CBL-Mariner-Bot
77d1924e4c
[AUTO-CHERRYPICK] [AUTOPATCHER-kernel] Kernel upgrade to version 5.15.162.1 - branch fasttrack/2.0 - branch main ( #9834 )
2024-07-15 10:46:55 -07:00
Archana Choudhary
3e14b7eeed
hvloader: add patch for CVE-2023-0464 ( #9443 )
2024-07-12 15:22:15 +05:30
Pawel Winogrodzki
cd7cf078f1
Patched CVE-2023-26253 in `glusterfs`. (CP: #9717 ) ( #9719 )
2024-07-10 10:55:16 -07:00
Muhammad Falak R Wani
4fa1760cc4
msft-golang: upgrade 1.22.4 -> 1.22.5 to address CVE-2024-24790 & CVE-2024-24791 ( #9579 )
...
Changelog: https://go.dev/doc/devel/release#go1.22.0
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
2024-07-09 00:38:46 +05:30
sharath-srikanth-chellappa
5669eeb9ba
emacs: Upgrading emacs version to 29.4 to address CVE-2024-39331 ( #9709 )
...
Co-authored-by: Sharath Srikanth Chellappa <sharathsr@microsoft.com>
2024-07-08 10:40:12 -07:00
Dan Streetman
350616f115
Update shim-unsigned-x64 to 15.8 and updates signed shim ( #7893 )
...
Updates the unsigned shim for x64 to 15.8 and includes new signing certificate
Also updates the signed version of this shim
Co-authored-by: Chris Co <chrco@microsoft.com>
2024-07-04 17:17:35 -07:00
Rachel Menge
3595f2a878
Address Kernel CVE-2021-3847, CVE-2024-26913, CVE-2024-26933, CVE-2024-26978, CVE-2024-36477, CVE-2024-36481, CVE-2024-38664, CVE-2024-39291 ( #9571 )
2024-07-04 17:15:48 -07:00
CBL-Mariner-Bot
0ac28edc5d
[AUTO-CHERRYPICK] openssh: fix "regresshion" CVE, CVE-2024-6387, with patch from debian. - branch main ( #9565 )
...
Co-authored-by: SeanDougherty <sdougherty@microsoft.com>
2024-07-03 10:41:01 -07:00
CBL-Mariner-Bot
fd9ff7f98c
[AUTO-CHERRYPICK] Patch openssh to fix CVE-2023-28531 - branch main ( #9519 )
...
Co-authored-by: Sam Meluch <109628994+sameluch@users.noreply.github.com>
2024-06-27 14:34:19 -07:00
CBL-Mariner-Bot
623d203905
[AUTO-CHERRYPICK] Fix guava CVE-2023-2976 - branch main ( #9526 )
...
Co-authored-by: sindhu-karri <33163197+sindhu-karri@users.noreply.github.com>
2024-06-27 14:34:05 -07:00
CBL-Mariner-Bot
ff8289a113
[AUTO-CHERRYPICK] Patch CVE-2023-52890 in ntfs-3g - branch main ( #9520 )
...
Co-authored-by: suresh-thelkar <suresh.thelkar@yahoo.com>
2024-06-27 14:31:15 -07:00
Muhammad Falak R Wani
36367cba80
toolkit: bump azidentity 1.3.1 -> 1.6.0 to address CVE-2024-35255 ( #9382 )
...
Fixes: https://github.com/microsoft/azurelinux/security/dependabot/13
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
2024-06-27 07:43:10 +05:30
CBL-Mariner-Bot
2606e07373
[AUTO-CHERRYPICK] Fix CVE-2024-3727 in cri-o by patching vendored github.com/containers/image - branch main ( #9488 )
...
Co-authored-by: Paco Huelsz <frhuelsz@microsoft.com>
2024-06-26 13:31:42 -07:00
CBL-Mariner-Bot
82e82e134c
[AUTO-CHERRYPICK] wget: patch CVE-2024-38428 - branch main ( #9487 )
...
Co-authored-by: Saul Paredes <30801614+Redent0r@users.noreply.github.com>
2024-06-26 10:40:33 -07:00
CBL-Mariner-Bot
c89dbfa1a2
[AUTO-CHERRYPICK] R: patch CVE-2024-27322 - branch main ( #9486 )
...
Co-authored-by: Saul Paredes <30801614+Redent0r@users.noreply.github.com>
2024-06-26 10:40:27 -07:00
CBL-Mariner-Bot
c7a0e96884
[AUTO-CHERRYPICK] php: update to 8.1.29 to fix CVEs - branch main ( #9393 )
...
