Fixes CVE-2022-21698 for kube-vip-cloud-provider. The vulnerability is in the client_golang go module, which is vendored in this package. Fix is to apply a (modified) patch to the vendored code.
Co-authored-by: Tobias Brick <39196763+tobiasb-ms@users.noreply.github.com>
Note that arm64 had MMC_SDHCI_OMAP turned off due to a change upstream [106136f] which specified it depends on architecture which CBL-Mariner 2.0 does not support.
Fixes CVE-2022-21698 for keda. The vulnerability is in the client_golang go module v1.11.1, and keda has a direct dependency on v1.11.0. Fixed by applying a patch to the keda code to update that module, then built the vendored tarball.
Co-authored-by: Tobias Brick <39196763+tobiasb-ms@users.noreply.github.com>
This is an auto-generated pull request to cherry-pick commit f0d5827 to main. Original PR: #7542
Co-authored-by: Tobias Brick <39196763+tobiasb-ms@users.noreply.github.com>
Reverts the revert of cloud-init v23.4.1 and adds a patch backport to gracefully handle the new status exit code behavior which caused a regression in our extended testing apparatus, prompting the initial revert.
From https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/2048522
cloud-init status introduced a new exit code of 2 with the meaning of recoverable errors / warnings.
Without this fix, status exited with 2 in cases where previously did it with 0, potentially breaking consumers (scripts or other programs) of cloud-init status.
The fix is to include a quilt patch retaining the exit code of 0 for recoverable errors / warnings for stable releases.
Fixes: 1a57d91 ("Revert "fix: upgrade cloud-init to v23.4.1"")
Signed-off-by: Chris Co chrco@microsoft.com
Enable for hardware platforms that use AMBIOS. Interacting with the firmware on these platforms from Linux user space uses the AMI Setup Control Environment Utility, SCELNX_64. This closed source vendor provided program depends on the iopl deprecated, legacy syscall. This syscall's availability is controlled by CONFIG_X86_IOPL_IOPERM kernel configuration item. Therefore, enable to prevent segfaults.
The post scripts for mariadb don't run due to missing script. As part of cmake install, mariadb-install-db script is removed. Adding patch to ensure script is correctly added to buildroot
Installing/Updating: mariadb-connector-c-config-3.1.10-6.cm2.noarch
Installing/Updating: mariadb-server-10.6.9-5.cm2.x86_64
/var/tmp/rpm-tmp.wjMLcK: line 3: mysql_install_db: command not found
Lanze Liu
Gary Swalling
CBL-Mariner-Bot
sindhu-karri
Archana Choudhary
George Mileka
AZaugg
Christopher Co
corvus-callidus
Vince Perri
Pawel Winogrodzki
ms-mahuber
Tobias Brick
Rachel Menge
Henry Beberman
Muhammad Falak R Wani
Aurélien
Harshit Gupta
Dallas Delaney
Mandeep Plaha
Minghe Ren
Henry Li
Dan Streetman