version 20211115 ( #1664 )
2021-11-22 12:30:20 -08:00
da8fdb34f6
update libxcrypt required glibc version ( #1663 )
2021-11-22 11:46:24 -08:00
0ffa4c403e
disable ant debuginfo ( #1660 )
2021-11-22 10:29:37 -08:00
3c5765cdeb
Add python3-perf subpackage to kernel ( #1646 )
2021-11-22 09:10:57 -08:00
8018da3c3c
[dev] `uclibc-ng`: fixing CVE-2021-43523. ( #1654 ) ( #1658 )
2021-11-21 12:43:30 -08:00
20476e8ecd
[dev] Breaking circular dependencies containing pre-built packages ( #1630 )
2021-11-19 13:57:52 -08:00
d7cb7c78e9
Update toolchain and packages to build with gcc 11.2.0 and glibc 2.34 ( #1623 )
...
* update coreutils and texinfo specs
* update coreutils and texinfo in toolchain
* fix patch url
* update binutils to 2.37
* update version in manifests
* update util-linux mpfr mpc gmp
* fix mpfr tarball
* fix gmp
* update cgmanifest.json
* cleanup
* restore binutils patch
* fix gmp and mpfr specs
* update util-linux spec
* fix binutils and util-linux breaks
* update kernel CONFIG_LD_VERSION
* bump kernel release
* remove reference to rpm-define-RPM-LD-FLAGS.patch
* fix gen-ld-script.sh sha256sum
* update gcc spec to 11.2.0
* update kernel configs for gcc
* update cgmanifest
* update gcc to 11.2.0 in raw toolchain
* add patch for gcc texi issue
* update glibc to 2.34
* update manifests for diffutils and glibc
* disable tm_texi patch in toolchain
* fix SIGSTKSZ gcc issue
* patch m4 for glibc 2.34
* update make to 4.3 and diffutils to 3.8
* revert make to 4.2.1 due to operation not permitted error
* fix make and texinfo build issues with glibc 2.34
* dont build zstd in temp toolchain due to gcc build errors
* remove glibc workarounds for fintutils and gzip
* update findutils and gzip
* update gzip and findutils specs
* update gdbm to 1.21
* update elfutils to 1.185 in toolchain. fix manifests
* remove findutils test change
* remove texinfo patch
* fix kernel changelogs
* add patch for cpio extern issue
* restore rpm patch
* fix m4 spec
* fix elfutils and gpgme spec issues
* fix kernel-hyperv changelog
* update kbd and libtirpc to resolve gcc 11.2.0 issues
* fix m4 version in pkggen_core
* fix libtirpc in manifests
* fix nss error
* fix openjdk
* fix aarch64 openjdk8
* fix elfutils spec
* GODEBUG=netdns=go
* verbose rpm query
* fix coreutils on aarch64. use rpm 1.14.2.1 in raw toolchain. revert rpm.go
* bump cpio release
* revert rpm.go change
* cleanup toolchain scripts and specs. parallel make for glibc
* enable fortran
* remove aarch64 ld-2.27.so link
* add gfortran to toolchain manifests
* fix binutils changelog
* fix kernel release version
* update bison grep sed tar
* add glibc pthread patch
* upgrade file gawk and xz. fix sed and grep spec issues
* set -fcommon
* revert file to 5.34
* fix temp gawk version
* fix xz man1 files
* update libgpg-error to 1.43
* add ld-linux-aarch64.so.1 to glibc spec
* use /lib/ld-linux-aarch64.so.1
* update file 5.40 and bzip2 1.0.8 in toolchain. openjdk8 remove -fcommon.
* update to perl 5.32.0 in toolchain
* fix glibc aarch64 exclude. add shadow-utils provides. fix perl src filename
* fix efivar build. upgrade dtc
* Removing 'ctags'.
* Updating 'libacvp' to version 1.4.1.
* Updating 'nlohmann-json' to version 3.10.4.
* Updating 'dhcp.spec' CFLAGS to include CBL-Mariner's defaults.
* update and fix ipxe build. remove perl debuginfo.
* add fixes for autofs and libcomps
* Adjusting build steps for 'dhcp' and 'nlohmann-json'.
* fix rocksdb
* fix ntp
* fix libcomps url in cgmanifest. revert perl change
* fix nfs-utils
* fix azure-iot-sdk-c
* Remove 'tboot'.