Co-authored-by: Neha Agarwal <58672330+neha170@users.noreply.github.com>
2024-06-26 10:40:22 -07:00
CBL-Mariner-Bot
84edf52699
[AUTO-CHERRYPICK] Update conntrack-tools and dependency - branch main ( #9398 )
...
Co-authored-by: Christopher Co <35273088+christopherco@users.noreply.github.com>
2024-06-26 10:40:18 -07:00
CBL-Mariner-Bot
9d8cb0c6de
[AUTO-CHERRYPICK] vte291: patch CVE-2024-37535 - branch main ( #9484 )
...
Co-authored-by: Neha Agarwal <58672330+neha170@users.noreply.github.com>
2024-06-26 10:40:13 -07:00
CBL-Mariner-Bot
4c110ece4e
[AUTO-CHERRYPICK] Patch CVE-2024-5564 in libndp - branch main ( #9485 )
...
Co-authored-by: Nick Samson <nick.samson@microsoft.com>
2024-06-26 10:40:06 -07:00
CBL-Mariner-Bot
f374bf96c9
[AUTO-CHERRYPICK] Fix CVE-2024-3727 in skopeo - branch main ( #9489 )
...
Co-authored-by: Rohit Rawat <rohitrawat@microsoft.com>
Co-authored-by: jslobodzian <joslobo@microsoft.com>
2024-06-26 10:39:55 -07:00
Sumynwa
b4644287d3
Upgrade vitess to v17.0.7 to fix CVE-2024-32886 ( #9374 )
2024-06-26 16:25:31 +05:30
CBL-Mariner-Bot
e5d9cb6d2d
[AUTOPATCHER-kernel] Kernel upgrade to version 5.15.160.1 - branch main ( #9362 )
...
This upgrade also contains ccf143f "Revert netfilter: br_netfilter: skip conntrack input hook for promisc packets" to unblock hairpin functionality.
2024-06-25 17:07:38 -07:00
CBL-Mariner-Bot
be0256e50c
Bump release for July 2024 Update ( #9505 )
2024-06-25 16:47:52 -04:00
jslobodzian
c02863076b
Remove isorelax project from 2.0 Extended ( #9503 )
2024-06-25 16:34:41 -04:00
Rachel Menge
20b638e307
Address kernel CVE-2022-48670, CVE-2024-26583, CVE-2024-26584, CVE-2024-26585, CVE-2024-36023, CVE-2024-36897, CVE-2024-36902, CVE-2024-36938, CVE-2024-36971 ( #9474 )
2024-06-25 09:20:09 -07:00
CBL-Mariner-Bot
00e57e32d2
[AUTOPATCHER-CORE] Upgrade python-urllib3 to 1.26.19 patch CVE-2024-37891 ( #9458 )
2024-06-24 16:43:49 -07:00
Muhammad Falak R Wani
8e8032e9c4
msft-golang: upgrade version 1.22.3 -> 1.22.4 to address CVE-2024-24790 ( #9352 )
...
Changelog: https://go.dev/doc/devel/release#go1.22.0
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
2024-06-24 10:24:25 +05:30
CBL-Mariner-Bot
da61f9c8be
[AUTOPATCHER-CORE] Upgrade dhcp to 4.4.3-P1 CVE-2022-2928, CVE-2022-2929 ( #9436 )
...
Co-authored-by: Osama Esmail <osamaesmail@microsoft.com>
2024-06-19 14:01:43 -07:00
Archana Choudhary
6a2491bb28
mysql: upgrade to 8.0.36 to fix 10 CVEs ( #9428 )
2024-06-19 12:27:08 +05:30
Saul Paredes
e690393bf0
telegraf: patch CVE-2024-35255 ( #9426 )
2024-06-18 16:54:20 -07:00
Saul Paredes
654e5b3aad
yasm: patch CVE-2021-33454 ( #9433 )
2024-06-18 16:54:08 -07:00
Nick Samson
e3c025c81b
nodejs18: upgrade nodejs18 to 18.20.3 to fix CVE-2024-28863 ( #9372 )
...
Co-authored-by: Nick Samson <nisamson@microsoft.com>
2024-06-18 13:27:56 -07:00
suresh-thelkar
2ab7702b23
Patch CVE-2024-5742 in nano ( #9404 )
2024-06-18 09:41:19 +05:30
bfjelds
30f1ce2f3a
Address CVE-2024-3727 by patching vendored github.com/containers/image ( #9343 )
2024-06-13 12:09:22 -07:00
Nan Liu
ddbdd8987b
libarchive: add patch to resolve CVE-2024-26256 ( #9340 )
2024-06-13 09:02:08 -07:00
Archana Choudhary
610f91c953
hvloader: add patch to resolve CVE-2024-1298 ( #9337 )
2024-06-11 23:44:08 +05:30
Archana Choudhary
65cae39c11
edk2: add patch for CVE-2024-1298 ( #9335 )
2024-06-11 23:32:29 +05:30
CBL-Mariner-Bot
6af9f3d10a
[AUTOPATCHER-CORE] Upgrade libpng to 1.6.39 Fix CVE-2022-3857 ( #9317 )
...
Co-authored-by: Mandeep Plaha <mandeepplaha@microsoft.com>
2024-06-10 13:31:46 -07:00
Muhammad Falak R Wani
c16735c961
golang: update 1.21.6 -> 1.21.11 to address CVE-2024-24790 ( #9097 )
...
Changelog: https://go.dev/doc/devel/release#go1.21.minor
Signed-off-by: Muhammad Falak R Wani <falakreyaz@gmail.com>
2024-06-10 12:37:44 +05:30
Bala
9322acd7b2
Fix CVE-2024-3154 in package cri-o ( #9284 )
2024-06-07 16:32:27 -07:00
Tobias Brick
8ff27fc0fb
Upgrade azl-compliance to version 1.0.2 ( #9348 )
...
Upgrade azl-compliance to latest version, to move us closer to FedRAMP compliance for AZL on AKS.
2024-06-07 15:56:44 -07:00
Gary Swalling
487653257d
Update kernel-mos to 5.15.158.2 ( #9356 )
2024-06-07 15:31:03 -07:00
J Camposeco
44f82e45f6
python-cryptography: Update OpenSSL version to fix CVE-2023-50782 ( #9359 )
...
Co-authored-by: Pawel Winogrodzki <pawelwi@microsoft.com>
2024-06-07 15:20:56 -07:00
CBL-Mariner-Bot
e2c8d9e5da
[FASTTRACK-CHERRYPICK] openssl: Fix CVE-2023-50782 affecting python-cryptography - branch main ( #9318 )
...
Co-authored-by: J Camposeco <108859819+jcamposeco@users.noreply.github.com>
Co-authored-by: Juan Camposeco <juanarturoc@microsoft.com>
2024-06-07 14:54:22 -07:00
CBL-Mariner-Bot
3a89a883d2
[AUTO-CHERRYPICK] Upgrade openvswitch to 2.17.9 to fix CVE-2023-5366 and CVE-2023-3966 - branch main ( #9301 )
...
Co-authored-by: Bala <kumaran.4353@gmail.com>
2024-06-07 14:41:53 -07:00
Rachel Menge
7b83725990
Upgrade kernel to 5.15.158.2 ( #9358 )
...
5.15.157.1 introduced a failure with network hairpinning on AKS. Upgrade to 5.15.158.2 which has the commit [dceb683] reverted.
2024-06-07 14:34:36 -07:00
sindhu-karri
6b57d92440
Fix Fluent-bit issues #8198 and #8025 ( #9121 )
...
Fixes https://microsoft.visualstudio.com/OS/_workitems/edit/50531424
2024-06-07 02:09:50 +05:30
CBL-Mariner-Bot
0d51af78bb
[AUTO-CHERRYPICK] CVE-2022-34169: docbook-style-xsl - upgrade embedded xalan jar from 2.7.2 to 2.7.3 (fasttrrack/2.0) - branch main ( #9308 )
...
Co-authored-by: bfjelds <bfjelds@microsoft.com>
2024-06-06 11:28:44 -07:00
Saul Paredes
4e90dd61c1
kata(-cc): upgrade to LSG release v2405.9.2 ( #9261 )
...
Co-authored-by: Dallas Delaney <dadelan@microsoft.com>
Co-authored-by: CBL-Mariner Servicing Account <cblmargh@microsoft.com>
2024-06-05 12:40:57 -07:00
CBL-Mariner-Bot
7763977729
[AUTO-CHERRYPICK] Patch dhcp for CVE-2023-2828 - branch main ( #9306 )
...
Co-authored-by: Sumynwa <sumsharma@microsoft.com>
2024-06-05 11:58:19 +05:30