* fix qemu-kvm
* update R and ant
* Updating 'libiothsm-std' to version 1.2.5.
* Linting.
* Remove tcp_wrappers package
* fix syslinux
* Downgrading 'libiothsm-std' to 1.1.8.
* fix fuse. fix libcomps url
* Downgrading 'libacvp' to 1.3.0.
* Applying GCC 11 patch.
* fix fuse configure.ac issue
* Fixing 'libiothsm-std' build.
* Upgrade lldpad to 1.1.0
* Upgrade gdb to 11.1
* Upgrade catch to 2.13.7
* fixup! Upgrade gdb to 11.1
* fixup! Upgrade lldpad to 1.1.0
* remove bazel
* Updating 'toml11' to version 3.7.0.
* update cgmanifest for catch gdb lldpad
* fix qt5-qtbase
* fix device-mapper-multipath
* fix syslinux
* fix grpc
* fix kernel configs
* fix kernel-hyperv config
* increase heap size for ant
* update lttng-consume
* fix auoms
* update valgrind. fix arm64 gdb issue
* update arm64 kernel config
* fix blobfuse
* update and fix azure-iotedge
* fix grpc 1.41.1 in cgmanifest
* fix kernel and kernel-hyperv PTHREAD_STACK_MIN issue
* remove ant ant-contrib jna R
* Updating 'azure-iotedge' sources creation instructions.
* add back ant ant-contrib bazel jna R
* restrict jdk8 packages
* verify licenses
* only build conda picosat python-pycosat on arm64. fix cgmanifest
* update openjdk8 to version 1.8.0.302
* fix cgmanifest for ant and R
* always build ant
* update licenses. remove tdnf workaround. bump shadow-utils release
* update LICENSES-MAP.md to remove tboot ctags tcp_wrappers. bump libavcp release
* fix ant builds only on arm64
* Clarifying license for 'ntp'.
* Verifying license for 'ant-contrib'.
* Verifying more specs.
* revert libabcvp CFLAGS changes
* add kernel patch file
* set -fcommon to fix libacvp build
* fix python-filelock
* revert tdnf line change
Co-authored-by: CBL-Mariner Service Account <cblmargh@microsoft.com>
Co-authored-by: Pawel Winogrodzki <pawel.winogrodzki@microsoft.com>
Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>
Co-authored-by: Thomas Crain <thcrain@microsoft.com>
2021-11-17 21:41:55 -08:00
d7aed1498f
Patch Libacvp to Support Additional OpenSSL Tests ( #780 ) ( #1638 )
...
Update libacvp to version 1.3.0 and add support for additional OpenSSL tests.
Co-authored-by: Nicolas Ontiveros <54044510+niontive@users.noreply.github.com>
2021-11-12 19:31:57 -08:00
8ed8dfed3e
[dev] Revert ssh brute force prevention rules ( #1637 )
...
* Revert ssh brute force prevention added in commit #741 (#1508 )
* spec lint
Co-authored-by: Neha Agarwal <58672330+neha170@users.noreply.github.com>
2021-11-10 22:30:40 -08:00
e2c32e9bf7
[dev] SPECS: drop epoch tag from specs ( #1624 )
...
* bash-completion: remove epoch
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
* colm: remove epoch
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
* crash: remove epoch
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
* dpdk: remove epoch
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
* fmt: remove epoch
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
* kyua: remove epoch
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
* libglvnd: remove epoch
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
* mesa: remove epoch
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
* ragel: remove epoch
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
* systemtap: remove epoch
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
* xorg-x11-font-utils: remove epoch
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
* xorg-x11-xauth: remove epoch
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
2021-11-11 09:36:30 +05:30
68fdd50ff4
[dev] enabling rook ( #1540 )
...
* rook building successfully
* importing runtime dependencies
* cleaning up rook.spec
* enabling patterns-ceph-containers without select dependencies
* updating licenses for added packages
* licensing corrections for added packages
* applied lint diffs
* ignoring meta package in cgmanifest
* updating licenses-map metadata
* correcting releases
* adding source link, correcting changelog
* added vendor tar instructions
* removing opensuse csi references from rook
* removed rook build flags, remove patterns-ceph source, removed rook test binary
* updating signatures.json
* correcting capitalization of source attribution
* Corrected changelog comment
Co-authored-by: maxbrodeururbas <maxbr@microsoft.com>
2021-11-10 11:49:30 -08:00
2a065b97fc
[dev] Adding a switch to skip chroot rebuilds ( #1622 )
2021-11-04 23:33:38 -07:00
ab48ab7a32
[dev] Fixing `libsepol` tests. ( #1621 )
2021-11-04 16:17:07 -07:00
ac15805823
[dev] Upgrade `mozjs` and `polkit` ( #1454 )
2021-11-04 14:05:58 -07:00
a7f32c2e51
Add checksec ( #1562 ) ( #1615 )
...
* add checksec.spec; update to 2.5.0 release
2021-11-04 13:02:15 -07:00
e7cbe925fe
update gen-ld-script.sh ( #1610 )
2021-11-03 11:35:50 -07:00
674c940aa8
[dev] cherry-pick verity-read-only-root: Add missing whitespace in verity.conf mo… ( #1592 )
...
* [1.0] verity-read-only-root: Add missing whitespace in verity.conf module lists (#1527 )
* Add missing whitespace in verity.conf module lists
* Add license verification entry
2021-11-01 12:55:15 -07:00
11b7f41b47
Add configs for eBPF ( #1586 )
2021-11-01 09:09:16 -07:00
a4de52298f
[dev] Making `apr` tests run single-threaded ( #1598 )
2021-10-29 01:12:32 -07:00
91b40b21e7
[dev] Printing active builds ( #1597 )
2021-10-29 01:09:33 -07:00
21db9f88c4
[dev]Use MountIdentifier to configure fstab file ( #1448 )
...
* Use MountIdentifier to configure fstab file
2021-10-27 17:25:53 -07:00
21654abf24
Apply binutils readonly patch in toolchain ( #1590 )
...
* apply binutils readonly patch in toolchain
* add flex dependency to dockerfile and temp toolchain
2021-10-27 12:51:14 -07:00
3c22062735
Update package note tool and binutils ( #1563 )
...
* Update module version tool to 2.1.2
* Add and set outdir path
* Update mariner-rpm-macros.spec
* Update signature for gen-ld-script.sh
* Add patch for readonly keyword support in binutils
* Enable linker script readonly keyword support patch
* Update examples and notes in generate-package-note.py
* Enable 2.36.1-4 for pkggen_core_aarch64
* Add verify-package-notes.sh script
* Update signatures and add signature for verify-package-notes.sh
* Install verify-package-notes.sh
* Update signatures and version
* Update toolchain package version for mariner-rpm-macros
* Fix example output
* Update manifest for binutils output flavors
* Update gen-ld-script.sh hash
Co-authored-by: Ismail Kose <iskose@microsoft.com>
2021-10-26 15:51:02 -07:00
cae836e6e5
Merge pull request #1509 from microsoft/chpebeni/dev-selinux
...
shadow-utils: Make pam_loginuid optional
2021-10-26 14:14:55 -04:00
4ce26ace71
Extending source attribution check. ( #1583 )
2021-10-26 11:09:47 -07:00
1e2e1afe61
shadow-utils: Make pam_loginuid optional.
...
This requires audit, which isn't used on all systems.
2021-10-26 17:56:25 +00:00
969c8868c5
[dev] kernel: Update to 5.10.74.1 ( #1571 )
...
* Update to 5.10.74.1
* Add license verified for all files
2021-10-22 11:39:58 -07:00
2b5837d9cc
Upgrade bzip2 to 1.0.8 ( #1543 )
2021-10-21 21:15:51 -07:00
9c0766ef34
[dev] Adding proper spec source attribution for CentOS specs ( #1569 )
2021-10-21 14:50:35 -07:00
5a5915de00
[dev] Adding spec file checks ( #1559 )
2021-10-20 17:04:50 -07:00
db6a866774
[dev] Unifying source attributions and `Release` tags ( #1558 )
2021-10-20 16:45:16 -07:00
Pawel Winogrodzki
rlmenge
Thomas Crain
Muhammad Falak R Wani
nicolas guibourge
Max Brodeur-Urbas
Andrew Phelps
Christopher Co
jslobodzian
Cameron E Baird
Daniel McIlvaney
Ismail H. Kose
Chris PeBenito